There has already been a boom of divorces in China as soon as the quarantine ended...

hello all

Sounds good.

+1 - sounds good... I know the experience hasn't been great for observers, so this seems better for them.

+1

@Berry: Ah…, thanks and apologies. When you mentioned “audio cast”, I thought you were referring to something else.

Switching to webinar zoom for EPDP-P2 team calls will be same webinar usage we used during ICANN67

If you get the error, you will need to delete the offending entry. Again, please use the char count feature on doc mgmt. tool of choice.

Sorry for being later

Weather issues here have been more disruptive than covid-19 related problems. Frequent loss of electricity and running water.

…, but I suppose that’s a personal issue.

I agree with Stephanie’s last point. We are all volunteers, and there is more competition for our time. Not everyone’s workload has decreased.

@Stephanie: +1

I must say I support Stephanie's comments.

P2 items are not considered a part of the critical path to get to a final report on SSAD.

I support an extension.

If we extend the PC by just 5 biz days, we will not make our 11 June deadline.

Marc’s proposal sounds reasonable.

Speaking for myself, would prefer an extension as opposed to accepting comments on the main initial report during the comment period for the addendum. Will make the review process easier.

The option to extend by 5 biz days can be made up with 6 or 8 hours per week of meetings over the current 4.

6 or 8 hours per week is also a major problem in current conditions

+1 Julf -- 6-8 hrs a week is simply not a reasonable ask.

Is Berry breaking up for everybody, or is it just on my end?

He is clear on my end

Thanks, Terri.

Circumstances have changed quite a bit since that discussion with Keith

I think some perspective is necessary here. In the vast universe of work not getting done, the EPDP isn’t the tragedy we’re making it to be.

This conversation is SURREAL given the changes that are happening in the world and the number of other REALLY essential services that are being cancelled.

+1 James

+1 Alan

+1 everybody if it helps us move to the next agenda item

I agree with Alan, SURREAL is a good word to describe this conversation. As I have said, it shows the priorities of ICANN and eats away at its credibility. It is a freebie for us in civil society who would like to ridicule its public accountability.

Janis, when will you leave as chair?

I accept that

I think that is an important factor for our work tbqh

My audio has been perfect so far.

My audio is not great

Will this “extended” comment period be communicated publicly?

@Hadia: Same here. Switched to mobile network.

@Amr my audio is now good

@Hadia: Mobile Internet working better than ADSL right now. Glad your audio’s fixed.

@Amr ADSL is good at my end

@Owen - there is no extension, but the other public comment forum which opens on 24 March will mention that those that were not able to to current events to submit comments, they can do so on the priority 2 public comment forum. It will be helpful though that groups to flag by 30 March whether they will submit further comments on the initial report so that staff and the EPDP can plan accordingly.

@Hadia: Glad to hear it.

That is really confusing.

@Berry- thanks for confirming.

+1 Becky

+1 Becky

@Becky, thanks. Agreed. We can support based on that Purpose 2 for SSR.

@Amr: what’s the conflation?

between Octo and ssr

Our support for not having a separate OCTO purpose is based on agreeing on the new Purpose 2 as shared by the Board

Same

There is no way to in detail delineate what SSR support will mean in the future.

@Franck: I might have misunderstood, but it sounded like the two were linked for some reason.

Research is highly relevant to SSR

I don’t recall OCTO saying they need redacted registration data for research? Did I miss that?

Ok thanks

Correct, Amr

Which part is the formulation?

Thanks for the highlight.

Don’t cry for me accuracy purpose, we’ll keep our distance, don’t make a problem...

the whole call

Wasn’t that the case with whois too?

Per Item #4, the Council encourages the legal committee to still submit questions on Accuracy as we have funds available now to seek advice.

It will help inform future discussions on this topic.

+1 Laureen

Oooh, another balancing test\?

+1 Alan

+1 Laureen

+1 Laureen and Alan

Good to see that your spirits remain high Volker :-).

always

In all seriousness, a balancing test would need to be done if burdensome accuracy checks would be required of RNHs.

Heck, I get to spend more time with the family...

As I have said with tiresome repetition, the comparators might be data requirements of other service providers including banks and public authorities.

Of course, a fulsome PIA might have uncovered these issues in more detail

+Georgios. This may not be SSAD, but it was part of Phase 1 and to defer it again is very problematic.

The legal advice we received so far says that we’re in a better position to evaluate the adequacy of existing accuracy obligations, and to what extent those are sufficient for GDPR compliance. A number of us believe we’re ok on that front. Further work on accuracy may still be done in the future, but only fair that it is properly scoped in advance.

As suggested by the Council, it encourages this EPDP's Legal Committee to submit its questions to B&B. It should be done now, as we have the funds now. As I recall, the NCSG was the only group opposing the submission of these questions to B&B.

Thanks, Berry. Fully support sending the question to B&B as the Council advised.

@Berry I am confused we submit questions but we keep it out of scope?

It is still in scope, but decoupled from the SSAD so that we can deliver out final report on the system. Else we resikj delivery by 3 to 6 months given the complexity.

Berry, that part of the council's recommendation was unclear b/c it referred to a legal "memo." What I see based on your statement, is that we should submit the accuracy "questions" to the Bird and Bird. Correct?

@Laureen. Yes.

We have the funds now.

