Introduction to the PSWG LEA Capacity Building Workshop | 25 June 2017
Agenda Overview of the PSWG PSWG Activities related to Mitigation of DNS Abuse and Cybercrime PSWG Activities related to Registration Directory Services PSWG Activities related to Consumer Protection Resources PSWG Activity: https://gacweb.icann.org/display/gacweb/GAC+Public+Safety+Working+Group PSWG Terms of Reference: https://gacweb.icann.org/display/gacweb/GAC+PSWG+Terms+of+Reference Guide to ICANN for Law Enforcement: https://gacweb.icann.org/download/attachments/39944655/IG_Booklet_FINAL2.pdf?version=1& modificationDate=1454350349000&api=v2 This is a simpler agenda slide, the outline for your presentation.
Overview of the PSWG Breakup your presentation, divide it into sections. This is especially useful if most of your presentation is text.
PSWG Mandate The focus of the PSWG will be on those aspects of ICANN’s policies and procedures that implicate the safety of the public. Objectives include (but are not limited to): Assessing whether and seeking to ensure that the Domain Name System (DNS) and domain name registrations are not used to propagate, enhance, or further, unlawful activity, abuse, consumer fraud, deception, or malfeasance, and/or violations of law; Supporting the ability of public safety organizations to investigate, prevent, attribute, and disrupt unlawful activity, abuse, consumer fraud, deception or malfeasance, and/or violations of national law that involve the DNS and domain name registrations; Cooperating with ICANN’s advisory committees (including the RSSAC, SSAC), supporting organizations (including the GNSO, ASO, ccNSO), and community, to ensure multi-stakeholder support and cooperation, in advancing public safety policies, recommendations, and advice; Participating in applicable ICANN working/study groups to promote a shared understanding of the potential effects such groups’ work and recommendations will have on public safety; Continuously assessing whether ICANN has responsive and timely mechanisms to develop and enforce ICANN contractual obligations with gTLD registries and registrars, ( i.e., Registrar Accreditation Agreement, Registry Agreement); andAddressing work streams, policies, and studies that are brought forth at ICANN that affect public safety. Source: https://gacweb.icann.org/display/gacweb/GAC+PSWG+Terms+of+Reference
PSWG Membership May become PSWG Members: All GAC representatives and observers Representatives identified and nominated by GAC members PSWG Members are generally representatives of: national and/or provincial/state government consumer protection, civil and criminal law enforcement, or other agencies responsible for the welfare and protection of its citizens Current Membership (as of Dec. 2016) 98 representatives 27 countries and 7 international or regional organization represented
PSWG Activities related to Mitigation of DNS Abuse and Cybercrime Breakup your presentation, divide it into sections. This is especially useful if most of your presentation is text.
Due Diligence Recommendations Background 2009 Law Enforcement Due Diligence Recommendations Endorsed by the GAC in its Brussels (25 June 2010), Singapore (23 June 2011) and Dakar (27 October 2011) Communiqués Included in the 2013 Registration Accreditation Agreement (RAA) Accurate and verifiable information about registrars Collection and validation of data from registrants Abuse contact information Whois Service Level Agreements Implemention by ICANN Contractual compliance function New gTLD Program Application Process The PSWG has been tracking and following up on the implementation of these recommendations, in the GAC Hyderabad Communiqué (8 Nov. 2016) and in the Copenhagen Communiqué (15 Mar. 2017)
Security Framework for Registries The GAC Issued its New gTLDs Safeguards Advice in the Beijing Communiqué (April 2013) including mandatory security checks for all new gTLDs In response, in a June 2013 Resolution, the ICANN Board: Added a provision in the Registry Agreement (RA) mandating the identification of Security Threats by Registries “domains […] used to perpetrate security threats, such as: pharming, phishing, malware and botnets” Called for the development of a Framework for Registries to respond to Security Threats Drafting Team formed in August 2015, drafting initiated in Dec. 2015 GAC/PSWG Involvement Participated in the Drafting Team created in August 2015 Navigated the challenge with Registries to agree on substantive voluntary measures and standards GAC Endorsed Draft Security Framework now open for public comments
New gTLDs and Child Protection Background 1 in 3 of all internet users are legal minors (1 in 2 in parts of the developing world) Children have universally recognize rights (UN Convention on the Rights of the Child, in particular Art. 34 ”States Parties undertake to protect the child from all forms of sexual exploitation and sexual abuse […]”) Reports from the Internet Watch Foundation (IWF) have identified distribution of Child Pornography in New gTLDs PSWG Involvement Ensure that any assessment criteria used for determining the outcome of any decision-making processes in respect of new gTLDs are fit for purpose in respect of minors’ interests Ensure appropriate and detailed provisions are written into the next New gTLD Applicant Guidebook, Registry Agreement Prevent the registration of names suggesting child pornography Achieve WHOIS accuracy to reducing use of domains for such purposes Seeking the use of Auction Proceeds (ICANN’s or private) to fund relevant programs
PSWG Activities related to Registration Directory Services Breakup your presentation, divide it into sections. This is especially useful if most of your presentation is text.
