1) ICANN Brought Its GDPR Train Wreck to ICANN62 Panama
 |
| ICANN CEO & President Goran Marby and GNSO Chair Heather Forrest at ICANN62 Can you tell which one's "brain just melted"? |
"One of the more frustrating aspects of the current GDPR crisis that ICANN has been struggling with, is the repeated assertions from folks who should know better in [ICANN org] senior management, that the GDPR was a complete surprise, that these data protection obligations are new, and that the data protection commissioners are not well informed about ICANN and its role. The GDPR passed in 2016 after years of fractious and well-publicised debate, during which US multinational corporations played an active role in Brussels to influence outcomes. While the size of the fines might be a surprise, the requirements were not. Furthermore, the NCSG and its precursor the NCUC have been bringing data commissioners and their staff to ICANN meetings for the better part of two decades. I myself spoke at an ICANN privacy workshop in 2005 while working for the Privacy Commissioner of Canada and said pretty much the same things I say today. More importantly, Giovanni Buttarelli, now the European Data Protection Supervisor and arguably one of the most important data protection commissioners in the world, came to an ICANN meeting in 2004 when he was working in the Italian Data Protection Authority. He returned in 2017 to the meeting in Copenhagen March 13th and repeated the same messages, yet even then the response from ICANN to the upcoming challenges was still not swift and effective. One wonders why."--Stephanie Perrin, June 21, 2018, ncuc.org (emphasis added). Editor's note: Why? "An Incompetent ICANN Management Team."
See also Working Paper (pdf) on Privacy and Data Protection Issues with Regard to Registrant data and the WHOIS Directory at ICANN, International Working Group on Data Protection in Telecommunications, 62nd meeting, 27-28 November 2017, Paris, France.
Editor's note: "Truncated timeframe" = just 4 months for deliberations and publication of the initial EPDP report.Personal observation: the prevalence of handwringing, “what we really need to do is” & alarmed, angsty tone of speakers in #ICANN62 #GDPR sessions reminds me of the 1st ICANN meeting to discuss #IANAsteward transition… Only difference is this GDPR thing has truncated timeframe.— Samantha Dickinson (@sgdickinson) June 26, 2018
#ICANN62 public sessions end for the day. Now, most of the onsite participants are headed to cocktails, to try and forget about #GDPR for a little while. But it’ll all be back on the table tomorrow...— Samantha Dickinson (@sgdickinson) June 26, 2018
GNSO Council Wrap-Up meeting, Thursday, 28 June 2018.
Next ICANN meeting: ICANN63, 20th Annual General Meeting, 20-25 Oct 2018, Barcelona, Spain.
2) Other ICANN News
 |
| The Superior Court of California, County of Los Angeles, Court Calendar for Case BC607494 |
b. New gTLD .WEB: Afilias vs ICANN et al?
c. SSAC2 Review Assessment Report published for community input 21 June 2018, by Analysis Group, the independent examiner performing the second review of ICANN's Security and Stability Advisory Committee (SSAC)--assessment report [PDF, 761 KB]. Public Comments on the report are encouraged and can be sent to mssi-secretariat@icann.org until 23:59 UTC on 20 July 2018.
Analysis Group will host a webinar on Thursday, 12 July at 20:00 UTC (4pm EDT), during which participants will have the opportunity to provide initial feedback and ask questions. To request dial-in information for the webinar, please send an email to mssi-secretariat@icann.org. The goal of the assessment report is to achieve maximum agreement between the wider ICANN community and the independent examiner as to which areas of the SSAC work well and which may benefit from improvements. No recommendations are included in the assessment report. Recommendations will be included in the final report, expected to be published in November 2018. More info here and also the executive summary [PDF, 85 KB].
Editor's note: I'd like to see the Analysis Group address SSAC's inexplicable failures in regard to new gTLDs--failures subsequently acknowledged, implicitly, by SSAC's ICANN Board liaison--read: More Problems Crop Up With Universal Acceptance of Top Level Domains by Ram Mohan, Feb 07, 2014, particularly in view of ICANN's contract provision with new gTLDs registry operators:
"1.2 Technical Feasibility of String. While ICANN has encouraged and will continue to encourage universal acceptance of all top-level domain strings across the Internet, certain top-level domain strings may encounter difficulty in acceptance by ISPs and webhosters and/or validation by web applications. Registry Operator shall be responsible for ensuring to its satisfaction the technical feasibility of the TLD string prior to entering into this Agreement." (emphasis added)And further, SSAC failing to demand or even recommend that either ICANN or the new gTLDs' registry operators and registrars warn prospective registrants of new gTLDs' domain names "failing to work as expected on the internet."
