[Excom] [ccnso-council] CENTR Board letter to ICANN

Mon Jun 20 09:12:49 EAT 2022

Dear Dr. Alex,

Many thanks for your email. I wonder if other EXCOM members think it 
will be a good idea to write to ICANN the way CENTR did?

Best Regards

On 2022-06-15 13:13, Alex Corenthin wrote:
> +1 angela ..
> Your Contribution is very relevant and in line with the situation of
> registries and the role that cctlds should play in Africa …The
> confusion between ccTLD and GTLD’s
> 
> I have made a french translation, and i believe it can be a common
> statement from @AfTLD
> 
> == FR ===
> 
> Cher Barrack, merci pour ces informations.
> 
> Je ne pense pas que les ccTLD feraient bien d'être gouvernés comme
> les gTLD et imposer des politiques nationales n'est pas idéal.
> Encouragez plutôt les gouvernements à reconnaître les ccTLD dans
> leurs politiques nationales, et même à subventionner et à soutenir
> la gestion des ccTLD. Pour les gouvernements dotés de lois sur la
> protection des données qui ont des obligations en matière
> d'exactitude des données, le commissaire DPA concerné doit
> travailler avec les registres et être encouragé à adopter des
> moyens d'assurer l'exactitude des données du titulaire.
> 
> Ce avec quoi je semble être d'accord à propos du NIST2, c'est que
> les pays devraient déclarer/reconnaître les ccTLD en tant
> qu'infrastructures critiques. Dans mon pays, par exemple, tout ce qui
> est considéré comme une infrastructure nationale d'information
> critique est traité en priorité, notamment en assurant la
> continuité, la stabilité et la sécurité de cette infrastructure.
> Le rôle de l'unité de cybersécurité comprend la lutte contre la
> cybercriminalité perpétrée via le DNS ou sur le DNS.
> 
> Ce modèle n'est pas le seul à contourner. Les ccTLD peuvent
> collaborer avec les CIRT nationaux sans avoir recours à des mesures
> d'application strictes et à une supervision rigoureuse. Dans notre
> cas où il n'y a pas de loi sur la cybersécurité, la sensibilisation
> à la cybersécurité a donné plus de résultats en obligeant les
> organisations détenant des informations critiques à se conformer. De
> plus, nous avons été en mesure de lutter contre la cybercriminalité
> grâce à des politiques ccTLD qui reconnaissent également
> l'utilisation abusive du DNS sous la forme d'abus de contenu ainsi que
> les infractions à la propriété intellectuelle qui ne relèvent
> actuellement pas de la compétence de l'ICANN.
> 
> Dans l'état actuel des choses, les actes liés à la
> cybercriminalité et à l'informatique, les actes de criminalité
> financière et d'autres actes mentionnant la cybercriminalité
> élaborés par les États membres comportent déjà des sanctions et
> avoir des sanctions supplémentaires pour moi serait contre-productif
> ; La collaboration et la coopération sont essentielles pour atteindre
> la cyber-résilience et, le cas échéant, l'harmonisation pourrait
> également aider, et pour y parvenir, les responsables de la
> cybersécurité doivent sensibiliser toutes les parties prenantes
> concernées à l'importance de disposer de capacités de
> cybersécurité, et non d'imposer.
> 
> Ms. Angela Matlapeng (.BW)
> 
> Alex Corenthin
> 
> Responsable Technique NIC Sénégal (www.nicsenegal.sn [10])
> Centre Universitaire de Recherche et de Formation aux technologies de
> l’Internet (www.curi.sn [11])
> Université Cheikh Anta Diop de Dakar (www.ucad.sn [12])
> BP 16370 Dakar-Fann (Senegal)
> Tel : +221 338219190 / 776317776
> 
>> Le 14 juin 2022 à 08:17, Angela Matlapeng <matlapeng at bocra.org.bw>
>> a écrit :
>> 
>> Dear Barrack, thank you for this information.
>> 
>> I do not think ccTLDs would do good being governed like gTLDs and
>> imposing national policies is not ideal. Rather encourage
>> Governments to recognize ccTLDs in their National policies, and even
>> subsidise and support the running of ccTLDs. For those Governments
>> with Data Protection Acts which have data accuracy obligations, the
>> relevant DPA Commissioner needs to work with Registries and
