Documentary Information Disclosure Policy

From ICANNWiki
Jump to navigation Jump to search

Documentary Information Disclosure Policy (DIDP) is intended to ensure that ICANN makes available to the public information contained in documents concerning ICANN's operations and within ICANN's possession, custody, or control unless there is a compelling reason for confidentiality.

Overview

The DIDP is a fundamental component of ICANN's efforts at fulfilling its commitment to transparency. Anyone can request information by emailing ICANN at didp [@] icann.org. ICANN will respond to the request within 30 calendar days. ICANN will inform the requester in writing as to when a response will be provided if the organization cannot respond within the first month and explain why the extension is necessary. If ICANN denies the information request, it will provide a written statement identifying the reasons for the denial. If requestors want to appeal their decision, they can file a Reconsideration request. ICANN posts all requests and responses on its website.

DIDP Process

  1. Upon receipt of a DIDP Request, an ICANN staffer reviews the request and identifies the information requested, who may be in possession of or have knowledge of the information.
  2. The ICANN staffer then interviews the relevant staff members and performs a document search.
  3. The ICANN staffer collects the documents and reviews whether they answer the questions asked in the request and/or are subject to the Defined Conditions for Nondisclosure.
  4. If the document falls under any of the Defined Conditions for Nondisclosure, a review is conducted as to whether the public interest in disclosing the documentary information outweighs the harm that may be caused by such disclosure.
  5. Documents that are responsive and appropriate for public disclosure are posted on ICANN’s website. If ICANN deems a document's disclosure to be premature, ICANN will indicate it in its response to the request and notify the requestor when the document is posted.
  6. The ICANN staffer prepares an email response to the DIDP Request and posts the request and response and Request to the DIDP page.[1]

Defined Conditions for Nondisclosure

ICANN does not disclose documentary information that is:[2]

  1. from a government or international organization if it would prejudice ICANN's relationship with that party.
  2. internal and would compromise ICANN's deliberative decision-making process by inhibiting communication with ICANN Board directors, advisors, staff, consultants, contractors, or agents.
  3. prepared for exchange between ICANN, its constituents, and/or other entities with which ICANN cooperates that would compromise the decision-making process between them
  4. personnel, medical, contractual, remuneration, or similar records or internal appeals mechanisms and investigations that would constitute an invasion of personal privacy
  5. provided to ICANN that would materially prejudice the party's commercial, financial, and/or competitive interests or is pursuant to a nondisclosure agreement
  6. confidential business information and/or internal policies and procedures
  7. likely to endanger the life, health, or safety of any individual or materially prejudice the administration of justice
  8. subject to attorney-client privilege, or any other applicable privilege
  9. a draft of correspondence, reports, documents, agreements, contracts, emails, or any other form of communication
  10. related to the security and stability of the Internet, including the operation of the L Root or any changes, modifications, or additions to the root zone.
  11. a trade secret or commercial/financial information not publicly disclosed by ICANN
  12. in response to an unreasonable, overly burdensome, unfeasible, or abusive/vexatious request

These twelve situations are referred to in DIDP policy documents and responses as Defined Conditions for Nondisclosure.[2]

Other Rationales for Negative Responses to Requests

ICANN's DIDP policy specifies that "ICANN shall not be required to create or compile summaries of any documented information, and shall not be required to respond to requests seeking information that is already publicly available."[2] In many responses to DIDP requests, ICANN often cites this section in responding to elements of the request.

The contention that information is "publicly available" is a topic of several specific and organizational reviews, as well as the Cross Community Working Group on Accountability.

History

From 2007 to 2008, ICANN developed the original DIDP following its community consultation on the Accountability and Transparency Frameworks and Principles.[3] The first use of the DIDP was in September 2008, by Danny Younger, who requested information about a couple of registrar accreditation applications submitted to ICANN.[4]

In 2012, ICANN updated the policy following another community consultation.

