Open Meeting of the ICANN Board and Governmental Advisory Committee (GAC)

Details
Organization: 
ICANN
Sub-organization: 
GAC
Date: 
26 Oct 11
ICANN 42
Dakar
Summary
Context: 
At every ICANN meeting, the Board meets with the Governmental Advisory Committee (GAC). This is usually one of the most anticipated meetings at an ICANN meeting due to its high-level nature.
Results: 
  • GAC asks for clear timelines for implementation of Joint Applicant Support Cross-Community Working Group (JAS-WG) -- recommendations for ensuring needy applicants get full access to first application round for new gTLDs
  • GAC waiting for full report from ICANN on combined impact of new gTLDs and other changes to root prior to opening of first application round
  • GAC wants clarification on "batching" if more than 500 new gTLD applications
  • GAC expects ICANN to promote new gTLD application round globally, including in developing countries, and assess and review awareness
  • GAC welcomes Board assurances that conflicts of interest will be identified and avoided
  • GAC requests publication of timeline with actions to deal with ethics and conflicts of interest policies
  • GAC urges Board to effectively address recommendations made by law enforcement agencies (and endorsed by GAC) with respect to Registrar Accreditation Agreement (RAA)
Executive summary: 

The first two agenda items were handled with dispatch. The meeting began with a discussion of applicant support for new gTLDs and the JAS report.

Representatives of the ICANN board reported that they were impressed by the JAS report and taking it very seriously.

The report makes recommendations for developing a sustainable approach to providing support to entities requiring assistance in applying for and operating new gTLDs.

Portugal, Kenya and Nigeria spoke out on behalf of developing countries, asking that these recommendations be considered as soon as possible and that outreach be done, particularly in the African region where, according to Kenya, outreach has been lacking both on the new gTLD process and on ICANN processes in general.

ICANN Board Member Katim Touray called for a community-wide commitment to the implementation of as many of the JAS report recommendations as practically feasible.

Regarding registry/registrar cross-ownership and relations to competition authorities, the European Commission said a few words of thanks to the ICANN board for their answer to a submission the European Commission had made prior to the Singapore ICANN meeting. The submission set out a number of concerns about vertical integration policy issues and the European Commission planned to analyze the reply and follow up with ICANN.

The first headlines from this meeting were made in the discussion of root zone scaling and the GAC's role in the early warning process. The Netherlands launched the discussion by asking what impact a potentially large volume of gTLD applications would have on the root scaling agreement made in Brussels.

ICANN Chair Steve Crocker clarified that there would be no stress on name servers created by the addition of new names. "There seems to be some persistent confusion and misunderstanding, in my judgment, about that. The name servers, the few hundred Anycast instances around the world regularly process on the order of 10,000 queries a day -- per second... The [insertion] of a new one or two or a hundred or a thousand names into the root server system almost certainly will generate no measurable change that you can see."

ICANN Board Member Bertrand de La Chapelle explained further that "the stress on the root servers that are distributed are more related to the number of users than the number of TLDs."

In response to a number of questions about how the batching of applications might work, CEO Rod Beckstrom stated that there is no limit to the number of applications that will be submitted from January 12th to April 12th and, if the number of applications received is more than 500, the current plan is to process those applications in batches of around 500. But they will all be posted at the same time.

ICANN's senior vice president of stakeholder relations, Kurt Pritz, declared: "Given that we're publishing all the applications at the same time, we would expect the early warning to be issued at that time... I think the best duty to the applicant is to provide early warning advice to the applicant within 60 days so they can withdraw their application, if need be, and not -- you know, they'll be spending money on their ongoing operations."

The European Commission clarified that the expectation was that the GAC would analyze all the applications - no matter how many there are - and issue early warnings within 60 days. "And, yet, you're going to process those applications in batches of 500. So, I'm sorry to say, but this seems to put a little bit too [much] strain on the GAC while you, yourself, recognize that you are not going to be able to process 12,000 applicants, just to use the number I did. So why should we not tell you, well, we're going to process 500 applications maximum now and you tell us what those 500 applications are?" Rod Beckstrom promised to look at the issue and get back to the GAC on it.

Bertrand de La Chapelle urged the GAC to produce early warnings on an ongoing, state-by-state basis, rather than providing a single early warning, which would require agreement on every potential problem
beforehand. He suggested, instead, that the GAC adopt "a two-pass system to try to narrow down, very early on, what are the strings that you believe are causing a problem in themselves and identifying among them... those where there is a real obvious consensus on the GAC that there is a problem that needs to be addressed, and those where there is a problem for some countries and [not] others." The European Commission promised to take this recommendation into account.

But Germany believes that it might be difficult to make a distinction between the evaluation of the string and the applicant. "A string evaluation is rather easy to [make]...but [for] an evaluation of the
applicant... you need to know, what is the model he's following? What are the registration policies? What are the restrictions? I think this, frankly speaking, is not possible within a time frame of 60 days."

Moving on to the next agenda item, ICANN's New gTLD Communication Plan, Rod Beckstrom provided a high-level summary of the communications outreach program for new gTLDs.

Uganda emphasized the importance of outreach in the African region and the United Kingdom defined broadcasting this opportunity in markets and stakeholder communities across the globe as critical to the success of the new gTLDs program - and to the credibility of ICANN.

The UK wanted to make sure that ICANN is monitoring levels of awareness and identifying large business communities, markets and communities that have not yet been reached, so that the outreach program can be adjusted to target communities that are still in the dark. Beckstrom assured the UK that ICANN is collecting a rich set of data, which will be published.

Adjustments have been made, he assured the UK, but "are limited based on the time that's allowed and permitted".

Fireworks started up again as the European Commission began the discussion of conflicts of interest. The European Commission's preference would be for an ICANN board that is fully independent from stakeholders that have a direct interest in the decisions of the organization.

But, in the meantime, the European Commission expects the board to adopt "a robust and substantive conflict-of-interest policy" that includes clear sanctions and penalties in case of breach. "We would very much urge the Board to take its political responsibility and put in place such a policy as soon as possible. Not turn this into [a] process with working groups, and engaging consultants, and advice and further discussion, and et cetera. But, before the end of the year... make sure that such a policy is in place."

Bertrand de La Chapelle made a distinction between conflicts of interest for the period during which somebody is on the board and for the period after they have served. Regarding conflicts of interest for current board members, "I think it's very, very important for all of you when this question is asked to take into account... the fact that we're not starting from scratch. And it is probably our fault, generally, to not have been posting clearly enough the existing conflicts-of-interest policy... And the first step that is absolutely clear, and that can be done, and it is probably already done, is to make this policy that exists visible."

Bertrand de La Chappelle and the Country Code Names Supporting Organisation (ccNSO) appointee to the ICANN board, Mike Silber, both regard the problem of the revolving door as a more complex one. Silber spelled out why: "When somebody is working within the industry and they're on the board, at least it's known. And the motivation can be understood and, if necessary, the person excluded from a vote or the room. But there's this possibility of a hidden motive to create an opportunity to be exploited as soon as the person has left the board."

But Bertrand de La Chappelle is concerned that, "If we get to a revolving door policy that is too rigid, we get the irony of having somebody who can be in the industry when this person is on the board and who shouldn't be in it when it leaves the board, which is very strange." There are, however, "distinctions that can be made regarding the kind of functions that you can have afterwards."

There is also, of course, the possibility of changing the ICANN model and requiring that board members become independent.

Cherine Chalaby contended that: "it isn't just enough to have the best policies and the best standards. What is also important is that the culture and DNA of individual board members also improves. And it isn't enough to be also independent... you could be an independent board member; you will not have any conflicts. But you could breach [ethics], and you could breach confidentiality."

Vice-Chair of the ICANN Board Bruce Tonkin reported that ICANN is trying to ensure that the existing conflicts policy and code of conduct are well understood.

Looking to improve on the policies already in place, the Board Governance Committee has asked the staff to commission external advice to review corporate and government best practices in conflicts and ethics so, in Bruce Tonkin's words, "it's not just us coming up with our own rules."

As far as the timing for putting new policies in place, "I wasn't sure. Were you suggesting that we don't put that out for comment before we would vote? Our normal practice is when we get advice, we update the policy and put it out for public comment... So I would expect we are talking of a time frame of a few months."

The European Commission declared that "patience is wearing thin. And we're really looking for a strong response from ICANN to show that it can self-correct at this point. That's why when we hear reviews, we hear we've engaged consultants and have had public consultations on it, it starts to itch a little bit." The European Commission is aware that there are policies in place at ICANN, but considers them to have been ineffective and without sanctions or penalties, without a cooling off period. "That's why the previous chairman did not break any rules, because there were not any rules in the first place."

"We're really looking to a commitment toward a result, not a commitment towards a process with an unclear timeline. We're going to enter into a very important and probably not - although we would not hope not - controversial period with the new gTLDs. It is absolutely critical that the board is above board on this... So, there's a sense of urgency that we would like to see and a strong signal from the board itself and from the chairman that what has happened in the past will not be repeated in the future."

In the course of this discussion, the European Commission also brought up the fact that ICANN relies on a limited number of parties for its funding, which "in itself, in our opinion, raises a fairly important issue of independence."

Bertrand de La Chappelle sought to "correct a very common misunderstanding... registries and registrars are not the one or the only ones that finance ICANN... they are conveying and channeling the contributions that are paid by the registrants."

But GAC Chair Heather Dryden questioned whether this addressed the real issue regarding registries and registrars, pointing out that it does not take into account "all those registrants are sitting on the board maybe creating opportunities for themselves. That's really the difference. That's really the point with registries and registrars being in a privileged position to influence business opportunities and so on."

The final showdown of the meeting was regarding law enforcement recommendations endorsed by the GAC to fight cybercrime. The United States of America expressed frustration with ICANN's failure to act on the GAC's endorsement and efforts on behalf of global law enforcement agency (LEA) proposals designed to help prevent and disrupt efforts by criminal groups to exploit domain registration procedures.

The US asked the ICANN board, first, if the only way to make LEA-recommended policies binding is through a Policy Development Process (PDP). Secondly, the US asked if registrars attending the June meeting in Singapore were correct in saying that they are the "good guys" representing about 80 percent of the market, what could be done to decredit the "bad guys", the remaining 20 percent?

Kurt Pritz responded to the US' first question. "ICANN published a paper about a week ago to the GNSO that recommended in part that ICANN and registrars should start bilateral contract negotiations immediately in order to move the discussion forward... The paper also states that, you know, the GNSO can take up policy matters at any time to make policy binding on registrars."

Pritz identified a vote of the GNSO Council as "the fastest way to make those recommendations binding on all registrars. If we negotiate a set of agreements with registrars outside of that process, they'd have to be individually adopted by each registrar. And it's only binding on those registrars when their agreement expires."

The agreements are five years long, and the majority of them will not expire for another three or four years. More importantly, according to Pritz, "ICANN and the registrars have agreed that we should start negotiations right away on a more complete set of amendments that consider the LEA recommendations and the GNSO high-priority recommendations. And so the registry constituency met this morning and approved the initiation of those negotiations. So they are going to appoint a team to negotiate with ICANN, and similarly ICANN is going to have a team negotiating. We also committed to reporting out with each meeting the results of that meeting in a transparent way so that the community could monitor developments of those
negotiations."

As to the timeline, "the registrars and ICANN agreed that we'd work toward publishing a set of amendments by the Costa Rica meeting [March 2012]. I personally think that's very ambitious, but the registrars endorsed that and that's what we're working to."

The United States of America was unimpressed. "So, again, I think we have been lectured at great length as to the only way to make things stick is down this way. So again, that's a process. Now, it may be a fact, but it's a process."

Australia, too, expressed despair that "all that I have heard is process, process, process. And I am back to where I was the other day talking to the registrars that I don't see a clear and credible path to action, to be perfectly honest. All the processes that I've just heard require agreement and negotiation with registrars. I may be wrong here, but the registrars have known about this for some time, and we've seen no action. And, in a self-regulatory model, if the people we're trying to regulate can continually stifle or veto any progress, then I think we have a structural problem with the model."

Steve Crocker closed the meeting on a lighter note. He mentioned in his opening remarks that he had appeared before the GAC many times before as chair of the Security and Stability Advisory Committee (SSAC) and as a member of the ICANN board. On this, his first appearance as chair of the ICANN board, he didn't know "whether to feel completely comfortable or scared to death." The meeting ended with laughter as he observed, "Now I know."

Summary: 

Discussion of root zone scaling and the early warning process [full summary]

The Netherlands launched the discussion by asking what impact a potentially large volume of gTLD applications would have on the root scaling agreement [pdf] made in Brussels.

ICANN Chair Steve Crocker sought to clarify that there would be no stress on name servers created by the addition of new names. "There seems to be some persistent confusion and misunderstanding, in my judgment, about that. The name servers, the few hundred Anycast instances around the world regularly process on the order of 10,000 queries a day -- per second... The [insertion] of a new one or two or a hundred or a thousand names into the root server system almost certainly will generate no measurable change that you can see."

ICANN CEO Rod Beckstrom reminded everyone that, in accordance with an ICANN board resolution, "the maximum number of TLDs that could be delegated into the root under the new gTLD program on an annual basis is 1,000. And the number may not exceed that unless there is a formal review, or a new decision by the board."

ICANN Board member Bertrand de La Chapelle explained further that "the stress on the root servers that are distributed are more related to the number of users than the number of TLDs... It will increase a little bit, because it will take time for the mirrors and all the cache and all the replications to get all the addresses... The other stress, which is important, is the number of updates to the database that come from changing the servers, from changing the address of who manages the registry and so on. But this is a completely different type of load."

Steve Crocker assured GAC members that there will be no impact discernable either to users or the internal distribution processes within each of the root server operators, and this will be documented in a report. The European Commission asked that this report be published as soon as possible. GAC representatives need policy summaries for use in communicating with their countries, and the European Commission would want access to the full report - with all the technical data and methodology - in order to share it with their own experts and help ICANN "to be confident all together on the resilience of the system".

Several GAC members asked how the new gTLD applications would be processed, particularly if there were a great number of them. The European Commission asked whether the GAC would be presented with only 500 applications at a time. Rod Beckstrom responded that there is no limit to the number of applications that will be submitted from January 12th to April 12th. If the number of applications received is more than 500, the current plan is to process those applications in batches of around 500. But they will all be posted at the same time.

Switzerland asked how applications would be batched, which ones would be put in the first and which in the last. "Would that be according to the date that they actually hand in their applications, or those from A to G -- what is your reflection in how to divide these into batches?" Rod Beckstrom explained that there were legal and technical operational issues to be worked through and so there is not yet a specific batching algorithm. But when there is one, it will be shared.

As to the timing of the GAC's role in providing early warnings, Kurt Pritz, ICANN's senior vice president of stakeholder relations, declared: "Given that we're publishing all the applications at the same time, we would expect the early warning to be issued at that time. And so, working with these -- through these operational issues with the GAC, if the GAC doesn't think it can get through all the applications in the 60 days allotted, that we should discuss how the GAC input could match the batching input going forward. But... I think the best duty to the applicant is to provide early warning advice to the applicant within 60 days so they can withdraw their application, if need be, and not, you know, they'll be spending money on their ongoing operations."

The European Commission clarified that the expectation was that the GAC would analyze all the applications - no matter how many there are - and issue early warning within 60 days. "And, yet, you're going to process those applications in batches of 500. So, I'm sorry to say, but this seems to put a little bit too [much] strain on the GAC while you, yourself, recognize that you are not going to be able to process 12,000 applicants, just to use the number I did. So why should we not tell you, well, we're going to process 500 applications maximum now and you tell us what those 500 applications are?" Rod Beckstrom promised to look at the issue and get back to the GAC on it.

Kurt Pritz offered to make the data as accessible as possible. "We will publish the applications, which are, essentially, the information in questions 1-13... So, there will be the string, and then the
applicant, and the purpose of the application and the answer to many of the questions, so that the GAC can use that to make its determinations... perhaps you could get back to us with a way that we could sort that data so it would be more helpful to you so you can kind of run your finger down it easily."

Bertrand de La Chapelle agreed that the bandwidth required for an early warning process with 1,200 applications will be much greater than the bandwidth required by only 500. He urged the GAC to produce early warnings on an ongoing, state-by-state basis, rather than providing a single early warning, which would require agreement on every potential problem beforehand.

He suggested, instead, that the GAC adopt "a two-pass system to try to narrow down, very early on, what are the strings that you believe are causing a problem in themselves and identifying among them" those where there is a real obvious consensus on the GAC that there is a problem that needs to be addressed, and those where there is a problem for some countries and [not] others." The European Commission promised to take this recommendation into account.

Germany, however, believes that it might be difficult to make a distinction between the evaluation of the string and the applicant. "A string evaluation is rather easy to [make]...but [for] an evaluation of the applicant... you need to know, what is the model he's following? What are the registration policies? What are the restrictions? I think this, frankly speaking, is not possible within a time frame of 60 days."

Switzerland agreed in principle with Bertrand de La Chappelle's suggestion, but wondered, what if there is a string that does not look problematic, the applicant, business models and registrar conditions do not look problematic, and then it turns out that "something is not applicable to our law in our country? And then you issue an early warning saying that, basically, everything would be fine, but we have a problem there. We cannot accept this. What is the use of this, if I get this right, that, if the applicant cannot modify this application, he can only withdraw it?"

Kurt Pritz explained that ICANN is "loathe to allow applicants to fully change their application, because that would allow applicants to abuse the system. Get an application in as a test. And, if that test sort of fails, they can sort of get around the system by amending it. But there are ways an applicant can address government concerns. For example, in the case of a geographic name, it can secure the approval of the government. Or there may be conditions a government would have before it would otherwise approve delegation of a name. So it can put the applicant on notice that the GAC will probably give GAC advice or encourage an objection in some way. So there are ways for governments to use the early warning effectively. And then, of course, the other use for GAC advice is to put the applicant on notice that there is going to be GAC advice or an objection to it and give him or her the opportunity to withdraw early for a higher refund. So we're trying to encourage the applicants to heed the GAC early warning in that way."

The Netherlands asked if it would be possible to enact a stricter policy if it were required to alleviate concerns of specific governments or the GAC as a whole. "I think just one very essential question about remediating an application. I understand that you don't want to have applicants gaming the system and changing their application.

"But, in certain cases, which are not only geographic but also others like dot sector and example of whatever sector, imagine, just to be very concrete example, imagine that, after talks with GAC members, after an early warning, that the registry would then maybe make a stricter policy and say, for example, that on the second level there's organization.sector. And he would say, okay, I want this to have stricter, for example, registered name for the organization on the second level. But with the minimum of 10 countries existent or regions."

Kurt Pritz would not respond to this specific example "because we want to maintain the goals of making it not gameable. But we also understand that you know, a registry might want to further restrict its application, make it more narrow in order to bring it into the goals of what the government has. So there's some limited opportunity to adjust how they're going to operate the registry without amending their application."

Bertrand de La Chapelle talked a little bit about the thinking behind the early warning system. "What we're trying to put in place is a communication channel. And the whole discussion we had during the elaboration of the applicant guidebook is to identify tools for interaction... What was attempted was to provide a way for intervening at different stages. And there are, as Thomas has said, there are different types of problems that may emerge... But what I'd like to highlight here is the notion of a continuous process that will move all along the evaluation the objections and all those components that have been put in the program as protections."


Discussion of conflicts of interest [full summary]

The European Commission explained how important this issue is to the European Commission, to the European Union and its member states and to many, if not all, of the GAC members. ICANN is an organization whose mission is to serve the global public interest and, in order to do so, "it must meet the highest corporate governance standards: those of accountability, transparency and independence. This goes to the heart of the multistakeholder model, because, of course, if the model is seen as not meeting those standards, then the legitimacy of the decisions that the model produces will be called into question."

The European Commission characterized as embarrassing the previous ICANN chairman's joining a company with a direct interest in the decision on new gTLDs that he had just overseen. "But that is, in our view, merely a symptom of a deeper problem, which is a structural problem of ICANN. If you look also at the recent audit report, we see that at least eight members of the board have declared conflicts of interest in the pursuit of their activities. And... there is no substantial conflict-of-interest and ethics policy in place. And, as this is a structural problem, we believe that structural solutions are in order."

The European Commission's preference would be for an ICANN board that is fully independent from stakeholders that have a direct interest in the decisions of the organization, a board that is professional and adequately remunerated. But, in the meantime, the European Commission expects the board to "take a very strong stance in favor of the highest standard of corporate governance."

The Board has begun to move in that direction, but it has taken "at least a couple of months before the board put this issue on its own agenda." The Board needs to adopt, "as soon as possible, a robust and substantive conflict-of-interest policy."

This policy should include: "a prior declaration of conflict of interest; an appropriate scope, i.e., not just in the case of transactions or in the case of decisions, but the whole phase from policy shaping to decisions; and, clear sanctions and penalties in case of breach. From our own experience, we know that if you can breach conflict-of-interest rules with impunity and there are no consequences, the whole policy isn't worth anything."

The European Commission also strongly recommended a cooling off period, precluding board members from immediately going to work for interested parties after their board service ends.

"We would very much urge the board to take its political responsibility and put in place such a policy as soon as possible. Not turn this into [a] process with working groups, and engaging consultants, and advice and further discussion, and et cetera. But, before the end of the year... make sure that such a policy is in place."

Bruce Tonkin, vice-chair of the ICANN board, agreed that conflict of interest was "a very serious issue", and promised to provide links to both ICANN's Conflicts of Interest Policy and Code of Conduct. "We also have fairly elaborate confidentiality provisions within our code of conduct and guidelines on how they should be used. So we do have something in place. But having said that, we also recognize that as the organization is taking on more responsibility, it needs to review those and improve those."

Tonkin said that they pre-declare conflicts of interest and, "if it's a serious issue, we leave the room and we don't vote on it." The strength of the multistakeholder body, he said, is in the multiple regions and areas of experience the 16 voting board members represent. This ensures that only one or two of the directors are likely to have a conflict of interest at any one time, and the absence of only one or two directors from a discussion has no real impact.

Bertrand de La Chapelle made a distinction between conflicts of interest for the period during which somebody is on the board and for the period after they have served. Regarding conflicts of interest
for current board members, "I think it's very, very important for all of you when this question is asked to take into account what Bruce mentioned regarding the fact that we're not starting from scratch. And it is probably our fault, generally, to not have been posting clearly enough the existing conflicts-of- interest policy, which... is conducted on a regular basis and is clearly done very thoroughly every time there is a discussion within the board that addresses a point that concerns a board member that has a conflict of interest... And the first step that is absolutely clear, and that can be done, and it is probably already done, is to make this policy that exists visible."

