[Excom] [ccnso-council] CENTR Board letter to ICANN

Wed Jun 15 13:13:32 EAT 2022

+1 angela .. 
Your Contribution is very relevant and in line with the situation of registries and the role that cctlds should play in Africa …The confusion between ccTLD and GTLD’s 

I have made a french translation, and i believe it can be a common statement from @AfTLD 

== FR ===
Cher Barrack, merci pour ces informations.

Je ne pense pas que les ccTLD feraient bien d'être gouvernés comme les gTLD et imposer des politiques nationales n'est pas idéal. Encouragez plutôt les gouvernements à reconnaître les ccTLD dans leurs politiques nationales, et même à subventionner et à soutenir la gestion des ccTLD. Pour les gouvernements dotés de lois sur la protection des données qui ont des obligations en matière d'exactitude des données, le commissaire DPA concerné doit travailler avec les registres et être encouragé à adopter des moyens d'assurer l'exactitude des données du titulaire.

Ce avec quoi je semble être d'accord à propos du NIST2, c'est que les pays devraient déclarer/reconnaître les ccTLD en tant qu'infrastructures critiques. Dans mon pays, par exemple, tout ce qui est considéré comme une infrastructure nationale d'information critique est traité en priorité, notamment en assurant la continuité, la stabilité et la sécurité de cette infrastructure. Le rôle de l'unité de cybersécurité comprend la lutte contre la cybercriminalité perpétrée via le DNS ou sur le DNS.

Ce modèle n'est pas le seul à contourner. Les ccTLD peuvent collaborer avec les CIRT nationaux sans avoir recours à des mesures d'application strictes et à une supervision rigoureuse. Dans notre cas où il n'y a pas de loi sur la cybersécurité, la sensibilisation à la cybersécurité a donné plus de résultats en obligeant les organisations détenant des informations critiques à se conformer. De plus, nous avons été en mesure de lutter contre la cybercriminalité grâce à des politiques ccTLD qui reconnaissent également l'utilisation abusive du DNS sous la forme d'abus de contenu ainsi que les infractions à la propriété intellectuelle qui ne relèvent actuellement pas de la compétence de l'ICANN.

Dans l'état actuel des choses, les actes liés à la cybercriminalité et à l'informatique, les actes de criminalité financière et d'autres actes mentionnant la cybercriminalité élaborés par les États membres comportent déjà des sanctions et avoir des sanctions supplémentaires pour moi serait contre-productif ; La collaboration et la coopération sont essentielles pour atteindre la cyber-résilience et, le cas échéant, l'harmonisation pourrait également aider, et pour y parvenir, les responsables de la cybersécurité doivent sensibiliser toutes les parties prenantes concernées à l'importance de disposer de capacités de cybersécurité, et non d'imposer.

Ms. Angela Matlapeng (.BW)

Alex Corenthin
Responsable Technique NIC Sénégal (www.nicsenegal.sn <http://www.nic.sn/>)
Centre Universitaire de Recherche et de Formation aux technologies de l’Internet (www.curi.sn <http://www.curi.sn/>)
Université Cheikh Anta Diop de Dakar (www.ucad.sn <http://www.ucad.sn/>)
BP 16370 Dakar-Fann (Senegal)
Tel : +221 338219190 / 776317776