From October to December 2021, ICANN requested feedback on several proposed changes to the DIDP based on the Cross Community Working Group on Enhancing ICANN Accountability Work Stream 2 recommendations.[5]

2021 Proposed Changes

  1. Delete: "NOTE: With the exception of personal email addresses, phone numbers and mailing addresses, DIDP Requests are otherwise posted in full on ICANN (Internet Corporation for Assigned Names and Numbers)’s website, unless there are exceptional circumstances requiring further redaction."
  2. Replace "appeal a denial of disclosure" with "seek review of ICANN’s DIDP Response"
  3. Add information on how to submit a request: "Any member of the public may submit a DIDP request to ICANN org. To submit a DIDP request, please send an email to didp@icann.org describing the documentary information you are seeking. Please provide as much detail as possible to identify the party submitting the request and the documents requested. If you have a question or need assistance with submitting a DIDP request, please contact the DIDP team at didp@icann.org."
  4. Include option for additional 30 days to original 30-day response window: "ICANN org will provide a written response to all DIDP requests, as soon as practicable within 30 calendar days of receipt of the request, unless it is not feasible to do so. If that time frame cannot be met, ICANN org will inform the requestor in writing as to when a response will be provided, which shall not be longer than an additional 30 calendar days and explain the reasons necessary for the extension of time to respond."
  5. Replace "Trade secrets and commercial and financial information not publicly disclosed by ICANN (Internet Corporation for Assigned Names and Numbers)." with "Materials, including but not limited to, trade secrets, commercial and financial information, confidential business information, and internal policies and procedures, the disclosure of which could materially harm ICANN’s financial or business interests or the commercial interests of its stakeholders who have those interests. Where the disclosure of documentary information depends upon prior approval from a third party, ICANN org will contact the third party to determine whether they would consent to the disclosure in accordance with the DIDP Response Process."
  6. Add: "ICANN may choose to, however, create new documentary information to make public in response to a request under this DIDP as ICANN deems feasible and necessary if there is little to no information available on the ICANN website."
  7. Add periodic review: "ICANN will review the DIDP Policy and the DIDP Response Process every five years."[6]

Criticism

  • The Registries Stakeholder Group noted that the conditions for nondisclosure would be broader; advised that any additional DIDP roles for the Ombudsman should not remove or replace the Reconsideration Request process; requested clarification on community members', and the Ombuds' resultant, procedures for appealing to DIDP responses; and recommended that the Complaint’s Officer should be the home for additional review of DIDP Responses.[7]
  • ALAC expressed concern that the changes would grant "ICANN the right to refuse any and all requests." It warned that ICANN should not use DIDP to "cover up its errors or poor judgement." Finally, the committee submission recommended that ICANN:
    1. Allow Ombuds to oversee the mechanism for requestor review of ICANN DIDP responses;
    2. Document in DIDP Policy recourse when DIDP is not fully satisfied; and
    3. Revise the new language on conditions for nondisclosure.[8]
  • Kevin Murphy summarized various community members' and collectives' critiques as accusing ICANN of "shirk its transparency obligations" by granting greater ability to deny requests without any explanation.[9]
  • Dr. Sarah Clayton argues that the 12 defined conditions of non-disclosure (DCND) "essentially provide an administrative loophole for ICANN to restrict the free flow of information."[10] Furthermore, her statistical p* models demonstrate that
    1. ICANN Organization considers lengthier submissions to be more likely to request contentious information and are more likely to apply DCND to them
    2. ICANN Stakeholder Groups/Working Groups are more likely to receive DCND in every condition category, except the "Affects Individual" condition
    3. "Burdensome conditions" are rarely imposed on law firms, which tend to request precise information about a specific case
    4. Registrants are less likely to receive ICANN "Integrity" conditions as they are more concerned about their own domain name registrations than about ICANN
    5. "Confidential External Business Information" conditions are less likely to be imposed on internet non-profits, as they are more interested in ICANN’s interface with Internet Governance than third-party business interests.[11]
  • Indian stakeholders have cited difficulties in accessing documents under DIDP and asked for greater transparency.[12]
    • Padmini Baruah, of The Centre for Internet and Society, explains that ICANN deflects most requests for information, using clauses about internal processes, stakeholder discussions, protecting financial interests of third parties (cited in over 50% of the responses up to 2016) to avoid disclosing its Contractual Compliance audits and reports of abuse to registrars. Baruah's complaint is that because ICANN regulates a global public good, it should be far more open.[13]