Bertrand de La Chappelle and the ccNSO appointee to the ICANN board, Mike Silber, both characterized the problem of the revolving door as a more complex one. Silber explained, "When somebody is working within the industry and they're on the board, at least it's known. And the motivation can be understood and, if necessary, the person excluded from a vote or the room. But there's this possibility of a hidden motive to create an opportunity to be exploited as soon as the person has left the board."

But Bertrand de La Chappelle is concerned that, "If we get to a revolving door policy that is too rigid, we get the irony of having somebody who can be in the industry when this person is on the board and who shouldn't be in it when it leaves the board, which is very strange." There are, however, "distinctions that can be made regarding the kind of functions that you can have afterwards." There is also, of course, the possibility of changing the ICANN model and requiring that board members become independent.

Portugal sought to disassociate itself "from the perception that having a board that is remunerated would solve these issues. I don't think it will. It is something that can be looked at. But it's a completely different matter. Ethics is not solved by professionalizing."

Cherine Chalaby contended that "it isn't just enough to have the best policies and the best standards. What is also important is that the culture and DNA of individual board members also improves. And it isn't enough to be also independent. I'm going to tell you why. Because there are three things that matters here: conflicts, [ethics] and confidentiality. You could be an independent board member; you will not have any conflicts.

"But you could breach [ethics], and you could breach confidentiality. So, the most important thing here is, once we have these policies on board... you have to, every year and all the time, refresh yourself, read them, make yourself more aware. And you'll be up to date with these policies as they develop and as they improve. And that's a very, very important thing that we must do as board members to make sure that these policies are being used and are being implemented."

Bruce Tonkin reported that ICANN is trying to ensure that the existing conflicts policy and code of conduct are well understood. "And so we had a board training session a few weeks ago, and we spent several hours, actually, going through the existing conflicts policy and the code of conduct and the confidentiality provisions. And we went through various scenarios of how they should apply to different situations that might emerge in the coming year. So that's part of actually building it into the culture."

Looking to improve on the policies already in place, the Board Governance Committee has asked the staff to commission external advice to review corporate and government best practices in conflicts and ethics, "so it's not just us coming up with our own rules." As far as the timing for putting new policies in place, "I wasn't sure. Were you suggesting that we don't put that out for comment before we would vote? Our normal practice is when we get advice, we update the policy and put it out for public comment... So I would expect we are talking of a time frame of a few months."

Rod Beckstrom weighed in with a list of the outside experts being consulted by ICANN. ICANN's corporate law firm is formally reviewing the conflicts-of-interest policies, code of conduct and employee handbooks "to enhance the focus on best practices for conflicts and ethics."

A new independent law firm is looking at the presentation of those documents and making recommendations based on similarly situated non-profit organizations. Their first recommendation has already been implemented: all key ICANN corporate governance documents are now posted at www.icann.org/documents. An international experts group will review documents and practices and make recommendations focused on ICANN's global function and the best practices of other international organizations.

Beckstrom welcomed recommendations of organizations to do this work and, "when we find and retain those experts, if any of you would like to have a conversation with that expert, we're happy to arrange it on an individual country-by-country basis, or for the GAC, or subsets of the GAC."

ICANN Board member Erika Mann spoke in regards to the Audit Committee, which she chairs. "We provide guidance in the financial and internal control of ICANN, and we fully understand the concern
with the new gTLD round, and the new work ICANN will have to do in the future, that there is concern with regard to such kind of oversight role....We will do a review of all the applicable international standards available. Of course, not all of them will work because we are not a purely commercial operation. So we will have to be very careful what we adopt and what we cannot adopt. We will do the review and we will consult, of course, with all of you."

Bertrand de La Chappelle emphasized that, in pursuing external expertise, "we have paid great attention to include a request to have information on practices that are done not only in not-for-profit or for-profit corporations, but also in public entities, including regulators and things like that. Because the whole landscape must be covered, and it's very important to take it into account."

The United Kingdom was encouraged by statements of commitment to address conflicts of interest and asked, again, for a timeline for the process. "I really need a timeline to send out to my Minister. If I could have that by the end of this week - I'm sorry to be so [demanding, but] it has exercised ministers. And that's our job as officials: to act on their concerns, and to engage, and to discuss, and then go back to the ministers and say, 'this is what we have agreed.'"

Rod Beckstrom invited everyone to a Thursday
afternoon session
on this topic. "We will be seeking to develop a roadmap on a timely basis. And that will depend in part on the discussions and the feedback we get, because, for example, I just offered to allow any country here to have a conversation with the expert. [Depending] on how many of those conversations we're going to have, and what your recommendation or request is, for example, that could affect that timeline. And there will be other inputs. But we will begin working on a road map, and I think we are all taking this very seriously. But we also want to make sure that we respect the consultative processes of the community."

Mike Silber believes "it's clear that this is an issue that worries many of us on the board. We've done an analysis. I think what we're hearing is we've identified gaps. We've identified that the current
policies are good, but they're missing certain areas. And those areas, unfortunately, can be squeezed through by a rugby team, not just by a thin piece of paper, which means that we're doing work to close those gaps. What I'm hearing you say is, 'Give us something real as an outcome this week.' In terms of giving you policies, as has been indicated, I don't think anybody around this table would like such a rushed process that nobody around this table gets an opportunity to engage in comment on drafts as they come out. But, instead, I think what you're looking for is an acknowledgment that there are gaps and that those gaps need to be addressed."

The European Commission declared that "patience is wearing thin. And we're really looking for a strong response from ICANN to show that it can self-correct at this point. That's why when we hear reviews, we hear we've engaged consultants and have had public consultations on it, it starts to itch a little bit." The European Commission is aware that there are policies in place at ICANN, but considers them to have been ineffective and without sanctions or penalties, without a cooling off period. "That's why the previous chairman did not break any rules, because there were not any rules in the first place."

"We're really looking to a commitment toward a result, not a commitment towards a process with an unclear timeline. We're going to enter into a very important and probably not - although we would not hope not - controversial period with the new gTLDs. It is absolutely critical that the Board is above board on this, that you can point to this absolutely, when we take our decisions, we are crystal clean: these decisions are not influenced by particular interests that are represented on the board. So, there's a sense of urgency that we would like to see and a strong signal from the board itself and from the chairman that what has happened in the past will not be repeated in the future. And that, I think, we can then take back to our ministers. And they will no doubt be satisfied to see that something is actually moving. But, at the moment, I don't get that impression. I mean, I'm not sure I can debrief my Commissioner in that sense."

GAC Chair Heather Dryden asserted that "the new gTLD program opening does provide a certain pressure, a certain timeline for these rules to be clear. And I think that that's what GAC members have been saying today."

Rod Beckstrom promised GAC members "something you can take back that's very concrete." He referenced his speech made in June at the opening meeting of Singapore. He said, "we're moving from one chapter in new gTLDs to another." The first chapter was the policy development process, during which the community and the ICANN board and staff worked together. The second chapter was the development of the applicant guidebook, which was marked by "intense interaction between potential applicants, the board and members of the staff and executive team... In approving the program, we're now moving to a different phase. And we have to close one chapter and develop a new set of practices and a higher level of handling conflicts of interest. Because the same applicants who were at the table negotiating, discussing, sharing their expertise - appropriately - with staff and the board could no longer interact, with, for example, our new gTLD processing team. Because that team needs to be extremely separate, independent. And we need to make sure there are clean lines."

Beckstrom provided examples of what he was doing in this current phase to handle conflicts of interest at a higher level. "I did not have people from the new gTLD processing team participate in the road show. Even though some community members and others wanted them to participate in the road show, I said, 'no, because they're processing applications.' The last thing I want is them interacting with potential applicants. So that line was drawn.

"Secondly, at the staff meeting here on Sunday, when we gathered our entire staff, we had a communication from our legal team about how we were going to interact with new gTLD applicants here in Senegal at ICANN 42. And we implemented new practices that we have not used in the past, such as don't accept any drinks, or a meal, or anything else from a new gTLD applicant. The next thing is we told our staff members you need to report on any discussions with potential applicants, if they brought up their application or their idea and they want to discuss that with you. You need to report that into the organization. In writing.

"Thirdly, we told our staff: do not meet alone with any new gTLD applicants that want to speak with you. If they're speaking with you and they want to talk at all about the program in any fashion, or their application, don't be there alone because you need to record that communication.

"Now, this is a different level of implementation of our policies than we've ever done before. And it's what we're delivering - I'm delivering to you as a CEO of this organization."

Bruce Tonkin walked through the new gTLD application process phase by phase, describing how conflicts of interest will be avoided. Information about new gTLD applications submitted between January the 12th and April the 12th will not be available to the Board until published publicly.

Security information will be held by only a few ICANN staffers. During the evaluation phase, there will be strict separation between any board members and external evaluators or staff involved in the process. Any board member involved with any application will not be in the room when that application is discussed and will not have a vote on that application. Tonkin also offered to "document our board processes to what information the board has and with respect to the involvement of any board director in either discussing an application, discussing an application with staff, or, ultimately, voting on the application."

Steve Crocker acknowledged" "That statement by itself is not enough for you to take back," and explained that the ICANN board's reaction was not simple, clean and quick because, "It's intended more toward how do we understand how to apply this and build the processes and fit it to the actual situation. So, you've heard from Rod about all of the rules that are being put in place with respect to the prosecution of applications and the behavior of the staff. You've heard from Bruce Tonkin about both the combination of the advice we're taking on and also the rules that we have in place for the role of the board during these processes and so forth... we can and we will document these. We have documented a lot of this. But I think would be helpful to package all of this up in a form that you can see a comprehensive collection and the assemblage of the details and how they fit into the whole of an organized program that has both the clear statement of principles and objectives with respect to conflict of interest and ethics and also the implementation and how seriously we've taken that and how we've marbled that into the body and operation of ICANN."

In the course of this discussion, the European Commission also brought up the fact that ICANN relies on a limited number of parties for its funding, which "in itself, in our opinion, raises a fairly important issue of independence. It is not enough in our view to have a robust conflict-of-interest policy in terms of the behavior - and not only of the board members, but also of the staff - but also the issue of funding and financing needs to be looked at."

Bertrand de La Chappelle sought to "correct a very common misunderstanding... registries and registrars are not the one or the only ones that finance ICANN. They do finance ICANN for a portion. But they are conveying and channeling the contributions that are paid by the registrants. And so, in that respect, the funding of ICANN in majority comes from a very, very distributed number of people. Millions of people are actually contributing to the funding. This doesn't reduce the question of what kind of weight the ones who channel in this regulation process. But I want to take this opportunity to correct this misunderstanding the registrants are the source of funding of ICANN."

Heather Dryden questioned whether this addressed the real issue regarding registries and registrars, pointing out that it does not take into account "all those registrants are sitting on the board maybe creating opportunities for themselves. That's really the difference. That's really the point with registries and registrars being in a privileged position to influence business opportunities and so on."


Discussion of law enforcement recommendations endorsed by the GAC [full summary]

Heather Dryden requested that the United States, as the committee's lead on the issue of cybercrime, begin the discussion and she emphasized that the view of the US was "the consensus view of this committee."

The United States of America provided a quick history of GAC involvement with the issue of cybercrime. The GAC endorsed global law enforcement agency
(LEA) proposals
[pdf], made in 2009 and designed to help prevent and disrupt efforts by criminal groups to exploit domain registration procedures.

"We conveyed that full GAC endorsement to you, brought that to your attention and asked you for your assistance in implementing them. GAC and law enforcement then engaged in a considerable amount of outreach and exchanges, bilateral exchanges with registrars. And in fact we felt in June, in Singapore, that we had had a very productive exchange that seemed to be moving in the right direction of a voluntary approach that could probably accommodate up to nine out of the 12 law enforcement recommendations. So you can imagine our disappointment that, not too long afterwards, we understand the registrars had tabled the motion and we learned on October 6, the Generic Names Supporting Organization (GNSO) Council approved it. That addresses only three of the original law enforcement recommendations and frankly addresses some of the ones that look suspiciously similar to the proposal the GAC included in our scorecard for new gTLDs that the board was able to simply accept... we are bringing this to your attention now as partners. We see this directly linked to the five Accountability and Transparency Review Team (ATRT)] recommendations that pertain to the role of the GAC within ICANN. And as you know, some of those refer to making sure the GAC is effectively able to interact in policy processes.

"So from our perspective, regrettably, this is an example of an inability for the GAC to engage effectively. And we need your support as a partner to advance the concerns that we have been expressing now for well over a year - almost two years - and we are looking for immediate visible and credible action to mitigate criminal activity using the Domain Name System."

The US asked two questions of the ICANN Board. "In taking the step that registrars have proposed, we have been informed that... the only way to make policies binding is through a PDP. So we ask for your guidance, is that really the case?" Secondly, at the June meeting in Singapore, "those registrars in attendance confirmed to us that they represent about 80 percent of the market and they also represented, quote, 'the good guys,' so leaving us with the understanding that about 20 percent of accredited registrars seem to fall in the category of bad guys. So we note that our law enforcement recommendations actually don't address the bad guys, but we decided it's important for us to ask you: how can you decredit that 20 percent immediately?"

"At the end of the day, what we really need is to meet the very high expectations in each of our capitals that this model is an effective partner for governments in addressing criminal activity. So we look to the model to self-regulate, to self-improve, to reach out."

Steve Crocker, again, recognized the urgency and importance of the issue at hand and said, "One of the things that is our responsibility at the board level is not only to oversee the process, not only to make sure rules are followed and that everything is fair, but at the end of the day, that it's effective. If all we have is process, process, process, and it gets gamed or it's ineffective just because it's not structured right, then we have failed totally in our duty and our mission... It's a balancing act, of course, because, you know, we're not going to intercede at every given moment and micro manage. That would be the failure of the other kind."

But, "In the sequence of meetings today, we met with the GNSO and segments of the GNSO - including, particularly, the registrars - and they... reported about their meeting with you, with the GAC. And they were of a somewhat different frame and seemed quite willing and eager, actually, to make the changes along the line. So we asked what the problem had been over all these years and they said, 'Nobody had ever explained it to us like that before.'"

"We do know that of the... 900-plus registrars that we have, the number that are customer-facing are a relatively small number, and of those there are a relatively small number that have a dominant part of the market. It ought to be possible in a situation like that to have leadership from within that community. And I'm hopeful that we can push that or encourage that very quickly and forcefully."

As far as immediately decrediting 20 percent of the registrars, Crocker turned to Kurt Pritz for a response.

Kurt Pritz responded to the US' first question regarding how these recommendations could be made binding on all registrars in a timely manner. "ICANN published a paper about a week ago to the GNSO that recommended in part that ICANN and registrars should start bilateral contract negotiations immediately in order to move the discussion forward. And I think this is in line with Steve's comment about moving the discussion from process into substance and, you know, succeeding at getting things done rather than talking about process... The paper also states that, you know, the GNSO can take up policy matters at any time to make policy binding on registrars."

Pritz identified a vote of the GNSO Council as "the fastest way to make those recommendations binding on all registrars. If we negotiate a set of agreements with registrars outside of that process, they'd have to be individually adopted by each registrar. And it's only binding on those registrars when their agreement expires." The agreements are five years long, and the majority of them will not expire for another three or four years.

More importantly, according to Pritz, "ICANN and the registrars have agreed that we should start negotiations right away on a more complete set of amendments that consider the LEA recommendations and the GNSO high- priority recommendations. And so the registry constituency met this morning and approved the initiation of those negotiations. So they are going to appoint a team to negotiate with ICANN and, similarly, ICANN is going to have a team negotiating. We also committed to reporting out with each meeting the results of that meeting in a transparent way so that the community could monitor developments of those negotiations."

As to the timeline, "the registrars and ICANN agreed that we'd work toward publishing a set of amendments by the Costa Rica meeting [March 2012]. I personally think that's very ambitious, but the registrars endorsed that and that's what we're working to."

The United States of America was unimpressed. "So, again, I think we have been lectured at great length as to the only way to make things stick is down this way. So again, that's a process. Now, it may be a fact, but it's a process." Initially, amendments were going to be made to the RAA, but it was going to take too long, so a voluntary agreement was sought. "Now we are told nothing can happen even on a voluntary basis. Frankly, we find that absolutely stunning that a registrar cannot agree to put their name on their Web site without a PDP."

Kenya mentioned that, in the meeting with the GNSO, they said the policy development processes take between one and two years. But Bruce Tonkin said, "The PDP process I think can get done in about 90 days. I have to check that, but it can be quite a bit faster. And it really depends on the community, right? And... registrars can voluntarily sign up to changes in the Registrar Accreditation Agreement and have, in fact, done so back in 2009."

Australia expressed despair that "all that I have heard is process, process, process. And I am back to where I was the other day talking to the registrars that I don't see a clear and credible path to action, to be perfectly honest. All the processes that I've just heard require agreement and negotiation with registrars. I may be wrong here, but the registrars have known about this for some time, and we've seen no action. And, in a self-regulatory model, if the people we're trying to regulate can continually stifle or veto any progress, then I think we have a structural problem with the model."

The United Kingdom recommended that, since the Draft 2012-2015 ICANN Strategic Plan, covers abuse, "Let's get some action to underpin the strategic plan so that we can, again, go back to our ministers with a very positive development to report."

According to Mike Silber, approximately 80 percent of registrars are currently following the recommendations set out in the guidelines. What we're talking about here is the solution for the remaining 20 percent. But a representative from the Serious Organised Crime Agency in the U.K. disagreed and underscored the necessity for urgent action. When it comes to the 80 percent "we are still trying to get them to follow even the most basic of recommendations in terms of reporting an abuse point. I must follow that with many of them are; however, there are a number that aren't... There is unanimity across all governments now that we really must address the growing issue of cybercrime across the Internet, which is ever increasing. And with all the issues that are being discussed within the ICANN board with new gTLDs and IDNs, it's going to become even more complicated for law enforcement."

Summary: 

Resources

  • SO-AC New gTLD Applicant Support Working Group (JAS-
    WG)
  • European Commission letter to ICANN regarding the removal of vertical separation between registries and registrars for new and existing gTLDs
  • ICANN Board-GAC consultation on root zone scaling in Brussels
  • ICANN Board response to the GAC on root zone scaling
  • ICANN's New gTLD Communication Plan [pdf]
  • ICANN's new gTLD website
  • ICANN governance documents, including its Conflicts of Interest Policy and Code of Conduct
  • ICANN 42 session, Conflicts and Ethics, 27 October 2011
  • Law enforcement proposals for Improvements to the RAA
  • Discussion Paper on Next Steps to Produce a New Form of Registrar Accreditation Agreement (including reference documents), 13 October 2011
  • Audio and transcript for the ICANN board-GAC open meeting, 25 October 2011
  • GAC Communique: Dakar, 27 October 2011

  • List of speakers

    • Heather Dryden, Chair of the GAC
    • Steve Crocker, Chair of the ICANN Board
    • Chris Disspain, Member of the ICANN Board and of ICANN's Accountability and Transparency Review Team (ATRT)
    • United States (Suzanne Radell)
    • Portugal
    • Kenya (Alice Munyua), Vice Chair of GAC
    • Nigeria
    • Bertrand de La Chapelle, Member of the ICANN Board
    • Katim Seringe Touray, Member of the ICANN Board
    • European Commission
    • Netherlands (Thomas de Haan)
    • Rod Beckstrom, CEO and President of ICANN
    • Sweden (Maria H‰ll), Vice Chair of GAC
    • Suzanne Woolf, Root Server System Advisory Committee Liaison, Member of the ICANN
      Security and Stability Advisory Committee and the ARIN Advisory Council
    • Germany (Hubert Schoettner )
    • Switzerland (Francois Maurer)
      United Kingdom]
    • Uganda
    • Sebastien Bachollet, ICANN Board Public Participation Committee Member
    • Bruce Tonkin, Vice-Chair of the ICANN Board
    • Erika Mann, Member of the ICANN Board
    • Australia
    • Mike Silber, ccNSO Appointee to the ICANN Board
    • Kurt Pritz, Senior Vice President of Stakeholder Relations at ICANN
    • Singapore
    • Canada
    • Gary Kippy], Serious Organised Crime Agency, UK

    NOTE: Transcript and meeting summaries are typically only made available to .Nxt members. On similar pages if you are not a member (or are not logged in), this "Summary" box will not be visible. If you are interested in becoming a .Nxt member, please email us at member@dot-nxt.com.


    Context:

    At every ICANN meeting, the Board meets with the Governmental Advisory Committee (GAC). This is usually one of the most anticipated meetings at an ICANN meeting due to its high-level nature.

    Agenda:

    I. Applicant support for new gTLDs and the GAC and At-Large Advisory Committee Joint Applicant
    Support Cross-Community Working Group (JAS-WG) report
    II. Registry/registrar cross-ownership and relations to competition authorities
    III. Root zone scaling and GAC's role in the early warning process
    IV. ICANN's New Generic Top-Level Domain (gTLD) Communication Plan
    V. Conflict-of-interest matters
    VI. Law enforcement recommendations endorsed by the GAC

    Results:

    • GAC asks for clear timelines for implementation of Joint Applicant Support Cross-Community Working Group (JAS-WG) -- recommendations for ensuring needy applicants get full access to first application round for new gTLDs
    • GAC waiting for full report from ICANN on combined impact of new gTLDs and other changes to root prior to opening of first application round
    • GAC wants clarification on "batching" if more than 500 new gTLD applications
    • GAC expects ICANN to promote new gTLD application round globally, including in developing countries, and assess and review awareness
    • GAC welcomes Board assurances that conflicts of interest will be identified and avoided
    • GAC requests publication of timeline with actions to deal with ethics and conflicts of interest policies
    • GAC urges Board to effectively address recommendations made by law enforcement agencies (and endorsed by GAC) with respect to Registrar Accreditation Agreement (RAA)

    Executive summary

    The first two agenda items were handled with dispatch. The meeting began with a discussion of applicant support for new gTLDs and the JAS report.

    Representatives of the ICANN board reported that they were impressed by the JAS report and taking it very seriously.

    The report makes recommendations for developing a sustainable approach to providing support to entities requiring assistance in applying for and operating new gTLDs.

    Portugal, Kenya and Nigeria spoke out on behalf of developing countries, asking that these recommendations be considered as soon as possible and that outreach be done, particularly in the African region where, according to Kenya, outreach has been lacking both on the new gTLD process and on ICANN processes in general.

    ICANN Board Member Katim Touray called for a community-wide commitment to the implementation of as many of the JAS report recommendations as practically feasible.

    Regarding registry/registrar cross-ownership and relations to competition authorities, the European Commission said a few words of thanks to the ICANN board for their answer to a submission the European Commission had made prior to the Singapore ICANN meeting. The submission set out a number of concerns about vertical integration policy issues and the European Commission planned to analyze the reply and follow up with ICANN.