How could a group of otherwise competent professionals be so irresponsible and negligent? I can only speculate, but I attribute it to "conflicts of interest"--for example, Ram Mohan, a member of the SSAC and ICANN Board (2008-present) is employed by Afilias, a new gTLDs applicant and TLD registry operator, including providing new gTLDs' backend registry services.
What we now know is that apparently no one tested for "technical feasibility" before hundreds of new gTLDs were negligently and irresponsibly delegated by ICANN into the global internet root:
 |
| UASG017: Evaluation of Websites for Acceptance of a Variety of Email Addresses |
UASG017 (pdf): "Conclusion: There is much work to be done to get many of the world’s websites UA and EAI-ready. Where we thought we could address just a few applications and code repositories, that does not appear to be the case."But domain name registrants still are not warned that their new gTLDs' domain names may "fail to work as expected on the internet." Occasionally they show up at an ICANN meeting to complain, but no one of consequence at ICANN cares about domain name registrants--"it's all about the money."
Also note:
SSAC2018-017 | SSAC Input to the Chartering of GNSO EPDP (Expedited Policy Development Process) on Temporary Specification of gTLD Registration Data 26 Jun 2018 ssac2018-17-26jun18-en.pdf [pdf 99.1 KB].
Ongoing dysfunction (pdf) in planning for the next round of new gTLDs--ICANN is rushing through the whole process:
d. Information Transparency Initiative (ITI)--How the ITI Technical Infrastructure Works | ICANN.org.
e. GNSO Overtasked?--GNSO active projects list (pdf).
3) Names, Domains & Trademarks
a. IDN homograph attacks--registration of homographic domain names is akin to typosquatting, the major difference being that in homograph spoofing the perpetrator deceives victims by presenting visually indistinguishable hyperlinks. [Editor's note: ICANN enables and encourages cybercrime and domain name abuse via homograph attacks through its IDN new gTLDs program.] See also:
- Hackers ‘Using International Characters To Create Scam Sites’--silicon.co.uk
- "... a problem that exists because of ICANN's failure to generate a coherent and universally applicable set of standards for registration of IDNs to prevent this type of abuse"--techrepublic.com.
- “Chilling results”: new domain name homograph report shows rising threat to online brands--worldtrademarkreview.com.
b. EURid (eurid.eu), registry operator for ccTLD .eu, and the International Anti-Counterfeiting Coalition (IACC.org) team up to fight cybercrime--businesswire.com June 27, 2017.
d. Trademarkers: New data reveals the most prolific trademark applicants in the United States last year--Leading the list was a 71-year-old New York physician with more than 300 applications--Expert suggests [trademark] filers lists “might not be dominated by large corporations in the future”--worldtrademarkreview.com.
f. F is for Family: branches of Rothschild empire settle dispute over family name ... Under the deal, the groups cannot use the name Rothschild by itself ... Rothschild & Co will stop using the rothschild.com domain name--ft.com.
4) ICYMI Internet Domain News
b. China & Internet Governance: "Beijing Wants to Rewrite the Rules of the Internet - Xi Jinping wants to wrest control of global cyber governance from the market economies of the west"--TheAtlantic.com:
"China’s model appeals to these countries because it provides them with tools to take control of an open internet. Online platforms used for terrorism and political dissent threaten national stability. The Edward Snowden revelations and crippling cyber attacks like WannaCry and Mirai create a sense of vulnerability that China’s model promises to fix."c. US & Net Neutrality: Lawmakers must level the field for all players in the internet ecosystem--Robert McDowell, former FCC commissioner (2006-13) in Richmond.com.
d. Internet Society: Internet Society Names Andrew Sullivan as New President & CEO 29 June 2018.
e. UPDATE: Deadline to respond to the NTIA notice of inquiry has been extended to July 17, 2018, 5:00 pm EDT.
5) Six Most Read Posts this past week on DomainMondo.com:
1. News Review | ICANN62 Panama City, Policy Forum, 25-28 Jun 2018
2. Tech Review | Media Disruption, Mergers & Fear of the Future (video) Jun 23
2. Tech Review | Media Disruption, Mergers & Fear of the Future (video) Jun 23
4. Micro Class on Laddering and Apple's Strategy on Privacy (video)
5. AI, NTIA, Crypto, ZTE & CyberSecurity Hearings LIVE June 26-27 (video)
6. Tech Review | Digital Advertising's Disruption and Data Addiction (video) Jun 30
5. AI, NTIA, Crypto, ZTE & CyberSecurity Hearings LIVE June 26-27 (video)
6. Tech Review | Digital Advertising's Disruption and Data Addiction (video) Jun 30
-- John Poole, Editor, Domain Mondo