> Le 14 juin 2022 à 08:17, Angela Matlapeng <matlapeng at bocra.org.bw> a écrit :
> 
> Dear Barrack, thank you for this information.
>  
> I do not think ccTLDs would do good being governed like gTLDs and imposing national policies is not ideal. Rather encourage Governments to recognize ccTLDs in their National policies, and even subsidise and support the running of ccTLDs. For those Governments with Data Protection Acts which have data accuracy obligations, the relevant DPA Commissioner needs to work with Registries and encouraged to adopt ways of ensuring accuracy of Registrant data.
>  
> What I seem to agree with about the NIST2 is that countries should declare/recognize ccTLDs as Critical Infrastructure. In my country for instance, anything deemed as National Critical Information Infrastructure is treated with priority including ensuring its continuity, stability, and security of that infrastructure. The cybersecurity unit’s role includes dealing with cybercrime perpetuated through the DNS or on the DNS.
>  
> This model isn’t the only work around. ccTLDs can collaborate with National CIRTs without using strict enforcements and stringent supervision. In our case where there is absence of a Cybersecurity Law, cybersecurity awareness has yielded more results in having organizations with critical information comply. Additionally, we have been able to deal with cybercrime through ccTLD policies that also recognize DNS Abuse in the form of content abuse as well as IP infringements which are currently not ICANN’s remit.
>  
> As it is, cybercrime and computer related acts, financial crime acts, and other acts that mention cybercrime developed by Member states already have penalties and to have additional sanctions for me, would be counterproductive; Collaboration and cooperation key to achieving cyber resilience, and where need-be, harmonization could help as well, and to achieve this, those in charge of cybersecurity need to make all relevant stakeholders aware of the importance of having cybersecurity capabilities, not impose.
>  
> Warm Regards,
>  
> Ms. Angela Matlapeng 
>  
>  
> From: EXCOM <excom-bounces at aftld.org> on behalf of barrack at aftld.org <barrack at aftld.org>
> Date: Thursday, 09 June 2022 at 10:49
> To: excom at aftld.org <excom at aftld.org>
> Subject: [Excom] Fwd: Re: [ccnso-council] CENTR Board letter to ICANN
> 
> Dear EXCOM,
> 
> What are your thoughts on this matter?
> 
> Regards
> 
> -------- Original Message --------
> Subject: Re: [ccnso-council] CENTR Board letter to ICANN
> Date: 2022-06-08 15:02
> From: Peter Van Roste via Ccnso-council <ccnso-council at icann.org>
> To: Nick Wenban-Smith <Nick.Wenban-Smith at nominet.uk>, 
> "ccNSO-Council at icann.org" <ccnso-council at icann.org>
> Reply-To: Peter Van Roste <peter at centr.org>
> 
> Hi Nick,
> 
> Thanks for forwarding.
> 
> Luckily, this seems to be a EU specific issue.
> 
> However, if there is an interest, I'd be happy to summarise at the next
> call or answer any individual questions people may have in the meantime.
> 
> 
> Hope to see many of you in The Hague!
> 
> Peter
> 
> Van: Ccnso-council <ccnso-council-bounces at icann.org> Namens Nick
> Wenban-Smith via Ccnso-council
> Verzonden: dinsdag 7 juni 2022 18:30
> Aan: ccNSO-Council at icann.org
> Onderwerp: [ccnso-council] FW: CENTR Board letter to ICANN
> 
> FYI, is this something that could be discussed under AOB at council next
> week perhaps?
> 
> From: fm-request at centrlists.org <fm-request at centrlists.org> On Behalf Of
> Peter Van Roste
> Sent: Tuesday, June 7, 2022 11:58 AM
> To: fm at centrlists.org
> Cc: leaders at centrlists.org
> Subject: [centr-fm] CENTR Board letter to ICANN
> 
> Hi Everyone,
> 
> As mentioned in a previous email, a Member had signalled that ICANN had
> reached out to European governments in the context of the NIS2
> negotiations.
> 
> In that exchange, ICANN suggested that governments apply internationally
> approved policies and procedures on their national ccTLD.
> 