    The first headlines from this meeting were made in the discussion of root zone scaling and the GAC's role in the early warning process. The Netherlands launched the discussion by asking what impact a potentially large volume of gTLD applications would have on the root scaling agreement made in Brussels.

    ICANN Chair Steve Crocker clarified that there would be no stress on name servers created by the addition of new names. "There seems to be some persistent confusion and misunderstanding, in my judgment, about that. The name servers, the few hundred Anycast instances around the world regularly process on the order of 10,000 queries a day -- per second... The [insertion] of a new one or two or a hundred or a thousand names into the root server system almost certainly will generate no measurable change that you can see."

    ICANN Board Member Bertrand de La Chapelle explained further that "the stress on the root servers that are distributed are more related to the number of users than the number of TLDs."

    In response to a number of questions about how the batching of applications might work, CEO Rod Beckstrom stated that there is no limit to the number of applications that will be submitted from January 12th to April 12th and, if the number of applications received is more than 500, the current plan is to process those applications in batches of around 500. But they will all be posted at the same time.

    ICANN's senior vice president of stakeholder relations, Kurt Pritz, declared: "Given that we're publishing all the applications at the same time, we would expect the early warning to be issued at that time... I think the best duty to the applicant is to provide early warning advice to the applicant within 60 days so they can withdraw their application, if need be, and not -- you know, they'll be spending money on their ongoing operations."

    The European Commission clarified that the expectation was that the GAC would analyze all the applications - no matter how many there are - and issue early warnings within 60 days. "And, yet, you're going to process those applications in batches of 500. So, I'm sorry to say, but this seems to put a little bit too [much] strain on the GAC while you, yourself, recognize that you are not going to be able to process 12,000 applicants, just to use the number I did. So why should we not tell you, well, we're going to process 500 applications maximum now and you tell us what those 500 applications are?" Rod Beckstrom promised to look at the issue and get back to the GAC on it.

    Bertrand de La Chapelle urged the GAC to produce early warnings on an ongoing, state-by-state basis, rather than providing a single early warning, which would require agreement on every potential problem
    beforehand. He suggested, instead, that the GAC adopt "a two-pass system to try to narrow down, very early on, what are the strings that you believe are causing a problem in themselves and identifying among them... those where there is a real obvious consensus on the GAC that there is a problem that needs to be addressed, and those where there is a problem for some countries and [not] others." The European Commission promised to take this recommendation into account.

    But Germany believes that it might be difficult to make a distinction between the evaluation of the string and the applicant. "A string evaluation is rather easy to [make]...but [for] an evaluation of the
    applicant... you need to know, what is the model he's following? What are the registration policies? What are the restrictions? I think this, frankly speaking, is not possible within a time frame of 60 days."

    Moving on to the next agenda item, ICANN's New gTLD Communication Plan, Rod Beckstrom provided a high-level summary of the communications outreach program for new gTLDs.

    Uganda emphasized the importance of outreach in the African region and the United Kingdom defined broadcasting this opportunity in markets and stakeholder communities across the globe as critical to the success of the new gTLDs program - and to the credibility of ICANN.

    The UK wanted to make sure that ICANN is monitoring levels of awareness and identifying large business communities, markets and communities that have not yet been reached, so that the outreach program can be adjusted to target communities that are still in the dark. Beckstrom assured the UK that ICANN is collecting a rich set of data, which will be published.

    Adjustments have been made, he assured the UK, but "are limited based on the time that's allowed and permitted".

    Fireworks started up again as the European Commission began the discussion of conflicts of interest. The European Commission's preference would be for an ICANN board that is fully independent from stakeholders that have a direct interest in the decisions of the organization.

    But, in the meantime, the European Commission expects the board to adopt "a robust and substantive conflict-of-interest policy" that includes clear sanctions and penalties in case of breach. "We would very much urge the Board to take its political responsibility and put in place such a policy as soon as possible. Not turn this into [a] process with working groups, and engaging consultants, and advice and further discussion, and et cetera. But, before the end of the year... make sure that such a policy is in place."

    Bertrand de La Chapelle made a distinction between conflicts of interest for the period during which somebody is on the board and for the period after they have served. Regarding conflicts of interest for current board members, "I think it's very, very important for all of you when this question is asked to take into account... the fact that we're not starting from scratch. And it is probably our fault, generally, to not have been posting clearly enough the existing conflicts-of-interest policy... And the first step that is absolutely clear, and that can be done, and it is probably already done, is to make this policy that exists visible."

    Bertrand de La Chappelle and the Country Code Names Supporting Organisation (ccNSO) appointee to the ICANN board, Mike Silber, both regard the problem of the revolving door as a more complex one. Silber spelled out why: "When somebody is working within the industry and they're on the board, at least it's known. And the motivation can be understood and, if necessary, the person excluded from a vote or the room. But there's this possibility of a hidden motive to create an opportunity to be exploited as soon as the person has left the board."

    But Bertrand de La Chappelle is concerned that, "If we get to a revolving door policy that is too rigid, we get the irony of having somebody who can be in the industry when this person is on the board and who shouldn't be in it when it leaves the board, which is very strange." There are, however, "distinctions that can be made regarding the kind of functions that you can have afterwards."

    There is also, of course, the possibility of changing the ICANN model and requiring that board members become independent.

    Cherine Chalaby contended that: "it isn't just enough to have the best policies and the best standards. What is also important is that the culture and DNA of individual board members also improves. And it isn't enough to be also independent... you could be an independent board member; you will not have any conflicts. But you could breach [ethics], and you could breach confidentiality."

    Vice-Chair of the ICANN Board Bruce Tonkin reported that ICANN is trying to ensure that the existing conflicts policy and code of conduct are well understood.

    Looking to improve on the policies already in place, the Board Governance Committee has asked the staff to commission external advice to review corporate and government best practices in conflicts and ethics so, in Bruce Tonkin's words, "it's not just us coming up with our own rules."

    As far as the timing for putting new policies in place, "I wasn't sure. Were you suggesting that we don't put that out for comment before we would vote? Our normal practice is when we get advice, we update the policy and put it out for public comment... So I would expect we are talking of a time frame of a few months."

    The European Commission declared that "patience is wearing thin. And we're really looking for a strong response from ICANN to show that it can self-correct at this point. That's why when we hear reviews, we hear we've engaged consultants and have had public consultations on it, it starts to itch a little bit." The European Commission is aware that there are policies in place at ICANN, but considers them to have been ineffective and without sanctions or penalties, without a cooling off period. "That's why the previous chairman did not break any rules, because there were not any rules in the first place."

    "We're really looking to a commitment toward a result, not a commitment towards a process with an unclear timeline. We're going to enter into a very important and probably not - although we would not hope not - controversial period with the new gTLDs. It is absolutely critical that the board is above board on this... So, there's a sense of urgency that we would like to see and a strong signal from the board itself and from the chairman that what has happened in the past will not be repeated in the future."

    In the course of this discussion, the European Commission also brought up the fact that ICANN relies on a limited number of parties for its funding, which "in itself, in our opinion, raises a fairly important issue of independence."

    Bertrand de La Chappelle sought to "correct a very common misunderstanding... registries and registrars are not the one or the only ones that finance ICANN... they are conveying and channeling the contributions that are paid by the registrants."

    But GAC Chair Heather Dryden questioned whether this addressed the real issue regarding registries and registrars, pointing out that it does not take into account "all those registrants are sitting on the board maybe creating opportunities for themselves. That's really the difference. That's really the point with registries and registrars being in a privileged position to influence business opportunities and so on."

    The final showdown of the meeting was regarding law enforcement recommendations endorsed by the GAC to fight cybercrime. The United States of America expressed frustration with ICANN's failure to act on the GAC's endorsement and efforts on behalf of global law enforcement agency (LEA) proposals designed to help prevent and disrupt efforts by criminal groups to exploit domain registration procedures.

    The US asked the ICANN board, first, if the only way to make LEA-recommended policies binding is through a Policy Development Process (PDP). Secondly, the US asked if registrars attending the June meeting in Singapore were correct in saying that they are the "good guys" representing about 80 percent of the market, what could be done to decredit the "bad guys", the remaining 20 percent?

    Kurt Pritz responded to the US' first question. "ICANN published a paper about a week ago to the GNSO that recommended in part that ICANN and registrars should start bilateral contract negotiations immediately in order to move the discussion forward... The paper also states that, you know, the GNSO can take up policy matters at any time to make policy binding on registrars."

    Pritz identified a vote of the GNSO Council as "the fastest way to make those recommendations binding on all registrars. If we negotiate a set of agreements with registrars outside of that process, they'd have to be individually adopted by each registrar. And it's only binding on those registrars when their agreement expires."

    The agreements are five years long, and the majority of them will not expire for another three or four years. More importantly, according to Pritz, "ICANN and the registrars have agreed that we should start negotiations right away on a more complete set of amendments that consider the LEA recommendations and the GNSO high-priority recommendations. And so the registry constituency met this morning and approved the initiation of those negotiations. So they are going to appoint a team to negotiate with ICANN, and similarly ICANN is going to have a team negotiating. We also committed to reporting out with each meeting the results of that meeting in a transparent way so that the community could monitor developments of those
    negotiations."

    As to the timeline, "the registrars and ICANN agreed that we'd work toward publishing a set of amendments by the Costa Rica meeting [March 2012]. I personally think that's very ambitious, but the registrars endorsed that and that's what we're working to."

    The United States of America was unimpressed. "So, again, I think we have been lectured at great length as to the only way to make things stick is down this way. So again, that's a process. Now, it may be a fact, but it's a process."

    Australia, too, expressed despair that "all that I have heard is process, process, process. And I am back to where I was the other day talking to the registrars that I don't see a clear and credible path to action, to be perfectly honest. All the processes that I've just heard require agreement and negotiation with registrars. I may be wrong here, but the registrars have known about this for some time, and we've seen no action. And, in a self-regulatory model, if the people we're trying to regulate can continually stifle or veto any progress, then I think we have a structural problem with the model."

    Steve Crocker closed the meeting on a lighter note. He mentioned in his opening remarks that he had appeared before the GAC many times before as chair of the Security and Stability Advisory Committee (SSAC) and as a member of the ICANN board. On this, his first appearance as chair of the ICANN board, he didn't know "whether to feel completely comfortable or scared to death." The meeting ended with laughter as he observed, "Now I know."

    Full Summary

    Discussion of root zone scaling and the early warning process [full summary]

    The Netherlands launched the discussion by asking what impact a potentially large volume of gTLD applications would have on the root scaling agreement [pdf] made in Brussels.

    ICANN Chair Steve Crocker sought to clarify that there would be no stress on name servers created by the addition of new names. "There seems to be some persistent confusion and misunderstanding, in my judgment, about that. The name servers, the few hundred Anycast instances around the world regularly process on the order of 10,000 queries a day -- per second... The [insertion] of a new one or two or a hundred or a thousand names into the root server system almost certainly will generate no measurable change that you can see."

    ICANN CEO Rod Beckstrom reminded everyone that, in accordance with an ICANN board resolution, "the maximum number of TLDs that could be delegated into the root under the new gTLD program on an annual basis is 1,000. And the number may not exceed that unless there is a formal review, or a new decision by the board."

    ICANN Board member Bertrand de La Chapelle explained further that "the stress on the root servers that are distributed are more related to the number of users than the number of TLDs... It will increase a little bit, because it will take time for the mirrors and all the cache and all the replications to get all the addresses... The other stress, which is important, is the number of updates to the database that come from changing the servers, from changing the address of who manages the registry and so on. But this is a completely different type of load."

    Steve Crocker assured GAC members that there will be no impact discernable either to users or the internal distribution processes within each of the root server operators, and this will be documented in a report. The European Commission asked that this report be published as soon as possible. GAC representatives need policy summaries for use in communicating with their countries, and the European Commission would want access to the full report - with all the technical data and methodology - in order to share it with their own experts and help ICANN "to be confident all together on the resilience of the system".

    Several GAC members asked how the new gTLD applications would be processed, particularly if there were a great number of them. The European Commission asked whether the GAC would be presented with only 500 applications at a time. Rod Beckstrom responded that there is no limit to the number of applications that will be submitted from January 12th to April 12th. If the number of applications received is more than 500, the current plan is to process those applications in batches of around 500. But they will all be posted at the same time.

    Switzerland asked how applications would be batched, which ones would be put in the first and which in the last. "Would that be according to the date that they actually hand in their applications, or those from A to G -- what is your reflection in how to divide these into batches?" Rod Beckstrom explained that there were legal and technical operational issues to be worked through and so there is not yet a specific batching algorithm. But when there is one, it will be shared.

    As to the timing of the GAC's role in providing early warnings, Kurt Pritz, ICANN's senior vice president of stakeholder relations, declared: "Given that we're publishing all the applications at the same time, we would expect the early warning to be issued at that time. And so, working with these -- through these operational issues with the GAC, if the GAC doesn't think it can get through all the applications in the 60 days allotted, that we should discuss how the GAC input could match the batching input going forward. But... I think the best duty to the applicant is to provide early warning advice to the applicant within 60 days so they can withdraw their application, if need be, and not, you know, they'll be spending money on their ongoing operations."

    The European Commission clarified that the expectation was that the GAC would analyze all the applications - no matter how many there are - and issue early warning within 60 days. "And, yet, you're going to process those applications in batches of 500. So, I'm sorry to say, but this seems to put a little bit too [much] strain on the GAC while you, yourself, recognize that you are not going to be able to process 12,000 applicants, just to use the number I did. So why should we not tell you, well, we're going to process 500 applications maximum now and you tell us what those 500 applications are?" Rod Beckstrom promised to look at the issue and get back to the GAC on it.

    Kurt Pritz offered to make the data as accessible as possible. "We will publish the applications, which are, essentially, the information in questions 1-13... So, there will be the string, and then the
    applicant, and the purpose of the application and the answer to many of the questions, so that the GAC can use that to make its determinations... perhaps you could get back to us with a way that we could sort that data so it would be more helpful to you so you can kind of run your finger down it easily."

    Bertrand de La Chapelle agreed that the bandwidth required for an early warning process with 1,200 applications will be much greater than the bandwidth required by only 500. He urged the GAC to produce early warnings on an ongoing, state-by-state basis, rather than providing a single early warning, which would require agreement on every potential problem beforehand.

    He suggested, instead, that the GAC adopt "a two-pass system to try to narrow down, very early on, what are the strings that you believe are causing a problem in themselves and identifying among them" those where there is a real obvious consensus on the GAC that there is a problem that needs to be addressed, and those where there is a problem for some countries and [not] others." The European Commission promised to take this recommendation into account.

    Germany, however, believes that it might be difficult to make a distinction between the evaluation of the string and the applicant. "A string evaluation is rather easy to [make]...but [for] an evaluation of the applicant... you need to know, what is the model he's following? What are the registration policies? What are the restrictions? I think this, frankly speaking, is not possible within a time frame of 60 days."

    Switzerland agreed in principle with Bertrand de La Chappelle's suggestion, but wondered, what if there is a string that does not look problematic, the applicant, business models and registrar conditions do not look problematic, and then it turns out that "something is not applicable to our law in our country? And then you issue an early warning saying that, basically, everything would be fine, but we have a problem there. We cannot accept this. What is the use of this, if I get this right, that, if the applicant cannot modify this application, he can only withdraw it?"

    Kurt Pritz explained that ICANN is "loathe to allow applicants to fully change their application, because that would allow applicants to abuse the system. Get an application in as a test. And, if that test sort of fails, they can sort of get around the system by amending it. But there are ways an applicant can address government concerns. For example, in the case of a geographic name, it can secure the approval of the government. Or there may be conditions a government would have before it would otherwise approve delegation of a name. So it can put the applicant on notice that the GAC will probably give GAC advice or encourage an objection in some way. So there are ways for governments to use the early warning effectively. And then, of course, the other use for GAC advice is to put the applicant on notice that there is going to be GAC advice or an objection to it and give him or her the opportunity to withdraw early for a higher refund. So we're trying to encourage the applicants to heed the GAC early warning in that way."

    The Netherlands asked if it would be possible to enact a stricter policy if it were required to alleviate concerns of specific governments or the GAC as a whole. "I think just one very essential question about remediating an application. I understand that you don't want to have applicants gaming the system and changing their application.

    "But, in certain cases, which are not only geographic but also others like dot sector and example of whatever sector, imagine, just to be very concrete example, imagine that, after talks with GAC members, after an early warning, that the registry would then maybe make a stricter policy and say, for example, that on the second level there's organization.sector. And he would say, okay, I want this to have stricter, for example, registered name for the organization on the second level. But with the minimum of 10 countries existent or regions."

    Kurt Pritz would not respond to this specific example "because we want to maintain the goals of making it not gameable. But we also understand that you know, a registry might want to further restrict its application, make it more narrow in order to bring it into the goals of what the government has. So there's some limited opportunity to adjust how they're going to operate the registry without amending their application."

    Bertrand de La Chapelle talked a little bit about the thinking behind the early warning system. "What we're trying to put in place is a communication channel. And the whole discussion we had during the elaboration of the applicant guidebook is to identify tools for interaction... What was attempted was to provide a way for intervening at different stages. And there are, as Thomas has said, there are different types of problems that may emerge... But what I'd like to highlight here is the notion of a continuous process that will move all along the evaluation the objections and all those components that have been put in the program as protections."


    Discussion of conflicts of interest [full summary]

    The European Commission explained how important this issue is to the European Commission, to the European Union and its member states and to many, if not all, of the GAC members. ICANN is an organization whose mission is to serve the global public interest and, in order to do so, "it must meet the highest corporate governance standards: those of accountability, transparency and independence. This goes to the heart of the multistakeholder model, because, of course, if the model is seen as not meeting those standards, then the legitimacy of the decisions that the model produces will be called into question."

    The European Commission characterized as embarrassing the previous ICANN chairman's joining a company with a direct interest in the decision on new gTLDs that he had just overseen. "But that is, in our view, merely a symptom of a deeper problem, which is a structural problem of ICANN. If you look also at the recent audit report, we see that at least eight members of the board have declared conflicts of interest in the pursuit of their activities. And... there is no substantial conflict-of-interest and ethics policy in place. And, as this is a structural problem, we believe that structural solutions are in order."

    The European Commission's preference would be for an ICANN board that is fully independent from stakeholders that have a direct interest in the decisions of the organization, a board that is professional and adequately remunerated. But, in the meantime, the European Commission expects the board to "take a very strong stance in favor of the highest standard of corporate governance."

    The Board has begun to move in that direction, but it has taken "at least a couple of months before the board put this issue on its own agenda." The Board needs to adopt, "as soon as possible, a robust and substantive conflict-of-interest policy."

    This policy should include: "a prior declaration of conflict of interest; an appropriate scope, i.e., not just in the case of transactions or in the case of decisions, but the whole phase from policy shaping to decisions; and, clear sanctions and penalties in case of breach. From our own experience, we know that if you can breach conflict-of-interest rules with impunity and there are no consequences, the whole policy isn't worth anything."

    The European Commission also strongly recommended a cooling off period, precluding board members from immediately going to work for interested parties after their board service ends.

    "We would very much urge the board to take its political responsibility and put in place such a policy as soon as possible. Not turn this into [a] process with working groups, and engaging consultants, and advice and further discussion, and et cetera. But, before the end of the year... make sure that such a policy is in place."

    Bruce Tonkin, vice-chair of the ICANN board, agreed that conflict of interest was "a very serious issue", and promised to provide links to both ICANN's Conflicts of Interest Policy and Code of Conduct. "We also have fairly elaborate confidentiality provisions within our code of conduct and guidelines on how they should be used. So we do have something in place. But having said that, we also recognize that as the organization is taking on more responsibility, it needs to review those and improve those."

    Tonkin said that they pre-declare conflicts of interest and, "if it's a serious issue, we leave the room and we don't vote on it." The strength of the multistakeholder body, he said, is in the multiple regions and areas of experience the 16 voting board members represent. This ensures that only one or two of the directors are likely to have a conflict of interest at any one time, and the absence of only one or two directors from a discussion has no real impact.

    Bertrand de La Chapelle made a distinction between conflicts of interest for the period during which somebody is on the board and for the period after they have served. Regarding conflicts of interest
    for current board members, "I think it's very, very important for all of you when this question is asked to take into account what Bruce mentioned regarding the fact that we're not starting from scratch. And it is probably our fault, generally, to not have been posting clearly enough the existing conflicts-of- interest policy, which... is conducted on a regular basis and is clearly done very thoroughly every time there is a discussion within the board that addresses a point that concerns a board member that has a conflict of interest... And the first step that is absolutely clear, and that can be done, and it is probably already done, is to make this policy that exists visible."

    Bertrand de La Chappelle and the ccNSO appointee to the ICANN board, Mike Silber, both characterized the problem of the revolving door as a more complex one. Silber explained, "When somebody is working within the industry and they're on the board, at least it's known. And the motivation can be understood and, if necessary, the person excluded from a vote or the room. But there's this possibility of a hidden motive to create an opportunity to be exploited as soon as the person has left the board."

    But Bertrand de La Chappelle is concerned that, "If we get to a revolving door policy that is too rigid, we get the irony of having somebody who can be in the industry when this person is on the board and who shouldn't be in it when it leaves the board, which is very strange." There are, however, "distinctions that can be made regarding the kind of functions that you can have afterwards." There is also, of course, the possibility of changing the ICANN model and requiring that board members become independent.

    Portugal sought to disassociate itself "from the perception that having a board that is remunerated would solve these issues. I don't think it will. It is something that can be looked at. But it's a completely different matter. Ethics is not solved by professionalizing."

    Cherine Chalaby contended that "it isn't just enough to have the best policies and the best standards. What is also important is that the culture and DNA of individual board members also improves. And it isn't enough to be also independent. I'm going to tell you why. Because there are three things that matters here: conflicts, [ethics] and confidentiality. You could be an independent board member; you will not have any conflicts.

    "But you could breach [ethics], and you could breach confidentiality. So, the most important thing here is, once we have these policies on board... you have to, every year and all the time, refresh yourself, read them, make yourself more aware. And you'll be up to date with these policies as they develop and as they improve. And that's a very, very important thing that we must do as board members to make sure that these policies are being used and are being implemented."

    Bruce Tonkin reported that ICANN is trying to ensure that the existing conflicts policy and code of conduct are well understood. "And so we had a board training session a few weeks ago, and we spent several hours, actually, going through the existing conflicts policy and the code of conduct and the confidentiality provisions. And we went through various scenarios of how they should apply to different situations that might emerge in the coming year. So that's part of actually building it into the culture."

