Logo

051040043 - EPDP-Phase 2A Team Call - Shared screen with speaker view
Andrea Glandon - ICANN Org
32:40
Please review ICANN Expected Standards of Behavior here: https://www.icann.org/resources/pages/expected-standards-2016-06-28-en
Andrea Glandon - ICANN Org
32:55
**Members: reminder, when using chat, please select all panelists and attendees in order for everyone to see chat.
Berry Cobb
33:28
Draft Initial Report: https://docs.google.com/document/d/10fnhz7FvAGU069sGop_sQ2L-iZ6GVpurMAVWXsC9Qls/edit#heading=h.gjdgxs
Berry Cobb
34:42
extended to 45 days total.
Berry Cobb
35:53
Org email: https://mm.icann.org/pipermail/gnso-epdp-team/2021-May/003904.html
Manju Chen (NCSG)
39:04
+1 Sarah
Andrea Glandon - ICANN Org
39:31
**Members: reminder, when using chat, please select all panelists and attendees in order for everyone to see chat.
Andrea Glandon - ICANN Org
39:42
:)
Sarah Wyld (RrSG)
39:58
(Repeating for attendees also) - If web forms are out of scope, I'm hesitant to open that up to public comment, and want to consider that before a decision to do so is made
Mark Svancarek (BC)
40:06
Happy to assist AlanG
Owen Smigelski (RrSG)
41:03
+1 Sarah
Sarah Wyld (RrSG)
41:08
+1 AlanW
Owen Smigelski (RrSG)
41:31
Also agree with Alan W that webforms are not within scope for discussion
Manju Chen (NCSG)
41:38
+1 Alan W
Matt Serlin (RrSG)
42:06
+1 Alan…if there’s a question if it’s out of scope or not, we should get clarification from Council NOT public comment
Berry Cobb
42:25
Alternatively, the group could consider a recommendation for the Council to consider this issue further?
Matt Serlin (RrSG)
43:45
I think the Phase 1 review of recommendations was limited to legal v. Natural, no?
Sarah Wyld (RrSG)
43:57
Matt S is correct
Alan Woods (RYSG)
44:03
In relation to feasibility of unique contacts to have a uniform anonymized email address, the EPDP Team is expected to review the legal guidance and consider specific proposals that provide sufficient safeguards to address issues flagged in the legal memo. Groups that requested additional time to consider this topic, which include the At-Large Advisory Committee (ALAC), Governmental Advisory Committee (GAC), and Security and Stability Advisory Committee (SSAC), will be responsible to come forward with concrete proposals to address this topic. This consideration is expected to address:Whether or not a uniform anonymized email address for unique contacts is feasible and, if feasible, whether it should be a requirement.If feasible but not a requirement, what guidance, if any, can be provided to contracted parties who may want to implement uniform anonymized email addresses.
Owen Smigelski (RrSG)
44:04
Agree with Matt- Phase 2a does not allow for a whole review of Phase 1.
Alan Woods (RYSG)
44:13
To remind the ask - re this ...
Alan Woods (RYSG)
45:02
This is rather specific and limited in the scope … not whether merely a change is recommended .. but a specific change relating to the uniform anonymised email address is feasible or not.
Owen Smigelski (RrSG)
45:17
While I understand some parties may be unhappy with some of the outputs of Phases 1 and 2, that does not mean that we should expand the scope of phase 2a to address wishlists. We are narrowly bound to our scope.
Manju Chen (NCSG)
45:33
+1 Owen, very well said
Caitlin Tubergen
45:35
As noted during a recent call, the Phase 2A Team is specifically asked to consider if any changes are needed to Phase 1, Rec. 17. A review of all Phase 1 recommendations is not in scope. Other recommendations were included in the write-ups for further context.
Matt Serlin (RrSG)
46:00
Thank you Caitlin for providing that input
Sarah Wyld (RrSG)
46:36
I don't think necessity was part of the instructions either?
Sarah Wyld (RrSG)
47:08
The instructions ask us to consider feasibility and if it should be required, but not necessity
Alan Woods (RYSG)
47:11
So …. You are unilaterally adding that to the scope of 2a ?
