IE Domain Registry t/a .IE

The Policy Advisory Committee (PAC) was established by the Company in July 2014, to provide a forum to consider and provide advice to the .IE Board of Directors on policy change requests. The PAC operates under its specific Terms of Reference and follows the published 10-step Policy Development Process (PDP). The PAC considers all policy change requests submitted for review, and where consensus exists for a change, it also advises on the implementation of such policy change requests. The members of the PAC are stakeholders with an interest in the .ie namespace and its policies. The membership includes representatives from eligible organisations. That list was extended in 2019, with the welcome addition of CyberSafeKids and IRISS (the Irish Reporting and Information Security Service), who joined the .ie accredited Registrars, the Department of Communications, Enterprise Ireland, the Small Firms Association (SFA), the Law Society, the Internet Service Providers Association of Ireland (ISPAI), the Department of Business, the Irish Computer Society (ICS) and the Association of Patent and Trademark Attorneys (APTMA). PAC – operation and modus operandi The Committee convened over Zoom on three occasions in 2020. The PAC has maintained the strong levels of meeting attendance and engagement evident since its inaugural meeting in 2015. This has been vital to the progression of the various policy change discussions, as has the diverse expertise, experience and knowledge of the Committee members. The commitment of the PAC in adhering to the bottom- up, consensus-driven, multi stakeholder-led PDP has been invaluable in the progression of the policy changes. Entering its seventh year of operation, the PAC expects to continue to build on the achievements and milestones of previous years. During 2020, the PAC issued advice to the Board of .IE in relation to a number of matters including: the decision to cease providing a direct registration service to direct customers; the extension of the WHOIS service to include abuse contact details for each domain; and the introduction of a defined, transparent procedure (within the existing registration and naming policy) for facilitating requests to “apply” for reserved names; and fastpass refinements to existing policies to facilitate the corporate rebranding and the new registration systems. Proactively tackling online abuse which uses the .ie DNS The substantive work of the PAC during 2020 focused on developing a policy response to handling technical abuse or criminal abuse (illegality) which uses the .ie DNS. After the initial impact assessment by the PAC, the analysis phase addressed the issues in two separate work streams. There was full consensus on the response to proactively identify online technical abuse issues, such as websites that are hosting malware, phishing or botnets. It was agreed to identify an internet services company which could provide internet security monitoring services, including cybercrime disruption, application security testing and automated vulnerability scanning. The company agreed to finance the reasonable costs of the service. The importance of engagement with and involvement of the Registrar channel was accepted by all. The policy response to addressing criminal abuse (illegality) involved considerable and constructive engagement from PAC members. During 2020, representatives from law enforcement made a formal presentation to the PAC, informing members that there were no notable abuse concerns within the .ie namespace, and complimented channel participants, saying there was no notable friction with existing takedown and suspension procedures. Subsequently, there was consensus that criminal abuses, when they arise, can have life-altering impacts on victims, and that there is a responsibility on all internet stakeholders to collaboratively, proactively prevent and mitigate occurrence of these crimes to minimise the number of victims. The importance of following due process was repeatedly emphasised as a critical success factor in developing an appropriate policy response. Discussions and consensus building regarding alternative policy responses progressed into 2021, as PAC members and stakeholders continued to monitor and evaluate international developments and initiatives. Corporate Governance IE Domain Registry CLG t/a .IE / Annual Report & Review 2020 18 Policy Development .IE mirrors the international multi-stakeholder philosophy and principles within its structures and has adopted a bottom-up, consensus-driven, and consultative approach to all .ie namespace policy matters.