    Looking to improve on the policies already in place, the Board Governance Committee has asked the staff to commission external advice to review corporate and government best practices in conflicts and ethics, "so it's not just us coming up with our own rules." As far as the timing for putting new policies in place, "I wasn't sure. Were you suggesting that we don't put that out for comment before we would vote? Our normal practice is when we get advice, we update the policy and put it out for public comment... So I would expect we are talking of a time frame of a few months."

    Rod Beckstrom weighed in with a list of the outside experts being consulted by ICANN. ICANN's corporate law firm is formally reviewing the conflicts-of-interest policies, code of conduct and employee handbooks "to enhance the focus on best practices for conflicts and ethics."

    A new independent law firm is looking at the presentation of those documents and making recommendations based on similarly situated non-profit organizations. Their first recommendation has already been implemented: all key ICANN corporate governance documents are now posted at www.icann.org/documents. An international experts group will review documents and practices and make recommendations focused on ICANN's global function and the best practices of other international organizations.

    Beckstrom welcomed recommendations of organizations to do this work and, "when we find and retain those experts, if any of you would like to have a conversation with that expert, we're happy to arrange it on an individual country-by-country basis, or for the GAC, or subsets of the GAC."

    ICANN Board member Erika Mann spoke in regards to the Audit Committee, which she chairs. "We provide guidance in the financial and internal control of ICANN, and we fully understand the concern
    with the new gTLD round, and the new work ICANN will have to do in the future, that there is concern with regard to such kind of oversight role....We will do a review of all the applicable international standards available. Of course, not all of them will work because we are not a purely commercial operation. So we will have to be very careful what we adopt and what we cannot adopt. We will do the review and we will consult, of course, with all of you."

    Bertrand de La Chappelle emphasized that, in pursuing external expertise, "we have paid great attention to include a request to have information on practices that are done not only in not-for-profit or for-profit corporations, but also in public entities, including regulators and things like that. Because the whole landscape must be covered, and it's very important to take it into account."

    The United Kingdom was encouraged by statements of commitment to address conflicts of interest and asked, again, for a timeline for the process. "I really need a timeline to send out to my Minister. If I could have that by the end of this week - I'm sorry to be so [demanding, but] it has exercised ministers. And that's our job as officials: to act on their concerns, and to engage, and to discuss, and then go back to the ministers and say, 'this is what we have agreed.'"

    Rod Beckstrom invited everyone to a Thursday
    afternoon session
    on this topic. "We will be seeking to develop a roadmap on a timely basis. And that will depend in part on the discussions and the feedback we get, because, for example, I just offered to allow any country here to have a conversation with the expert. [Depending] on how many of those conversations we're going to have, and what your recommendation or request is, for example, that could affect that timeline. And there will be other inputs. But we will begin working on a road map, and I think we are all taking this very seriously. But we also want to make sure that we respect the consultative processes of the community."

    Mike Silber believes "it's clear that this is an issue that worries many of us on the board. We've done an analysis. I think what we're hearing is we've identified gaps. We've identified that the current
    policies are good, but they're missing certain areas. And those areas, unfortunately, can be squeezed through by a rugby team, not just by a thin piece of paper, which means that we're doing work to close those gaps. What I'm hearing you say is, 'Give us something real as an outcome this week.' In terms of giving you policies, as has been indicated, I don't think anybody around this table would like such a rushed process that nobody around this table gets an opportunity to engage in comment on drafts as they come out. But, instead, I think what you're looking for is an acknowledgment that there are gaps and that those gaps need to be addressed."

    The European Commission declared that "patience is wearing thin. And we're really looking for a strong response from ICANN to show that it can self-correct at this point. That's why when we hear reviews, we hear we've engaged consultants and have had public consultations on it, it starts to itch a little bit." The European Commission is aware that there are policies in place at ICANN, but considers them to have been ineffective and without sanctions or penalties, without a cooling off period. "That's why the previous chairman did not break any rules, because there were not any rules in the first place."

    "We're really looking to a commitment toward a result, not a commitment towards a process with an unclear timeline. We're going to enter into a very important and probably not - although we would not hope not - controversial period with the new gTLDs. It is absolutely critical that the Board is above board on this, that you can point to this absolutely, when we take our decisions, we are crystal clean: these decisions are not influenced by particular interests that are represented on the board. So, there's a sense of urgency that we would like to see and a strong signal from the board itself and from the chairman that what has happened in the past will not be repeated in the future. And that, I think, we can then take back to our ministers. And they will no doubt be satisfied to see that something is actually moving. But, at the moment, I don't get that impression. I mean, I'm not sure I can debrief my Commissioner in that sense."

    GAC Chair Heather Dryden asserted that "the new gTLD program opening does provide a certain pressure, a certain timeline for these rules to be clear. And I think that that's what GAC members have been saying today."

    Rod Beckstrom promised GAC members "something you can take back that's very concrete." He referenced his speech made in June at the opening meeting of Singapore. He said, "we're moving from one chapter in new gTLDs to another." The first chapter was the policy development process, during which the community and the ICANN board and staff worked together. The second chapter was the development of the applicant guidebook, which was marked by "intense interaction between potential applicants, the board and members of the staff and executive team... In approving the program, we're now moving to a different phase. And we have to close one chapter and develop a new set of practices and a higher level of handling conflicts of interest. Because the same applicants who were at the table negotiating, discussing, sharing their expertise - appropriately - with staff and the board could no longer interact, with, for example, our new gTLD processing team. Because that team needs to be extremely separate, independent. And we need to make sure there are clean lines."

    Beckstrom provided examples of what he was doing in this current phase to handle conflicts of interest at a higher level. "I did not have people from the new gTLD processing team participate in the road show. Even though some community members and others wanted them to participate in the road show, I said, 'no, because they're processing applications.' The last thing I want is them interacting with potential applicants. So that line was drawn.

    "Secondly, at the staff meeting here on Sunday, when we gathered our entire staff, we had a communication from our legal team about how we were going to interact with new gTLD applicants here in Senegal at ICANN 42. And we implemented new practices that we have not used in the past, such as don't accept any drinks, or a meal, or anything else from a new gTLD applicant. The next thing is we told our staff members you need to report on any discussions with potential applicants, if they brought up their application or their idea and they want to discuss that with you. You need to report that into the organization. In writing.

    "Thirdly, we told our staff: do not meet alone with any new gTLD applicants that want to speak with you. If they're speaking with you and they want to talk at all about the program in any fashion, or their application, don't be there alone because you need to record that communication.

    "Now, this is a different level of implementation of our policies than we've ever done before. And it's what we're delivering - I'm delivering to you as a CEO of this organization."

    Bruce Tonkin walked through the new gTLD application process phase by phase, describing how conflicts of interest will be avoided. Information about new gTLD applications submitted between January the 12th and April the 12th will not be available to the Board until published publicly.

    Security information will be held by only a few ICANN staffers. During the evaluation phase, there will be strict separation between any board members and external evaluators or staff involved in the process. Any board member involved with any application will not be in the room when that application is discussed and will not have a vote on that application. Tonkin also offered to "document our board processes to what information the board has and with respect to the involvement of any board director in either discussing an application, discussing an application with staff, or, ultimately, voting on the application."

    Steve Crocker acknowledged" "That statement by itself is not enough for you to take back," and explained that the ICANN board's reaction was not simple, clean and quick because, "It's intended more toward how do we understand how to apply this and build the processes and fit it to the actual situation. So, you've heard from Rod about all of the rules that are being put in place with respect to the prosecution of applications and the behavior of the staff. You've heard from Bruce Tonkin about both the combination of the advice we're taking on and also the rules that we have in place for the role of the board during these processes and so forth... we can and we will document these. We have documented a lot of this. But I think would be helpful to package all of this up in a form that you can see a comprehensive collection and the assemblage of the details and how they fit into the whole of an organized program that has both the clear statement of principles and objectives with respect to conflict of interest and ethics and also the implementation and how seriously we've taken that and how we've marbled that into the body and operation of ICANN."

    In the course of this discussion, the European Commission also brought up the fact that ICANN relies on a limited number of parties for its funding, which "in itself, in our opinion, raises a fairly important issue of independence. It is not enough in our view to have a robust conflict-of-interest policy in terms of the behavior - and not only of the board members, but also of the staff - but also the issue of funding and financing needs to be looked at."

    Bertrand de La Chappelle sought to "correct a very common misunderstanding... registries and registrars are not the one or the only ones that finance ICANN. They do finance ICANN for a portion. But they are conveying and channeling the contributions that are paid by the registrants. And so, in that respect, the funding of ICANN in majority comes from a very, very distributed number of people. Millions of people are actually contributing to the funding. This doesn't reduce the question of what kind of weight the ones who channel in this regulation process. But I want to take this opportunity to correct this misunderstanding the registrants are the source of funding of ICANN."

    Heather Dryden questioned whether this addressed the real issue regarding registries and registrars, pointing out that it does not take into account "all those registrants are sitting on the board maybe creating opportunities for themselves. That's really the difference. That's really the point with registries and registrars being in a privileged position to influence business opportunities and so on."


    Discussion of law enforcement recommendations endorsed by the GAC [full summary]

    Heather Dryden requested that the United States, as the committee's lead on the issue of cybercrime, begin the discussion and she emphasized that the view of the US was "the consensus view of this committee."

    The United States of America provided a quick history of GAC involvement with the issue of cybercrime. The GAC endorsed global law enforcement agency
    (LEA) proposals
    [pdf], made in 2009 and designed to help prevent and disrupt efforts by criminal groups to exploit domain registration procedures.

    "We conveyed that full GAC endorsement to you, brought that to your attention and asked you for your assistance in implementing them. GAC and law enforcement then engaged in a considerable amount of outreach and exchanges, bilateral exchanges with registrars. And in fact we felt in June, in Singapore, that we had had a very productive exchange that seemed to be moving in the right direction of a voluntary approach that could probably accommodate up to nine out of the 12 law enforcement recommendations. So you can imagine our disappointment that, not too long afterwards, we understand the registrars had tabled the motion and we learned on October 6, the Generic Names Supporting Organization (GNSO) Council approved it. That addresses only three of the original law enforcement recommendations and frankly addresses some of the ones that look suspiciously similar to the proposal the GAC included in our scorecard for new gTLDs that the board was able to simply accept... we are bringing this to your attention now as partners. We see this directly linked to the five Accountability and Transparency Review Team (ATRT)] recommendations that pertain to the role of the GAC within ICANN. And as you know, some of those refer to making sure the GAC is effectively able to interact in policy processes.

    "So from our perspective, regrettably, this is an example of an inability for the GAC to engage effectively. And we need your support as a partner to advance the concerns that we have been expressing now for well over a year - almost two years - and we are looking for immediate visible and credible action to mitigate criminal activity using the Domain Name System."

    The US asked two questions of the ICANN Board. "In taking the step that registrars have proposed, we have been informed that... the only way to make policies binding is through a PDP. So we ask for your guidance, is that really the case?" Secondly, at the June meeting in Singapore, "those registrars in attendance confirmed to us that they represent about 80 percent of the market and they also represented, quote, 'the good guys,' so leaving us with the understanding that about 20 percent of accredited registrars seem to fall in the category of bad guys. So we note that our law enforcement recommendations actually don't address the bad guys, but we decided it's important for us to ask you: how can you decredit that 20 percent immediately?"

    "At the end of the day, what we really need is to meet the very high expectations in each of our capitals that this model is an effective partner for governments in addressing criminal activity. So we look to the model to self-regulate, to self-improve, to reach out."

    Steve Crocker, again, recognized the urgency and importance of the issue at hand and said, "One of the things that is our responsibility at the board level is not only to oversee the process, not only to make sure rules are followed and that everything is fair, but at the end of the day, that it's effective. If all we have is process, process, process, and it gets gamed or it's ineffective just because it's not structured right, then we have failed totally in our duty and our mission... It's a balancing act, of course, because, you know, we're not going to intercede at every given moment and micro manage. That would be the failure of the other kind."

    But, "In the sequence of meetings today, we met with the GNSO and segments of the GNSO - including, particularly, the registrars - and they... reported about their meeting with you, with the GAC. And they were of a somewhat different frame and seemed quite willing and eager, actually, to make the changes along the line. So we asked what the problem had been over all these years and they said, 'Nobody had ever explained it to us like that before.'"

    "We do know that of the... 900-plus registrars that we have, the number that are customer-facing are a relatively small number, and of those there are a relatively small number that have a dominant part of the market. It ought to be possible in a situation like that to have leadership from within that community. And I'm hopeful that we can push that or encourage that very quickly and forcefully."

    As far as immediately decrediting 20 percent of the registrars, Crocker turned to Kurt Pritz for a response.

    Kurt Pritz responded to the US' first question regarding how these recommendations could be made binding on all registrars in a timely manner. "ICANN published a paper about a week ago to the GNSO that recommended in part that ICANN and registrars should start bilateral contract negotiations immediately in order to move the discussion forward. And I think this is in line with Steve's comment about moving the discussion from process into substance and, you know, succeeding at getting things done rather than talking about process... The paper also states that, you know, the GNSO can take up policy matters at any time to make policy binding on registrars."

    Pritz identified a vote of the GNSO Council as "the fastest way to make those recommendations binding on all registrars. If we negotiate a set of agreements with registrars outside of that process, they'd have to be individually adopted by each registrar. And it's only binding on those registrars when their agreement expires." The agreements are five years long, and the majority of them will not expire for another three or four years.

    More importantly, according to Pritz, "ICANN and the registrars have agreed that we should start negotiations right away on a more complete set of amendments that consider the LEA recommendations and the GNSO high- priority recommendations. And so the registry constituency met this morning and approved the initiation of those negotiations. So they are going to appoint a team to negotiate with ICANN and, similarly, ICANN is going to have a team negotiating. We also committed to reporting out with each meeting the results of that meeting in a transparent way so that the community could monitor developments of those negotiations."

    As to the timeline, "the registrars and ICANN agreed that we'd work toward publishing a set of amendments by the Costa Rica meeting [March 2012]. I personally think that's very ambitious, but the registrars endorsed that and that's what we're working to."

    The United States of America was unimpressed. "So, again, I think we have been lectured at great length as to the only way to make things stick is down this way. So again, that's a process. Now, it may be a fact, but it's a process." Initially, amendments were going to be made to the RAA, but it was going to take too long, so a voluntary agreement was sought. "Now we are told nothing can happen even on a voluntary basis. Frankly, we find that absolutely stunning that a registrar cannot agree to put their name on their Web site without a PDP."

    Kenya mentioned that, in the meeting with the GNSO, they said the policy development processes take between one and two years. But Bruce Tonkin said, "The PDP process I think can get done in about 90 days. I have to check that, but it can be quite a bit faster. And it really depends on the community, right? And... registrars can voluntarily sign up to changes in the Registrar Accreditation Agreement and have, in fact, done so back in 2009."

    Australia expressed despair that "all that I have heard is process, process, process. And I am back to where I was the other day talking to the registrars that I don't see a clear and credible path to action, to be perfectly honest. All the processes that I've just heard require agreement and negotiation with registrars. I may be wrong here, but the registrars have known about this for some time, and we've seen no action. And, in a self-regulatory model, if the people we're trying to regulate can continually stifle or veto any progress, then I think we have a structural problem with the model."

    The United Kingdom recommended that, since the Draft 2012-2015 ICANN Strategic Plan, covers abuse, "Let's get some action to underpin the strategic plan so that we can, again, go back to our ministers with a very positive development to report."

    According to Mike Silber, approximately 80 percent of registrars are currently following the recommendations set out in the guidelines. What we're talking about here is the solution for the remaining 20 percent. But a representative from the Serious Organised Crime Agency in the U.K. disagreed and underscored the necessity for urgent action. When it comes to the 80 percent "we are still trying to get them to follow even the most basic of recommendations in terms of reporting an abuse point. I must follow that with many of them are; however, there are a number that aren't... There is unanimity across all governments now that we really must address the growing issue of cybercrime across the Internet, which is ever increasing. And with all the issues that are being discussed within the ICANN board with new gTLDs and IDNs, it's going to become even more complicated for law enforcement."

    Resources

  • SO-AC New gTLD Applicant Support Working Group (JAS-
    WG)
  • European Commission letter to ICANN regarding the removal of vertical separation between registries and registrars for new and existing gTLDs
  • ICANN Board-GAC consultation on root zone scaling in Brussels
  • ICANN Board response to the GAC on root zone scaling
  • ICANN's New gTLD Communication Plan [pdf]
  • ICANN's new gTLD website
  • ICANN governance documents, including its Conflicts of Interest Policy and Code of Conduct
  • ICANN 42 session, Conflicts and Ethics, 27 October 2011
  • Law enforcement proposals for Improvements to the RAA
  • Discussion Paper on Next Steps to Produce a New Form of Registrar Accreditation Agreement (including reference documents), 13 October 2011
  • Audio and transcript for the ICANN board-GAC open meeting, 25 October 2011
  • GAC Communique: Dakar, 27 October 2011

  • List of speakers

    • Heather Dryden, Chair of the GAC
    • Steve Crocker, Chair of the ICANN Board
    • Chris Disspain, Member of the ICANN Board and of ICANN's Accountability and Transparency Review Team (ATRT)
    • United States (Suzanne Radell)
    • Portugal
    • Kenya (Alice Munyua), Vice Chair of GAC
    • Nigeria
    • Bertrand de La Chapelle, Member of the ICANN Board
    • Katim Seringe Touray, Member of the ICANN Board
    • European Commission
    • Netherlands (Thomas de Haan)
    • Rod Beckstrom, CEO and President of ICANN
    • Sweden (Maria H‰ll), Vice Chair of GAC
    • Suzanne Woolf, Root Server System Advisory Committee Liaison, Member of the ICANN
      Security and Stability Advisory Committee and the ARIN Advisory Council
    • Germany (Hubert Schoettner )
    • Switzerland (Francois Maurer)
      United Kingdom]
    • Uganda
    • Sebastien Bachollet, ICANN Board Public Participation Committee Member
    • Bruce Tonkin, Vice-Chair of the ICANN Board
    • Erika Mann, Member of the ICANN Board
    • Australia
    • Mike Silber, ccNSO Appointee to the ICANN Board
    • Kurt Pritz, Senior Vice President of Stakeholder Relations at ICANN
    • Singapore
    • Canada
    • Gary Kippy], Serious Organised Crime Agency, UK

    GAC/ICANN Board Meeting
    Dakar, Senegal
    25 October 2011

    >>HEATHER DRYDEN: Good afternoon, everyone.

    Welcome to the Board/GAC exchange.

    We have a number of issues on the agenda this afternoon so we
    should get started, I think.

    Welcome to the board. Thank you for meeting with us. And I'll go
    through some of the agenda items that we had proposed to you so we
    know what we're covering today.

    First, in relation to new gTLDs, we're asking to discuss applicant
    support and learn a bit more about what the plans are for addressing
    advice that the GAC had given along with the ALAC as well as other
    inputs received by the board on that.

    Also, the issue of registry/registrar cross-ownership and relations
    to competition authorities. That's also on our list.

    In relation to root zone scaling, a question there that may, in
    fact, relate to our expectations regarding advising or -- well,
    providing early warning notices within the expected time frame.

    Also an important piece is the communications outreach plan.

    And then the next issue is in terms of conflict-of-interest
    matters. And then lastly, we hope also to cover the RAA, LEA
    recommendations that were endorsed by the GAC.

    So would you like to open, Steve?

    >>STEVE CROCKER: Thank you, Heather.

    My name is Steve Crocker. I'm chair of the ICANN board. I have
    had the pleasure of appearing before you numerous times over the
    years as chair of SSAC for a number of years and as a member of the
    ICANN board. But this is my first time appearing before you as chair
    of the ICANN board.

    I don't know whether to feel completely comfortable or scared to
    death.

    There is a very substantial agenda that Heather has just covered.
    We're fundamentally here to serve, so we're eager to engage and go
    through these topics and do whatever we can to move the discussion
    forward and to be as forthcoming as we can about the state of play on
    any of these.

    This is a cooperative venture, and we're here to help. So let's
    move into it.

    >>HEATHER DRYDEN: Okay. Well, thank you, Steve.

    So the first issue is regarding the Joint Working Group report and
    applicant support. And we have a few colleagues in the GAC that have
    been paying close attention to that and may have some questions for
    you, but I think in general we are looking for what the next steps
    are and how that relates to the program opening in January, what will
    be in place.

    >>STEVE CROCKER: Let me call on Chris Disspain.

    Oh, good.

    To speak on this.

    >>CHRIS DISSPAIN: Thank you.

    We have done a fair bit of work over the last couple of weeks on
    the JAS report, and we had a meeting on it on -- gosh, it seems like
    weeks ago but it was actually Sunday, I think, and we have another
    meeting on it tomorrow. And we hope that we will be able to say
    something to the community on Friday.

    We are -- or Thursday, possibly.

    We are taking it very seriously. I can't really give you any more
    information right now except -- because we are still looking at it,
    we are still working on what we can and can't do. But we have spent
    a lot of time on it. We're not ignoring it. And we will have some
    information by the end of the week.

    >>STEVE CROCKER: Let me add a word or two.

    We had a presentation by the working group -- I am losing track of
    time, too. Yesterday, I guess. Is that right? Yeah. It was a
    really, really good presentation. Impressive amount of work by the
    working group, and a first-class presentation. And then we asked
    some very pointed questions.

    It is the general nature of such activities that a substantial is
    put on the table and it has to be matched up against what the
    resources and time frames and other balancing constraints are.

    I thought the answers were very strong. I thought that where I had
    been fearful that it might be very difficult to do anything, I think
    that we ought to be able to find something. I need to be cautious
    about saying any more because we have some further discussions to
    have. But we are very strongly oriented to being able to say
    something positive on -- by the end of this week.

    It may not be definitive and it may not have all the specifics, but
    we're absolutely taking this seriously and committed to following up
    on the commitment we made in Nairobi when we allocated the $2 million
    in seed funding in the first place.

    >>HEATHER DRYDEN: Thank you, Chris. Thank you, Steve.

    So do we have questions? Portugal, please.

    >>PORTUGAL: Thank you. I'm afraid I am going to speak in
    Portuguese, so if you could put your headphones on.

    Thank you.

    I will take advantage of the fact that we can speak Portuguese as a
    working language during the GAC session, so I'm not going to let the
    opportunity go by.

    I will say that I feel really pleased with these recommendations;
    that we are far advanced with the recommendations. I am pleased with
    the board's efforts in this subject. But I want to say I have -- I
    am curious about the implementation of the recommendations about the
    application process that is ready to be implemented as from January
    12th. But this does not apply to developing countries. I realize
    that the board.

    Is not going to give any further explanations or time frames when
    it comes to the implementation of recommendations in the report, but
    I just wanted to voice this concern so that recommendations are
    considered as soon as possible so that developing countries can
    access gTLDs in a level playing field.

