Public participation site

The Internet Governance Forum takes place this year in Bali, Indonesia on 22-25 October 2013. The main theme of the meeting is “Building Bridges – Enhancing Multistakeholder Cooperation for Growth and Sustainable Development.”

This year, the IGF introduces new sub-themes that are more specific compared to broader themes of past year. The sub-themes are:

• Access and Diversity – Internet as an engine for growth and sustainable development.
• Openness – Human rights, freedom of expression and free flow of information on the Internet.
• Security – Legal and other Frameworks: Spam, Hacking and Cyber-crime.
• Principles of Multistakeholder Cooperation.
• Internet Governance Principles.

As a global multistakeholder platform for debating Internet governance issues, the IGF offers a unique networking opportunity with senior government officials, business leaders and key players from IGO/NGO and academia. For ICANN, this is an avenue to engage with participants who are not regular attendees of ICANN meetings, explain to them our mission, and update them on work underway.

As in past IGFs, ICANN is hosting an ICANN Open Forum, and organizing two workshops. The Open Forum is scheduled on Thursday 24 October, 14:30-16:00 in Room 6. It is designed to be an interactive session with ICANN executives and representatives of its various constituencies engaging in an open dialogue with IGF participants on a variety of ICANN related such as:

• The Internet as an engine for growth and sustainable development: Important to highlight ICANN’s effort in promoting and advancing the DNS industry in developing regions. Equally important to note that a sub-element to being an engine for growth and sustainable development is fostering a healthy, stable and resilient Internet ecosystem. This is important for capability building, technical engagement, training and collaboration with the diverse range of participants who rely on the Internet.
• Regional engagement strategies and enhanced cooperation: The work undertaken by community members in developing regional engagement strategies is an example of an enhanced cooperation model on the ground.
• ICANN strategy panels: Led by community; address issues of direct relevance to the Internet Governance space.
• ICANN public responsibility program: Initial efforts to focus on education and training; the online learning platform.

This year’s ICANN workshops include:

• Workshop 217: “What the New gTLD Program means for you” – Day 2, 23 Oct, 16:30-18:00, Room 3.
  • The workshop reviews the current status of the new gTLD program, including an update on the evaluation of applications, and related processes of delegation, formal objection and string contention.
• Workshop 32: “Next in IDNs: linguistic diversity in the Internet root” – co-organized with APRALO – Day 2, 23 Oct, 14:30-16:00, Room 1.
  • The workshop provides an overview of the IDN Variants process, discusses the issues implicating language communities and outlines the way forward.

ICANN community members will also be organizing a number of workshops. Here is a sample of several:

• Workshop 62: “How can the Internet be an engine for development and growth?” – Day 2, 23 Oct, 14:30-16:00, Room 2.
• Workshop 210: “The technical community role in global Internet governance” – Day 3, 24 Oct, 14:30-16:00, Room 9.
• Workshop 212: “Exploring the dimensions of multistakeholderism” – Day 4, 25 Oct, 9:00-10:30, Room 4.
• Workshop 249: “Civil society in ICANN’s multistakeholderism: The GNSO case” – Day 2, 23 Oct, 16:30-18:00, Room 8.
• Workshop 253: “Debate on ‘closed’ generic top-level domains” – Day 3, 24 Oct, 11:00-12:30, Room 10.

An interesting pre-event that takes place on Day 0 is a workshop on Digital Preservation of Cultural Treasures in Bali. It demonstrates yet another success story of collaboration between different stakeholders in using the Internet and technology to preserve endangered languages and cultural artifacts. The workshop will take place on 21 Oct, 16:00-17:30 in Room 10.

More information about the meeting can be found on the IGF website: http://www.intgovforum.org/cms/.

Rights protection was of key concern when forming the New gTLD Program. ICANN met extensively with IP experts and community members to determine how to support trademark holders faced with the largest expansion of the DNS, ever. The meetings resulted in a 3-pronged approach that provides rights holders with proactive and reactive means of blocking potentially infringing uses in the New gTLD Program. Rights Protection Mechanisms, as they’re collectively known, include the Trademark Clearinghouse, Uniform Rapid Suspension System and Trademark Post-Delegation Dispute Resolution Procedures. So, how can a rights holder take advantage of these advanced New gTLD Program mechanisms?

1. Submit Your Mark to the Trademark Clearinghouse

   The Trademark Clearinghouse was designed to help rights holders across the globe protect their trademarks across all new gTLDs. It is the first centralized, international repository of trademark data for use with the DNS and it’s relatively easy to use.

   Register your mark now: http://trademark-clearinghouse.com/

   After you’ve submitted your trademark, Deloitte Enterprise Risk Services will verify the validity of your data. Once verified, associated previously abused labels can be added to the trademark record, and all valid data will be passed to another of our trusted vendors, IBM, to be entered into the Trademark Database.

   The primary benefits of registering a mark in the Clearinghouse include:

   • Sunrise Services
     All new gTLD Registries must offer a period of at least 30 days wherein trademark holders may register domain names corresponding to their marks before registration is made available to the general public.
   • Trademark Claims Services
     For a minimum of 90 days after general registration opens, a Registry must cross-reference domain name registration requests with records in the Trademark Clearinghouse. If a requested domain name matches a mark recorded in the Clearinghouse, the party trying to register the name will be notified of the match. If the registrant continues with the registration, the Trademark Database will inform the trademark’s holder or agent that the domain name has been registered.
   • Abuse Case Management
     The Registry Agreement for new gTLDs calls for a commitment from Registries to handle any and all abuse complaints and to operate in compliance with the Trademark Clearinghouse obligations.

   To date over 10,000 trademarks have been accepted into the Clearinghouse. We encourage all rights holders to take advantage of this proactive Rights Protection Mechanism.

2. File a Claim with the Uniform Rapid Suspension System

   ICANN is introducing a new system for resolving rights infringement disputes called the Uniform Rapid Suspension System (URS). It builds upon the existing Uniform Domain Name Dispute Resolution Procedure (UDRP), but provides quicker relief for rights holders experiencing clear-cut cases of infringement in new gTLDs, and it’s less expensive.

   Learn how to file a URS claim: http://newgtlds.icann.org/en/applicants/urs/procedure-01mar13-en.pdf [PDF, 168 KB]

   To date, ICANN has appointed the National Arbitration Forum and the Asian Domain Name Dispute Resolution Centre to administer URS claims. Email your questions about the Uniform Rapid Suspension System to urs-com@icann.org.

3. Initiate the Trademark Post-Delegation Dispute Resolution Procedure

   Trademark infringement is often portrayed as being a Registrant problem (such as typo-squatters). But what if a Registry Operator were to act in bad faith? Right now there are only 22 generic TLDs, but the New gTLD Program could introduce about 1,400 new gTLDs into the DNS.

   The Trademark Post-Delegation Dispute Resolution Procedure (Trademark PDDRP) is one of three Post-Delegation Dispute Resolution Procedures that were developed to provide those harmed by a new gTLD Registry Operator’s conduct an avenue to file a complaint about that conduct. The Trademark PDDRP generally addresses a Registry Operator’s complicity in trademark infringement on the first or second level of a new gTLD.