@Margie: Not exactly true. We never agreed on the importance of the EPDP handling accuracy. We agreed to defer the topic to phase 2, because we had a deadline to publish the initial report for phase 1. There was no time to settle the issue back then. There was no promise to come up with final recommendations on the topic.

Regarding any compromise in Phase 1, is my recollection incorrect the

@Berry since it is in scope and the council said that we can go ahead and submit the questions lets go ahead and do so.

That the IPCBC rejected that compromise at the council level?

By rejecting that phase 1 report, they essentially disagreed with everything that was in it.

@Marc not only "desirable" but necessary

it’s not desirable and good, it’s a legal obligation

And already implemented sufficiently to meet any potential legal requirements

IPC/BC approach to data accuracy is all wrong anyway (at least from a GDPR perspective). Data accuracy is a data subject’s right in GDPR. IPC/BC is trying to leverage this to penalize CPs and registrants, when accuracy of registration data doesn’t live up to whatever level of accuracy deemed desirable. This requires more policy development beyond what is an issue in GDPR.

The concern doesn’t seem to be the registrant’s right to its data being accurate, but rather that SSAD users have a right to accurate data instead.

Agree with Marc. Previous comments make it sound like we’re throwing out any commitment to accuracy, when we are simply standing on status quo.

Wasn't dissatisfaction with the status quo the impetus for the discussion in the first place?

Accuracy is improving day by day as more domains fall under the scope of the 2013 raa

@amr: it’s a right that this EPDP is going to ignore. data accuracy may have other benefits (eg for SSAD requestors), but data should be accurate

Many will be surprised how data accuracy is going to improve since the data is not illegally published.

@Franck: Data accuracy measures already in place are just fine. Most importantly, from a GDPR perspective, registrants are able to flag and correct inaccurate data, when/if discovered.

@Thomas: +1

@Marc, no one is disputing that CP requirements for accuracy are still there. But if we hare learning anything from the Corona virus, it is that measurement and understanding where you are is critical.

@Thomas, although the concept that redaction results in more accuracy *might* be true, I don't think I have seen any reports to support it - is it speculation, or demonstrated by data?

@MArk, if we were measuring accuracy, we might know! ;-)

Bye all. Stay safe everyone.

Bye all.

thanks take care

Que sera, sera, whatever will be will be

I found it difficult/impossible to try to estimate the numbers myself. Looking to others who have more experience with this.

When asking Bird and Bird for advice on this issue, it would be important to specify precisely why the data needs to be more accurate. Is it preventing LEAs from making an arrest? How likely is it that ICANN requirements will force criminals to provide accurate data? How often does inaccurate data lead to SS issues? How fast do malware and phishing attacks occur after registration, and can fulsome accuracy checks be done in that timeframe?

https://docs.google.com/document/d/1YtLHw4ASPOLwI_77bXGJrGypCHzYePQ5vaIWXzPatww/edit#heading=h.gjdgxs

If we have good, well measured data on any of my questions above I would love someone to steer me to the link....

@Berry: Thanks for taking a first stab at this.

Apologies all, must drop off now

Please make sure you are in SUGGESTION MODE.

@Chris, so are all of those expecting to become accredited? Or will they pass the requests through the few groups that are accredited?

Request processing is automated, and in some cases disclosures would be automated.

On the topic of finding some actual numbers I wanted to flag that Tucows has recently published actual request numbers.

All CP disclosures that require human review will be manual.

Thanks, Marc

yes, it makes sense, Marc

@Beth, I reviewed Tucows numbers. While far from precise it was my starting place for applying that number across the CPs > 200K DUMs.

ok, good... sorry if I wasn't clear earlier

<<< to make clear, my part was far from precise. Not suggesting their numbers are.

@Berrry. Great!

two

If you are going to permit an accredited entity to have thousands of users accessing data, you are going to have to seriously ramp up on the accreditation oversight.

At the moment, that oversight is rather trivial.

probably only hundreds of users per agency though max

Even that is a bit of an oversight nightmare, unless you want the DPAs in there investigating complaints every other month. One way to dump your audit costs on another entity I suppose, not one I would recommend.

I would at least foresee admin investigations having a different portal than LEAs.

It will depend on the structure of each country’s investigative processes,, no??

Re: Consumer Protection, at least in U.S., FTC is a civil law enforcement agency. So we are law enforcement. Whether we would use the same portal as criminal law enforcement is something TBD.

Precisely Laureen, these distinctions and authorities will be different in various other legal systems. But I am not the lawyer, of course...

Wouldn’t national authorities with many users represent a significant cost because of relatively high volume of disclosure requests, processing them, keeping logs, reviewing the logs for compliance purposes, etc…?

I’m guessing that an accredited national authority could result in more disclosure requests than a small private sector accredited entity? Just thinking out loud.

Sorry have to leave now.

I need to drop off now as well. Thanks all. Bye.

I need to drop off

i can stay on

I need to step away for 2 mins. Francisco and Aaron are here. :)

Will have to go too

These 4 bullets were pulled from the Initial Report

I am back. Thank you.

need to drop thanks all

sounds good

same

2 years is good unless allegations of abuse

I was going to suggest 1 year, but Its hard to estimate without knowing how involved a re-accreditation process is.

sorry have to drop. stay safe y’all

Janis has convinced me that re-accred should be similar to a passport renewal - 5 years, if I understood him correctly

2 is fine for estimation purposes

no problem

Need to drop off.

+1 Eleeza, thank you

Of course.

We’ll do that today. Thank you, Janis.