Owen Smigelski (RrSG)
47:36
Sorry to disagree with Brian- it’s the feasibility/legality of unique contacts that we consider. Not whether you can reach someone via a webform.
Sarah Wyld (RrSG)
48:23
that's much better
Sarah Wyld (RrSG)
48:24
thank you
Alan Woods (RYSG)
48:25
Fine!
Manju Chen (NCSG)
48:27
much better!
Owen Smigelski (RrSG)
50:27
Yes, we can ignore public feedback that is outside of the scope of our charter, as we cannot make recommendations outside of our scope. It’s not tone deaf, it’s staying focused on our specific charter.
Alan Greenberg (ALAC)
51:16
No, the issue with webforms is that the content is severely limited.
Mark Svancarek (BC)
51:40
@Steve, web forms are also problematic since some webforms do not allow the sender to inform the RNH as to why communication is desired.
Brian King (IPC)
51:40
We've been asked to decide, "if feasible, whether it should be a requirement." The lack of any other available means (i.e. failure of web forms) directly supports an argument to make it a requirement.
Sarah Wyld (RrSG)
52:19
Calling it "lack of any other available means (i.e. failure of web forms)" is disingenuous. Just because you are not satisfied with the web forms doesn't mean they don't exist at all
Owen Smigelski (RrSG)
52:32
Agree with Sarah
Sarah Wyld (RrSG)
52:44
I don't see why a forwarding email address is seen as more reliable than a form (which I know is not everyone's concern)
Sarah Wyld (RrSG)
54:21
We can review the instructions here: https://community.icann.org/pages/viewpage.action?pageId=150177878
Marc Anderson (RySG)
54:24
https://gnso.icann.org/sites/default/files/file/field-file-attach/epdp-2-priority-2-items-10sep20-en.pdf
Marc Anderson (RySG)
54:33
instructions from council
Brian King (IPC)
56:13
Sarah, I'll attribute it to misunderstanding or miscommunication over chat, but I take exception to you calling my comment disingenuous.
Owen Smigelski (RrSG)
57:08
I see no mention of ability to communicate as part of the reason to consider unique contacts Brian.
Sarah Wyld (RrSG)
57:48
Steve, that might be a useful improvement but it's not related to this unique email question and I don't think it's in scope
Matt Serlin (RrSG)
58:08
+1 Sarah
Sarah Wyld (RrSG)
58:29
We were asked to consider very specific questions, not every possible tangential question
Owen Smigelski (RrSG)
58:41
+1 to both of Sarah’s comments
Steve Crocker (SSAC)
59:44
@Sarah, Matt, Owen: I understand your reactions about scope, but in my view the question of whether the system is actually working to achieve its stated purpose is *always* in scope.
Stephanie Perrin (NCSG)
59:49
Sorry left out attendees…+1 Sarah
Berry Cobb
01:00:32
https://docs.google.com/document/d/1_k0hVA6c2SvQPLiaZAlUllTKdplssofYlRHDkeR4mJ8/edit#
Matt Serlin (RrSG)
01:00:53
Steve - if that were the case, we could carry on with Phase 2a until the end of time…we HAVE to focus on what our charge was if we hope to achieve anything
Brian King (IPC)
01:00:55
I don't know how to say more clearly that "at some registrars, there's no other way to email a registrant" is evidence that a pseudonymous email address is necessary. The question we've been asked to answer is whether a pseudonymous email address is necessary.
Sarah Wyld (RrSG)
01:01:23
I don't see necessity of an email address in the instructions
Manju Chen (NCSG)
01:01:42
no. it’s whether it’s feasible
Sarah Wyld (RrSG)
01:03:58
We definitely owe a big thanks to the Amandas!!
Sarah Wyld (RrSG)
01:10:45
I thought we (CPH) said this should not be made public, if collected
Sarah Wyld (RrSG)
01:14:46
I'm much more comfortable with it being available In SSAD than public, like other registration data. That said, I still don't think it should be required at all.