    Thank you.

    >>HEATHER DRYDEN: Did you want to respond?

    Kenya, please.

    >>KENYA: Thank you. Thank you, Heather. And I would like to
    thank the board and congratulate the JAS Working Group as well as
    thank being the board for having provided this opportunity for the
    working group to work on that mandate.

    Again, congratulating the working group on the great
    recommendations and agreeing with my colleague from Portugal are
    great and are consistent with GAC advice. And of course we are
    concerned about the implementation process, and specifically the
    timeline. So I think as you discuss and deliberate this amongst
    yourselves as the board, I think it's important to think about that
    as a very important issue. Other issues to do with the development
    of a foundation. But hand in hand with that is the very important
    fact of ensuring that there's adequate and meaningful outreach and
    awareness that is conducted in most of these developing countries.

    And I'll take the example of the African region where we seriously
    think there hasn't been much that has been done yet. And not just
    with the new gTLD process but just ICANN processes as a whole.

    And I think I would like to echo what the host country has said I
    think numerous times. We do require a little bit more effort from
    ICANN also in line with the ATRT resolution for ICANN to increase
    their presence and efforts in developing countries, and specifically
    in Africa for meaningful participation, in not just the processes but
    also the -- the gTLD, new gTLD processes but also the policy
    development processes as well.

    Thank you.

    >>HEATHER DRYDEN: Thank you very much, Kenya.

    Are there any further comments on that?

    I will say a sincere thank you on behalf of the GAC for the
    interpretation services that we have for the first time in the GAC
    this week.

    We have taken full advantage of having those services available,
    and we do appreciate that being put in place.

    So thank you.

    Nigeria, please.

    >>NIGERIA: Just to support my colleagues, the one from Portugal.
    I want to echo what Alice has said concerning the presence in the
    communications to the developing countries, particularly Africa. And
    what we have seen this week is encouraging and we hope it will
    continue in that way.

    And to echo again that time is of essence to us in the region as
    well, and we need to access the process. We need to -- our business
    people need to know what is going on.

    Government -- you know, our region in particular, that the
    government plays a greater role than the commercial people. We need
    to understand that and play along with others in the new revolution
    of the gTLD.

    Thank you.

    >>HEATHER DRYDEN: Thank you very much, Nigeria.

    Bertrand.

    >>BERTRAND DE LA CHAPELLE: Thank you, Heather.

    Just one thing that struck me, and I think the whole board in the
    last two days, is the very broad recognition in the community. Every
    constituency that we have interacted with, a broad recognition of the
    remarkable quality of the work that has been done by the JAS. And
    the presentation yesterday clearly illustrated that.

    The second point and the message that I really want to share is
    that we are highly aware of the fundamental element of time
    constraints. And one of the major focus of the work that we're doing
    at the moment, tomorrow and later this week, is to make sure that
    appropriate measures can be put in place so that it is in this round
    and that nothing is postponed later on. It's not necessarily easy,
    but I just want to share the message that this is exactly what we are
    focusing on at the moment.

    >>HEATHER DRYDEN: Thank you, Bertrand. That is good to hear.

    Okay. So let's move to the next topic on the agenda.

    Apologies. Katim.

    >>KATIM TOURAY: I'm sorry for holding back on this topic. I just
    want to say just two things. One is to say thank you to the GAC for
    the support that they have provided this initiative. I mean as
    somebody from the developing world, this is an issue that's very --
    and I'm speaking here as somebody from the developing world, not as a
    board member. This is an issue that is of profound importance to me.
    And so to see the GAC taking the lead to me in pushing is very
    important. Thank you very much.

    And I would like to encourage not only the GAC but everyone,
    everyone in the community to make sure that we work to diligently
    implement as many of the recommendations as is practically feasible.

    The DNA of ICANN is basically based on the volunteer work that
    people do. The sustainability of that work is going to depend on to
    what extent people see that effort is actually being implemented into
    programs and actions they can relate to.

    We are going to expect people to come each time. We have a call
    for volunteers. If they see that at the end of the day or at the end
    of the year nothing comes of the recommendation that they so
    diligently worked toward attaining. And so let's make sure we have
    all hands on deck and work towards implementing as many of these
    things as possible.

    On the part of the GAC what I would like to plead with you is that
    we cannot do this alone. You have a very important voice not only in
    ICANN itself but in the various fora and broad forums in your
    countries. And what I would plead with you is that you redouble your
    efforts. Do not stop at this, but when you go back to your
    governments, really build the case for everybody to do all they can
    to support all the initiatives that we have in terms of mobilizing
    resource, in terms of work being with other possible donors is
    funders to ensure that we have successful implementation of this very
    important program.

    Thank you.

    >>HEATHER DRYDEN: Thank you, Katim. I think that is a of the
    note to conclude that agenda item.

    Next on the agenda we have registry/registrar cross-ownership and
    competition authorities, or relationships with competition
    authorities.

    I know that the GAC would like to raise this with you.

    European Commission, please.

    >>EUROPEAN COMMISSION: Thank you, Mrs. Chair. And also very
    pleased to have this opportunity to meet for the first time with the
    new ICANN board chairman. That's very positive.

    Just on the competition, I was actually planning a different
    intervention than the intervention I am now making because just a few
    minutes before this meeting I had a very positive surprise in the
    sense that we have received an answer to the submission which the
    European Commission made a few days, a week or so before the
    Singapore ICANN meeting setting out a number of concerns we had on
    the vertical integration policy issues. And we have just been given
    a substantive reply, or at least what we hope is a substantive reply
    to these concerns and the specific questions which we asked. And we
    will, of course, analyze that reply very carefully and then engage
    with ICANN in case there are further questions.

    So I would like to thank the ICANN board for the response which we
    just received.

    Thank you.

    >>STEVE CROCKER: That's very kind of you, and a pleasure to here.
    I know this has had very high priority and we pushed very hard to get
    this response.

    So I am pleased that the timing is -- was just before instead of
    just after.

    >>HEATHER DRYDEN: Thank you for that.

    Okay. Are there any further questions or comments or this topic or
    can we move to the next item?

    Okay.

    All right. So next we are still on new gTLDs. We have some
    questions or comments on root zone scaling and some of the data that
    we have been provided and how this may relate to the early warning
    process and GAC's role in that. So are there questions or comments
    on that?

    Netherlands, please.

    >>NETHERLANDS: Thank you, Heather.

    Our basic question, I think we discussed this beforehand in
    plenary, is the fact that we have kind of different expectations,
    different wordings, different signals during this meeting than we
    had, I think, in the Brussels meeting with the board. And basically
    what we heard, and we didn't hear it in our -- let's say not in the
    presentation Kurt gave to us, but it was in other setting with GNSO
    that it's probable, it's thinkable that the ICANN can accommodate --
    will accommodate let's say more than 500 or more than a couple of
    hundred of applications in the first round.

    I think it's -- of course it's admissible if you can have all the
    systems and the processing, the services available on time.

    But we still have I think two concerns. One concern is that we had
    a kind of understanding in Brussels that after the first batch of, we
    had a thinking and understanding of a couple of hundred that will be
    a kind of a --

    (dropped audio).

    -- say the first insertions in the root zone after a while. And
    that second round will be deferred until there's something coming out
    of the evaluation of how the root zone system works or reacts on this.

    So in case in the first round there is not the kind of batching but
    we have, let's say, an explosion of thousand or 1200 applications, it
    will of course interact. It will have repercussions on our -- let's
    say on root scaling agreement we had I think in Brussels on this.

    And the second thing is, well, basically it depends also on how the
    batching is going to be arranged. And if you -- how do you plan this
    introduction? Will this be batched? Will this be one round? And
    then if the applications come in after certain time, will it be a one-
    time posting of all the applications being in? Because that's
    basically the trigger point for our early warning within the GAC.
    And our early warning is, of course, we have us all restricted
    resources. If we come up with a list of 1200, it's a little bit
    different a list of 150 new applications.

    So that's -- These two questions we are struggling with, and we
    would like to have some answer indication.

    Thank you.

    >>STEVE CROCKER: Let me say a word about it.

    So I think there really are two quite different things that we are
    talking about here. The early warning with respect to strings is a
    process for review of those strings, and you are asking a question, I
    believe, about the capacity from a personnel point of view within the
    GAC and within the rest of the administrative processes to process
    those applications to give due consideration of those strings and
    what the time frame is for those responses. Perfectly fair question.

    Separate and apart from that is the terminology that you have used
    is the impact on the root server system, which suggests that the name
    servers themselves would show some evidence of stress because of the
    addition of new names into the name servers. That's -- There is --
    There seems to be some persistent confusion and misunderstanding, in
    my judgment, about that. The name servers, the few hundred Anycast
    instances around the world regularly process on the order of 10,000
    queries a day -- per second. This is huge, huge numbers.

    The variation on a second-to-second basis, on a minute-to-minute
    basis and during the course of a day and at various changes on a
    seasonal basis are very large changes in those numbers.

    The decision of a new one or two or a hundred or a thousand names
    into the root server system almost certainly will generate no
    measurable change that you can see because of the ordinary changes
    that are -- ordinary variations that are taking.

    It's fair to look at that, if you wish, and there will be people
    who are monitoring things very closely. And I'm given to understand
    there will be a report carefully documenting the before and after and
    explaining all of this.

    But I think it's important to set the expectations here that the
    relationship between adding new names into the root zone is almost
    completely, if not 100 percent, decoupled from anything measurable in
    terms of the performance as seen by the users, or even, for that
    matter, seen by the internal distribution processes within each of
    the root server operators.

    I suspect that there is a misunderstanding that has taken flower
    and seems to have spread and I would like to find a way to settle it
    down. And as I said, I think some very careful documentation,
    structured in a way that is readable not only by technical people and
    by GAC personnel but also one that can be shared with broader
    audiences or more senior people in government, would be very helpful
    in laying out this very clearly and laying any misunderstandings to
    rest.

    >>HEATHER DRYDEN: Yes, Rod.

    >>ROD BECKSTROM: And just to complement what Steve has said. As
    you may recall, the board passed a resolution that stated that the
    maximum number of TLDs that could be delegated into the root under
    the new gTLD program on an annual basis is 1,000. And the number may
    not exceed that unless there is a formal review, or a new decision by
    the board.

    So that was the limit that was determined and established by
    resolution. And we will fully respect that.

    Thank you.

    >>HEATHER DRYDEN: Thank you, Rod.

    I have Sweden and the European Commission.

    >>SWEDEN: Thank you very much, Heather.

    Actually, I would like to echo what my colleague from the
    Netherlands was raising, those issues. Because really the amount of
    new gTLDs that's going to be launched, that's going to come to, is
    also going to end up in our lap in this early warning system. Of
    course it's going to be huge difference to deal with thousands or
    maybe couple of thousands of strings compared to a couple of hundreds.

    And actually, when we listened to Kurt Pritz who made a very good
    presentation early in the week, we got an impression or we understood
    that the ICANN, ICANN staff and ICANN board, has a very good dialogue
    with the technical community of experts, the root server system
    stability committee and the Security and Stability Advisory Committee
    and so on, and other, of course, expert in the technical community.
    And that is very reassuring from our point of view, and it's also
    very, very important, because we are governments. We have concerns
    but we have not really the experts.

    I would like to say another thing, what I got the impression of, I
    hope I understood it, is also the RSSAC group had some kind of
    proposal of an early warning, not the early warning in the GAC early
    warning but an early warning actually from the technical perspective,
    from the root server system. And I don't know whether you are
    working on that one or RSSAC, you have some dialogue on that one.
    Maybe you have. But that is also of interest for us to know because
    that has implications on our policy, public policy and our concerns
    and issues.

    And I think it's very, very important that we have this early
    warning, whatever it is, systems in place before things starts. And
    it's going to start very soon now because I think it's very important.

    It's accountability for ICANN. It's accountability for us as an
    advisory committee that these whole systems in which we are all of us
    involved right now is going to work. So it's not going to go down
    the drain.

    So we need to make sure that it's going to happen.

    And now I feel a little bit like a parrot saying the same thing
    every meeting when we have the opportunity to meet you, the ICANN
    board, that I really hope that we can -- I really hoped, and I still
    do, that we could have a limited first round and have a good
    evaluation from all the perspectives that is necessary and then take
    into account the information we got, and then could move on to the
    next step, to the second round.

    Thank you.

    >>HEATHER DRYDEN: Thank you very much, Sweden.

    I have Bertrand -- I'm sorry, European Commission and then Bertrand.

    >>EUROPEAN COMMISSION: I would rather leave the word to the Board
    if they want to react immediately to this point and I will take the
    word afterwards.

    >>HEATHER DRYDEN: Thank you.

    Bertrand.

    >>BERTRAND DE LA CHAPELLE: Bertrand De La Chapelle.

    Two points. The first one is related to the question that Thomas
    asked, the first one, and the answer of Steve. There is, indeed, a
    distinction that is important that Steve has highlighted. And maybe
    one way to highlight this distinction is to say that the stress on
    the root servers that are distributed are more related to the number
    of users than the number of TLDs.

    This is a very important distinction. Overall, on a daily
    functioning, the stress on the root servers is related to the number
    of users that are actually querying.

    It will increase a little bit, because it will take time for the
    mirrors and all the cache and all the replications to get all the
    addresses. But overall, the load is not fundamentally related to the
    number of TLDs but more to the number of users.

    The other stress which is important is the number of updates to the
    database that come from changing the servers, from changing the
    address of who manages the registry and so on. But this is a
    completely different type of load. And I am trying to express that
    in a way that marks the distinction.

    It is very important in our discussion that we are completely clear
    about that distinction because it is a very important element in
    relation to the root scaling and the dangers, and it is extremely
    important in particular that you have all the elements to report
    back. Because this question is going to be asked over and over
    again. And if we are not clear, tell us and we will clarify. We
    will try to find the arguments that you can use.

    The second point is regarding the workload on the early warning.
    It's absolutely true that the workload on the early warning will be
    heavier if there is 1,200 or 500. This is true. And we all know the
    problem of bandwidths.

    I would like to share and maybe make a methodological suggestion,
    because one of the dangers for everybody, both for the board and the
    staff and the structure as a whole and for the GAC, is if you want to
    provide a one, single early warning. Why is that? Because you will
    have to wait until you agree on every single potential problem on
    TLDs before you provide the output.

    I would suggest that you explore something along -- an important
    distinction. Among the list of TLDs, hopefully there will not be too
    many that will be problematic, but we don't know. There is an
    important distinction between those where there is a problem from the
    GAC point of view regarding the string, and there may be strings or
    applications where the GAC as a whole or some GAC members will say we
    don't even want to explore who is applying for that string. That
    string is a problem.

    This is different from a situation where there is a problem with
    one particular applicant for a given string that in itself doesn't
    pose a problem. Because then the early warning is much more directed
    towards the applicant himself, like saying you didn't contact the
    corresponding local authority or you are missing one point.

    So I would encourage to maybe do a two-pass system to try to narrow
    down, very early on, what are the strings that you believe are
    causing a problem in themselves and identifying among them, if any,
    hopefully there will be none, but if any, those where there is a real
    obvious consensus on the GAC that there is a problem that needs to be
    addressed, and those where there is a problem for some countries and
    others.

    But I would encourage to try to design something, and maybe we can
    discuss further on how to make it efficient, that will be a flexible
    mow at that time so that you can produce early warnings on an ongoing
    and state by state basis instead of waiting until you have an
    agreement on all the early warnings you are going to provide.

    I hope this helps, and we are all crossing fingers that people will
    be smart you have and respectful enough of the spirit of the program
    not to make applications that are really problematic.

    >>HEATHER DRYDEN: Thank you, Bertrand.

    Let's hope.

    All right. Suzanne Woolf, can you provide some insight, please?

    Thank you.

    >>EUROPEAN COMMISSION: Madam Chair; sorry. What I meant to say
    is I would switch place with the board. I still would like to have
    my speaking slot. Thank you.

    >>HEATHER DRYDEN: European Commission. Would you like to speak
    now? Please.

    >>EUROPEAN COMMISSION: Thank you very much to the board members for
    their insights.

    On root zone scaling, I think Dr. Crocker mentioned a report that
    is going to be published on the matter, I imagine. It would be very
    important to have that report as soon as possible, and it is
    important to have policy summaries that will certainly simplify our
    work when talking to our political masters, so to speak.

    But that the Commission would also like to have the full report
    with all the technical data, all the methodology, explanation
    methodology that has been used because we want to share that report
    with our own experts, too, and be able to help you to be confident
    all together on the resilience of the system.

    On the early warning, the Commission would like to thank Bertrand
    de La Chapelle for the suggestions which will certainly be taken into
    account by us. We are internally discussing how to streamline our
    work. I don't want to go into detail as this is a discussion that is
    still ongoing, but one thing the Commission has already raised with
    the ICANN staff with whom we have met a couple of days ago, and I
    raise again with the board, we will need -- I'm sorry, we understand
    that ICANN is building an internal system to handle the new
    applications on your side. It would be very important for GAC to
    have access to have an interface to that system in order to be able
    to consider how to automate our work as well.

    So the Commission is hopeful that this can be -- this discussion
    with proceed as quickly as possible.

    And then again on the early warning and new gTLDs, thanks to the
    CEO, to Mr. Beckstrom, for specifying, for reminding us of the limit
    of 1,000 new gTLDs.

    My question is, did ICANN base their calculations on the deadlines
    by when they would provide us with the full list of gTLDs on which we
    are supposed to provide possible early warning, did they calculate
    their deadline on this maximum amount? In other words, the deadline
    you set for yourselves to communicate to us all the gTLDs with all
    the verification done on your side at that stage, is it calculated on
    1,000 new gTLDs or 100 or 200? And if you calculated it on 100, what
    happens if you receive 1,000 applications? Are you confident that you
    are going to respect the deadline that you communicated to us? And
    if not, what is going to happen?

    I hope this last point is clear enough. If not, I am happy to
    elaborate.

    >>HEATHER DRYDEN: Thank you, European Commission.

    Rod, did you have a quick response to that last point?

    >>ROD BECKSTROM: Just a quick response. Thank you very much.

    The first is that in May, approximately one month after the
    application window closes, we will be publishing all of the strings
    publicly, so it's known what has been applied for. And that will be
    the total list of whatever number of applications has been received
    during the application period, firstly.

    Secondly, the current plan is to process the applications in
    batches of 500. So I think that we have taken that into
    consideration when we looked at the early warning period. But I will
    check into that in more depth and come back to you.

    Thank you.

    >>HEATHER DRYDEN: Thank you, Rod.

    So Suzanne, please.

    >>SUZANNE WOOLF : Thank you, Heather.

    And I have been sort of sitting here scribbling a couple of notes.
    But just to say real quickly, first I want to reinforce a couple of
    the points that have been made, particularly by Steve, that, first of
    all, given the limitations that have been committed to, as Rod just
    mentioned and as previously discussed, there is not an urgent issue
    here. There are concerns, and there is probably -- there are -- that
    do need to be addressed and have been committed to be addressed.

    But there is more -- there is more to be gained by taking the time
    to have these conversations and make sure that we fully understand,
    given the limits that are agreed to, in the minds of everyone who has
    looked carefully at this.

    For RSSAC, specifically, I believe it was Maria made a reference to
    some work that's been undertaken. There has been some work within
    the committee on a shared set of metrics, as much in the interests of
    transparency and facilitating research, frankly, as because there are
    specific concerns for the root servers about root scaling. And also
    I believe Steve made an allusion -- I'm losing track of who mentioned
    this. But there are good working relationships in place. And the
    technical folks outside of ICANN are looking forward to working with
    staff on making sure that the technical issues are addressed.

    It does make sense, though, to also reinforce the distinction that,
    I believe, Bertrand particularly spoke to between policy issues and
    technical operational ones. And I believe that one of the benefits
    of the long discussion that we all had on this issue was that there
    is a reasonable set of clear separations among those things and
    reasonable plans for tackling all of them. So I think we are in a
    good place on that. But we need to keep moving forward and look
    forward to working, particularly, with the staff on that.

    >>HEATHER DRYDEN: Thank you, Suzanne. I have the Netherlands,
    Australia, and Germany. Netherlands, please.

    >>NETHERLANDS: The questions were already presented by Suzanne
    and Rod on my first question. Thank you.

    >>HEATHER DRYDEN: Thank you. Australia?

    >>AUSTRALIA: Yes, mine has dissipated also.

    >>HEATHER DRYDEN: Excellent. Okay. Germany.

    >>GERMANY: Yes, thank you, madam chair. I just want to come
    back to the position or presentation made by Bertrand in this respect
    under a relation process and early warning system.

    I just -- I think it seems -- your comment seems to be rather
    sensible to have a distinction between the evaluation of the string
    on one side and the other side to have evaluation of the applicant.

    Having said that, from a practical standpoint, it might be rather
    difficult. Because you mentioned we receive on the 1st of May or 2nd
    of May or 29th of April a complete list with strings. Okay. A
    string evaluation is rather easy to be made. Rather easy, just to
    say.

    But an evaluation of the applicant. And, in particular, it's not
    only the name of the applicant. You need to know what is the model
    he's following. What are the registration policies? What are the
    restrictions? I think this, frankly speaking, is not possible within
    a time frame of 60 days. This is something I would really be
    hesitative to have such kind of evaluation during this period.

    And, having said that, I also would like to second my colleague
    from the European Commission. I think we really need to consider
    what will be the possibilities for the government for the early
    warning system, if, say, it's really a significant decrease of
    application.

    We had considered up to now something like 500. If it really is
    significantly more than these 500, then it would be also a capacity
    problems for us to proceed these 500 -- these applications. Because
    we, as government, have not privilege to extend the time we are bound
    by the 60 days. Thank you.

    >>HEATHER DRYDEN: Thank you very much, Germany. Kurt, can you
    perhaps tell us exactly what the information would be that's
    available on those dates?

    >>KURT PRITZ: Thanks, Hubert, for your question. We will publish
    the applications, which are, essentially, the information in
    questions 1-13. So -- and then more. So there will be the string
    and then the applicant and the purpose of the application and the
    answer to many of the questions so that the GAC can use that to make
    its determinations.

    Now, what might be helpful for the GAC and what we'd like to hear
    is a way -- thank you.

    >> I have a handheld.

    >>KURT PRITZ: So maybe there's a way we can sort the data. So,
    as Rod mentioned, we're going to publish the information on a date
    certain after we receive the applications. If you would -- we could
    give that information to you now what's going to be published. Then
    perhaps you could get back to us with a way that we could sort that
    data so it would be more helpful to you so you can kind of run your
    finger down it easily.

    >>HEATHER DRYDEN: Thank you, Kurt. Switzerland.