   Learn how to initiate a claim: http://newgtlds.icann.org/en/applicants/agb/pddrp-04jun12-en.pdf [PDF, 181 KB]

Introduction of these Rights Protection Mechanisms is just one way that ICANN and the community are laying the foundation for a more mature and expanded Domain Name System industry. The goal is not merely to create new space on the Internet; it’s to create an expansive, more secure space where ideas can flourish.

By Jeff Moss and John L. Crain

ICANN’s New gTLD Program Committee (NGPC) has approved resolutions allowing us to move forward in expanding the Internet’s name space while mitigating possible issues in the expansion.

A document describing the mitigation plan can be found here [PDF, 841 KB].

It’s an understatement to say that ICANN takes its obligation to preserve the Security, Stability and Resiliency (SSR) of the Identifier Systems seriously. In fact, that part of our mission is the very first thing you read in ICANN’s bylaws.

In recent months, concerns have been raised that there will be “collisions” between some of the proposed new TLD strings and those used in private name spaces. The possibility that collisions can occur in the DNS is not new. Queries for non-existing strings are currently a common occurrence throughout the DNS. They can be caused by simple typos, errors in configuration, and historic or recommended use of certain names for intranet applications. The DNS is often queried to resolve such names and this “leakage” of queries from private spaces occurs at rather remarkable volumes.

At the Board’s direction, ICANN staff commissioned a study to examine the extent of the name collision problem and to look at possible methods for mitigating the risks.

As has been noted by many community members, it is much easier to observe the occurrences of collisions than it is to assess the potential impact of a collision.

DNS data collected at the root and elsewhere reveals some interesting information about queries for the proposed new TLD strings. But to assess the precise impact of these occurrences, there needs to be additional study which would allow us to learn quite a bit more about the extent of these occurrences and to determine which strings appear most often in queries.  Ultimately, the additional study will allow us to develop targeted mitigation strategies.

The basic concept of the risk mitigation plan adopted by the NGPC is fourfold:

• First, to document on a per TLD basis those collisions that have been identified in studies of the “Day In The Life of the Internet” (DITL) data and to place each of the Secondary Level Domain (SLD) strings identified to have had collisions on a reserved or blocked list for that specific TLD. These strings will not be allowed to be registered or to resolve until such a time as the effects of the specific collision are known and appropriate mitigation strategies are developed and implemented.
• Second, ICANN will develop a process by which affected parties may report and request the blocking of a SLD that causes demonstrable harm as a consequence of a name collision. This process is intended to mitigate the risk of harmful collision occurrences not observed in the study.
• Third, ICANN will develop a framework to identify the probability and severity of harm to better assess the consequences of name collisions. Remember that harm and risk are not the same thing. This framework will be an important tool in identifying the likelihood of harm but also for helping to identify mitigation techniques. Once acceptable mitigations are in place it may be possible to allow the release of strings from the list of reserved or blocked names.
• Finally, promoting awareness and mitigation strategies through a targeted outreach campaign will help potentially affected parties identify and manage the causes of name collision occurrences arising from their own networks.

We believe the proposals outlined above afford a balanced way of moving forward. The plan minimizes the risk that collisions will cause serious harm by implementing measures to avert the problem by mitigating the associated risks and continuously monitoring the situation.

We would like to thank those who have submitted research, comments, and feedback on real world examples of name collisions. The community efforts have shown that we can put aside our self-interest, consider a complex problem and drive toward solutions to meet our common objective – ensuring that the Domain Name System continues to provide services to all users in a secure, stable and resilient manner while still allowing it to grow and innovate.

As I flew home from Algiers after the second Arab Internet Governance Forum at the beginning of October, I reflected on how much progress we have made. In just two short years, we have gone from informal discussions to the more structured Beirut Consultation to the inaugural Arab IGF in Kuwait last year. Now, at the conclusion of our second such gathering, I see plenty of challenges but also plenty of advancement.

I was particularly impressed with how open discussions were throughout the meeting. In the main sessions and in workshops alike, exchanges were cordial and engaged, even at moments of disagreement and tension. We witnessed one of these moments at the main session on openness and content, where panelists talked to their own experiences in relation to Internet policies in a number of Arab countries. In my view, this was the best session of the whole meeting, not only for the excellent moderation and the knowledge of the speakers, but also for spurring constructive debate. This is what the IGF is about.

Unlike the global IGF where the variance in views usually reflects the diversity of stakeholders interacting, at the Arab IGF it reflects the generational gap between the “native” and “non-native” Internet users. One young participant (Wafa Ben Hassine) summed it up in one tweet: “The generational gap going on at the Arab IGF is staggering. Never thought age would have such a profound impact on policy views.”

In one workshop, participants discussed ICANN’s Middle East engagement strategy, examined its main building blocks, and learned about work underway in relation to its implementation. During the session, the launch of the Task Force on Arabic script Internationalized Domain Names (TF-AIDN) was announced. TF-AIDN is a community-led initiative recommended by the Middle East Strategy Working Group and aims at addressing some of the technical issues related to the deployment of Arabic script IDNs.

The Arab IGF meeting, hosted by the Ministry of Post, Information Technology and Communication of Algeria, brought together more than 300 participants for an open exchange of views on Internet related issues of importance to the region.

Its main theme was “Partners for Development,” which reflects both the nature of the IGF as an avenue for building partnerships across various stakeholders, as well as the importance of the development dimension of the Internet in the region. Sub-themes included access and critical Internet resources; security and privacy; openness and content; youth and innovation.

Among the participants were representatives from governments, civil society, academia, Internet technical bodies, and private sector. Youth participation, particularly from civil society, contributed substantially to the discussions. A range of issues and challenges were addressed from broadband access, IXPs, local content, and innovation, to openness, human rights, and cyber legislations.

There is no question that the challenges are immense. But in my opinion, the only way to tackle these challenges is by broadening the participation and ensuring that all the views are shared. We’re off to a good start. I look forward to the next Arab IGF.

The Middle East Strategy Working Group (MESWG) is pleased to announce the formation of the Task Force on Arabic Script Internationalized Domain Names (TF-AIDN). The announcement was made at the 2nd Arab IGF meeting that took place in Algeria between 1 and 3 October 2013. TF-AIDN is an initiative of MESWG, which focuses on technical issues and solutions to promote the deployment of Arabic IDNs. While the scope of work may change over time, the task force will begin by looking into the following issues:

• Arabic Script Label Generation Ruleset (LGR) for the Root Zone
• Second level LGRs for the Arabic script
• Arabic script Internationalized Registration Data Protocol and Practice
• Universal acceptability of Arabic script IDNs and variants
• Technical challenges around registration of Arabic IDNs and variants
• Operational software for Arabic script IDN registry and registrar operations
• DNS security matters specifically related to Arabic IDNs and variants
• Technical training material around Arabic script IDNs

TF-AIDN currently consists of sixteen experts from twelve countries and representing more than nine languages using Arabic script, including Arabic, Malay (Jawi), Pashto, Persian, Punjabi, Seraiki, Sindhi, Torwali, and Urdu. These experts have a diverse set of experience related to registry operations, IDNA/DNS, Unicode, law enforcement, and policy, and come from private, public, academic and community-based organizations.

