-
Communiqués
More
-
Correspondence
More
-
Itemized Advice
More
-
Principles & Guidelines
More
2013-04-11-Safeguards-3
GAC Advice
2013-04-11-Safeguards-3
N/A
Consensus met
2013-04-11-Safeguards-3
Communication
Safeguard Advice
The GAC Advises the ICANN Board that:
To reinforce existing processes for raising and addressing concerns the GAC is providing safeguard advice to apply to broad categories of strings (see Annex I).
The GAC considers that Safeguards should apply to broad categories of strings. For clarity, this means any application for a relevant string in the current or future rounds, in all languages applied for.
The GAC advises the Board that all safeguards highlighted in this document as well as any other safeguard requested by the ICANN Board and/or implemented by the new gTLD registry and registrars should:
- be implemented in a manner that is fully respectful of human rights and fundamental freedoms as enshrined in international and, as appropriate, regional declarations, conventions, treaties and other legal instruments – including, but not limited to, the UN Universal Declaration of Human Rights.
- respect all substantive and procedural laws under the applicable jurisdictions.
- be operated in an open manner consistent with general principles of openness and non-discrimination.
Safeguards Applicable to all New gTLDs
The GAC Advises that the following six safeguards should apply to all new gTLDs and be subject to contractual oversight.
3. Security checks— While respecting privacy and confidentiality, Registry operators will periodically conduct a technical analysis to assess whether domains in its gTLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. If Registry operator identifies security risks that pose an actual risk of harm, Registry operator will notify the relevant registrar and, if the registrar does not take immediate action, suspend the domain name until the matter is resolved.
GAC Acknowledgement of Register Entry
GAC: 2 May 2013
Board: 9 May 2013
Next Steps/Required Action
Board Action:
| Item | Resp. | Start | Compl. | Status |
|---|---|---|---|---|
| Publish GAC Communique and notify applicants of 21-day GAC Advice Response Period | Staff | 18 April | Complete | |
| Applicants 21-day response period to GAC Advice | Applicants | 19 April | 10 May | Complete |
| Publish GAC Communique to solicit input on how the New gTLD Board Committee should address GAC advice regarding safeguards applicable to broad categories of New gTLD Strings | Staff | 23 April | Complete | |
|
Public Comment period on how Board should address GAC Advice re: Safeguards http://www.icann.org/en/news/public-comment/gac-safeguard-advice-23apr13-en.htm |
Public | 23 April |
Comment: 14 May Reply: 4 June |
Complete |
| Collect and summarize applicant responses to GAC Advice | Staff | 11 May | 31 May | Complete |
| Summarize and analyze public comments on how Board should address GAC Advice re: Safeguards | Staff | 5 June | 12 June | Complete |
| Review and Consider Applicant responses to GAC Advice and Public Comments on how Board should respond to GAC Advice re: Safeguards | New gTLD Program Committee | 13 June | 20 June | Not Started
The NGPC is also developing a GAC Scorecard similar to the one used during the GAC and the Board meetings in Brussels on 28 February and 1 March 2011. Each scorecard item will be noted with a '1A' '1B' or '2' 1A: Indicates that the NGPC's proposed position is consistent with GAC Advice as described in the Scorecard. 1B: Indicates that the NGPC's proposed position is consistent with GAC Advice as described in the Scorecard in principle, with some revisions to be made. 2: Indicates that the NGPC's current position is not consistent with GAC advice as described in the Scorecard and further discussion with the GAC is required following the relevant procedures in the ICANN Bylaws. Updates: http://www.icann.org/en/news/announcements/announcement-14jun13-en.htm |
Responsible Party
Board/Staff
Current Status/Communications Log
10 May 2013 - Letter from the ICANN Board re: Progress in Addressing GAC Beijing Advice
6 June 2013: NGPC Scorecard
Board Action (Accept/Disagree)
Accept
NGPC Consideration of GAC Beijing Advice 07-03-13[2].docx
- A provision in the New gTLD Registry Agreement (as a mandatory Public Interest Commitment in Specification 11) requires Registry Operators periodically to conduct a technical analysis to assess whether domains in its gTLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets.
- The provision also requires Registry Operators to maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operators will maintain these reports for the agreed contracted period and provide them to ICANN upon request. The contents of the reports will be publically available as appropriate.
- Because there are multiple ways for a Registry Operator to implement the required security checks, ICANN will solicit community participation (including conferring with the GAC) in a task force or through a policy development process in the GNSO, as appropriate, to develop the framework for Registry Operators to respond to identified security risks that pose an actual risk of harm, notification procedures, and appropriate consequences, including a process for suspending domain names until the matter is resolved, while respecting privacy and confidentiality.
- The language included in Paragraph 3 of the attached PIC Specification provides the general guidelines for what Registry Operators must do, but omits the specific details from the contractual language to allow for the future development and evolution of the parameters for conducting security checks. This will permit Registry Operators to enter into agreements as soon as possible, while allowing for a careful and fulsome consideration by the community on the implementation details.
See http://www.icann.org/en/groups/board/documents/resolutions-new-gtld-25jun13-en.htm#2.b.