I was rushing, as I tend to do with the sole hour I can spare for my daily blogging. However, Kang’s wording didn’t raise a red flag as she emphasized the requirement to publish and left for inference that a list would still be maintained. In skimming through the release, that black list isn’t called out in so many words, rather it is implied by the requirement that once a hostname is acted against, ISPs and registrars are required to continue blocking resolution. The change to which she and you refer is a tweak from the section stating that the AG “may” publish the list, whereas the former draft must have said “shall”.
It is still possible that the AG would indeed publish the list, though I certainly agree that softening that requirement is troubling. Why on earth would making it possible for the blacklist to be secret be consistent with the other changes made to address public concern? Perhaps the authors were thinking it would be easily overlooked or that they’d take something in the exchange, in making this compromise.
Several of the folks I’ve talked to at public interest groups who wrote or signed onto letters leading to this change really struggled with whether they should oppose the bill outright or push for changes, usually a more modest and achievable goal. This draft has been moving so quickly it has left little time for consideration even from NGOs who are dedicated to red lining drafts and making detailed responses and recommendations.