WHOIS/Registration Directory Services Background Domain Registration Data is served through the WHOIS service offered by Registries and Registrars, which have evolved from the simple and outdated Port 43 WHOIS protocol (RFC 812, 954, 3912) With the development of the Internet and domain names, WHOIS has found itself at the core of key issues of accountability and privacy on the Internet which have yet to find a resolution In 2012 ICANN resolved to redefine the purpose of collecting, maintaining and providing access to registration data, and consider safeguards for protecting data. An Expert Working Group (EWG) was then formed and in its Final Report (2014) proposed a paradigm shift to replace Whois with a Next Generation Registration Directory Service (RDS) In November 2015, the RDS Policy Development Process was Launched to explore the need and policy requirement of such a next generation Whois Service. GAC and PSWG Involvement The GAC issued Principles Regarding gTLD Whois Services (28 March 2007) Two PSWG representatives are members of the Policy Development Working Group Status: The working group developed foundational documents for its deliberations (Problem Statement, Example Uses Cases, Draft Statement of Purpose for Registration Data and Directory Services, Numerous possible requirements Interim Initial Report possibly by end of 2017
RDS Review Team Background Review mandated by the new ICANN Bylaws (Article 4.6) to review enforcement of ICANN policies relevant to RDS and explore structural changes to improve accuracy and access to gTLD registration data Following 1st Whois Review Team (Final Report was published in May 2012 which led to the formation of the EWG and initiation of the subsequent RDS PDP) GAC and PWSG Involvement The GAC Chair nominates 3 members of the Review Team 3 Members of the PSWG have applied to be part of the Review Team and are expected to be selected and appointed The Review Team will assess the effectiveness of the current gTLD registry directory service and whether its implementation meets the legitimate needs of law enforcement, promoting consumer trust and safeguarding registrant data It is has started and is expected to conduct its work over the course of 2017 and beyond.
Privacy Proxy Services Policy Implementation Background As a follow-up to the 2013 RRA negotiations, the GNSO conducted a Policy Development Process on the issue of accreditation of Privacy and Proxy Services Providers (Oct. 2013 – Jan 2016) The GAC Helsinki Communiqué (June 2016) advised the ICANN Board on public policy concerns that should be addressed as part of implementation, in particular: Confidentiality of law enforcement and consumer protection requests Need for consideration of cross-border issues Access of Privacy/Proxy Services to domains engaged in collection of money In August 2016, the ICANN Board adopted the policy recommendations In October 2016, an Implementation Review Team (IRT) was formed to assist ICANN in its implementation effort, several GAC and PSWG members joined as volunteers PSWG Involvement GAC and PSWG representative are involved in advising ICANN through the IRT Representatives from the UK, US, Interpol, Europol and OAS have drafted a proposal for a Disclosure Framework for Registrars’ handling of confidential requests for the revealing of registrant data. This was endorsed by the GAC. Discussion expected during ICANN 59
PSWG Activities related Consumer Protection Breakup your presentation, divide it into sections. This is especially useful if most of your presentation is text.
Consumer Trust & Consumer Choice Review Background Part of regular reviews at ICANN, formerly part of the Affirmation of Commitments now included in the new ICANN Bylaws (Article 4.6) Review Team formed in January 2016 To determine the extent to which the introduction of new gTLDs has promoted competition, consumer choice and consumer trust in the DNS. To assess the effectiveness of (a) the application and evaluation processes, and (b) safeguards put in place to mitigate issues Update and Next Steps The CCT Review Team released a Draft Report of Recommendations in March 2017 An Intermediate Report of an ongoing Abuse Study is also available More information on the Review Team’s wiki page