d. Use Cases
- Marika Konings
Use Case Categorization
Group 1: Criminal Law enforcement/national or public security | LEA 1, LEA 2, IP 2, IP 3 |
|---|---|
| LEA 1 - Investigation of criminal activity against a victim in the jurisdiction of the investigating EU LEA requesting data from a non-local data controller. | Use Case - GAC LEA1-29-8 Redline.docx EPDP Access to Non-Public Data .pdf EPDP Access to Non-Public Data - Overall + Responsibilities.pdf |
| LEA 2 - Investigation of criminal activity against a victim in the jurisdiction of the investigating EU LEA requesting data from a local data controller. | Use Case - GAC LEA2 - 29 August 2019.docx |
| IP 2 - Investigation of criminal activity against a victim in the jurisdiction of the investigating LEA requesting data from either a local a non-local data controller. (criminal trademark) | Use Case - IPC-TM-Criminal.docx |
| IP 3 - Investigation of criminal activity in the jurisdiction of the investigating LEA requesting data from either a local a non-local data controller. (criminal copyright) | Use Case - IPC-Copyright-Criminal.docx |
| Group 2: Non-LE investigations and civil claims | BC1/2, BC 3, BC 5, SSAC 3, ALAC 2, IP 1, IP 4 |
|---|---|
| SSAC 3 - Investigation of criminal activity where domain names are used. Typical specific example: phishing attack. | SSAC Crime-Abuse Investigation Use Case - 11 July 2019.docx |
| BC 3 - Identify owner of abusive domains and other related domains involved in civil legal claims related to phishing, malware, botnets, and other fraudulent activities | BC-3 Use Case - Investigate Abusive Domain.docx |
| IP 1 - Trademark owners requesting data in the establishment, exercise or defense of legal claims for trademark infringement | Use Case - trademark infringement use case - updated 28 June 2019.docx Use Case - trademark infringement use case - redline - updated 28 June 2019.docx |
| BC1/2 Initial investigation of criminal activity against a victim and/or secondary victim where domain names are used in the commission of the crime | BC-1 & BC-2 Digital Crime Investigation Use Case.docx |
| BC 5 - The establishment, exercise or defense of a legal claim involving a registrant of a domain name | BC-5 Use Case - Obtain domain name holder details for legal action.docx |
| IP 4 - Copyright owners requesting data in the establishment, exercise or defense of legal claims for copyright infringement | Use Case - IPC-Copyright-Civil.docx |
| ALAC 2 - Consumer protection organizations | Consumer_Protection_Use_Case_ALAC - Consumer Protection Organizations.docx |
| Group 3: Need for redacted data for a third party to contact registrant | BC 7, SSAC 1 |
|---|---|
| SSAC 1 - When a network is undergoing an attack involving a domain name, and the operator(s) of that network need to contact the domain owner to remediate the security issue (DDOS, Botnet, etc.) | Use Case - SSAC Operational Security.docx |
| BC 7 - Contacting the Registrant to resolve a Technical or Operational Issue with a Domain Name | BC-7 Use Case - Technical Issue Resolution.docx |
| Group 4: Consumer protection, abuse prevention, digital service provider (DSP) and network security | SSAC 2, BC 9, ALAC 1 |
|---|---|
| SSAC 2 - Determine “Reputation” of domain name and/or elements associated with domain name registrations. | Use Case - SSAC Reputation Service.docx |
| ALAC 1 - Online buyers identifying and validating the source of goods or services/ Internet users validating the legitimacy of an email or a website to protect themselves | Consumer_Protection_Use_Case_ALAC - Online buyers.docx |
| BC 9 - Search Engines, Messaging Services & Social Media Platforms seeking to confirm the authenticity of businesses advertising or Posting News on its Platform | BC- 9 Use Case - Site and Business Integrity Confirmation (2).docx |
| Group 5: Registered Name Holder consent or contract | BC 4, BC 6, BC 8, IP 5 |
|---|---|
IP 5 - Providers requesting access required to facilitate due process in the UDRP and URS | Use Case - IPC-UDRP-URS-Due-Process - FINAL updated - 15 August 2019.docx |
| BC 6 - M&A name portfolio due diligence or purchase of domain name from bankrupt entity or other seller | BC-6 Use Case - M&A and domain purchase.docx |
| BC 4 - Maintaining the domain name registration by the Registered Name Holder | BC4 Use Case - Domain Name Maintenance.docx |
| BC 8 - Help a certification authority determine and validate the identity of the entity associated with a domain name that will be bound to an SSL/TLS certificate | BC-8 Use Case - Certification Authority.docx |
LEGEND
LEA 1 | Investigation of criminal activity against a victim in the jurisdiction of the investigating EU LEA requesting data from a non-local data controller. |
LEA 2 | Investigation of criminal activity against a victim in the jurisdiction of the investigating EU LEA requesting data from a local data controller. |
SSAC 1 | When a network is undergoing an attack involving a domain name, and the operator(s) of that network need to contact the domain owner to remediate the security issue (DDOS, Botnet, etc.) |
SSAC 2 | Determine “Reputation” of domain name and/or elements associated with domain name registrations. |
SSAC 3 | Investigation of criminal activity where domain names are used. Typical specific example: phishing attack. |
IP 1 | Trademark owners requesting data in the establishment, exercise or defense of legal claims for trademark infringement |
IP 2 | Investigation of criminal activity against a victim in the jurisdiction of the investigating LEA requesting data from either a local a non-local data controller. (criminal trademark) |
IP 3 | Investigation of criminal activity in the jurisdiction of the investigating LEA requesting data from either a local a non-local data controller. (criminal copyright) |
IP 4 | Copyright owners requesting data in the establishment, exercise or defense of legal claims for copyright infringement |
IP 5 | Providers requesting access required to facilitate due process in the UDRP and URS |
BC1/2 | Initial investigation of criminal activity against a victim and/or secondary victim where domain names are used in the commission of the crime |
BC 3 | Identify owner of abusive domains and other related domains involved in civil legal claims related to phishing, malware, botnets, and other fraudulent activities |
BC 4 | Maintaining the domain name registration by the Registered Name Holder |
BC 5 | The establishment, exercise or defense of a legal claim involving a registrant of a domain name |
BC 6 | M&A name portfolio due diligence or purchase of domain name from bankrupt entity or other seller |
BC 7 | Contacting the Registrant to resolve a Technical or Operational Issue with a Domain Name |
BC 8 | Help a certification authority determine and validate the identity of the entity associated with a domain name that will be bound to an SSL/TLS certificate |
BC 9 | Search Engines, Messaging Services & Social Media Platforms seeking to confirm the authenticity of businesses advertising or Posting News on its Platform |
ALAC 1 | Online buyers identifying and validating the source of goods or services/ Internet users validating the legitimacy of an email or a website to protect themselves |
ALAC 2 | Consumer protection organizations |