Though the task force is commencing operations, it will remain open for membership. Those interested to join the task force on voluntary basis are requested to send their resumes and Statement of Interest (SOI) to: tf-aidn-admin@meswg.org.

Details on TF-AIDN’s membership and scope of work are available at: https://community.icann.org/display/MES/Task+Force+on+Arabic+Script+IDNs.

MESWG is a community driven working group coordinated by ICANN to foster community engagement and strengthen the DNS Ecosystem in the Middle East and Adjoining Countries (Middle East, North Africa, Afghanistan, Iran and Pakistan). To that end, MESWG has developed a 3-year strategy and is currently in the process of implementing an action plan based on recommendations set forth in the strategy document. More details on MESWG are available at: https://community.icann.org/display/MES/Middle+East+Strategy.

Among the challenges of being a Regional Vice President is managing your time to attend and participate in as many worthwhile stakeholder events as possible. So last year, when our partners from the Uzbekistan ccTLD .uz – Uzinfocom invited me to speak at their 2013 ICT Summit, I said “yes”!

Uzbekistan is a beautiful country (I do not say that simply because it is in my region). It also is one of only two “doubly landlocked” countries in the world (Lichtenstein being the other), meaning it is totally surrounded by other landlocked countries. Of course, when it comes to the Internet, access to the sea isn’t a requirement.

I spoke at two events during the ICT Summit in Uzbekistan last week – at a well-attended public meeting, and at a closed meeting with the ccTLD registry and later with national registrars. I presented at both events with material support from ICANN’s Speakers Bureau. I spoke about the progress in the New gTLD Program, about the IDN program, the internationalization of ICANN and, last but certainly not least, the importance of having broader and wider participation from Uzbekistan in everything ICANN does.

I also visited the ICT Exhibition – a very popular destination in countries such as Uzbekistan where people want to meet and talk about recent developments in the telecom industry. And I had several meetings with executives from the .uz registry. (didn’t you already say this?)

At every meeting I attended, people were very interested in the history of the relationship between ICANN and .uz ccTLD; information also documented on ICANN’s website. There also were many questions about the New gTLD program and when a second round of applications might take place. And finally, what made me think my visit had been a success were the questions I received about how Uzbeks could participate in the work of ICANN.

I want to end with a few personal words of gratitude for my friends at Uzinfocom who organized a perfect summit – from the day they picked me at the airport at 3 a.m. to the day they brought be back at 1 a.m. Yes, the travel is long and the hours are sometimes odd. Such is the life of an ICANN Regional Vice President, and one I am grateful to have.

The regional organization of ccTLDs in Latin America and the Caribbean, organized a technical workshop on September 3 in Panama which brought together 21 ccTLDs from the region (*), framed within one of the projects of the ICANN Strategic Plan in Latin America and the Caribbean – Security, Stability and Resiliency in the DNS- LACTLD. According to Christian O’Flaherty, Senior Development Manager for the Internet Society Latin America Office, this demonstrated the development achieved by the organization: “The Internet Society has been supporting the LACTLD technical meetings for several years. It is the most relevant and valuable workshop for ccTLD operators in the LAC region. The recent workshop was a great success and a milestone that confirms the current growth and maturity of the organization”.

This workshop addressed primarily technical aspects of Security, Stability and Resiliency (SSR) in the DNS along with IPv6 and EPP issues. The ccTLDS shared tips and lessons learned from tutorials, case studies and discussions. According to Sofia Zerbino, LACTLD Information Officer, the highlight of the workshop was the quality of the participation of the 21 ccTLDs present as well as the atmosphere of collaboration and camaraderie that usually characterize these meetings: “The positive experience is reflected in the data obtained from the survey: 80% were totally satisfied, 63% said they have completely covered their expectations”.

Gonzalo Romero, Internet Head of Security for .CO Internet, highlighted several questions that resulted from this experience, noting that this is an important moment for the region and the work of the TLD’s and they should take advantage of ICANN’s support, and organization that is promoting and supporting these issues: “Having the opportunity to share with people as knowledgeable as John Crain, and attending the SROC course offered by Delta-Risk, a strategic ally of ICANN on issues of training and technical capacity building, are experiences that should continue to be given in other events, at different scales and levels”.

For years, now ICANN has been supporting these training activities for ccTLD operators in the region and this time in a systemic way to include such initiatives within the Strategic Plan for the region. In this occasion, John L. Crain, ICANN’s Security, Stability and Resiliency Senior Director, was one of the instructors working with participants on security in ccTLD operations: “It was with great pleasure that I attended the LACTLD technical workshop in Panama City, Panama this September. LACTLD conferences provide a wonderful opportunity to mingle and discuss with one’s peers from the Latin American and Caribbean DNS industry as well as experts from outside the region (…) It was fantastic to see friends old and new and I look forward to being back in the region for ICANN’s next meeting in Buenos Aires, Argentina”.

So, how will we moved forward? Four key tasks that resulted from the technical workshop in Panama include:

• (1) How can we follow up on the actions and activities that the technicians who attend and participate in these workshops are developing? It is urgent to start applying management metrics or indicators to somehow identify the results of the ccTLDs progress in the region, in terms of Security, Stability and Resiliency in the DNS

• (2) Do the TLD’s technical and commercial areas cooperate? Are they committed to develop innovation? Is there support from the directors for research and development regarding the DNS within the TLD’s / NIC’s?

• (3) Some countries in the region have advanced very interesting models of cooperative action for cybersecurity and cyberdefense incident management. How do we replicate these models in other countries?

• (4) Each country is developing strategies in security awareness, but LAC countries like Panama and Paraguay have recently adopted initiatives to handle a single universal language like the APWG’s STOP-THINK-CONNECT (details: http://x.co/2MHzv). How can the other countries in the region join this initiative?

The Community Working Group, which is leading this project within the regional Strategic Plan, is charged with developing a strategy for follow actions on the above questions. Congratulations to LACTLD and its members on a successful and constructive workshop, gaining momentum towards achieving our goals in the region.

(*) These were: ar, .ai, .br, .bo, .bz, .cl, .co, .cr, .cu, .ec, .gt, .gy,.ht, .kn, .mx, .pa, .pe, .py, .sv, .uy, .ve

Por Alexandra Dans

Enmarcado dentro de uno de los proyectos del Plan Estratégico de ICANN en Latinoamérica y el Caribe – Seguridad, Estabilidad y Resiliencia del DNS- LACTLD, la organización Regional de los ccTLDs de la región, organizó un taller técnico el 3 de setiembre en Panamá que reunió a 21 ccTLDs de la región (*). Esto demostró el desarrollo alcanzada por la organización y así lo expresó Christian O’Flaherty, Gerente Senior de Desarrollo para la oficina de Latinoamérica: “La Internet Society ha venido apoyando las reuniones técnicas de LACTLD durante varios años. Es el taller más relevante y valioso para los operadores de ccTLD de la región de América Latina y el Caribe. El reciente seminario fue un gran éxito y un hito que confirma el actual crecimiento y la madurez de la organización”.