>> encouraged to adopt ways of ensuring accuracy of Registrant data.
>> 
>> What I seem to agree with about the NIST2 is that countries should
>> declare/recognize ccTLDs as Critical Infrastructure. In my country
>> for instance, anything deemed as National Critical Information
>> Infrastructure is treated with priority including ensuring its
>> continuity, stability, and security of that infrastructure. The
>> cybersecurity unit’s role includes dealing with cybercrime
>> perpetuated through the DNS or on the DNS.
>> 
>> This model isn’t the only work around. ccTLDs can collaborate with
>> National CIRTs without using strict enforcements and stringent
>> supervision. In our case where there is absence of a Cybersecurity
>> Law, cybersecurity awareness has yielded more results in having
>> organizations with critical information comply. Additionally, we
>> have been able to deal with cybercrime through ccTLD policies that
>> also recognize DNS Abuse in the form of content abuse as well as IP
>> infringements which are currently not ICANN’s remit.
>> 
>> As it is, cybercrime and computer related acts, financial crime
>> acts, and other acts that mention cybercrime developed by Member
>> states already have penalties and to have additional sanctions for
>> me, would be counterproductive; Collaboration and cooperation key to
>> achieving cyber resilience, and where need-be, harmonization could
>> help as well, and to achieve this, those in charge of cybersecurity
>> need to make all relevant stakeholders aware of the importance of
>> having cybersecurity capabilities, not impose.
>> 
>> Warm Regards,
>> 
>> Ms. Angela Matlapeng
>> 
>> From: EXCOM <excom-bounces at aftld.org> on behalf of barrack at aftld.org
>> <barrack at aftld.org>
>> Date: Thursday, 09 June 2022 at 10:49
>> To: excom at aftld.org <excom at aftld.org>
>> Subject: [Excom] Fwd: Re: [ccnso-council] CENTR Board letter to
>> ICANN
>> Dear EXCOM,
>> 
>> What are your thoughts on this matter?
>> 
>> Regards
>> 
>> -------- Original Message --------
>> Subject: Re: [ccnso-council] CENTR Board letter to ICANN
>> Date: 2022-06-08 15:02
>> From: Peter Van Roste via Ccnso-council <ccnso-council at icann.org>
>> To: Nick Wenban-Smith <Nick.Wenban-Smith at nominet.uk>,
>> "ccNSO-Council at icann.org" <ccnso-council at icann.org>
>> Reply-To: Peter Van Roste <peter at centr.org>
>> 
>> Hi Nick,
>> 
>> Thanks for forwarding.
>> 
>> Luckily, this seems to be a EU specific issue.
>> 
>> However, if there is an interest, I'd be happy to summarise at the
>> next
>> call or answer any individual questions people may have in the
>> meantime.
>> 
>> Hope to see many of you in The Hague!
>> 
>> Peter
>> 
>> Van: Ccnso-council <ccnso-council-bounces at icann.org> Namens Nick
>> Wenban-Smith via Ccnso-council
>> Verzonden: dinsdag 7 juni 2022 18:30
>> Aan: ccNSO-Council at icann.org
>> Onderwerp: [ccnso-council] FW: CENTR Board letter to ICANN
>> 
>> FYI, is this something that could be discussed under AOB at council
>> next
>> week perhaps?
>> 
>> From: fm-request at centrlists.org <fm-request at centrlists.org> On
>> Behalf Of
>> Peter Van Roste
>> Sent: Tuesday, June 7, 2022 11:58 AM
>> To: fm at centrlists.org
>> Cc: leaders at centrlists.org
>> Subject: [centr-fm] CENTR Board letter to ICANN
>> 
>> Hi Everyone,
>> 
>> As mentioned in a previous email, a Member had signalled that ICANN
>> had
>> reached out to European governments in the context of the NIS2
>> negotiations.
>> 
>> In that exchange, ICANN suggested that governments apply
>> internationally
>> approved policies and procedures on their national ccTLD.
>> 
>> If successful, this outreach would result in ccTLDs having to abide
>> by
>> rules developed for gTLDs.
>> 
>> Feedback from Members indicated that this was indeed not a
>> stand-alone
>> case.
>> 
>> Wording I've seen, included indeed the encouragement for governments
>> to
>> establish internationally agreed policies regarding registrant data
>> for
>> ccTLDs.
>> 