Alan Woods (RYSG)
01:15:15
+1 Sarah
Berry Cobb
01:15:57
The "flag" options are "Yes, No, or Unspecificed"
Jan Janssen (IPC)
01:16:04
+1 Marc
Steve Crocker (SSAC)
01:17:24
For Legal vs Natural, there values are “Legal”, “Natural”, “Uknown” and “Unanswered”
Berry Cobb
01:19:52
Collected the checkboxes as filled out by the RNH.
Steve Crocker (SSAC)
01:19:59
Further, with respect to the certainty as to validity of the value, there’s a separate question as to how much work the registrar does to ascertain the validity. In keeping with SAC 058, it’s useful to list four possible levels of validation: S0 = none, S1 = syntactic conformance, S2 = operational; S3 = identity. The details of how to implement S2 and S3 levels of validation are best split off and dealt with separately.
Berry Cobb
01:20:15
We welcome specific feedback on this form as part of the homework.
Alan Greenberg (ALAC)
01:20:43
"If AVAILABLE TO THE REGISTRAR"??
Sarah Wyld (RrSG)
01:21:50
As we have said already, we are not comfortable making this a mandatory requirement
Sarah Wyld (RrSG)
01:23:07
+14 Marc
Sarah Wyld (RrSG)
01:23:15
(well that was a typo but I'm good with it)
Sarah Wyld (RrSG)
01:25:01
I'm also not sure that this is consistent with our legal guidance on the topic
Stephanie Perrin (NCSG)
01:26:25
+1 Sarah and Marc
Sarah Wyld (RrSG)
01:26:57
Yes, they can already publish their data if they want to
Alan Woods (RYSG)
01:27:01
MY data …. Not someone else’s data
Steve Crocker (SSAC)
01:27:03
It’s logically possible to require registrars to either collect the status of registrant or to require the registrar to permit the registrant to enter it but not require a registry to accept the data element. There are LOTS of data elements collected by registrars that are never passed to the registry
Jan Janssen (IPC)
01:27:24
Why do you think it is inconsistent Sarah?
Stephanie Perrin (NCSG)
01:27:33
No they are not Alan, that is one of the problems. These fields are very different and require detailed specific criteria to meet the threshold of being an attestation.
Sarah Wyld (RrSG)
01:27:43
Jan - not sure what you mean? Alan said the registrant can already publish their data and I agreed with that
Sarah Wyld (RrSG)
01:28:38
+1 Marc
Stephanie Perrin (NCSG)
01:29:08
Steve, correct, and if we start demanding that Registrars further process the data they collect in order to verify fields specified in this policy, we are then dragging that data into any potential data protection case/policy.
Tara Whalen (SSAC)
01:29:31
Dropping off early for another meeting, handing off to Steve C for SSAC (as usual). Thanks, all!
Jan Janssen (IPC)
01:30:16
@ SarahYou say that you think it is inconsistentwith legal guidance. I am trying to understand what you mean by it and why you believe it is inconsistent.
Stephanie Perrin (NCSG)
01:30:33
As a for instance, payment method might be useful in terms of helping determine legal person status….not for small entrepreneurs, I would of course argue, who regularly use personal credit cards. But introducing that data element or any other to verify a field means it is being processed for the purpose of this SSAD.
Sarah Wyld (RrSG)
01:31:16
Jan I think it did not account for the risk levels discussed
Jan Janssen (IPC)
01:33:14
The risk level for data which is by no means personal identifiable information?
Brian King (IPC)
01:35:21
Being keenly aware of ICANN's reluctance to enforce contracts it actually has in place, the IPC understands that ICANN will not enforce anything that is called "guidance."
Owen Smigelski (RrSG)
01:39:43
I would argue that ICANN actually does a significant amount of work enforcing it’s contracts, Brian. There is literally a team of about 20 staff that do that full time.
Alan Greenberg (ALAC)
01:41:10
That's why some us do not want it to be "guidance", but ….
Steve Crocker (SSAC)
01:42:14
“Guidance” ought to mean “provided to assist the reader in understanding how to implement the requirements.” That is, it’s intended to help the registrar, not impose additional obligations. If the guidance is not getting used, the fault is with the guidance, not the registrars.