Este taller técnico abordó fundamentalmente aspectos de Seguridad, Estabilidad y Resiliencia (SSR) en el DNS, así como IPv6 y EPP. Se compartieron lecciones aprendidas y se transmitieron conocimientos entre ccTLDs a partir de tutoriales, casos de estudios y debate. Según Sofía Zerbino, Oficial de Información de LACTLD, el punto fuerte del taller fue la calidad de la participación de los 21 registros presentes y el ambiente de colaboración y compañerismo que suele caracterizar estos encuentros “La experiencia positiva se refleja en los datos obtenidos de las encuestas: 80% de satisfacción total, 63% dice haber cubierto totalmente sus expectativas”.

Gonzalo Romero, Jefe de Seguridad del .CO Internet, destacó varias interrogantes que resultaron de esta experiencia y que compartimos con ustedes más abajo. También destacó que este es un momento importante para la región y el trabajo de los TLD’s y que se debe aprovechar el apoyo que ICANN está dando empujando y apoyando estos temas: “haber tenido la oportunidad de compartir con personas tan conocedoras como John Crain, así como atender el curso de SROC ofrecido por Delta-Risk, un aliado estratégico de ICANN en temas de entrenamiento y construcción de capacidad técnica, son experiencias que deben seguirse dando en otros eventos, a diferentes escalas y niveles”,

Desde hace años, ICANN apoya estas actividades de entrenamiento para operadores de ccTLDs en la región y en esta ocasión de forma sistémica para incluir este tipo de iniciativas dentro del Plan Estratégico para la región. Esta vez, John L. Crain, Senior Director SSR de ICANN, fue uno de los instructores encargados de dictar el curso sobre seguridad en las operaciones de los registros: ” Es con gran placer que asistí al taller técnico LACTLD en la Ciudad de Panamá este mes de septiembre. Las conferencias de LACTLD ofrecen una maravillosa oportunidad de socializar y discutir con queridos compañeros de la industria DNS de Latinoamérica y el Caribe, así como con expertos fuera de la región (…) Fue fantástico ver a viejos amigos y conocer nuevos, ya quiero regresar a la región para la próxima reunión de ICANN en Buenos Aires, Argentina.”

¿Y ahora cómo seguimos? 4 interrogantes que surgen del taller técnico en Panamá:

• (1) ¿Cómo realizar un “seguimiento” a las acciones y actividades que desarrollan los técnicos que asisten y participan en este tipo de talleres? Urge comenzar a aplicar métricas o indicadores de gestión que permitan identificar de alguna manera los resultados de evolución o progreso de los ccTLD’s de la Región, en términos de Seguridad, Estabilidad y Resiliencia en DNS

• (2) ¿Cómo opera la interacción entre las áreas técnica y comercial en los TLD’s de la región? ¿Van de la mano? ¿Qué compromisos existen para desarrollar innovación? ¿Hay apoyo de la parte directiva a la investigación y desarrollo en aspectos relativos en DNS al interior de los TLD’s/NIC’s?

• (3) Algunos países de la región han adelantado modelos muy interesantes de acción cooperante para gestión de incidentes de ciberseguridad y ciberdefensa (puestos de mando unificados, en los cuales participan el CERT gubernamental, los CERT’s, las autoridades de ley, el NIC, el IXP, los ISP’s, entidades del sector público y privado); ¿Cómo replicar este tipo de modelos en otros países, a partir del relacionamiento y la capacidad de convocatoria del NIC/TLD?

• (4) Cada país viene desarrollando estrategias de concientización en temas de seguridad; sin embargo, países de LAC como Panamá y Paraguay recientemente (detalles: http://x.co/2MHzv) adoptaron iniciativas para manejar un lenguaje único y universal como el STOP-THINK-CONNECT del APWG. ¿Cómo hacer para que los otros países de la región se incorporen a esta iniciativa?

El Grupo de Trabajo de la Comunidad que lidera este proyecto del Plan Estratégico de la región, analizará la mejor forma de dar seguimiento a este tipo de iniciativas. Felicidades a LACTLD y sus miembros por este gran logro.

(*) Estos fueron: ar, .ai, .br, .bo, .bz, .cl, .co, .cr, .cu, .ec, .gt, .gy,.ht, .kn, .mx, .pa, .pe, .py, .sv, .uy, .ve

The DNS’s Operations, Analysis and Research Center (DNS-OARC) was created nearly a decade ago in recognition that the DNS’s key position in the Internet’s architecture made it at significant risk of being both a victim and vehicle for various types of misuse. DNS-OARC was however inspired by a vision that co-operation, together with data gathering, sharing and analysis between the operator and research communities could both protect against such misuse, and lead to a deeper understanding of the DNS and Internet operations.

Since OARC’s founding in 2004, these issues have only become more critical, and the organization has grown from a project within ISC to an independent, neutral, non-profit, membership organization with dedicated staff and over 70 members. Its mission is to improve the security, stability, and understanding of the Internet’s DNS infrastructure.

As well as running twice-yearly workshops, various public benefit tools and inter-member co-operation platforms, OARC operates a number of large-scale data gathering initiatives, which collect data from its members’ infrastructure. One of these, initiated in 2004 in co-operation with CAIDA and funded by the NSF, is a “Day in the Life of the Internet“” (DITL). This gathers detailed data-sets of DNS queries to root and top-level DNS operators for a 48-hour period at least once a year. The idea is to have a baseline data archive which can be compared year-on-year, and data has also been gathered during significant change points in the global DNS, such as the IPv6 delegation and DNSSEC signing of the root. Over the past decade, OARC has accumulated a data-set in excess of 40Tb of DITL queries.

A critical component of OARC’s capabilities and contribution is the availability of raw operational data. Many underlying principles engineering and failure modes of Internet traffic are poorly understood, and it’s important to note not all the threats to reliable, secure Internet operation are malicious. Studies performed by OARC partners such as CAIDA demonstrate that a significant amount of unwanted DNS traffic and operational problems are caused by misconfiguration of DNS or applications that depend on it. The only way to improve this state of affairs is application of the scientific method to the study of these on the large scale.

ICANN has been a committed supporter of OARC since becoming a member in 2008, and has worked with OARC as L-Root operator supplying DNS data, support of various joint events and service infrastructure, and recently providing a Board member.

During 2012, a potential new obstacle on the path to deployment of ICANN’s new TLDs became apparent to the ICANN SSAC (Security and Stability Advisory Committee). A risk was identified that some of the proposed new TLDs were already in widespread internal-only use within enterprises, and on top of this, SSL certificates which had only ever been intended for such internal use had already been issued to these organizations. This could lead to a risk of collisions between valid internal use of these TLDs, and potentially malicious misuse of these certificates on the global Internet.

