Public Safety Working Group Co-Chair Laureen Kapin (US FTC ... pswg.pdf · 2. Preserve and Improve...

Preview:

Click to see full reader

Citation preview

Public Safety Working Group (PSWG)23 October 2018

Laureen Kapin (US FTC)Co-Chair

ICANN63 GAC Plenary Meeting

| 2

1. Introduction and Review of PSWG Activities

2. WHOIS Compliance with GDPR: Impact of ICANN’s Temporary Specification on Law Enforcement

3. DNS Abuse Mitigation: update on Domain Abuse Activity Reporting (DAAR) by ICANN (John Crain, ICANN)

Agenda

| 3

1. Introduction and Review of PSWG Activities

2. WHOIS Compliance with GDPR: Impact of ICANN’s Temporary Specification on Law Enforcement

3. DNS Abuse Mitigation: update on Domain Abuse Activity Reporting (DAAR) by ICANN (John Crain, ICANN)

Agenda

| 4

Strategic Goals:

1. Develop DNS Abuse and Cybercrime mitigation capabilities

2. Preserve and Improve Domain Registration Directory Service Effectiveness

3. Build Effective and Resilient PSWG Operations

4. Develop Participation in PSWG Work and Ensure Stakeholder Input

PSWG Activities

| 5

1. Introduction and Review of PSWG Activities

2. WHOIS Compliance with GDPR: Impact of ICANN’s Temporary Specification on Law Enforcement

3. DNS Abuse Mitigation: update on Domain Abuse Activity Reporting (DAAR) by ICANN (John Crain, ICANN)

Agenda

| 6

● The WHOIS/RDS2 Review Team conducted a survey of Law Enforcement agencies worldwide

● Goal:○ to find out more about their use of the WHOIS,○ to determine whether WHOIS met their investigative needs,○ to provide a first assessment of the impact of changes made to

the WHOIS by the Temporary Specifications adopted by the ICANN Board on 17 May 2018.

● 55 respondents (many on behalf of countries): Australia, Austria, Bahrain, Belgium, Brazil, Chile, China, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hong Kong, India, Iran, Ireland, Italy, Japan, Kenya, Korea (South), Kuwait, Latvia, Mexico, Morocco, Nigeria, Philippines, Singapore, Slovakia, Slovenia, Sweden, Taiwan, Trinidad and Tobago, United Kingdom, United States of America and Zambia

WHOIS/GDPR - Impact on Law Enforcement

| 7

WHOIS/GDPR - Impact on Law Enforcement

Source: WHOIS-RDS2 Review Team Initial Report Webinar, 17 September 2018

https://community.icann.org/display/WHO/Webinar%3A+Registration+Directory+Service+%28RDS%29-WHOIS2+Review+Draft+Report+-+17+September+2018?preview=/93129062/95093621/RDS-WHOIS2%20RT%20Webinar%2017%20September%202018.pdf

| 8

WHOIS/GDPR - Impact on Law Enforcement

Source: WHOIS-RDS2 Review Team Initial Report Webinar, 17 September 2018

https://community.icann.org/display/WHO/Webinar%3A+Registration+Directory+Service+%28RDS%29-WHOIS2+Review+Draft+Report+-+17+September+2018?preview=/93129062/95093621/RDS-WHOIS2%20RT%20Webinar%2017%20September%202018.pdf

| 9

WHOIS/GDPR - Impact on Law Enforcement

Source: WHOIS-RDS2 Review Team Initial Report Webinar, 17 September 2018

https://community.icann.org/display/WHO/Webinar%3A+Registration+Directory+Service+%28RDS%29-WHOIS2+Review+Draft+Report+-+17+September+2018?preview=/93129062/95093621/RDS-WHOIS2%20RT%20Webinar%2017%20September%202018.pdf