    >>SWITZERLAND: Thank you. Also referring to what Bertrand has
    said, I think in principle, it would be useful to be able to express
    an early warning first on the string and then on second level on the
    applicant and on his business model.

    But something that I started to realize, which is in, at least in
    my head, slightly reducing the value of this whole early warning
    system and put it to a question to the board -- is my perception
    right? -- that we would realize there is a string we do not think is
    problematic; we look at the applicant and then look at his business
    models and registrar conditions, whatever; and then realize that
    something is not applicable to our law in our country?

    And then you issue an early warning saying that, basically,
    everything would be fine, but we have a problem there. We cannot
    accept this.

    What is the use of this, if I get this right, that, if the
    applicant cannot modify this application, he can only withdraw it?
    Is that right? That's the only answer you can give -- unless this
    exception with geographic names and seeking government support. But,
    if, for instance, in an early warning you see a minor flaw which
    could cause you to file an objection against it, the applicant can
    only decide I go nevertheless or I withdraw? There's nothing in
    between? Is that right? Yeah, that's it. Thank you.

    >>HEATHER DRYDEN: Thank you, Sweden.

    Is there a response to that question? Kurt, please.

    >>KURT PRITZ: So that question reflects a good understanding.
    We're loathe to allow applicants to fully change their application,
    because that would allow applicants to abuse the system. Get an
    application in as a test. And, if that test sort of fails, they can
    sort of get around the system by amending it.

    But there are ways an applicant can address government concerns.
    For example, in the case of a geographic name, it can secure the
    approval of the government. Or there may be conditions a government
    would have before it would otherwise approve delegation of a name.
    So it can put the applicant on notice that the GAC will probably give
    GAC advice or encourage an objection in some way. So there are ways
    for governments to use the early warning effectively.

    And then, of course, the other use for GAC advice is to put the
    applicant on notice that there is going to be GAC advice or an
    objection to it and give him or her the opportunity to withdraw early
    for a higher refund. So we're trying to encourage the applicants to
    heed the GAC early warning in that way.

    >>HEATHER DRYDEN: Bertrand.

    Thank you, Kurt.

    >>BERTRAND DE LA CHAPELLE: One very quick comment both on Hubert
    and Thomas's questions. What we're trying to put in place is a
    communication channel. And the whole discussion we had during the
    elaboration of the applicant guidebook is to identify tools for
    interaction. That bucks the capacity for the GAC, in particular, to
    make a comment at one moment and not later and so on.

    What was attempted was to provide a way for intervening at
    different stages. And there are, as Thomas has said, there are
    different types of problems that may emerge.

    I think the proposal that Andrea made of having an interface or
    something that is facilitating the interaction is in the spirit of
    what we're trying to put in place. Identifying as early as possible -
    - and the early warning bears its name very well -- identifying
    problems as early as possible is beneficial for everybody, including
    for the applicants.

    And so there might be cases where there is a general problem with
    the string. There are cases where there is a specific problem for
    one or several applicants because, with that type of string, they
    should have done something more than what they've done, for instance.
    And they could be encouraged to move forward.

    And there could be cases where one or several specific countries
    have a particular problem that can or cannot be addressed and where
    the applicant will or will not withdraw in the end.

    But what I'd like to highlight here is the notion of a continuous
    process that will move all along the evaluation the objections and
    all those components that have been put in the program as
    protections.

    As a general remark, what we've all attempted to do is to find
    something that combines two very difficult things to combine. One is
    openness, and the other side is protections.

    And the whole process of dialogue with the GAC and the early
    warning and the advice, the various level of advices are intended to
    make sure that there is always an avenue for interaction when there's
    a problem.

    I think that's the best answer we can give at that moment. And the
    questions that you're asking, we need to keep asking them in parallel
    with using the process, so that we improve it as much as we move
    forward.

    >>HEATHER DRYDEN: Thank you, Bertrand. Can we move to the next
    topic, which is the communications outreach program for new gTLDs.

    Switzerland, please.

    >>SWITZERLAND: Sorry. It's a quick question that I wanted to ask
    before I forgot it. You said, in case there would be more than 500,
    you would divide this in batches of 500, that you would proceed kind
    of one after the other. In case you receive 4,000 applications, how
    do you decide which ones are going to be in the first batch and which
    ones are going to be in the last batch? Would that be according to
    the date that they actually hand in their applications or those from
    A to G and then those -- what is your reflection in how to divide
    these into batches? Thank you.

    >>HEATHER DRYDEN: Rod, please.

    >>ROD BECKSTROM: Thank you. We are still working on this issue.
    There's some complex legal implications, and also there's some
    technical operational issues. But we haven't locked down on a
    specific batching algorithm yet. But we will be doing that. And,
    when we do, we will be sharing it. Thank you.

    >>HEATHER DRYDEN: Thank you.

    European Commission.

    >>EUROPEAN COMMISSION: Apologies, madam chair. But all this
    talk of batches has provoked a question in me, because maybe I did
    not understand. When you say that you're going to process batches of
    500 applications, does it mean that you're going to -- how can I put
    it? Does it mean that you're going to present to us only 500
    applications and then the next 500 are going to come later? Or I
    would like a clarification because that's quite unclear to me.

    >>ROD BECKSTROM: Thank you. I'll respond. The application
    window will be open from January 12th until April 12th. There's no
    limit on the number of applications that may be submitted in that
    time frame.

    If the number of applications that is received is over 500, then we
    will have to look at the issue of how do we handle or how do we
    process those applications in batches? And the current intention is
    to do that in a number of around 500 per batch.

    So it depends on -- if there's a higher number than 500, then we
    will need to do some batch processing. If the number is lower than
    500, then we will begin the processing. They'll all be -- I'm sorry.
    They'll all be posted at the same time. So all the applications
    received, we'll publish the information in May on the date certain,
    as Kurt mentioned, with the publicly available information.

    >>EUROPEAN COMMISSION: So let me try to see if I understood. The
    process is you receive 4,000 applications. You're going post at
    whatever date now -- I can't quite remember -- those 4,000
    applications. We, as GAC, are going to do the early warning on the
    500 batch that you're going to select, which I understand is within
    your limits, even though I don't understand how you're going to
    select them. Or, again, it's not clear to me.

    >>HEATHER DRYDEN: Kurt?

    >>ROD BECKSTROM: I'll let Kurt provide the answer to this.

    >>KURT PRITZ: Given that we're publishing all the applications at
    the same time, we would expect the early warning to be issued at that
    time. And so, working with these -- through these operational issues
    with the GAC, if the GAC doesn't think it can get through all the
    applications in the 60 days -- 60 days? -- 60 days allotted, that we
    should discuss how the GAC input could match the batching input going
    forward.

    But, thinking about a little bit, I think the best duty to the
    applicant is to provide early warning advice to the applicant within
    60 days so they can withdraw their application, if need be, and not --
    you know, they'll be spending money on their ongoing operations. So
    the best scenario, I think, is that the GAC would provide early
    warning within that 60-day period.

    >>EUROPEAN COMMISSION: Apologize, madam chair. But this is an
    important point and I think it deserves to be clarified, as much as
    possible, now or very soon. Because the application period is going
    to start very soon, and we need to be very clear on what it is
    expected from us.

    So, again, you receive 4,000 or 10,000 or 12,000 applications. You
    publish them. You're expecting the GAC to issue early warning, to
    analyze all the 12,000 applications. And, yet, you're going to
    process those applications in batches of 500. So I'm sorry to say,
    but this seems to put a little bit too strain on the GAC while you,
    yourself, recognize that you are not going to be able to process
    12,000 applicants, just to use the number I did. So why should we
    not tell you, well, we're going to process 500 applications maximum
    now and you tell us what those 500 applications are?

    It seems to me that I see that Bertrand is nodding or not nodding.
    I don't understand. But it's something that we need to clarify very
    quickly. Because it's difficult for us to accept that you're asking
    us to do something which you seem to have difficulties doing yourself.

    >>ROD BECKSTROM: We will look at this issue and come back to you.
    Clearly, one of the uncertainties is the number of total applications
    that will come in. We understand -- I understand your statement that
    this has an impact on you and your time to process. And we're
    sensitive to that.

    So we'll consider this issue and come back with some guidance to
    the GAC. Thank you.

    >>HEATHER DRYDEN: Thank you, for that, Rod.

    The Netherlands, please.

    >>NETHERLANDS: Yes. Now that Kurt has a telephone -- sorry, the
    microphone. I think just one very essential question about
    remediating an application. I understand that you don't want to have
    applicants gaming the system and changing their application. But, in
    certain cases, which are not only geographic but also others like dot
    sector and example of whatever sector, imagine, just to be very
    concrete example, imagine that, after talks with GAC members, after
    an early warning, that the registry would then maybe make a stricter
    policy and say, for example, that on the second level there's
    organization.sector. And he would say, okay, I want this to have
    stricter, for example, registered name for the organization on the
    second level. But with the minimum of 10 countries existent or
    regions.

    My question is, basically, on what extent do you have the
    possibility of having a stricter policy, which will then alleviate
    concerns of some governments or the whole GAC? Thank you.

    >>KURT PRITZ: So what the guidebook says is that an applicant
    cannot materially change their application. And it's -- it's
    interesting to talk about specific examples like this, but I don't
    want to give an indication whether a specific example of a change
    would be allowable. Because we want to maintain the goals of making
    it not gameable. But we also understand that you know, a registry
    might want to further restrict its application, make it more narrow
    in order to bring it into the goals of what the government has.

    So there's some limited opportunity to adjust how they're going to
    operate the registry without amending their application. So, as long
    as it's within those guidelines of getting to the goal of not being
    able to game. But, other than that, I don't really want to comment
    on a specific application that people might rely on later on.

    >>HEATHER DRYDEN: Thank you, Kurt. Bertrand, did you have a
    final comment?

    >>BERTRAND DE LA CHAPELLE: Did I have a -- yeah, final comment.

    Coming back to the question that Andrea raised, do I understand
    correctly, if I reframe your question by saying that what you want to
    know is whether there could be a connection between the workload of
    the GAC and the batching; i.e., that the early warning -- if I
    understand correctly -- and correct me, if I'm wrong. What you're
    saying, basically, is that, if there's a batching, and among the
    1,000 or 1,500, if ever, ICANN will examine the first 500. In your
    argument it makes no sense for the GAC to make the early warning for
    the second 500. And so you want to explore how this could be
    connected. Is that a correct understanding?

    And my second question is: Does the GAC have a particular view --
    or GAC members have a particular view of the ways in which, as Rod
    said, the working on the methods of batching? Do you have particular
    views on what kind of criteria should be used for batching? Because
    I don't think we have had discussion so far.

    >>EUROPEAN COMMISSION: To confirm that your understanding on the
    first point is correct, I think that GAC should process doing early
    warning in batches according to the order that you would choose for
    the batches. So you give us the first 500. And, actually, this is
    not a firm position at the moment; but it would seem the most logical
    way to proceed to me. And for the order you would choose -- again,
    this is not something we're discussing in GAC. Just from my mind I
    with think the chronological order you receive the application could
    be the criterion. But that's, frankly, up to the ICANN board to
    decide.

    >>HEATHER DRYDEN: Thank you. So let's allow ICANN board staff to
    come back to us on the questions. And let's move further through the
    agenda. The next topic is regarding the communications outreach
    plan. And the question from the GAC side, I believe, is what is the
    communications plan? What's in it, and what is your approach to
    communicating information about the upcoming program?

    >>ROD BECKSTROM: May I respond? Thank you.

    >>HEATHER DRYDEN: Please.

    >>ROD BECKSTROM: Yes. The communications plan was outlined,
    which shaped the goals and objectives. And we've recently considered
    enhancing that. The program has been very active.

    The beginning of the communications program was, of course, right
    after the vote, I believe, on June 24th in Singapore. And there have
    been thousands of pieces generated from that event. And since then
    the physical road show started in September. And the new gTLD Web
    site was launched on the 19th of September at newgTLDs.icann.org.
    There are FAQ sheets available there in six different U.N. languages.
    There's educational videos, and there's also the calendar of upcoming
    events and event reports.

    There have been over 35 events in 20 countries so far. And there's
    upcoming outreach events that will also be in Moscow, Beijing,
    Jakarta, Mexico, Argentina, and Chile.

    And we would appreciate the help of all participants here to
    communicate the existence of the Web site and all the information to
    your communities. And also, particularly, as the government
    representatives in the GAC to use your channels through government to
    share this information with industry. And there are short forms of
    the communication that are as short as one page or short documents
    and others. And we really would appreciate your help. And we do
    appreciate the help that quite some number of countries here have
    provided already in helping to host events.

    So that's a high-level summary. Thank you.

    >>HEATHER DRYDEN: Thank you, Rod.

    So questions, comments. U.K.?

    >>UNITED KINGDOM: Thanks, very much, chair. And good afternoon,
    everybody. That's very encouraging. Certainly, the commitment to
    broadcasting this opportunity in as many markets and stakeholder
    communities across the globe is clearly understood. And it's
    critical to the success of the new gTLDs program. Obviously, it's
    also critical to the credibility of ICANN that this project is a
    truly inclusive one and taps into pools of talent, entrepreneurs,
    innovators in many parts of the world that perhaps haven't been
    tapped into before. And I think that's a real challenge for all of
    us. And, certainly, there are government channels and networks and
    associations of governments. From the U.K. perspective, there's the
    commonwealth where we can help advance awareness of this
    opportunity.

    My question is to ask whether you're monitoring levels of awareness
    through, I don't know, survey mechanisms and so on.

    Both following your road show events, but also in those areas that -
    - obviously, you can't get to every market, every community in the
    world. That would be far too ambitious. But through the use of
    media and so on, is there -- is there an effort to monitor levels of
    awareness and perhaps identify large business communities or markets
    or communities that are still in the dark? And where, perhaps, as a
    result of that monitoring awareness gauging, you can then possibly
    orientate your targeting of resources and so on. So adjusting your
    outreach program. Is that something you have in hand? Thank you.

    >>HEATHER DRYDEN: Thank you very much U.K. And Rod.

    >>ROD BECKSTROM: Thank you, Mark. There are a number of
    different metrics that are being measured from gross measures, such
    as number of articles after an event to more geographically specific
    by region, by country.

    And we are collecting a fairly rich set of data and we will be
    publishing it.

    In terms of the second part of your question about the feedback
    loop between the information on the metrics and adjusting the
    program, there are some adjustments, but those adjustments are
    limited based on the time that's allowed and permitted.

    And again, we really would appreciate all of your help as
    government leaders to send out e-mails or letters and documents from
    your offices to the trade associations in your countries, et cetera.
    And also if you have any upcoming trade association or other events
    that are already taking place in your country where you think it
    would be desirable to have an ICANN new gTLD expert speaking, please
    do let us know and we will do our best to accommodate the request and
    deliver an expert to be a resource.

    And so, again, quite a number of you have helped us with that
    already, and a number of you are helping us in the upcoming cities,
    including we'll be back in Berlin soon, and with the help of Hubert
    and the German government in organizing, but the same has been true
    in many places around the world.

    Thank you.

    >>HEATHER DRYDEN: Thank you, Rod.

    I have Uganda, please.

    >>UGANDA: Thank you very much, Chair.

    I want to thank the CEO for the last comment, that if countries
    have events, they can get in touch with ICANN. But I want to link it
    to the previous communication plan that you mentioned. I didn't hear
    anything specific targeting the African region.

    And also, I listened to your speech yesterday, the places you have
    been to of late. I didn't see anything that was near Africa, and the
    strategy that you have for the African region.

    Thank you.

    >>ROD BECKSTROM: Sure.

    Some of the events that we have done in Africa include Cape Town.
    Also in Nairobi at the IGF we did considerable communication on new
    gTLDs at the ICANN open forum, also at other events that we
    participated in. And of course the IGF was broadly attended with I
    think about 2,000 attendees, and I'm sure that the chair of the
    event, Alice Munyua town here could tell us how many were from Africa
    and how many countries, but I think quite a few countries were
    represented. And then of course the events here in Senegal with
    quite a number of countries from Africa.

    We also spoke at the GITEX conference in Dubai, which is an
    enormous technology conference with about 100,000 people, and I think
    most -- many countries from Africa were represented in that event.

    But again, sir, if you have an event that's come you go up in
    Uganda that you would like to have us participate in, please let us
    know and we will do our best to provide one of the experts from ICANN.

    Thank you.

    >>HEATHER DRYDEN: Thank you, Rod.

    Are there any other questions or comments on that?

    Sebastien. That's right, Sebastien.

    >>SEBASTIEN BACHOLLET: Thank you very much. I will speak in
    French, in fact, for some minutes.

    I wanted to be sure that I understood the objective of the
    communication, and I wouldn't want to forget that we're addressing
    companies, but at the same time, we are addressing other types of
    organizations. And, therefore, we must take into account that we can
    transmit the ICANN and organizations in the country, the
    associations, grouping these associations where the objective of the
    program is to be inclusive for all the organizations. And therefore,
    I think they should all receive information.

    Thank you very much.

    >>HEATHER DRYDEN: Thank you, Sebastien.

    We will move, then, to the final topic of our agenda this
    afternoon. And that is concerning law enforcement recommendations in
    relation to the Registrar Accreditation Agreement.

    So from the GAC side, we have the United States leading on this
    issue.

    European Commission, please.

    >>EUROPEAN COMMISSION: Madam Chair, I think we're skipping one
    point on the agenda. Is there not conflict of interest that we were
    going to discuss as well?

    >>HEATHER DRYDEN: You're right. You're right.

    Okay. Well, let's continue with the agenda as planned.

    So conflict of interest is certainly our next agenda item. And so
    on this, I believe GAC members have various views that they would
    like to communicate to you. Certainly in the discussion we had
    earlier, this was an issue of considerable importance to a number of
    colleagues in the GAC.

    So with that, I open the floor to remarks from the GAC.

    European Commission, please.

    >>EUROPEAN COMMISSION: Thank you, Madam Chair.

    I was just wondering whether the ICANN board didn't want to take
    the floor itself on this issue before leaving the floor to the GAC,
    but I'm happy to kick off the discussion.

    I think, first of all, of course underline how important this issue
    is of conflict of interest to the European Commission, but to the
    European Union and its member states, and from earlier discussions
    which we have had in the GAC, I think to many, if not all of the GAC
    members around this table.

    And maybe I should just briefly elaborate a little bit on why this
    is the case and before I come to what we expect actually the ICANN
    board to do about it.

    I think first of all, as a starting point, to confirm that ICANN is
    an organization whose mission is to serve the public interest. And I
    would like to think that the global public interest.

    And obviously this requires that its functioning and the way it
    takes decisions meets the highest corporate governance standards:
    those of accountability, transparency, and independence.

    This goes to the heart of the multistakeholder model, because of
    course if the model is seen as not meeting those standards, then the
    legitimacy of the decisions that the model produces will be called
    into question.

    And unfortunately, recent events have given us some doubts about
    the conflict of interest or the independence in the accountability
    and transparency of ICANN, and particularly of the board. We have,
    of course, all taken note of the chairman, the previous chairman
    leaving the board very shortly after the decision on the new gTLD to
    join a company with a direct interest in that decision. That was
    very embarrassing for ICANN, and of course raised a lot of concern in
    the community. But that is, in our view, merely a symptom of a
    deeper problem, which is a structural problem of ICANN. If you look
    also at the recent audit report we see that at least eight members on
    the board have declared conflict of interest in the pursuit of their
    activities. And of course when we look at kind of the way ICANN
    deals with this, we note -- and again, that is with regret -- that
    there is no substantial conflict-of-interest and ethics policy in
    place. And that, of course, is a major shortcoming.

    And as this is a structural problem, we believe that structural
    solutions are in order.

    In or view, in the view of the European Commission, our preferred
    option is clearly that the board will be fully independent from
    interested parties. A professional board who would be adequately
    remunerated and would not have to be employed by stakeholders that
    have a direct interest in the decisions of the organization. That,
    we believe, is absolutely the best way to go about independence and
    accountability and transparency.

    But in the short to medium term, we really expect the board to take
    a very strong stance in favor of the highest standard of corporate
    governance.

    We were slightly disappointed that it has taken at least a couple
    of months before the board put this issue on its own agenda. We have
    since seen that the board has taken some steps in that direction, but
    our main concern is that we enter into another phase of discussion
    and policy-making whereas what we think now needs to be done is the
    board taking an absolutely firm stance and adopting, as soon as
    possible, a robust and substantive conflict-of-interest policy.

    And maybe we can offer, from our experience in the European
    Commission, some elements which we believe should be absolutely part
    and parcel of such conflict-of-interest policy; that is, a prior
    declaration, obviously, of conflict of interest; an appropriate
    scope; i.e., not just in the case of transactions or in the case of
    decisions but the whole phase from policy shaping to decisions; clear
    sanctions and penalties in case of breach. From our own experience,
    we know that if you can breach conflict-of-interest rules with
    impunity and there are no consequences, the whole policy isn't worth
    anything.

    And last but not least and I think we have seen how important this
    is, a cooling off period which leaves some time between the point in
    time that members leave the board and then they join interested
    parties. Those are the kind of elements which we expect to see in
    the conflict-of-interest policy. We would very much urge the board
    to take its political responsibility and put in place such a policy
    as soon as possible. Not turn this into process with working groups
    and engaging consultants and advice and further discussion and et
    cetera. But before the end of the year to make sure that such a
    policy is in place. And that basically ICANN joins the reputable
    organizations that have similar or are also operating in the public
    interest with a conflict-of-interest policy that the ICANN board can
    be proud of.

    There is one issue which I simply want to flag which is the issue
    of financing. What was quite interesting in the recent audit report
    is that ICANN for its financing, for its funding for its revenue
    relies on a fairly limited number of parties. And that in itself, in
    our opinion, raises a fairly important issue of independence. It is
    not enough in our view to have a robust conflict-of-interest policy
    in terms of the behavior and not only of the board members, but also
    of the staff, but also the issue of funding and financing needs to be
    looked at.

    So I would like to leave it here. But for us, it's very important
    issue for the sustainability of the multistakeholder model.

    We as governments, and particularly we as European Commission, will
    find it difficult to defend a model, which we have always stoutly
    defended, when the model has such important shortcomings. But those
    shortcomings can be easily repaired if the necessary political will
    and sense of urgency is there.

    Thank you.

    >>HEATHER DRYDEN: Thank you, European Commission. I understand
    Bruce Tonkin from the board will respond on this topic.

    >>BRUCE TONKIN: Yeah, thank you, Heather. And we agree, we do
    believe this a very serious issue and we are working on it.

    With respect to what's there today, I think you made the comment we
    don't have a conflicts policy. We do, actually. So we have both a
    conflicts policy and a code of conduct. And we can provide links to
    those documents.