> If successful, this outreach would result in ccTLDs having to abide by
> rules developed for gTLDs.
> 
> Feedback from Members indicated that this was indeed not a stand-alone
> case.
> 
> Wording I've seen, included indeed the encouragement for governments to
> establish internationally agreed policies regarding registrant data for
> ccTLDs.
> 
> As many expressed during the Jamboree, this is worrisome and we need to
> fully understand the scope of this effort by ICANN.
> 
> As a follow-up, the CENTR Board has sent a letter to the ICANN CEO to
> highlight this issue and request some clarifications.
> 
> Full letter is attached, here are the clarifications requested:
> 
> * How many European governments were approached in the context of this
> outreach?
> * On what grounds did ICANN suggest that governments should consider
> imposing regulation on ccTLDs?
> * How was this particular suggested amendment developed and what
> consultation process was followed?
> * On what basis does ICANN believe this specific message and related
> proactive outreach to governments is within its mandate?
> * Why did ICANN decide to advise governments on how to govern their
> national ccTLDs without consulting the ccTLD community?
> 
> Most importantly, the Board asks ICANN to discuss how this issue can be
> avoided in the future and insists on synchronisation with the relevant
> ccTLD should there ever be a need for ICANN to discuss ccTLD regulations
> with a government.
> 
> I will keep you posted of any follow-up.
> 
> Best Regards,
> 
> Peter
> 
> Peter Van Roste
> 
> General Manager
> 
> CENTR - Belliardstraat 20, 1040 Brussels, Belgium
> 
> tel +32 2 627 55 50 - direct +32 2 627 55 51
> 
> www.centr.org [1] - Twitter [2] - Facebook [3] - LinkedIn [4] - Skype:
> pvanroste
> 
> 
> 
> Links:
> ------
> [1] 
> http://secure-web.cisco.com/1VGztXNRCK7nLwageqXDot1U0BUJoO5jOHItWop9NEgn5wZ39EHq1d2U5AiLh8arHi8fFBQ5cIC1d4UbUPyTwFvaCl6uadojgUdlFQPsscGw4I8nZwtpwA5GzRolC39MulZjafVlWASueAxcc_U9TILMUU8q32B2t2ATHldNPuVh7tuS1NdrZLMJzfdwODnqunEmAU6JC2Ezn77zimQ68exgO_LeqnNxMMjlDRZaaqSPyJ9STGr_c-IhaR-wQbDl9/http%3A%2F%2Fwww.centr.org%2F <https://protect-za.mimecast.com/s/Kg_SC8qgo6SvRxpCECPwS?domain=secure-web.cisco.com>
> [2] https://twitter.com/CENTRnews <https://protect-za.mimecast.com/s/wiYRC98jpQC3BPEtQ14NY?domain=twitter.com>
> [3] https://www.facebook.com/centrnews <https://protect-za.mimecast.com/s/qLCqC0gM2Vuo3lwCpAxV8?domain=facebook.com>
> [4] https://www.linkedin.com/company/centr <https://protect-za.mimecast.com/s/tRHgCg5yxLc02nZcxvkQe?domain=linkedin.com>
> _______________________________________________
> Ccnso-council mailing list
> Ccnso-council at icann.org
> https://mm.icann.org/mailman/listinfo/ccnso-council <https://protect-za.mimecast.com/s/UtDPCj2Bvqf5qkQiJBNN0?domain=mm.icann.org>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your 
> personal data for purposes of subscribing to this mailing list 
> accordance with the ICANN Privacy Policy 
> (https://www.icann.org/privacy/policy <https://protect-za.mimecast.com/s/zWKsCk5gwZcWQZztzaCuH?domain=icann.org>) and the website Terms of Service 
> (https://www.icann.org/privacy/tos <https://protect-za.mimecast.com/s/t3UDClO0v5inZDNh4smte?domain=icann.org>). You can visit the Mailman link 
> above to change your membership status or configuration, including 
> unsubscribing, setting digest-style delivery or disabling delivery 
> altogether (e.g., for a vacation), and so on.
> _______________________________________________
> EXCOM mailing list
> EXCOM at aftld.org
> https://mail.aftld.org/cgi-bin/mailman/listinfo/excom <https://protect-za.mimecast.com/s/hpp6Cmwk2QcJnGNUlXaBB?domain=mail.aftld.org>_______________________________________________
> EXCOM mailing list
> EXCOM at aftld.org <mailto:EXCOM at aftld.org>
> https://mail.aftld.org/cgi-bin/mailman/listinfo/excom <https://mail.aftld.org/cgi-bin/mailman/listinfo/excom>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.aftld.org/pipermail/excom/attachments/20220615/511384af/attachment-0001.html>