Summary Tables of DIDP Requests & Responses

Submission Date Requester Subject ICANN Response (PDF) Nondisclosure Conditions Cited Notes
24 September 2008 Danny Younger Copies of RAAs for Brandon Grey Internet Services Inc., DBA Namejuice.com, EstDomains.Inc Provided some information 5
21 November 2008 Brian Krebs Officers listed on the RAA Agreement between ICANN and Dynamic Dolphin Inc. No information available No Only officer listed on the application for accreditation was already public
6 February 2009 Christopher Cielinski, Commercial Contract Inc. Copy of original financial support and cover letter provided to ICANN by Commercial Connect, LLC as a part of their application for the .shop/.mall/.svc TLD Unable to provide a response Yes - no specific condition cited. Implication is either 5 or 6 Commercial Connect, LLC was the applicant - Commercial Connect, Inc. does not have access to information that another legal entity requested be kept confidential
6 March 2009 Edward Hasbrouck Copies of documents relating to the Independent Review Process Partial responses to requests, largely pointing to publicly available information References or allusions to 2, 6, 9, & 12 The response noted that no response was required when information was publicly available. "In a good faith effort to be as responsible as possible, ICANN, however, provides a point‐by‐point response below."
3 April 2009 Edward Hasbrouck Documentation relating to the ICANN Ombudsman and his appointment Declined - information was received and answered already All information publicly available (specifically because Hasbrouck's questions were already answered at the ICANN 34) public forum
8 May 2009 Tim Ruiz (GoDaddy) Full Request Here - Form 990 for Fiscal Year Ending 30 June 2008; details regarding the $240,000 expenditures for Lobbying Activities as reported on Schedule A Part VI‐B of Form 990 for Fiscal Years 2007 and 2008; identification of the contributors redacted on Schedule B of Form 990 for Fiscal Years 2007 and 2008; criteria or goals for bonuses awarded to CEO Paul Twomey during his tenure in 2004, 2005, 2006, as well as a bonus awarded in 2008; and documents relating to Vendors who provided technical or professional services to the Board and Staff for 2007, 2008, and 2009 Provided some information 2, 4, 5, 6, 11, & 12
17 September 2009 Victoria McEvedy Contractual provisions, policies, and other protections of staff and secretariat impartiality when dealing with SOs (GNSO, specifically, but information requested for all three). Full request here Provided partial information 4 & 6
25 September 2009 Alejandra Barrientos Needed to learn about a specific provision of RFC 1591 Provided No
27 April 2010 Michael Palage Basis for "funnel request" processing within the RSEP, and information related to the "project plan" for the New gTLD Program announced at ICANN 36 in Seoul. Partially provided information No Project plan had not yet been posted, and would be posted via usual methods
29 April 2010 Eric Brunner Williams “Correspondence, minutes, etc. between ICANN and CRAI, which set forth the scope of the CRAI economic research published on 10/24/08.” Responded providing an email regarding the CRAI SOW, and pointed requester to the CRAI final report. No
24 June 2010 Michael Palage Documents relating to an agreement between ICANN and the New South Wales government regarding funding of ICANN Sydney's office. Could not divulge details of a confidential agreement. ICANN subsequently requested whether NSW would allow disclosure; that request was denied. 1 & 5
20 August 2010 Barry Carter A list of all registered domains and all public registrant information. Provided partial information. Directed the requestor towards publicly available records. 12 Given that the number of registered domain names in gTLDs in 2010 was over 120 million,[14] this request was massively broad.
8 September 2010 Diane Duke Documentation pertaining to ICM's application for the .xxx TLD Denied request 5 The publicly available information regarding ICM's application was all that was available - ICM had requested that portions of their submissions be kept confidential.
27 September 2010 Evan Leibovitch and Avri Doria Transcripts & presentation materials for the staff report to the Board retreat on the issue of the New gTLD Program Applicant Support, as well as a vote count on any decisions taken by the board regarding that topic. No No The Board Book from the retreat was scheduled to be released after approval of the minutes; preliminary report contained the relevant vote tally; staff presentations are not transcripted, so that could not be provided.
