Hello Owen and Paul,

 

First, I want to address Owen’s statement that my previous email included “anecdotal observations.”  When the US Department of Justice seized over 40 domain names involved in a Russian Intelligence spear-phishing effort and then issued a press release. I do not believe that DoJ seizes domain names on “anecdotal observations.”  After reading that press release, I decided to do “research” and query the public Whois/RDDS information with each domain to document that information. As indicated in that PDF document, most of those domains where registered to your employer, NameCheap, and indicated an address with a Privacy/Proxy service also associated with NameCheap. I believe we should be able to agree on these “facts.” While Owen referred to the New York Times article as a hack, I actually would encourage all IRT members to read it, see https://www.nytimes.com/2024/10/09/business/iceland-online-disinformation-identity-theft.html

 

I respect that you cannot comment on an ongoing investigation or legal proceeding. However, I “assume” based on the press release that NameCheap cooperated with the DoJ/FBI. While that was the right thing to do, it was also a smart thing to do. Now, I do want to address you and other Registrars' statements about his being just a handful of names.  I would appreciate if the Contracting Parties could provide a number on want percentage of 362 million domain name registered do they view as being involved with criminal or harmful activity is acceptable?  

 

So while, 40 domain names did not cross your threshold, how about 300,000 domain names? ICANN recently credited an ICANN-accredited Registrar over $57,000 in connection with over 300,000 names that were registered using fraudulent credit cards, see https://www.icann.org/en/system/files/correspondence/weinstein-to-palage-07oct24-en.pdf. I know the Registries and Registrars are collectively working on this problem as it does not appear to be a one-off problem but a more systemic one.  Perhaps one of the Registries or Registrars on the IRT could reach out and ask if these 300,000 names were registered using a privacy/proxy service. If we could confirm this “fact.” Hopefully we could all agree that it would be something material regarding the concerns about the use of proxy/privacy services in connection with DNS Abuse.

 

This is the final response to Owen’s email. Thanks for the heads-up regarding PALAGE.COM. I do not recall opting for that setting. Roger, as a GoDaddy customer, perhaps you can shed some light on how that status changed. I do not recall knowingly making this change. I think this topic deserves further discussion if, as Volker stated on today’s call, some registrars default all registrations to privacy/proxy. Owen you will be happy to know public Whois/RDDS in connection PALAGE.COM is now available just like it was before.

 

Turning to Paul’s intervention. I think we are in agreement that the focus of the IRT needs to be about implementation. But as myself, Alan, Steve and others have tried to articulate, there have been a lot of material changes since this original PDP began almost 13 years ago.   This sub-group is trying to convey these factual changes and bring them to the attention of the GNSO Council. And the reason for this is crucial and I hope that you please forward this email to the GNSO Council to bring this to their attention.

 

Recital 111 to NIS 2.0 included the following text, “TLD name registries and entities providing domain name registration services should establish policies and procedures to collect and maintain accurate and complete domain name registration data, as well as to prevent and correct inaccurate registration data, in accordance with Union data protection law. Those policies and procedures should take into account, to the extent possible, the standards developed by the multi-stakeholder governance structures at international level.” (emphasis added).

 

Elena Plexida from ICANN Org, in briefing the Registrars and Registry about NIS 2.0, expressed frustration about what the term “to the extent possible" means. I think we have a front-row seat to how that language in NIS 2.0 will be interpreted. My personal hope is that we, as an IRT, can recognize some of the changes that have happened over the past 13 years and communicate this to the GNSO Council to get proper guidance. While that is my hope, I believe the more likely outcome is the contracting parties that constitute over half of the active membership in this IRT will block any changes that might lead to additional operating costs.

 

Now if the IRT, GNSO Council, and ICANN decide not to address some of the issues that Steve, Alan, myself and others have properly raised, whether on procedural or substantive grounds, I can live with that. I just want the record to reflect that fact. Because this decision can then be communicated to the Cooperation Group, so that if they are ever confronted with a situation to interpret Recital 111 in connection with this subject matter, they will have the proper information to make their determination.

 

Best regards,

 

Michael  

 

 

 

And for a third point of view on this, it doesn’t matter for purposes of implementing the policy if P/P services are sometimes/often/never used by bad actors or are a good/bad idea. The existential question of whether or not P/P services should allowed is not in scope for the IRT.  I hope that the IRT can get back on track and identify, with a basis beyond opinion or a desire to relitigate old issues lost during the PDP, anything that may need a fresh policy look due to changes in the technology, law, etc. since the policy was adopted.

 

Best,

Paul

 

 

 

 

I would like to highlight that this is anecdotal observations and not factual data. This is a very small subset of the likely hundred+ million domain names that use privacy/proxy services for legitimate purposes, including palage.com.