    We also have fairly elaborate confidentiality provisions within our
    code of conduct and guidelines on how they should be used. So we do
    have something in place.

    But having said that, we also recognize that.

    As the organization is taking on more responsibility, it needs to
    review those and improve those.

    So the Board Governance Committee asked the staff to commission
    some external advice so that we're not -- it comes counsel to, coming
    back to your point of independence, so it's not just us coming up
    with our own rules. We are getting external advice that is reviewing
    best practice in both conflicts and ethics with respect to both
    corporate best practice as well as government best practice. And
    those inputs will be taken into account to update the policy.

    In terms of the timing, I wasn't sure. Were you suggesting that we
    don't put that out for comment before we would vote? Our normal
    practice is when we get advice, we update the policy and put it out
    for public comment. But we're not talking about working groups, but
    our normal process for all important documents like that is it does
    go through a public comment process. So I would expect we are
    talking of a time frame of a few months. But whether it's next
    month, to do that would mean we actually aren't being accountable and
    transparent because we aren't actually putting something out for
    review.

    The other thing, as others pointed out in some of the sessions
    earlier today, is it's not just enough to have a written document.
    As I said, we already have them. It's actually about whether people
    really understand what's in those documents and how to apply those
    rules. And so we had a board training session a few weeks ago, and
    we spent several hours, actually, going through the existing
    conflicts policy and the code of conduct and the confidentiality
    provisions. And we went through various scenarios of how they should
    apply to different situations that might emerge in the coming year.
    So that's part of actually building it into the culture.

    Just to give you some specific examples for me personally, because
    on particular issues I have declared a conflict. So if we take
    registry/registrar separation as an example, I left the room when
    that topic was discussed, and when legal advice was provided to
    ICANN, I was not present nor did I vote on it. And I also
    predeclared that interest before that discussion occurred.

    So I think you will find that we actually already have practices
    that aren't -- that are similar, I would have thought, to some of the
    things you pointed out. We predeclare. If it's a serious issue, we
    leave the room, and we don't vote on it.

    In terms of having a board with a member that has a conflict,
    remember, we have 16 voting members. It's very rare -- You mentioned
    there were eight instances where a conflict might have been. I doubt
    that that was at one time. Most that I can recall, there was maybe
    one or two on any issue of 16 directors. And that's the strength of
    the multistakeholder body, that we have 16 directors from multiple
    regions of the world with multiple areas of experience. On any one
    issue, if we conflicted, if a person is not present, it really
    doesn't impact that discussion.

    >>HEATHER DRYDEN: Thank you for that, Bruce.

    I have Erika, Rod, and U.K.

    >>ERIKA MANN: Just a short addition as far as it reflects the
    work of the Audit Committee, which I do chair. What we do, we provide
    guidance in the financial and internal control of ICANN, and we fully
    understand the concern with the new gTLD round and the new work ICANN
    will have to stem in the future that there is concern with regard to
    such kind of oversight role.

    We are fully aware of this. We already went into intensive
    discussions in our committee. We will do a review of all the
    applicable international standards available.

    Of course, not all of them will work because we are not a purely
    commercial operation. So we will have to be very careful what we
    adopt and what we cannot adopt.

    We will do the review and we will consult, of course, with all of
    you. And we'll understand afterwards better what we can adopt and
    which works for us and which is not working for us.

    >>HEATHER DRYDEN: Thank you, Erika.

    Rod.

    >>ROD BECKSTROM:

    Thank you. I just wanted to provide some additional facts and
    information for the GAC members.

    The BGC, as mentioned, is reviewing our governance documents.
    We're also using three different groups of outside experts. We're
    using our corporate law firm to review -- formally review our
    conflicts-of-interest policies, our code of conduct, and our employee
    handbooks to enhance the focus on best practices for conflicts and
    ethics.

    Secondly, we have retained a new independent law firm with lawyers
    not involved in the ICANN process to look at how we present those
    documents and to make recommendations, comparing ICANN to similarly
    situated nonprofit organizations. And this has already resulted in a
    first recommendation that we have implemented, which is if you go to
    www.icann.org forward slash documents, you will find all key ICANN
    corporate governance documents now posted. And most of them that
    relate to this issue are near the top of that list.

    Thirdly, we're working to contract with an international experts
    group to review the organization's documents and practices and to
    make recommendations with a focus on our global function and looking
    at the best practice of other international organizations. And we
    invite any of you to subject -- to propose specific organizations
    that we should be considering.

    I'll also offer that when we find and retain those experts, if any
    of you would like to have a conversation with that expert, we're
    happy to arrange it on an individual country-by-country basis or for
    the GAC or subsets of the GAC as a whole, if you would like to
    interact with them.

    And so the goal of all these interviews -- or, excuse me, reviews
    is to make sure that we adhere to the highest possible standards
    while taking into consideration the unique nature of our
    multistakeholder environment.

    Thank you.

    >>HEATHER DRYDEN: Thank you, Rod.

    I have U.K. and Bertrand.

    U.K.

    >>UNITED KINGDOM: Thanks very much, Chair.

    We are hearing a lot of statements of commitment to address this
    issue, and that's certainly very positive. This issue has crossed
    ministers' desks. I think what I need by the end of this week is a
    timeline of how all this effort to examine the existing provisions,
    the recommendations that would go out to public comment and the
    process and so on. So I really need a timeline to send out to my
    Minister. If I could have that by the end of this week -- I'm sorry
    to be so demandeur; that it has exercised ministers. And that's our
    job as officials to act on their concerns and to engage and to
    discuss and then go back to the ministers and say this is what we
    have agreed.

    So on that. And I am also reminded that the whole process of
    evaluations of new gTLD applications has to be absolutely squeaky
    clean. And Kurt did respond to me on that very point with some
    valuable explanation of the provision to ensure that there were no
    conflicts of interest in evaluating gTLD applications, ask that there
    are sort of fall-backs if conflicts of interest do become apparent
    when considering a gTLD application.

    But I just want to underline in this public forum that that is a
    prerequisite for the gTLD process. That we are looking to deliver,
    monitor, and certainly act, if there is any diversion from that
    commitment to ensure conflicts of interest are fully respected in the
    evaluation processes.

    Thank you very much.

    >>HEATHER DRYDEN: Thank you, U.K.

    So a request for a time -- no, a timeline, but with a timeline for
    it.

    Yes. Okay.

    So I have Bertrand and -- did you want to respond quickly to that
    point? Okay. Fine.

    >>ROD BECKSTROM: Thank you.

    We're going to have a session on Thursday afternoon on this topic.
    And we invite all parties to attend. And we will be seeking to
    develop a road map on a timely basis. And that will depend in part
    on the discussions and the feedback we get, because, for example, I
    just offered to allow any country here to have a conversation with
    the expert. Depends on how many of those conversations we're going
    to have and what your recommendation or request is, for example, that
    could affect that timeline. And there will be other inputs.

    But we will begin working on a road map, and I think we are all
    taking this very seriously. But we also want to make sure that we
    respect the consultative processes of the community.

    Thank you.

    >>HEATHER DRYDEN: Thank you, Rod.

    Bertrand.

    >>BERTRAND DE LA CHAPELLE: On this very important topic, there is
    one very important distinction as well, which is between conflicts of
    interest for the period when somebody is on the board and the period
    afterwards, whether we call it ethics policy or revolving door
    policy. These are two different issues and both raise different
    questions in the context of the ICANN structure.

    On the first one of conflict of interest, I think it's very, very
    important for all of you when this question is asked to take into
    account what Bruce mentioned regarding the fact that we're not
    starting from scratch. And it is probably our fault, generally, to
    not have been posting clearly enough the existing conflicts-of-
    interest policy, which, as Bruce has mentioned, is conducted on a
    regular basis and is clearly done very thoroughly every time there is
    a discussion within the board that addresses a point that concerns a
    board member that has a conflict of interest.

    There are declarations of conflict of interest on a regular basis.
    And the first step that is absolutely clear, and that can be done,
    and it is probably already done, is to make this policy that exists
    visible, because you will discover -- and, actually, your ministers
    will discover -- that there already is one. And we are just
    improving it.

    The question of the revolving door is more complex. Why? Because
    we are confronted with a problem, in a nutshell, that which is that
    with the current model we have on the board, people are in the
    industry. And if we get to a revolving door policy that is too
    rigid, we get the irony of having somebody who can be in the industry
    when this person is on the board and who shouldn't be in it when it
    leaves the board, which is very strange.

    I don't get into details, there are distinctions that can be made
    regarding the kind of functions that you can have afterwards. But I
    just want to highlight this, because the two questions are slightly
    different. In that regard, it is important for you to know, also, to
    convey in the external expertise that we're receiving, we have paid
    great attention to include a request to have information on practices
    that are done in not only not-for-profit or for-profit corporations
    but also in public entities, including regulators and things like
    that. Because the whole landscape must be covered, and it's very
    important to take it into account.

    However, that being said -- and, ironically, I have raised in other
    meetings this question of whether the notion of independence of board
    members should be pushed to the extreme. The suggestion that board
    members would or could become independent is a very important or
    would be an extremely important, in terms of amplitude, evolution in
    the ICANN model. And so this debate is clearly not going to be
    addressed in a flash.

    And what does the independence of board members mean is a very
    important discussion. And, clearly, it is going to move and be
    conducted beyond the current discussion on just the updated policy.
    And, in that respect, any suggestion on comparables that would be
    useful are welcome.

    A final note on the other subject of finances. It is very
    important to correct a very common misunderstanding -- and I know I
    will irritate registries and registrars whenever I say that.
    Registries and registrars are not the one or the only ones that
    finance ICANN. They do finance ICANN for a portion. But they are
    conveying and channeling the contributions that are paid by the
    registrants.

    And so, in that respect, the funding of ICANN in majority comes
    from a very, very distributed number of people. Millions of people
    are actually contributing to the funding. This doesn't reduce the
    question of what kind of weight the ones who channel in this
    regulation process. But I want to take this opportunity to correct
    this misunderstanding the registrants are the source of funding of
    ICANN. Thank you.

    >>HEATHER DRYDEN: Thank you, Bertrand. I wouldn't say that
    that fact takes into account that all those registrants are sitting
    on the board maybe creating opportunities for themselves. That's
    really the difference. That's really the point with registries and
    registrars being in a privileged position to influence business
    opportunities and so on.

    Okay. Cherine.

    >>CHERINE CHALABY: To achieve what our colleague from the
    European community said and others, it isn't just enough to have the
    best policies and the best standards. What is also important is that
    the culture and DNA of individual board members also improves.

    And it isn't enough to be also independent. I'm going to tell you
    why. Because there are three things that matters here: Conflicts,
    ethical, and confidentiality. You could be an independent board
    member; you will not have any conflicts. But you could breach
    ethical, and you could breach confidentiality.

    So the most important thing here is, once we have these policies on
    board -- and I want to pick on Bruce's point is that we continuously
    not put them in a drawer and not look at them. You have to every
    year and all the time refresh yourself, read them, make yourself more
    aware. And you'll be up to date with these policies as they develop
    and as they improve.

    And that's a very, very important thing that we must do as board
    members to make sure that these policies are being used and are being
    implemented.

    >>HEATHER DRYDEN: Thank you for that, Cherine.

    I have European Commission and Australia.

    >>EUROPEAN COMMISSION: Thank you, madam chair. And also thanks
    to the different board members that spoke to this point.

    Maybe just to highlight once more how the depth of the concerns of
    our governments -- of the European Commission on this issue and that,
    in a way, patience is wearing thin. And we're really looking for a
    strong response from ICANN to show that it can self-correct at this
    point. That's why when we hear reviews, we hear we've engaged
    consultants and have had public consultations on it, it starts to
    itch a little bit. This is an obvious issue. Clearly -- of course,
    we are aware that there are such policies in place in ICANN, but
    they've not been effective. And, if you look at the number of
    important parts on the policy like in sanctions or penalties, it's
    not foreseen. The cooling off is not foreseen. That's why the
    previous chairman did not break any rules, because there were not any
    rules in the first place.

    So these are not issues that require lengthy consultations. There
    are many organizations that have struggled with these issues. And
    there's a lot of best practice around. And there's absolutely no
    reason why a decision of the ICANN board should take a very long
    time. And I would like to say down the line what the U.K.
    representative has said. We're really looking to a commitment toward
    a result, not a commitment towards a process with an unclear
    timeline. We're going to enter into a very important and probably
    not -- although we would not hope not controversial period with the
    new gTLDs. It is absolutely critical that the board is above board
    on this, that you can point to this absolutely, when we take our
    decisions, we are crystal clean. These decisions are not influenced
    by particular interests that are represented on the board.

    So there's a sense of urgency that we would like to see and a
    strong signal from the board itself and from the chairman that what
    has happened in the past will not be repeated in the future. And
    that, I think, we can then take back to our ministers. And they will
    no doubt be satisfied to see that something is actually moving. But,
    at the moment, I don't get that impression. I mean, I'm not sure I
    can debrief my Commissioner in that sense. Thank you.

    >>HEATHER DRYDEN: Thank you, European Commission.

    I have Australia, Portugal, and Mike Silber.

    >>AUSTRALIA: Thanks to everyone who has been engaged in this
    debate. I think this has been really useful and a very frank
    exchange of views. And I would like to echo both some -- the very
    encouraging work that I've heard. There is a lot of good work,
    obviously, underway.

    But I would also like to echo the comments of the European
    Commission. What we have at the moment is lots of good stuff
    underway. Lots of balls in the air. Lots of studies with the
    accountability and transparency team recommendations. There are a
    good number of those that are being implemented. We've got the new
    conflict of interest stuff underway.

    But what we're looking towards is result. There's a good momentum.
    And I would encourage that we maintain this momentum and move towards
    demonstratable clear improvements in a timely manner. I think this
    is very, very positive. And I just want to reinforce that we keep
    this momentum moving towards the results that we all seem to be after.

    >>HEATHER DRYDEN: Thank you for that, Australia.

    Portugal.

    >>PORTUGAL: Well, thank you. So it's going to be very short, so
    I'm not going to resort to Portuguese in this case.

    Well, the first thing I was not intending to speak on this matter.
    But the way the conversation flowed, followed, it made me wish to
    address two points.

    One of them actually comes from the intervention of Bertrand De La
    Chapelle. Let me tell you that I find a way the conflict of
    interest, this position that ICANN is adopting, quite well
    publicized. It's in the site, and it's readily available. It's
    quite extensive. So I think, from this point of view, it is quite
    clear.

    I also think that the way Cherine Chalaby has intervened here is
    extremely relevant for our purpose. So, at the end, what is
    important here is, actually, the ethical levels that the organization
    follows on everyday practice, continue to raise. And we revisit the
    principles and the way they are looked at by all the community
    involved and engaged in the system. So that practice improves.

    And I would like to disassociate myself from the perception that
    having a board that is remunerated would solve these issues. I don't
    think it will. It is something that can be looked at. But it's a
    completely different matter. Ethics is not solved by
    professionalizing.

    And from -- so I think, again, that Chalaby intervention is at the
    core of the concerns regarding these matters. Thank you.

    >>HEATHER DRYDEN: Thank you very much, Portugal. Mike Silber.

    >>MIKE SILBER: Thank you, chair. I'll try to keep this brief.
    You only need to look at what's passed around the table. I'd refer
    specifically to my written reasons for abstention in Singapore on the
    new gTLD vote. And I think it's clear that this is an issue that
    worries many of us on the board. We've done an analysis. I think
    what we're hearing is we've identified gaps. We've identified that
    the current policies are good, but they're missing certain areas.
    And those areas, unfortunately, can be squeezed through by a rugby
    team, not just by a thin piece of paper, which means that we're doing
    work to close those gaps.

    What I'm hearing you say is, "Give us something real as an outcome
    this week."

    In terms of giving you policies, as has been indicated, I don't
    think anybody around this table would like such a rushed process that
    nobody around this table gets an opportunity to engage in comment on
    drafts as they come out.

    But, instead, I think what you're looking for is an acknowledgment
    that there are gaps and that those gaps need to be addressed and
    identifying what those gaps are. In particular, the question of a
    revolving door policy or, if you prefer to put it the other way, the
    concern that people will create opportunities during your tenure on
    the board which they can exploit at a later stage.

    When somebody is working within the industry and they're on the
    board, at least it's known. And the motivation can be understood
    and, if necessary, the person excluded from a vote or the room.

    But there's this possibility of a hidden motive to create an
    opportunity to be exploited as soon as the person has left the board.
    It's something we've identified. It might be worthwhile for us. And
    I'll look to Bruce in terms of that, either before the end of this
    meeting or shortly thereafter, to actually go to the community and
    say these are the gaps we've identified and this is the process we've
    identified to fill those gaps.

    >>HEATHER DRYDEN: Thank you for that, Mike. So I'll turn to Steve
    to close this agenda item.

    May we? Well then, I will need to give the floor to Nigeria.

    >>NIGERIA: Thank you. I just want to say that the last statement
    is positive. And the truth is that, come January, a lot will be
    happening in terms of the number of applications that will be coming
    in, in terms of those that are applying, in terms of the tentacles
    that will be part of the application. Those behind the applications
    on the part of the people that are going to review in one way or the
    other affect decision on who will take what name or what string. So
    that is why the audience says to give us some concrete assurance that
    we didn't -- before the period of starting the floodgate, then there
    would have been something in place that will give our governments
    assurance that the conflict of interest is being addressed. That is
    very clear to us. Thank you.

    >>HEATHER DRYDEN: Thank you for that, Nigeria. It's certainly
    the case, I think, that the new gTLD program opening does provide a
    certain pressure, a certain timeline for these rules to be clear.
    And I think that that's what GAC members have been saying today.

    Okay. So Rod. And then Steve will close this agenda item. Okay.
    Please, Rod.

    >>ROD BECKSTROM: Thank you. In response to Nigeria, E.U., U.K.,
    Portugal, others, let me give you something you can take back that's
    very concrete.

    You may recall that I raised this issue in June at the opening
    meeting of Singapore in my speech when I said that we're moving from
    one chapter in new gTLDs to another.

    And -- because in the first two chapters, the first one was policy
    development process. And that involved the community with the board
    and the staff all working together very closely. That concluded in
    Paris in 2008.

    The second phase was the development of the applicant guidebook,
    which also had intense interaction between potential applicants, the
    board, and members of the staff and executive team. And, as I said,
    in approving the program, we're now moving to a different phase. And
    we have to close one chapter and develop a new set of practices and a
    higher level of handling conflicts of interest. Because the same
    applicants who were at the table negotiating, discussing, sharing
    their expertise, appropriately, with staff and the board could no
    longer interact, with, for example, our new gTLD processing team.
    Because that team needs to be extremely separate, independent. And
    we need to make sure there's clean lines. So some concrete data
    points.

    I did not have people from the new gTLD processing team participate
    in the road show. Even though some community members and others
    wanted them to participate in the road show, I said no, because
    they're processing applications. The last thing I want is them
    interacting with potential applicants. So that line was drawn.

    Secondly, at the staff meeting here on Sunday, when we gathered our
    entire staff, we had a communication from our legal team about how we
    were going to interact with new gTLD applicants here in Senegal at
    ICANN 42. And we implemented new practices that we have not used in
    the past, such as don't accept any drinks or a meal or anything else
    from a new gTLD applicant. You may have thought that was a natural
    thing to do at other ICANN meetings in the past. It's not a natural
    or an appropriate thing to do now. So do not do it. Do not accept
    it. And I was criticized on Twitter for suggesting -- for drawing
    such a line, okay?

    But I feel there needs to be such a line. As many of you in
    government know, you certainly have guidelines on what you can accept
    and not accept. That's new.

    Okay? And that started this Sunday in our communication.

    The next thing is we told our staff members you need to report on
    any discussions with potential applicants, if they brought up their
    application or their idea and they want to discuss that with you.
    You need to report that into the organization. In writing.

    Thirdly, we told our staff please do not meet alone with any new
    gTLD applicants that want to speak with you. If they're speaking
    with you and they want to talk at all about the program in any
    fashion or their application, don't be there alone because you need
    to record that communication.

    Now, this is a different level of implementation of our policies
    than we've ever done before. And it's what we're delivering -- I'm
    delivering to you as a CEO of this organization. And I have. And I
    will continue to do so. So those are some very concrete steps that
    we're already taking at the staff level and with the executive team.
    And, as I mentioned in my remarks in June, I feel we have to up our
    game and our practices with respect to our board activities as well.
    And I'm very glad that we're looking at the positive steps to move in
    that direction.

    But those are some concrete things that you can mention that we're
    doing. And we're also open to any other suggestions and ideas that
    you have on best practices that we should be implementing internally.
    Thank you.

    >>BRUCE TONKIN: Just let me elaborate on the specific new gTLD,
    because I agree that is very important. And, if you look at the
    different phases, one of the first phases is submission of
    applications between January the 12th and April the 12th. That
    information will not be available to the board. And, one of the
    concerns we've had is the confidentiality of this during the
    application processes is very important. And we've sought assurances
    from the staff that that security information will be very tightly
    held amongst a few, you know, small number of people within the ICANN
    staff. That information won't be available to the board. And it
    will be published publicly for all of us. So whether you're on the
    board or not, you all see it at the same time. So that
    confidentiality period is a very important period.

    The next phase is a lot of the evaluation itself, after they're
    published, is going through either external evaluators or through
    staff. And, as Rod says, there will be strict separation between any
    board members and any member involved in that process.

    And then, finally, if -- eventually, which won't be actually until
    late next year when applications have gone through the whole process
    and finally come to the board for approval, certainly, any board
    member that has any involvement with any application won't be in the
    room when those are discussed and won't vote on those. So perhaps we
    can maybe just set out some rules from a board perspective on new
    gTLDs, specifically, that actually aligns with the new gTLD process.

    But I wanted to sort of give comfort that we take that very
    seriously. And we can certainly document our board processes to what
    information the board has and with respect to the involvement of any
    board director in either discussing an application, discussing an
    application with staff, or, ultimately, voting on the application.

    >>STEVE CROCKER: Thank you, Bruce. Thank you, Rod.

    You asked for a response from the chair. And I think that's
    perfectly appropriate. I'll just do a quick recap. As you've seen
    and heard, we're taking this very seriously. That statement by itself
    is not enough for you to take back. We understand that.

    You made reference to, you know, why wasn't our reaction and our
    response simple, clean, and quick. It's intended more toward how do
    we understand how to apply this and build the processes and fit it to
    the actual situation.

    So you've heard from Rod about all of the rules that are being put
    in place with respect to the prosecution of applications and the
    behavior of the staff.

    You've heard from Bruce Tonkin about both the combination of the
    advice we're taking on and also the rules that we have in place for
    the role of the board during these processes and so forth.