Clearly this was a potentially significant problem, with a tension between the interests of new TLD operators who want to see their new domains deployed as quickly as possible, versus some very real risks of abusive activity, or even just unintended consequences, either or both of which could have global impact.

When determining policies on how to proceed in such situations, it’s important to have data to base them upon. Given the tight deployment timescales, gathering new data from scratch could have been a significant and time-consuming exercise. Fortunately, it was quickly identified that OARC’s DITL data-set could contain evidence needed to help determine if the SSAC’s concerns were real ones in practice, and if so the extent of their severity. The log of queries to the root and TLD servers contain not just valid top-level domain strings, but also “leakage” of strings intended for internal-only use but which escape into the wider Internet due to various mis-configurations. It is exactly these kind of unintended consequences which can lead to the concerns expressed in the study, making the data gathered a useful sample of what could go astray or be exploited.

While OARC’s DITL data set was recognized as being of high relevance for this particular need, it is however important to understand that it is only one view of the DNS, and by no means a definitive or complete view: for example it only includes some queries to some root operators for a small time, and not for example to many other TLD operators or ISPs providing DNS resolver services to their subscribers. It is probably impossible to get a complete view of the DNS by traffic gathering techniques, and the value of multiple different approaches should not be overlooked.

Having identified the problem and the data-set which could be a solution, ICANN engaged Interisle and their subcontractors RTFM to perform the analysis. In the short term, this work was started by loaning CAIDA computing capacity located at OARC to produce the initial report.

In the meantime, however, a number of requirements needed to be tackled to perform further analysis of the data:

• DNS data submitted to OARC from jurisdictions across the world is potentially sensitive, and held in trust by OARC under strict confidentiality terms. This allows data submission by a much wider community than otherwise possible. However, these terms prevent the copying of the data from OARC’s archive to 3rd party systems.
• While the systems hosting OARC’s growing data set have been regularly updated over the years, much of its supporting infrastructure, including computing resources for doing in-situ data analysis by members and researchers, had not been upgraded since the original NSF bootstrap funding a decade earlier, and was in sore need of upgrading.
• Many new TLD operators wanted to become OARC members in order to both support its mission and carry out their own analysis of the DITL data sets at OARC, independently of the ICANN-sponsored work that had been carried out by Interisle/RTFM.
• This was all happening in the context of the pressing timescales of new TLD deployment and ICANN’s analysis and comments timescales.

Fortunately, as a result of a re-development plan committed to by OARC’s Board earlier in 2013, a major hardware and software refresh was already under way, and at the time the Collisions Strings study requirement was identified, OARC’s new Systems Engineer, William Sotomayor, was ready to deploy the new compute resources needed.

OARC was thus quickly able to take delivery of, and bring into service, the significant equipment donation of 4 x Dell r820-grade servers from ICANN, in addition to other similar servers donated by interested OARC members. These are very high spec machines, with 64-core processors and at least 48Gb of RAM. They take OARC’s analysis capability firmly into the present, and will be of immense value not just for ongoing Collisions studies, but for general-purpose needs of OARC member and researchers for some years into the future.

OARC has been in the business of “Big Data” for much of its existence, but it is only recently that the value of such large-scale data gathering has been widely defined and recognized. With this major contribution, and further donations of equipment and space to host it pending, OARC looks forward to participating in the innovation revolution of Cloud Computing and Big Data.

OARC’s ability to provide a solution to a problem that was not envisaged at its founding underlines the value of neutral general-purpose data gathering from the DNS in the wider context of “Internet Science”.

Acknowledgments

OARC wishes to gratefully acknowledge ICANN’s generosity for this equipment donation, and we look forward to continuing to work with ICANN, our other members, partners and the research community to continue meeting this need.

Making this happen quickly took the committed help of a number of parties to which OARC is grateful. We’d like in particular to thank Terry Manderson, ICANN’s new Director of DNS operations and his team for procuring the servers, CAIDA for lending compute capacity to allow Interisle/RTFM to progress their work in the meantime, and the Operations team at ISC, OARC’s hosting provider, for prompt remote hands efforts to get our servers up and running.

Keith Mitchell

President, DNS-OARC

After opening ICANN’s new engagement office in Singapore, my first opportunity to attend a regional conference and engage with stakeholders was constructive and inspiring.

The Asia Pacific Regional Internet Governance Forum (APrIGF) took place from 4-6 September 2013 in Seoul, South Korea as a platform for discussion and collaboration toward advancing our ideals of Internet governance across the region. It was empowering to work alongside Fadi as we unveiled ICANN’s plan to build an Asia Engagement Strategy.

CEO Fadi with APrIGF hosts

Invoking the Forum’s theme, “Towards a Better Internet: A More Secured, Convenient, Vibrant, Equivalent, and Desirable Internet,” Fadi delivered the keynote address during which he reinforced ICANN’s commitment to the region. Fadi cited the opening of our Singapore hub office, and that we are working to engage and listen to our stakeholders in the region to develop an Asia Pacific Engagement Strategy as examples.

ICANN Workshop – ICANN engagement with the Asia Pacific Community

Since we started the Asia Hub, a key preoccupation was to meet and listen to the needs and concerns of our stakeholders. This is still work in progress; but we reported our findings at our workshop on “ICANN engagement with the Asia Pacific Community” at the APrIGF. The time we took to listen to the needs and concerns of the region were very well received. Many stakeholders expressed their appreciation and offered their views as well as help for us to better engage the region, including:

• working with regional organizations in language localization projects, so that the diverse stakeholders in the region can participate in our ICANN processes
• working to partner with existing networks and forums, not only for training, but to contribute to feedback on the ICANN PDP process
• communicating to the region on what ICANN is
• consider holding smaller ICANN meetings within the APAC communities so as to ensure greater participation and the diversity of regional voices
• enhancing government participation through working with our Government Advisory Council (GAC) representatives to advocate for a stronger representation by APAC governments at ICANN meetings
• continue to share our findings regarding our shareholders’ needs and concerns, and to share them with the community. Through this, we can identify common needs and interests and develop collaborative activities. A suggestion was to arrange the feedback we received thematically, and to discuss them at the Bali IGF this October,

Fadi closed the workshop by emphasizing the need for sustainable engagement through tools such as ICANNLabs to build a more inclusive model of engagement.

Youth IGF – CEO Fadi with the energetic Youth IGF participants, held concurrently with the APrIGF

On the sidelines of the APrIGF, it was inspiring for us to sit and speak with Youth leaders about getting involved in Internet governance. We held an interactive session as a part of the Youth Internet Governance Forum (YIGF), where we introduced ICANN and the multi-stakeholder model to the participants. What was most exciting was to hear participants agree with Fadi on the importance of a one, united and open Internet for the world. They were really engaging, asked thoughtful questions, and were very passionate about the multi-stakeholder model. We hope to further engage participating youth in future ICANN programming and related forums.