>> As many expressed during the Jamboree, this is worrisome and we need
>> to
>> fully understand the scope of this effort by ICANN.
>> 
>> As a follow-up, the CENTR Board has sent a letter to the ICANN CEO
>> to
>> highlight this issue and request some clarifications.
>> 
>> Full letter is attached, here are the clarifications requested:
>> 
>> * How many European governments were approached in the context of
>> this
>> outreach?
>> * On what grounds did ICANN suggest that governments should consider
>> imposing regulation on ccTLDs?
>> * How was this particular suggested amendment developed and what
>> consultation process was followed?
>> * On what basis does ICANN believe this specific message and related
>> proactive outreach to governments is within its mandate?
>> * Why did ICANN decide to advise governments on how to govern their
>> national ccTLDs without consulting the ccTLD community?
>> 
>> Most importantly, the Board asks ICANN to discuss how this issue can
>> be
>> avoided in the future and insists on synchronisation with the
>> relevant
>> ccTLD should there ever be a need for ICANN to discuss ccTLD
>> regulations
>> with a government.
>> 
>> I will keep you posted of any follow-up.
>> 
>> Best Regards,
>> 
>> Peter
>> 
>> Peter Van Roste
>> 
>> General Manager
>> 
>> CENTR - Belliardstraat 20, 1040 Brussels, Belgium
>> 
>> tel +32 2 627 55 50 - direct +32 2 627 55 51
>> 
>> www.centr.org [1] [1] - Twitter [2] - Facebook [3] - LinkedIn [4] -
>> Skype:
>> pvanroste
>> 
>> Links:
>> ------
>> [1]
>> 
> http://secure-web.cisco.com/1VGztXNRCK7nLwageqXDot1U0BUJoO5jOHItWop9NEgn5wZ39EHq1d2U5AiLh8arHi8fFBQ5cIC1d4UbUPyTwFvaCl6uadojgUdlFQPsscGw4I8nZwtpwA5GzRolC39MulZjafVlWASueAxcc_U9TILMUU8q32B2t2ATHldNPuVh7tuS1NdrZLMJzfdwODnqunEmAU6JC2Ezn77zimQ68exgO_LeqnNxMMjlDRZaaqSPyJ9STGr_c-IhaR-wQbDl9/http%3A%2F%2Fwww.centr.org%2F
>> [2]
>> [2] https://twitter.com/CENTRnews [3]
>> [3] https://www.facebook.com/centrnews [4]
>> [4] https://www.linkedin.com/company/centr [5]
>> _______________________________________________
>> Ccnso-council mailing list
>> Ccnso-council at icann.org
>> https://mm.icann.org/mailman/listinfo/ccnso-council [6]
>> _______________________________________________
>> By submitting your personal data, you consent to the processing of
>> your
>> personal data for purposes of subscribing to this mailing list
>> accordance with the ICANN Privacy Policy
>> (https://www.icann.org/privacy/policy [7]) and the website Terms of
>> Service
>> (https://www.icann.org/privacy/tos [8]). You can visit the Mailman
>> link
>> above to change your membership status or configuration, including
>> unsubscribing, setting digest-style delivery or disabling delivery
>> altogether (e.g., for a vacation), and so on.
>> _______________________________________________
>> EXCOM mailing list
>> EXCOM at aftld.org
>> https://mail.aftld.org/cgi-bin/mailman/listinfo/excom
>> [9]_______________________________________________
>> EXCOM mailing list
>> EXCOM at aftld.org
>> https://mail.aftld.org/cgi-bin/mailman/listinfo/excom
> 
> 
> 
> Links:
> ------
> [1] http://www.centr.org
> [2] 
> https://protect-za.mimecast.com/s/Kg_SC8qgo6SvRxpCECPwS?domain=secure-web.cisco.com
> [3] 
> https://protect-za.mimecast.com/s/wiYRC98jpQC3BPEtQ14NY?domain=twitter.com
> [4] 
> https://protect-za.mimecast.com/s/qLCqC0gM2Vuo3lwCpAxV8?domain=facebook.com
> [5] 
> https://protect-za.mimecast.com/s/tRHgCg5yxLc02nZcxvkQe?domain=linkedin.com
> [6] 
> https://protect-za.mimecast.com/s/UtDPCj2Bvqf5qkQiJBNN0?domain=mm.icann.org
> [7] 
> https://protect-za.mimecast.com/s/zWKsCk5gwZcWQZztzaCuH?domain=icann.org
> [8] 
> https://protect-za.mimecast.com/s/t3UDClO0v5inZDNh4smte?domain=icann.org
> [9] 
> https://protect-za.mimecast.com/s/hpp6Cmwk2QcJnGNUlXaBB?domain=mail.aftld.org
> [10] http://www.nic.sn
> [11] http://www.curi.sn
> [12] http://www.ucad.sn

-- 
Barrack Otieno

General Manager

Africa Top Level Domains Organization

+254721325277

www.aftld.org

'The Regional Association of African ccTLDs