    One of the things that's clear -- and I think it was clear to us
    before, but certainly sharpened in these interactions -- is that we
    can and we will document these. We have documented a lot of this.
    But I think would be helpful to package all of this up in a form that
    you can see a comprehensive collection and the assemblage of the
    details and how they fit into the whole of an organized program that
    has both the clear statement of principles and objectives with
    respect to conflict of interest and ethics and also the
    implementation and how seriously we've taken that and how we've
    marbled that into the body and operation of ICANN.

    You've also painted a potential solution for one of the knottier
    problems you've referred to as a cooling off period and broader
    funding. So I take it you've implicitly offered all departing ICANN
    members employment within the European Commission so that we can
    provide safe haven for them following any involvement with ICANN.
    And I appreciate that very much.

    [Laughter]

    >>HEATHER DRYDEN: Yes, please, respond, European Commission.

    >>EUROPEAN COMMISSION: I think I -- to the last point, we're
    actually implementing a 5% cut in staffing at the European Commission
    over the next couple years. So I'm afraid the opportunities are not
    as widespread and you might believe. But we have very tough open
    competition, so you'd have to pass those first. I have great faith
    in the abilities of board members, but I don't think it's a foregone
    conclusion. And then, of course, you have to be a European Union
    national and you have to speak at least three languages. So --

    >>STEVE CROCKER: Our hiring policies have been very tough. We
    probably can meet all of those. But you've got me concerned that
    there may be an attempt to have it flow the other way. We're not
    actually prepared to take all the people that you're going to be
    releasing.

    >>HEATHER DRYDEN: Okay. I can't top that. So the last item on
    our agenda, which we do need to cover today, it's a real issue for
    GAC members. And I'm sure the board is aware we have had discussions
    on this earlier this week concerning the RAA and law enforcement
    recommendations that have been endorsed by the GAC.

    So I will turn to the United States, who has been the lead on this
    issue for the committee. But make no mistake, this is the view of
    this committee in full. This is the consensus view of this
    committee. So United States, please.

    >>UNITED STATES OF AMERICA: Thank you, madam chair. I'm happy to
    review this issue. And I imagine there may be colleagues of mine
    around the table who would like to chime in as well. We feel it's
    absolutely critical that we bring this to your attention today to let
    you know that we had an exchange earlier this week between the GAC
    and the GNSO. And, during that meeting on Sunday, we felt compelled
    to quite publicly express our very serious disappointment with the
    status of the effort that has been underway on our side between GAC
    and their respective law enforcement agency representatives since, in
    fact, before the GAC endorsed those law enforcement representative
    recommendations to the board, which I will remind you was June 2010.

    We conveyed that full GAC endorsement to you, brought that to your
    attention and asked you for your at assistance in implementing them.

    GAC and law enforcement then engaged in a considerable amount of
    outreach and exchanges, bilateral exchanges with registrars. And in
    fact we felt in June, in Singapore, that we had had a very productive
    exchange that seemed to be moving in the right direction of a
    voluntary approach that could probably accommodate up to nine out of
    the 12 law enforcement recommendations.

    So you can imagine our disappointment that, not too long
    afterwards, we understand the registrars had tabled the motion and we
    learned on October 6 the GNSO Council approved it.

    That addresses only three of the original law enforcement
    recommendations and frankly addresses some of the ones that look
    suspiciously similar to the proposal the GAC included in our
    scorecard for new gTLDs that the board was able to simply accept.

    So we realize where we have run into, from our perspective, and we
    are bringing this to your attention now as partners. We see this
    directly linked to the five ATRT recommendations that pertain to the
    role of the GAC within ICANN. And as you know, some of those refer
    to making sure the GAC is effectively able to interact in policy
    processes.

    So from our perspective, regrettably, this is an example of an
    inability for the GAC to engage effectively. And we need your
    support as a partner to advance the concerns that we have been
    expressing now for well over a year, almost two years, and we are
    looking for immediate visible and credible action to mitigate
    criminal activity using the Domain Name System.

    One thing I would like it draw to your attention is the fact that
    in taking the step that registrars have proposed, we have been
    informed that that's the only way to make policies binding, is
    through a PDP. So we ask for your guidance, is that really the case?
    Point number one.

    The other argument that has been made that certainly in the June
    Singapore meeting, those registrars in attendance confirmed to us
    that they represent about 80% of the market and they also
    represented, quote, "the good guys," so leaving us with the
    understanding that about 20% of accredited registrars seem to fall in
    the category of bad guys.

    So we note that our law enforcement recommendations actually don't
    address the bad guys, but we decided it's important for us to ask
    you. How can you decredit that 20% immediately?

    Can that be done?

    We think that's probably not a bad thing to do.

    At the end of the day, what we really need is to meet the very high
    expectations in each of our capitals that this model is an effective
    partner for governments in addressing criminal activity. So we look
    to the model to self-regulate, to self-improve, to reach out.

    So I probably need to stop there, but I would let you know that we
    do happen to have four law enforcement representatives in the room.
    Should any board member have any questions, we're fortunate to have
    four law enforcement colleagues in the room.

    Thank you.

    >>HEATHER DRYDEN: Thank you, United States.

    Steve, would you like to respond?

    >>STEVE CROCKER: Thank you very much.

    We agree with you, this is a very serious problem. As it happens,
    in the sequence of meetings today, we met with the GNSO and segments
    of the GNSO, including particularly the registrars, and they had --
    they reported about their meeting with you, with the GAC. And they
    were of a somewhat different frame and seemed quite willing and
    eager, actually, to make the changes along the line.

    So we asked what the problem had been over all these years and they
    said, "Nobody had ever explained it to us like that before."

    So I am joking a little bit, but the message is received loud and
    clear. And if you look at the transcript of the interaction that we
    had earlier today with them, I think you will find a remarkable
    similarity in structure and tone and content to the interaction that
    we have just had on the conflict of interest.

    We were on the other side of that, but it was -- I was reflecting
    on the nearly exact match of the messages that we delivered crisply
    and clearly to them.

    I'm given to understand that there is a breakthrough level
    interactions that should lead to fairly rapid closure on some large
    part. I don't have enough details to convey to you at the moment,
    but there is no question that the urgency and importance has been
    clearly conveyed, and that we take it clearly, too.

    And I will tell you that I expressed impatience with the idea that
    we were saying process discussions and extended process discussions.
    One of the things that is our responsibility at the board level is
    not only to oversee the process, not only to make sure rules are
    followed and that everything is fair, but at the end of the day, that
    it's effective.

    If all we have is process, process, process, and it gets gamed or
    it's ineffective just because it's not structured right, then we have
    failed totally in our duty and our mission.

    So whether it's this issue or whether it's other issues, and there
    is a few others that are floating around, we will be attentive to the
    effectiveness of the processes we have in place and not tolerate an
    endless delay.

    It's a balancing act, of course, because, you know, we're not going
    to intercede at every given moment and micro manage. That would be
    the failure of the other kind. But it's quite clear that the signals
    are here, and plenty of evidence on the table that it's not working
    in all these cases, and we have got to make it work.

    Some of the specifics, Suzanne, that you have suggested of
    immediately decrediting 20% of the registrars I think is -- needs to
    be looked at a little more closely, and perhaps I can ask Kurt to
    step in and talk a little bit about this.

    We do know that of the nearly 1,000 -- you know, 900-plus
    registrars that we have, the number that are customer-facing are a
    relatively small number, and of those there are a relatively small
    number that have a dominant part of the market.

    It ought to be possible in a situation like that to have leadership
    from within that community. And I'm hopeful that we can push that or
    encourage that very quickly and forcefully.

    Kurt, can I ask you to fill in any of the pieces that fit within
    that?

    >>KURT PRITZ: Hi.

    Thanks, Steve.

    So I don't know exactly which path to go down here, but certainly
    one of the topics that's been discussed across this meeting, not just
    here, is the process for amending the Registrar Accreditation
    Agreement, including the recommendations of the law enforcement
    agencies and the GAC support of those enforcement recommendations.

    You know, we heard the discussion in the registrar constituency
    meeting. We heard the discussion elsewhere. And with an eye toward
    accelerating that work, you might know that ICANN published a paper
    about a week ago to the GNSO that recommended in part that ICANN and
    registrars should start bilateral contract negotiations immediately
    in order to move the discussion forward. And I think this is in line
    with Steve's comment about moving the discussion from process into
    substance and, you know, succeeding at getting things done rather
    than talking about process.

    The paper also -- The paper also states that, you know, the GNSO
    can take up policy matters at any time to make policy binding on
    registrars.

    So, Suzanne, I'm going to try to answer one of your questions, and
    that is I think the vote of the GNSO Council on those three
    recommendations is, in my opinion, probably the fastest way to make
    those recommendations binding on all registrars. If we negotiate a
    set of agreements with registrars outside of that process, they'd
    have to be individually adopted by each registrar. And it's only
    binding on those registrars when their agreement expires. And those
    agreements are five years long.

    So a majority of the agreements don't expire for three or four years.

    So I think -- I think that policy process is probably the fastest
    way to get that done. And in the straightforward -- pretty
    straightforward recommendations, I think that can happen pretty
    quickly.

    But more importantly, ICANN and the registrars have agreed that we
    should start negotiations right away on a more complete set of
    amendments that considers the LEA recommendations and the GNSO high-
    priority recommendations. And so the registry constituency met this
    morning and approved the initiation of those negotiations. So they
    are going to appoint a team to negotiate with ICANN, and similarly
    ICANN is going to have a team negotiating.

    We also committed to reporting out with each meeting the results of
    that meeting in a transparent way so that the community could monitor
    developments of those negotiations.

    And so, finally, the final discussion point was that we work to an
    urgent timeline. And the registrars and ICANN agreed that we'd work
    toward publishing a set of amendments by the Costa Rica meeting. I
    personally think that's very ambitious, but the registrars endorsed
    that and that's what we're working to.

    >>HEATHER DRYDEN: Thank you, Kurt.

    I have United States.

    >>UNITED STATES OF AMERICA: Thank you, Madam Chair, and thank
    you, Kurt, and thank you, Steve, for your comments.

    I am struck by something that I just feel absolutely compelled to
    flag for you all. So again, I think we have been -- it's probably
    impolitic for me to use the word lectured, if you will, but we have
    been lectured at great length as to the only way to make things stick
    is down this way. So again, that's a process.

    Now, it may be a fact, but it's a process.

    What we had sought to do -- in fact, let me go back to the
    beginning. What we had started was with amendments to the RAA, 2009.
    We found out then, and when the GAC reinforced those proposals, we
    were told, oh, you really don't want to go that route because it's
    going to take forever.

    We have just signed a new RAA so you are not even talking about new
    amendments that would be into effect until another -- I don't know
    how many, I forgot, X numbers of years. We said fine, we're
    flexible. We will shift gears. We will go to plan B. Let's talk
    about a voluntary agreement.

    As most of you know, and certainly most of our governments know, a
    whole a lot of private sector self-regulatory models use voluntary
    agreements. And it is an exceptionally effective way for governments
    and the industries to keep up with new developments, new
    requirements, and move quickly without regulation.

    So I can tell you that we have deliberately advanced that as an
    alternative to test out this proposition that you can at least do
    nine of 12. We will work on those other tougher three. And if they
    are not as painful as you might have thought, then they should go
    straight into the next RAA as a commitment.

    Now we are told nothing can happen even on a voluntary basis.
    Frankly, we find that absolutely stunning that a registrar cannot
    agree to put their name on their Web site without a PDP.

    So to us, this is a flaw here that we need your help, the board, in
    overcoming. Because we feel like we have hit a wall. And let's not
    forget, we are not members of the GNSO, so we don't get to
    participate in whatever this elaborate voting whatever -- I don't
    even have the words to describe it because I don't know how to
    describe it.

    So I wanted to express this is in large part where our frustration
    is coming from.

    Thank you.

    >>HEATHER DRYDEN: Thank you, United States.

    I have Kenya, and then -- would you like to respond to the U.S.
    before we go to Kenya?

    Okay. Bruce.

    >>KENYA: Thank you, Chair. The U.S. has already articulated most
    of the points and issues that I was going to speak about, but also to
    remind us that when we had the meeting with the GNSO, they actually
    distinctly told us that the PDP processes take between one year to
    two years. And for that, it's a bit unacceptable for most of us to
    accept that a simple request for self-regulation or a voluntary
    action, I mean, could take that long.

    So I think I am joining my colleagues here in expressing
    disappointment in the way this has been handled.

    Thank you.

    >>HEATHER DRYDEN: Thank you, Kenya. Bruce and then Australia.

    >>BRUCE TONKIN: First on the length of the PDP. The PDP process
    I think can get done in about 90 days. I have to check that, but it
    can be quite a bit faster. And it really depends on the community;
    right? Because the PDP is dependent on the community commenting, so
    if something is straightforward -- and there was an example of a PDP
    that was fairly fast, I think, which was respect to some
    restrictions, and there was a period of time, you probably heard the
    terminology that it was domain tasting where registrars or some
    individuals of the community were registering many names, like a
    million names in a day and then they would cancel 999,000 of them the
    following day. There was a policy put in place there, and I don't
    believe that took two years.

    Secondly, to respond to the U.S. on the voluntary nature, I don't
    think it's true to say that registrars can't voluntarily sign up to
    something. In fact, they did that in 2009.

    One of the comments at that time was registrars were frustrated,
    coming back to your comment about bad actors, they were frustrated
    that there were bad actors in the industry and the staff had
    responded saying they found it difficult under the current agreement
    to enforce some of those provisions, and the registrars actually
    negotiated changes to that agreement and actually then voluntarily
    signed that agreement prior to the end of their current agreement.

    So in effect, they did voluntarily sign up to those commitments.
    Several of them didn't have to do that for years, but they did it on
    the spot. Ask I think in 2009, most registrars did, in fact, sign up.

    So I think two points, really. PDP can be done considerably
    faster, and the timelines that were in the original PDP was months,
    not years. And second point is registrars can voluntarily sign up to
    changes in the Registrar Accreditation Agreement and have, in fact,
    done so back in 2009.

    So those are all options.

    >>HEATHER DRYDEN: Thank you, Bruce.

    Australia.

    >>AUSTRALIA: Thanks for this very useful exchange.

    I want to say first that it's very encouraging to hear that the
    message has finally been heard loud and clear. And in the initial
    exchanges, I must say I was very encouraged to hear. We thought
    there was a focus on very quick action rather than process, but I
    must confess that since I put my hand up I have become very
    disappointed again in that all that I have heard is process, process,
    process.

    And I am back to where I was the other day talking to the
    registrars that I don't see a clear and credible path to action, to
    be perfectly honest.

    All the processes that I've just heard require agreement and
    negotiation with registrars. I may be wrong here, but the registrars
    have known about this for some time, and we've seen no action. And,
    in a self-regulatory model, if the people we're trying to regulate
    can continually stifle or veto any progress, then I think we have a
    structural problem with the model. I'm happy to be corrected here,
    but this is what I'm seeing.

    And, to reiterate the points of previous speakers, we're not
    talking about rocket science here. We're talking about publishing an
    address to be served legal notice or putting an e-mail address on a
    Web site.

    And, as I said to the registrars, I continue to be astounded that
    they've known about this for two years and nothing has happened. I
    think law enforcement have been very clear about this for a long
    time. The GAC has been very clear about this for a long time. We
    have a consensus endorsement. And we asked for urgent help with this
    in Singapore to the board in our communique.

    And here we again, as far as I can tell, talking about process.
    And every step that I've heard, it appears to me, that, if the
    registrars choose not to cooperate, we may not be going anywhere
    fast. I'm extremely disappointed.

    >>HEATHER DRYDEN: Thank you, Australia. So are there any other
    requests to speak? Singapore, please.

    >>SINGAPORE: Thank you, chair. We'd like to join our colleagues
    from Kenya, U.S., and Australia in expressing concern about the
    inaction by the registrar constituency. I think we've spoken at a
    meeting with the GNSO that the three issues in the issues report are
    rather straightforward. Listing of the office bearer of the
    registrar and giving the abuse contact, such a simple matter, yet
    it's subject of issues report. And we were told it would take one to
    two years for the PDP, for the policy development to be completed.
    And yet there is another process of policy implementation, which
    means it could be -- even go beyond two years.

    So, having said that, we're encouraged by Steve's comments. I
    think Steve gives us a little encouragement that you will ensure that
    the registrar constituency will take appropriate actions to respond
    to the LEA recommendations. And we hope that the board can follow up
    with the GSA advice and see how best the LEA recommendations can be
    followed up swiftly. Thank you.

    >>HEATHER DRYDEN: Thank you very much, Singapore. U.K.

    >>UNITED KINGDOM: Thanks very much, chair.

    Just to add, underline a message, actually, that I delivered at a
    lunch meeting in Brussels last year to the registrar community that
    this is politically significant. They shouldn't mess around here.
    Cybercrime is on the agenda. And we'll see it discussed in the
    London cyber conference on the 1st and 2nd of November. And this is
    a crucial element in the -- in the range of actions that can be taken
    forward.

    And we just don't understand why it's -- you know, drifting in this
    way. It's been a real rollercoaster ride for us in the GAC.
    Sometimes we've gone back from meetings pretty buoy'd up, positive.
    And, subsequently later, find nothing's really happening. And I see
    it's -- you're covering abuse and so on in your strategic plan, the
    ICANN strategic plan, drafting for 2012-2015. So that commitment is
    very well respected, regarded by us. Let's get some action to
    underpin the strategic plan so that we can, again, go back to our
    ministers with a very positive development to report. Thank you.

    >>HEATHER DRYDEN: Thank you, U.K.

    I have Canada and Mike Silber.

    >>CANADA: Thank you, madam chair. First of all, I'd like to
    (audio cut out) -- board and ICANN chair to help us with this
    intervention. That's first and foremost. Also, I'm going to
    reiterate the consensus position that was articulated by my colleague
    from the U.S. But, clearly, there is an expectation for action to be
    done in good faith. So thank you.

    >>HEATHER DRYDEN: Thank you, Canada. Mike, please.

    >>MIKE SILBER: Thank you, chair.

    I think we've got to look at a couple realities here. And I think,
    given the seriousness of the issue and given the passion with which
    it was initially expressed, we may have overlooked a few issues.
    Firstly, approximately 80% of registrars are currently following the
    recommendations set out in the guidelines.

    Now, those may be the good guys. But they are largely currently
    being followed.

    What we're talking about here is the solution for the remaining
    approximately 20%. So, as much as I take the seriousness with which
    this is being considered and as a consumer as well as a member of
    this board, I understand exactly where law enforcement and the GAC
    are coming from. And it's an urgent issue, which can't be left on
    the back burner. At the same time, we are seeing a substantial
    number of the registrar community voluntarily adhering. What I'm
    hearing is a request for our intervention to deal with the remaining
    20% And to also take that level of current voluntary compliance to a
    more formal compliance process where it's not ad hoc. Because I
    think it's a good idea now, but they could resolve from it at a later
    stage.

    That being said, I think we need to think very carefully. We need
    to interact with staff. And we need to come back to the GAC with an
    answer as to whether we believe we have a plan, whether we believe we
    can engage with the registrar community to develop such a plan or
    whether the process that's -- the discussion you're hearing again is
    the only process or the only discussion to have. And you may have to
    take your cue from that. But I'm hoping that it's not the case.

    >>HEATHER DRYDEN: Thank you, Mike. So with that, are there any
    other further remarks? U.K.

    >>UNITED KINGDOM: Thanks. I think partly in response to that,
    I'd like to invite my colleague from the Serious Organised Crime
    Agency in U.K. to respond on a couple of those points that Mike made
    and perhaps give a general -- a very quick sort of reaction to this
    discussion from the law enforcement perspective. Gary Kippy.
    (phonetic) I'll hand over now. Thanks.

    >> Thank you, Mark. My name is Gary Kippy. I work for the Serious
    Organised Crime Agency in the U.K. Over the last two or three years
    now we've been engaged in trying to raise awareness around abuse by
    criminals of the DNS. We followed the process with the community and
    working with the community. However, I felt I needed to challenge
    Mike's account at the very end there. In terms of negotiation with
    the registrar community, the registrar community represents probably
    80% of the market share amongst their members. It's not --
    obviously, we aren't talking about them to the good guys. That being
    said, in terms of following the recommendations, we are still trying
    to get them to follow even the most basic of recommendations in terms
    of reporting an abuse point. I must follow that with many of them
    are; however, there are a number that aren't.

    So, in terms of difficulty, this has been a very long process for
    law enforcement to actually bring to our governments. And, as has
    been said, that there is unanimity across all governments now that we
    really must address the growing issue of cybercrime across the
    Internet, which is ever increasing. And with all the issues that are
    being discussed within the ICANN board with new gTLDs and IDNs, it's
    going to become even more complicated for law enforcement.

    So it really is just to clarify the point made by Mike at the end
    there, actually, that account wasn't as accurate as it could have
    been. But thank you for the opportunity for law enforcement to speak
    at this group.

    >>HEATHER DRYDEN: Thank you for that.

    I'm going to give the final word to Chris Disspain, and then we
    will close today's meetings.

    So, Chris.

    >>CHRIS DISSPAIN: I'm not sure I'm prepared to take the strain of
    the final word, but I will do my best.

    >>HEATHER DRYDEN: No pressure.

    >>CHRIS DISSPAIN: I just want to say, if I have understood,
    really, I think, so there have been -- there are some guidelines, and
    a number of registrars are already following those guidelines. But a
    number of the registrars are not following those guidelines, and what
    you are trying to achieve is a -- that those guidelines are mandated
    effectively either by signing an agreement that is a voluntary
    agreement that says we will follow them or by them being in policy.

    So I just want to make sure I have understood that. That's my take-
    away from this, that that is basically correct. We can argue about
    whether it's 80% or 20% or it doesn't matter.

    Good. Thank you.

    >>HEATHER DRYDEN: Thank you, Chris.

    So on behalf of the GAC, thank you to the board. Thank you to the
    community for coming to this meeting.

    We appreciate having this beneficial exchange. We covered a lot of
    ground today.

    So, again, thank you.

    Steve, would you like to....

    >>STEVE CROCKER: When I opened I said I didn't know whether to
    feel comfortable or scared. Now I know.

    [ Laughter ]

    >>STEVE CROCKER: Thank you very much. It's been an invigorating
    and will be quite a memorable maiden voyage for me here. And I look
    forward, actually, to successive interactions.

    This will be a lot more interesting than I thought it might be.

    [ Laughter ]

    >>HEATHER DRYDEN: Thank you, I think.

    Good evening.

    [ Applause ]

    >>HEATHER DRYDEN: For the GAC, 9:00 a.m. tomorrow, please.

    9:00 a.m.