The APrIGF in Seoul proved a constructive experience and I’m proud to say ICANN effectively fostered promising dialogue. I look forward to building on this initial engagement as we move forward with our work in the APAC region.

I’m pleased to report on the successful conclusion of two registrar outreach sessions in Los Angeles, USA and Xiamen, China.  Representatives of the registrars’ Registrar Accreditation Agreement (RAA) negotiating team and I, along with a small handful of ICANN staff members, spent a day and half in each city answering questions and helping educate registrars about the new provisions in the 2013 RAA and new consensus policies.

The new RAA contains several important changes intended to promote a strong, healthy domain name space and help registrants make informed decisions when purchasing services from registrars. Realizing that these changes might require significant implementation efforts, registrars and other community members called on ICANN to conduct a proactive program to help registrars understand their new obligations and discuss needs required for compliance with the new agreement. These outreach sessions — the first of four currently planned — focused largely on the operational impact of the new agreement and offered registrars a platform to collectively solve complex challenges.

Some of the key topics at our outreach sessions included:

• dealings with resellers
• new Whois obligations
• abuse complaint handling
• data retention requirements (and the procedure for requesting a waiver)
• new consensus policies

Our outreach sessions in Los Angeles and Xiamen were well attended and seem to have been well-received. Close to 40 registrar representatives attended the Los Angeles session in-person, with another 20 or so participating remotely. Sixty registrar representatives from China, Hong Kong, South Korea, and Taiwan attended the event in Xiamen. (Real-time Chinese-English / English-Chinese translation services were provided.) Our next session will be held in Berlin, Germany next week.

Thanks go to all of the dozens of registrars who have attended or plan to attend these meetings, with special thanks to James Bladel (GoDaddy), Jeff Eckhaus (eNom), and Matt Serlin (MarkMonitor), who each participated in one or both of the sessions on behalf of the registrars’ RAA negotiating team.

The presentation materials from the first meeting are available here:

• 2013 RAA Registrar Training Overview [PDF, 227 KB]
• Reseller Obligations [PDF, 173 KB]
• Privacy Proxy and Disclosure and Abuse Requirements [PDF, 190 KB]
• Data Retention [PDF, 235 KB]
• Compliance Presentation [PDF, 276 KB]
• New Whois Obligations [PDF, 239 KB]
• Consensus Policy Implementation Update [PDF, 211 KB]
• GNSO Update [PDF, 1.52 MB]
• TMCH [PDF, 347 KB]
• URS [PDF, 233 KB]

The World Economic Forum is a helpful partner in ICANN’s global stakeholder engagement efforts, convening leaders from business, government and civil society to address global issues.  YC Kuek and I represented ICANN at last week’s “Summer Davos” in Dalian China, participating in a number of sessions on ICT sector challenges.  

In addition to government ministers from places as diverse as Ireland, Vietnam and Azerbaijan, corporate executives from HTC, Qualcomm, Facebook, Salesforce, BT, Mozilla, Thomson Reuters, Google, Microsoft, CA, Macquarie and LIPPO all were in attendance. The Internet Society is also a regular WEF participant.

I was struck by how many of these leaders were not only aware of ICANN’s work, but also appreciative of its role as steward and coordinator of the Internet’s system of unique identifiers. They were also supportive of ICANN’s increasing international presence and impressed by tools and processes that enhance transparency and foster deeper engagement with stakeholders.

Internet and Internet governance issues are rising to the top of the agenda at WEF. Sessions included: The Partnership for Cyber-resilience, Strengthening Civil Society Partnerships, Seismic Shifts in the Digital Ecosystem and Protecting the Digital Economy. More information, and content from the public sessions can be found here.

Of course many of the concerns raised (privacy, spam, content, neutrality, etc.) fall outside ICANN’s remit.   We did not opine on these topics, but were frequently asked to explain in detail how ICANN’s multistakeholder model works to coordinate Internet naming and addressing resources – both what works well and what is hard to accomplish.  This led some to explore whether similar models could be deployed to address contentious issues.

Government representatives complained of conflicting guidance on how (or whether) to react to serve their public’s interests.  Business leaders, on the other hand, voiced alarm at a trend toward regulatory fragmentation along national and regional borders.

All in all, we worked to raise awareness of the multistakeholder model generally and of ICANN’s unique role in the Internet ecosystem specifically.  Given the appreciative reception we received, I believe we can be very proud of the ICANN model.

Christopher Mondini
VP, Stakeholder Engagement
North America and Global Business

By David Olive, Vice President for Policy Development Support

Cross Community Working Groups (CCWGs) play an important role within the ICANN framework. We have seen over time, that the ICANN community has created such groups as a useful mechanism to organize activities across two or more ICANN communities.

One example of such cooperation structures was the working group formed to enable the introduction of top-level Internationalized Domain Names (IDNs), which resulted in a fast track process for allocating a limited number of IDN top-level domains in the country code space. Another example is the DNS Security and Stability Analysis Working Group.

Some CCWGs have been less successful and in fact caused confusion and misunderstandings across the different participating Supporting Organizations (SOs) and Advisory Committees (ACs). Nevertheless, increased collaboration between different SOs and ACs, as well as a realization that certain topics are of interest to more than one SO or AC has resulted in a stronger focus on cross-community working groups.

Many in the community recognize the value that CCWGs can bring to the debate, but at the same time, questions and concerns have been raised regarding the principles and processes by which these working groups operate.

CCWGs are a working group of willing volunteers from different SO/ACs who come together to deal with a particular topic or area of interest, which potentially impacts more than one key stakeholder group within the ICANN structure.1 CCWGs are chartered by two or more SO/ACs and have a formal mandate outlined in their approved charter.

CCWGs are tasked with providing advice and feedback to their chartering SOs and ACs within the ICANN structure. The respective SOs and ACs are then typically expected to evaluate the CCWGs recommendations and consider whether or not to submit it formally to the Board of Directors.

It is important to distinguish any potential informal communication from formal mandates, and that their charter provides a clear scope in which these groups will operate. For example, the charter should foresee what happens in case an SO/AC does not support the CCWG recommendations or wants to make changes.

CCWGs may be best utilized when dealing with topics that would benefit from cross-community input and dialogue, while keeping in mind that they can never replace a formal policy development process. CCWGs typically invite all community members across the SO/AC groups to provide insights, input, and solutions to ICANN community-wide issues. While CCWGs are diverse, representing and considering many interests and disciplines, they also provide opportunities to produce a common direction.

Currently, this is taking place with the ccNSO’s approach regarding the framework of interpretation of current policy for the delegation and re-delegation of country code operators. By definition, this issue is within the scope of ccNSO policy development. However, the ccNSO opted for a CCWG as an alternate path—recognizing that this will not result in formal policy recommendations—in order to provide greater clarity to the existing policy and to ensure input and involvement from the Governmental Advisory Committee and other interested key stakeholder groups.

With that in mind, CCWGs should not be mistaken for a new way of developing “consensus policy” or as a vehicle to overtake the existing roles of the SOs and ACs. CCWGs should be seen as an additional mechanism to foster cross-community dialogue and understanding of topics that reach across SO/AC boundaries.