1 December 2010 Iliya Bazlyankov The criteria and decision process used to assess, and ultimately "reject" Bulgaria's application for an IDN string Denied 2, 3, 5, & 11 Response notes that IDN applications are not "rejected"
7 December 2010 Jorge Sabate A list of all registered domains and registrant information - failing that, the "dste [sic] was created the domain name christiansmith.com" Denied 12 Overly broad, WHOIS search would provide information about specific domains
4 November 2010 Denise Subramaniam Requests for information regarding the de-accreditation of 4Domains, Inc., including whether 4Domains maintained commercial liability insurance, and what measures ICANN typically took to protect registrants. Provided partial response, including the insurance certificate for 4Domains from the original RAA process. 4
10 March 2011 Michael Palage Information related to ICANN's management of the L root server, including documents or explanations regarding why the L root's directory might not have been identical to the A root server in 2007. Full request here Denied in large part 5, 8, 9, & 10 Response notes both that information is publicly available, and that ICANN is not responsible for "compiling" information in response to a DIDP request.
16 March 2011 Kieren McCarthy Documents related to correspondence between ICANN and the GAC, including subsequent discussions regarding how to handle disagreements between ICANN and the GAC. Request was deemed moot No By the time ICANN issued a response, almost all of the information had been published, and the remainder was scheduled to be released upon approval of the minutes in which they were contanied.
11 April 2011 Diane Duke Documentation relating to the International Foundation for Online Responsibility, and ICM Registry's contracts for labelling and monitoring (still regarding ICM's .xxx application No No ICANN did not possess that information
23 May 2011 Kevin Murphy Transcripts, documents, and any other record of Larry Strickling's meeting with ICANN board members at ICANN 39 in Cartagena, as well as any similar materials from ICANN 40 in San Francisco, if a similar meeting occurred there Provided link to Cartagena meeting No No meeting occurred in San Francisco
13 June 2011 Kieren McCarthy Scorecard with respect to the status of implementation of the ATRT Pointed to publicly available report from the ATRT team No
8 July 2011 John Bell, The .JOBS Charter Compliance Coalition Information related to the change of the .jobs "Purpose" field in the IANA Root Zone Database. Provided partial information, including a redacted copy of the TLD change request submitted to IANA 6, 8, & 10 Also referenced the DIDP provision that ICANN is not responsible for "compiling" information
10 August 2011 James Keener Copy of the Registrar Accreditation Agreement between ICANN and Dynamic Dolphins Inc. as well as names on the application Information provided - 2005 RAA and 2010 RAA No
20 August 2011 Kieren McCarthy List of Board Meetings, and their agendas and minutes, between 29 July 2011 and 16 August 2011 Pointed to Board Meetings page on ICANN.org No
2 September 2011 Paul McGrady Recordings and transcripts from "all public meetings" from May 2009 to the present (September 2011), "in which a non-Staff member made a comment which was recorded or transcribed." Denied "May include, but are not limited to," 1 Also noted that ICANN is not obligated to compile information in response to requests
16 September 2011 Michael Palage Information and financial disclosures regarding ICANN's IDN Fast Track applications processing, including an assessment of the cost efficiency of the processing of the applications, and a request to square the relatively minimal fee amounts collected for all the relevant IDN fast track applications, with the $185,000 application proposed for the New gTLD program. (Full request included in ICANN's response.) Provided links to publicly available cost and budget reports No Declined to respond to questions that were not specific to "documents" - suggested that Palage speak directly with staff outside DIDP process
19 September - 20 October 2011 Kieren McCarthy Three separate DIDP requests related to McCarthy's earlier request for infomation about board meetings that occurred in the summer of 2011; the staff's interpretation of DIDP's scope and breadth; and the process used in researching & creating the responses to the DIDP requests. Provided partial information initially;
second response re: internal communication around DIDP requests;