| 10

WHOIS/GDPR - Impact on Cybersecurity

Source: ICANN GDPR and WHOIS Users Survey, APWG & MAAWG, 18 October 2018

http://docs.apwg.org/reports/ICANN_GDPR_WHOIS_Users_Survey_20181018.pdf

| 11

WHOIS/GDPR - Impact on Cybersecurity

Source: ICANN GDPR and WHOIS Users Survey, APWG & MAAWG, 18 October 2018

http://docs.apwg.org/reports/ICANN_GDPR_WHOIS_Users_Survey_20181018.pdf

| 12

WHOIS/GDPR - Impact on Cybersecurity

Source: ICANN GDPR and WHOIS Users Survey, APWG & MAAWG, 18 October 2018

http://docs.apwg.org/reports/ICANN_GDPR_WHOIS_Users_Survey_20181018.pdf

| 13

WHOIS/GDPR - Impact on Cybersecurity

Source: ICANN GDPR and WHOIS Users Survey, APWG & MAAWG, 18 October 2018

http://docs.apwg.org/reports/ICANN_GDPR_WHOIS_Users_Survey_20181018.pdf

| 14

WHOIS/GDPR - Impact on Cybersecurity

Source: ICANN GDPR and WHOIS Users Survey, APWG & MAAWG, 18 October 2018

http://docs.apwg.org/reports/ICANN_GDPR_WHOIS_Users_Survey_20181018.pdf

| 15

WHOIS/GDPR - Impact on Cybersecurity

Source: ICANN GDPR and WHOIS Users Survey, APWG & MAAWG, 18 October 2018

http://docs.apwg.org/reports/ICANN_GDPR_WHOIS_Users_Survey_20181018.pdf

| 16

WHOIS/GDPR - Impact on Cybersecurity

Source: ICANN GDPR and WHOIS Users Survey, APWG & MAAWG, 18 October 2018

http://docs.apwg.org/reports/ICANN_GDPR_WHOIS_Users_Survey_20181018.pdf

| 17

WHOIS/GDPR - Impact on Cybersecurity

Source: ICANN GDPR and WHOIS Users Survey, APWG & MAAWG, 18 October 2018

http://docs.apwg.org/reports/ICANN_GDPR_WHOIS_Users_Survey_20181018.pdf

| 18

● Requests for non public data to registrars have inconsistent, unpredictable results

● Temporary specification is too vague regarding access to non public data

● Some registrars are not providing reasonable access by systematically requiring court orders

● Investigations take longer; victims at risk longer

● Not seeing the full impact on investigations yet:○ LEA still have access to pre 25 May 2018 data○ Nevertheless, ability to attribute crime is degrading

WHOIS/GDPR - Impact on Law Enforcement

| 19

WHOIS/GDPR - Needs of Law Enforcement

● Immediate access to non public data via central portal

● Reverse Lookup (Searchability of Whois)

● Historical Whois (Requires longer data retention)

● Single and multiple query capabilities

● Cybersecurity researchers’ access to non public data (including reverse lookup)

| 20

1. Introduction and Review of PSWG Activities

2. WHOIS Compliance with GDPR: Impact of ICANN’s Temporary Specification on Law Enforcement

3. DNS Abuse Mitigation: update on Domain Abuse Activity Reporting (DAAR) by ICANN (John Crain, ICANN)

Agenda

Recommended

Ftc Comunicacao
Documents
QUESTION #1 GIVEN: m Publish Laureen Singleton, Modified 5 months ago
Documents
FTC filing in the Whole Foods-Wild Oats dealonline.wsj.com/public/resources/documents/mackey-ftc-07112007.pdf · FTC filing in the Whole Foods-Wild Oats deal Keywords: FTC filing
Documents
Ftc judging
Technology
FTC & Waveshield, Coworking Laidoffcampla 090503002927 Phpapp01, ftc details
Technology
Status of Space-Charge Simulations with MADX Valery KAPIN ITEP & MEPhI, Moscow GSI, 19-Feb-2009 kapin@itep.ru
Documents
FTC Awards
Documents
PlanSwift - E-5 ne...co. co co co. MSR co AREA A A co 9.3 FTE 5.3 FTC] 396.1 FTC 25.8 85.6 FTC] 42.6 FTC 17.2 FTC] 8.0 EAO 1.0 EAS EDI co EXT co
Documents
FTC 470 Z, FTC 471 Z (BA) - Axon Automation€¦ · FTC 470 Z, FTC 471 Z ... Nivotester FTC 470 Z / FTC 471 Z 1 Notes on Safety Endress+Hauser 5. ... Maximum assignment of the terminal
Documents
Ftc national
Law
FTC Group Presentation
Business
Enfermagem FTC
Documents
Comment letter to FTC re: Solera Holdings FTC File 121-0615
Documents
Medellin, 1 de Julio del 2017 - fai.org.co · TAF/FTC ABC/3TC EVG/COBI TDF/FTC EFV TDF/FTC ± yes Brand name RPV TDF/FTC yes ATRIPLA EVIPLERA/ STRIBILD GENVOYA TRIUMEQ COMPLERA TAF/FTC
Documents
Designing for FTC with TETRIX Hints and Tips - FTC 0001 for FTC with Tetrix... · Designing for FTC with TETRIX Hints and Tips Presented by: ... 2012/13 Building for FTC with TETRIX
Documents
1 Barbiturates, General Anesthetics, and Antiepileptic Drugs Laureen Trail Spring 2003
Documents
Management durable ftc
Documents
Laureen Hines, Queensland Health: Queensland State HITH Services Update
Health & Medicine
Daftar Inventarisir Kapin PPN Brondong
Documents
Collimation Valery Kapin Workshop on Booster Performance and Enhancements 23-24 November 2015
Documents