It is important that at the outset, the remit and operations of CCWGs are clear, so that expectations are clearly managed in a transparent and predictable manner. To this end, the GNSO developed a set of proposed principles that—from its perspective—should underpin any and all CCWG efforts. These principles were shared with the broader community, and based on the feedback it received from the ccNSO, the GNSO will now undertake further work in this area in cooperation with other SOs and ACs.

Hopefully, this work will result in a common set of principles for CCWGs. With a defined structure and scope, more CCWGs may emerge over time further breaking down SO/AC silos and further enhancing the multi-stakeholder model.

ICANN continues to explore ways to better define and use CCWGs to ensure meaningful contribution, while maintaining respect for each SO and AC and enhancing our bottom-up, multi-stakeholder policy development process. I urge you to share your thoughts and input on this topic by commenting on this blog post and by following the progress of the Accountability and Transparency Review Team 2′s recommendation on this matter 2. Active community participation will ensure that conversations about cross-community work move forward in a constructive and efficient manner.

1 Cross-Community Working Groups within the ICANN Framework: An ICANN GNSO Discussion Document [PDF, 149 KB]

2 Recently, I was asked to speak with the ATRT2 about this subject. My remarks are available here: ATRT2 Discussion [PDF, 105 KB]

By Mary Wong, Senior Policy Director

I’m excited to share with you some preliminary findings from one of the GNSO Council’s Whois studies of interest to all of us in the ICANN community. This study – one of several initiated by the GNSO Council to examine various aspects of the Whois system – was commissioned to measure the hypothesis that: “a significant percentage of the domain names used to conduct illegal or harmful Internet activities are registered via privacy or proxy services to obscure the perpetrator’s identity”.

In 2012, ICANN selected the National Physical Laboratory (NPL) in the United Kingdom, led by Dr. Richard Clayton of the University of Cambridge, to perform the study. For the purposes of the study, the phrase “illegal or harmful” describes online activities that violate criminal or civil law, or which harm their targets (such as email recipients or website visitors). Such online activities can range from unsolicited commercial bulk email (“spam”) and cybersquatting to phishing, hosting child abuse sexual images, advanced fee fraud (also known as “411 scams”), and online sale of counterfeit pharmaceuticals. NPL was charged to gather a representative sample of illegal or harmful incidents across the top five gTLDs – .biz, .com, .info, .net and .org – to measure how often privacy or proxy services are abused by perpetrators (alleged and confirmed).

A previous study commissioned by ICANN and performed by NORC at the University of Chicago had concluded that 20% of registered domains across the top five gTLDs used privacy or proxy services. In NPL’s more detailed study on the use of privacy or proxy services across these five gTLDs, they found a statistically significant, above-average rate of privacy/proxy use for domains engaged in illegal or harmful online activities. Notably, NPL extended this aspect of the study in two ways that yielded additional useful data. First, NPL compared the rate of use of privacy/proxy services for domains used for selected lawful and harmless activities (e.g. banks and legal pharmacies) chosen to mirror the studied illegal/harmful activities. Secondly, the team also looked at WHOIS details for domain name registrants who did not use privacy or proxy services, to determine whether they could in fact be contacted at apparently valid telephone numbers.

The following are several key findings likely to be of interest to the ICANN community. Please note, however, that these figures should be read both in the context of the original terms of reference of the study (see http://gnso.icann.org/issues/whois/whois-proxy-abuse-study-18may10-en.pdf [PDF, 321 KB])as well as some of the conditions and limitations described by NPL in the full study. NPL’s findings include:

• 55% of sampled unlicensed pharmacies used privacy/proxy-registered domain names;
• 46% of sampled advanced fee fraud cases used privacy/proxy-registered domain names;
• 28% of sampled websites hosting illegal child abuse sexual images used privacy/proxy-registered domain names;
• By comparison, just 9% of licensed pharmacies and 13% of law firms studied by NPL used privacy/proxy services; on the other hand, 44% of lawful websites hosting adult content and 28% of legitimate banks studied by NPL used privacy/proxy-registered domain names;
• For domains used for illegal or harmful activities that were not registered using privacy/proxy services, very few calls to Whois-provided telephone numbers (derived from a list of those that appeared valid enough to call) were answered. Registrants of apparently lawful and harmless domains could not be reached 25-55% of the time, but the rate rose to 83-93% for domains engaged in harmful or illegal activity.

Based on these findings, NPL was able to conclude that the hypothesis for the study is true, and that the percentage of domain names used to conduct illegal or harmful Internet activities that are registered via privacy or proxy services is significantly greater than those used for lawful online activities. They also found that the outcomes were consistent regardless of the method used to avoid providing viable contact information.

I hope that you’ll take the opportunity to read the full study when it’s published shortly, and provide your comments. Look out also for the webinar that will be scheduled at that time with Dr. Clayton and his colleagues, when they will present and discuss their findings with the ICANN community.

UPDATE: The study has now been published for public comment. To review the full study and provide your feedback, go to http://www.icann.org/en/news/announcements/announcement-24sep13-en.htm

Today marks the beginning of year 2 of the new ICANN season. On this day, a year ago, I took the official plunge into the ICANN ocean.

To celebrate, I took the day off and rested with my family in a small country house in the hills. I sought the chance to listen quietly to the sounds of last year.

What I heard was actually beautiful. Our community grew more in concert. Our global posture is shaping up. Our operations are growing in quality and efficiency. Our justified confidence is felt around the world.

We still have much to accomplish together. In the next year, we shall give birth to many gTLDs and watch them grow. We will also evolve ICANN through the lens of the new strategies our community is shaping.

As I share this special anniversary with my family, I sincerely thanked them and also thank each one of you for giving me the chance to serve on the remarkable and inspiring ICANN mission. I made mistakes and you all remained patient; I crossed some subtle community lines, and you all forgave my ignorance; I pushed hard and you all indulged me with courage and determination.

Today, as I pause and observe, I see more green on the dials of the ICANN dashboard. We are soaring ahead. Inevitably, the forecast includes some storms. But in unity, we will continue this journey – wiser, higher, and steadier.

Yours,
Fadi

The multi-stakeholder model, bottom-up model is central to the way ICANN operates, and always will be. It’s a model designed to get those interested in internet policy and governance to share, discuss, collaborate and contribute. And, as such, it’s been a little strange that we haven’t made the most of the technology of the industry we work in to make that process easier.

Hence we’ve launched ICANNLabs. It’s to act as a digital space for experimentation and innovation. We’re already showcasing ideas around proposed digital tools and assets which we need you, the community, to feed back. On the basis of that information we’ll continue to improve, or even ditch, the tools, and continue that loop of build-feedback-iterate until we have useful tools that we can use in the community and on ICANN.org.

