Please review ICANN Expected Standards of Behavior here: https://www.icann.org/resources/pages/expected-standards-2016-06-28-en**Members: reminder, when using chat, please select all panelists and attendees in order for everyone to see chat.

boring? perish the thought!

this is scintillatin

Quantification *is* a word....

Thanks Milton. A new word I will file away for future use. ;-)

there’s usually a “g” at the end of it

https://docs.google.com/document/d/11AYCPVEKjF--Obp-okojggWv1Z4R2PBjvZFOGu4blTM/edit#heading=h.gjdgxs

Milton: "itg" isn't a word

groan

#dadjoke

Mark’s puns can be actionable under ICANN standards of behavior?

@Steve, requirement to make option available to make public was a phase 1 rec.

@Alan, thanks. Marc is speaking to this point now. If so, then the wording in the document needs to be amended.

Hand raised too please.

Got it, Berry

That would be fine, Keith. Happy to.

I agree with Brian. All accesses are mediated, so “publish” is a shorthand for “this data is marked as ok for anyone to have access to it.” Another shorthand for publish is “this data element is marked as public.”

Those definitions are fine, but we actually need to use them. Recently we have use "disclose" for the public RDDS (since the RDAP process has a request phase).

@Steve, agreed.

indeed makes sense

FYI, that is already a requirement in the RAA

The topic has moved on, but to Alan comment earlier, ICANN Org provided an update to the P2A team on Rec #6 from Phase1. The email was sent 1 March from Brian Gutterman.

Agree with Marc A.

No need for hand.

We should not misuse the word “publish”, by making it synonymous with “make available upon request.

that was an old hand

Ok thanks Milton

I'll note for clarity, these are definitions in the draft policy for EPDP-P1 implementation of consensus recommendations.

The "Disclosure" definition is not defined in that IRT, but was used in EPDP-P1 Final Report.

To clarify my comment on the RAA, it's already a requirement to provide clear information to the registrant about how the data will be processed and by whom. We can do even better to include the bit about how the legal/natural distinction would impact that, so I'm supportive of Marc's suggestion to consider that language as (potentially binding, TBD) guidance.

Unfortunately, we were still using words Humpty Dumpty style in phase one. Not that I wish to reargue these issues….but it is less than clear.

LOL

nothing is easy for Chrysler

Alan G, will come back to you next.

WHOIS is indeed dead

Wait, national laws may be enacted to require publication of registrant information. Then Whois comes back to life?

I need to drop off this call early - Steve C will carry on for SSAC. Thanks all!

Bye Tara

Thank you for your precision re: the WHOIS protocol. It strikes me that what folks are really talking about is that domain name registration contact data is no longer completely public.

Apologies, I must drop off now.

The EWG studied that question years ago and confirmed that very few ordinary people are even aware of whois

Now we have RDAP and RDS

Thank Owen. This was not what I said. My main point was that redacted information is problematic, especially when non-personal data are not protected so there is no reason why they should not be available

Let's stay focused on the suggestions in the Google doc

+1 Brian

Publishing data puts people at risk. I would note that while there is a strong public policy reason to publish motor vehicle licence data, that decision to make the data public was rescinded after it became evident that stalkers and malfeasors would abuse it. How anyone who is aware of cyber fraud can argue for exposing more individuals recklessly to whoever can track them down just mystifies me. There is a public responsibility here to protect individuals, whether they are legal or natural persons.

@Alan W we agree there is no such thing as zero risk

+1 Alan W

+1 Fine to include that disclaimer, Volker.

Thanks for these constructive comments, Milton.

+1 Alan

but all persons can be accredited

@Alan, that may be technically correct, but the SSAD is FAR from in production and even when it will be, the service level commitments for non-critical requests is measured in WEEKS.

Brian King: “I am. not a cat!” ;-)

+1 Alan (Greenberg)

there should be mandatory differentiation of cats

ha you can't prove that, camera not on :-)

@Alan, I agree with you, but I think many, perhaps most, of the people involved with the SSAC thought process restrict their attention to requests that are neither public nor involving a request accompanied by legal paperwork such as a warrant. This leads to (at least) three distinct pathways for requests, 1. public requests, 2 SSAD requests, 3 law enforcement requests

well let’s waste those 12 minutes post haste

Further, as Alan Greenberg suggests, there is some question as to what requests are processed automatically and which may involve manual review.

Your first interpretation of what I said is correct

Not the second

thanks Brian

let the kid speaks!!!! ;-)

Children stakeholder demands to be heard

CSG = Child Stakeholder Group

*update we continue to work on our document - apologies for the tardiness. To help answer Volker's excellent point.

good question

Nothing from me - thanks, Keith

“CSG” is a name collision. But KSG, Kinder Stakeholder Group, is available :)

What will be our process to resolve differing comments on this document?

BTW I only ask staff to do it because we've been asked to comment only

That discussion will be easier if staff first resolves the non-controversial comments

Agreed, Keith - thank you!

Thanks, Keith.

Thank you all bye