[ALAC] Where is ALAC on the TAS problem?

Wed Apr 18 18:34:07 UTC 2012

Greetings, colleagues.

Some discussions are taking place on the NCSG list about the TAS problem and the way ICANN is handling it. I do not see similar discussions taking place among the at-large. Pardon me if I have missed them. Indeed, I believe some have raised the issue in the skype chat of the TAS SNAFU (or, as my English relatives would call it, monumental cock-up), but with the opinion that end-users are not affected, so it's not worth worrying about. 

In my opinion the situation has become worse, to the degree I beg to differ -- the public interest is indeed affected. Note the most current communique from ICANN staff April 17:
---------------------------------------------------
TAS Interruption - Update (17 April 2012)
Statement by Akram Atallah, COO
17 April 2012
ICANN's review of the technical glitch that resulted in the TLD
application system being taken offline indicates that the issue stems
from a problem in the way the system handled interrupted deletions of
file attachments. This resulted in some applicants being able to see
some other applicants' file names and user names.
As reported yesterday, we are seeking confirmation that the solution we
have implemented for this issue is effective.
We are also conducting research to determine which applicants' file
names and user names were potentially viewable, as well as which
applicants had the ability to see them.
Many organizations are seeking information on whether we will proceed
with the planned publication of applied-for domain names on 30 April. We
will update the target date for publication as part of our update on the
timing of the reopening, no later than Friday, 20 April at 23.59 UTC.
---------------------------------------------------------------
Note that ICANN was aware of this "glitch" almost a month previously, but apparently took no action. In my opinion (and others), this situation is going to escalate. Certainly it is in the public interest, even beyond the obvious issue that there may be problems with applications from would-be public-interest gTLD sponsors.

* Is it not within the public interest to demand a full accounting of what went wrong with an integral system, indeed, the first "system," to be publicly rolled out in the "mechanical" application process for new gTLDs?

* Was the TAS hacked? Coded incorrectly? Who performed the work? Who reviewed it? Can ICANN as an organization address the credibility problem created by this? How can the public expect that the safety, stability and security of the Internet will be safeguarded by ICANN, if at the first phase of the process the organization cannot field a working system for gTLD applications?

* Is ICANN aware, regardless of the bureaucratic or technical processes involved, that together with the temporary loss of the IANA contract, the back-and-forth of the IOC/RC process, and now the TAS problem, an observer may conclude that the organization can't fulfill its mandate?

What should the ALAC do (in my opinion)?

* Call for a full, independent review of the TAS process from soup to nuts. Why was the technical problem not acted upon sooner? What emergency response protocols are in place? Any? 
* Offer to coordinate candidate selection for such a review, to help ensure the same people who made the mistakes are not reviewing their own work.
* Determine what organizational problems within ICANN led to this failure.
* Undertake an analysis of those problems to address whether such incompetence could spill over into the actual process of bringing new gTLDs online, vis-a-vis the stability, safety and security of the Internet. Make that analysis comprehensive and, most important, public.
* Undertake a review to determine if ICANN does, in fact, have the technical and organizational capabilities to actually execute its mission, and if not, fess up and hire some people who know what they are doing.