third response, citing multiple conditions for non-disclosure 		2, 6, 8, & 9 This "conversation" via DIDP is noteworthy for providing some insight into ICANN's interpretation of the DIDP and its implementation practices
27 October 2011 Kieren McCarthy Requesting a copy of ICANN's whistleblower policy Provided context but not the policy 4, 6, & 9
27 October 2011 Kieren McCarthy Requesting a copy of the ATRT1 implementation plan Plan was detailed in an ATRT report No
29 November 2011 R. Shawn Gunnarson Staff response to McCarthy's DIDP request regarding ATRT1 contained a broken link Provided correct URL No
7 December 2011 R. Shawn Gunnarson Information related to implementation of the [[ATRT1 recommendation that ICANN hire an independent expert to review its transparency mechanisms No such documents No
17 January 2012 George Todoroff Names of the six DNS stability panel members that reviewed and subsequently rejected the Bulgarian IDN ccTLD Fast Track application in 2010. Declined 2, 3, 5, & 11
15 March 2012 George Kirikos Copies of "all correspondence submitted to ICANN in the past 24 months (from this request) that the staff have censored from the correspondence page" Declined 12 Apart from citing the "overly broad" exclusion, ICANN noted that it is not responsible for "compiling" information.
3 April 2012 John Bell, The .JOBS Charter Compliance Coalition Documents, party correspondence, and other information relating to the arbitration initiated by Employ Media LLC (the registry for .jobs) arising from the breach notice issued by ICANN on February 27, 2011. Full request Provided context and the link to publicly available information about the arbitration 1, 2, 4, 5, & 7
29 May 2012 Phil Corwin, Internet Commerce Association Regarding the inclusion of a "URS Summit" line item in the proposed budget for the next fiscal year, a list of staff & board members who played "any non-clerical role whatsoever" in the implementation of Uniform Rapid Suspension, and all of their correspondence within and without the organization. [Full request] Provided some history regarding the "URS Summit" line item, and the email chain that led to its removal from the draft budget 5, 8, & 9
8 August 2012 David Maher All documents related to the creation & operation of the Trademark Clearinghouse, including the contract with the third party operator of the TMCH, and all information related to claimes of intellectual property rights in specific strings. Full request Provided some information & context, but largely declined to produce documents 5, 6, 8, 9, & 11
27 September 2012 George Kirikos Updates to, and general improvement of, ICANN's litigation information and Independent Review Process pages. Full request Thanked Kirikos for the suggestions, and noted that most of the specific pages he referenced had been updated. No
29 January 2013 Igor Petrenko A list of all registered domains Declined 12 Noted that much of that information is publicly available
5 February 2013 Mary Blasy Documents relating to Verisign's renewal of the .com domain name registry agreement, including communications with the US government's Department of Commerce and Justice, correspondence regarding renewal details, and other information Pointed to publicly available information; declined to produce more 1, 2, 3, 5, 8, & 9
5 February 2013 Compwiz LLC Requested printed copies of all correspondence between Network Solutions & ICANN regarding compwiz.com Declined 2, 3, 5, 6, 8, & 9
26 March 2013 Oksana Prykhodko Information re: delegation of the IDN ccTLD .ykp to Ukraine Full request Pointed to public information but otherwise declined 1, 2, 3, 5, 6, 8, 9, & 10
28 March 2013 Flip Petillion Documents regarding the decision to place .hotels and .hoteis in a string contention set; and a follow-up request to for more specifics that were not previously answered in the first response. Pointed to public information & provided some context; provided addtional context in response to the subsequent request, but largely declined 3, 5, 6, 8, 9, & 11
13 April 2013 Kevin Murphy Recordings and transcripts of the meetings between ICANN and community members in Belgium and Los Angeles in November 2012 relating to the Trademark Clearinghouse, from which the "strawman" solution emerged and was accepted. Brussels was not recorded, LA was, recordings & transcripts would be posted shortly No