The first round of experiments has begun:

The Conversation track: This is intended to tackle the tools used for public comment and find software and design solutions that increase the depth and usefulness of digital conversations on policy. The first experiment – the roundtable – focuses more, however, on the possibilities for increasing the diversity of dialogue, but this is the one we’re wrestling with most- there’s lots to chew on with the digital mechanics of public comment and this will exercise us the most, perhaps . Follow the progress of the conversation track, and get involved, here.

The Education track: There are people on the fringes of the ICANN community who have much to contribute but hold back due to a lack of understanding of ICANN itself and the issues it deals with. If we can help those people gain a deeper knowledge, they can become more engaged members of the community. The first experiment is based on the idea of peer mentorship: Join in with the Education track here.

The Communication track: A multi-stakeholder model is nothing without stakeholders. The Communications track is based on the belief that better news and information distribution can drive new awareness of DNS issues and bring new stakeholders. The first idea involves the concept of curated conversations to achieve that end. Follow that and the other ideas of the Communications track here.

The Discovery track: The world of ICANN is a complex one and some kind of personalization can help people make sense of policies which affect governments, businesses, NGOs and non-profits, law enforcement agencies – and everyone else. Personalization and discovery service can help people find the relevant content to make sense of it all. The first experiment, the ICANN Passport, is signing new users up now. Follow that, and the rest of the Discovery track here.

So get yourselves involved – without feedback and contributions, it will be nigh-on impossible to make the sort of progress we’re hoping for – and that feedback can take the projects into places we hadn’t considered, which is the beauty of the feedback loop beloved of agile development processes. The next steps are tricky to predict, but they won’t happen without you.

Patrick Jones, on behalf of the ICANN Security team

In the wake of high-profile hacking attacks against the New York Times, Twitter, Huffington Post, and others, we thought it would be useful to re-post the blog from November 2012 written by Dave Piscitello, ICANN’s Senior Security Technologist on What You Should Learn from the Diigo Domain Hacking incident. The post describes a set of practical steps that anyone who has a domain name registration can take to protect against domain hacking and related attacks.

Be aware that social engineering attacks may occur. Educate those who are responsible for maintaining domain name registrations and your web presence on the potential for attacks. Establish procedures for registering and maintaining domain names (and ensure that those procedures are followed). Use two-factor authentication. Ask your registrar about registrar locks, and use registry locks if offered by your registry operator.

These measures do not cover everything one can do to protect against attacks. We do suggest using the lessons from recent events to look at your existing practices and ask about additional measures one can take.

The Contact page at ICANN.org has a new look along with new ways of reaching us! The page reflects ICANN’s global expansion and our commitment to regionalizing operations. It now includes contact information for our Hub and Engagement offices.

There are three ICANN Hub offices – Singapore (Asia Pacific), Istanbul (Europe, Middle East and Africa) and Los Angeles (Americas). Together, the Hubs provide 24-hours of service to the ICANN community.

Engagement offices are another key piece of our effort to better address the needs of our stakeholders. To make the best use of our resources, we have closed our Palo Alto, California office and recently relocated our office in Washington DC office to a new, better-designed “green” building. In addition to the office in Brussels, we also have now opened Engagement offices in Montevideo, Uruguay and in Beijing.

For the full list of ICANN offices and how to reach them, please visit http://www.icann.org/en/contact.

By Elise Gerich, VP, IANA & Technical Operations Department

Following four years of applying the EFQM principles of continuous improvement, our IANA and Technical Operations Department was recognized for their Commitment to Excellence. In August we received the Commitment to Excellence recognition from EFQM, the international not-for-profit membership foundation that develops the EFQM Excellence Model, which is used by over 30,000 organizations around the world.

The quest for excellence is an elusive target as the bar measuring excellence is always moving due to the ever changing environment and the evolution of services.

We are currently gathering feedback on our services through a series of consultations on performance standards and documentation. Based on the input from the consultations, we will be creating new performance reports and enhancing the online documentation. In addition, within the next couple of months, we will be conducting our second Customer Survey to gauge the community’s overall satisfaction with the services we provide. The responses to the survey will help our department to target areas for future enhancements.

Our journey towards excellence has been a key component of our regular IANA Activities Updates and has been reported at ICANN meetings in Seoul and Toronto. Some of our customers who also follow the EFQM model for excellence have shared their experiences with us and we have reciprocated. We’d like to engage the community in more discussion about business excellence and plan to schedule a session on this topic for the Buenos Aires ICANN meeting in November 2013.

The Internet Governance Forum and Preparatory Meeting for Latin America and the Caribbean (LACIGF) was held from August 27 to 29, 2013. This is a regional meeting space for multistakeholder policy debate where different stakeholders representing governments, the private sector, the technical community, academia and civil society organizations share and discuss their views.

With the support of APC, LACNIC, NIC.br, Internet Society, Google and ICANN, the local host Ageia Densi, part of the ICANN structure as ALS (At Large Structure) in the LACRALO, was in charge of this sixth edition, where officials and industry professionals met to address five thematic sessions organized around the issues identified as priorities by the community. It is worth noting that since last year, the LACIGF program committee has made a call to develop a collaborative agenda in which everyone has a voice.

Although some question the expected results of the LACIGF and the impact of its influence since it is not a decision making forum, the fact that discussion topics are identified by the community, legitimizes the exercise and concretely offers the possibility to put the issues on the agenda. The multiplicity of actors involved in this meeting edition turned it into an ideal place to discuss politically sensitive and complex issues while it also favored the formation of interest groups.

APC: Frank La Rue

This meeting is key to ICANN activities to ensure a safe and stable Internet while promoting a multistakeholder Internet governance model. Our regional team had a strong presence with Albert Daniels as a resource person for the session on “Enhanced cooperation” and Rodrigo de la Parra as moderator of the session on “Principles of multistakeholder participation.” Precisely, in relation these issues, one of the central concerns was the use of a definition shared by all. Rodrigo de la Parra stated that the concept of multistakeholderism means a systemic and endemic participation of various actors and consensus in decision-making, not just community consultations. Albert Daniels for his part, stressed that if the multistakeholderism works well, this will result in tangible instances and examples of Enhanced Cooperation.

With themes such as Human Rights, freedom of expression, security, and privacy and considering the latest events (PRISM / Snowden cases), it is not surprising that this edition was the most successful in terms of participation, with 200 people from 26 countries in the room and more than 2000 people connected remotely on the first day. On the Human Rights and Freedom of Expression issues, we should highlight the participation of Frank La Rue, Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression of the United Nations Human Rights Council.

Far from generating a defeatist climate, recent events made ??the Internet more alive than ever, adding new players to the debate and multiplying the eyes that now look with great interest the discussions on Internet Governance.

The Regional Preparatory Meeting for the Internet Governance Forum is an effort of several organizations. ICANN has supported this initiative since the first edition in 2008.

Rodrigo de la Parra, ICANN VP for Latin America and the Caribbean and Andrés Piazza, LACNIC Public Affairs Officer, in an interview with local television

Our efforts in terms of communications also were rewarded by the continued participation of about 10 local journalists whom informed that ICANN and the global Internet community will return to Argentina in November this year, this time in Buenos-Aires, for ICANN 48.