22 April 2013 Thomas Indelicarto, Verisign All correspondence received by ICANN regarding the organization's readiness to launch the New gTLD Program, all ICANN responses, and all communications between ICANN staff and any member of the SSAC from January 2013 to date of request Pointed to the New gTLD Program's correspondence page, and declined 2, 3, 5, 6, 8, 9, 10, & 12 Although the "SSAC communications" request only covered a four-month period, ICANN cited both the volume and variety of communications between ACs and staff, and noted that Verisign did not specify what they were looking for with any particularity
7 May 2013 George Kirikos ICANN's Board Finance Committee page was out of date; IRS form 990 for the fiscal year ending in June 2012 had not been published [Thanked Kirikos], noted that the BFC meeting minutes had been posted, and that the Form 990 would be posted once filed No
26 June 2013 George Kirikos Documents, recordings, and transcripts of meetings, presentations, and other work of the Expert Working Group on gTLD Directory Services Pointed to public records, otherwise declined 2, 3, 5, & 9
24 July 2013 NCSG Documents, recordings, transcripts and communications related to the implementation of the Trademark Clearinghouse; the "TM+50" rule (allowing trademark owners to specify up to 50 previous infringing domain strings); the development of the "strawman" solution; the processing and evaluation of NCSG's Reconsideration Request 13-3 (dealing with the same topics); and correspendence between ICANN and specific parties in relation to those topics. Full request Pointed to public record & otherwise declined 1, 2, 3, 6, 8, 9, 11, & 12
10 August 2013 Mathilde Frison Exchanges between ICANN and Registrars who had invoked ICANN's procedure for dealing with WHOIS conflicts with privacy laws; copies of the 2013 Registrar Accreditation Agreements; and the contents of a letter mentioned at ICANN 46, from Europol to ICANN and the GAC expressing demands from law enforcement bodies regarding provisions in the 2013 RAA. Responded that no documents related to the WHOIS policy existed; each RAA would be published once ICANN set a procedure for doing so; and declined to provide correspondence from Europol 2 & 9 The "letter" mentioned at the GAC meeting with law enforcement may never have been finalized by Europol - other communications were covered by the conditions for nondisclosure
13 January 2014 Kelsey Britton Requesting the inclusion of information on new domain registrations within ICANN's Monthly Registry Reports Information is not included in what is reported to ICANN. Directed Ms. Britton to the zone file database. No
20 March 2014 ICOMP Correspondence, deliberations, and other documents related to ICOMP's Community Objection to Google's application for .search. Full request Responded that all information that was not already public was subject to a condition of nondisclosure 2, 5, 6, 9, & 11
15 May 2014 George Kirikos ICANN’s unredacted Form 990 for the period ending 30 June 2013 Responded that the form was publicly posted once filed with the IRS No
23 May 2014 Amazon EU S.a.r.l. Extensive list of disclosure requests related to ICANN's acceptance of the third party neutral's decision to place Amazon's application for .amazon, as well as Chinese & Japanese character strings for the same name, be placed on hold. Pointed to public record, did not find anything else that was not subject to a condition of nondisclosure 2, 3, 8, & 12 The request also asked for GAC deliberations & records on the issue, which ICANN noted was not something they would normally be in possession of.

References

  1. DIDP Response Process, ICANN Resources
  2. 2.0 2.1 2.2 DIDP, ICANN Resources
  3. New Organizational Frameworks and Principles, Public Comment, ICANN
  4. Younger Request and Response, October 2008, DIDP Archive, ICANN
  5. Proposed Revisions to the ICANN DIDP
  6. Proposed DIDP Update (Redline), Public Comment Documents for Review
  7. RySG Submission to Proposed DIDP Changes, Public Comment, ICANN
  8. ALAC Submission on Proposed DIDP Changes, Public Comment, ICANN
  9. ICANN trying to water down its transparency obligations, DomainIncite
  10. International Sunbelt Social Network Conference 2016
  11. International Sunbelt Social Network Conference 2016
  12. Centre for Communication Governance at National Law University, Delhi Submission to the United Nations Special Rapporteur on Freedom of Speech and Expression: Study on Access to Information in International Organizations pg. 5
  13. Padmini Baruah, Peering behind the veil of ICANN's DIDP (II), CIS-India
  14. Statista.com - Number of registered domain names since 2007, January 2013
Retrieved from "https://icannwiki.org/index.php?title=Documentary_Information_Disclosure_Policy&oldid=1342174"