Hi Theo,

 

As you rightly note, there is no formal consequence for not following the Rep Model rules other than an issue being raised or called out. We appreciate the input and the perspective you have shared.

 

At the same time, we are not entirely sure this is an example we would want to set going forward, particularly when input can be shared through the relevant SG/C representatives, who can then bring it to the WG in line with the established processes - it should be a fairly easy step. This approach helps ensure consistency and fairness for everyone involved.

 

We also think it is important to recognize the many members, participants, alternates, observers, and SG/C representatives who make the effort to follow the agreed rules and processes and who are respectful of each other's roles and space within the group. Applying the same expectations consistently is the fairest approach for all concerned.

 

On a deeply practical note, everyone following the rules also keeps me from having to review the roster every time a new email comes in on the list to see if it should be there. I’d like to claim I have bandwidth for that, but I don’t.

 

Best,

Paul

 

 

From: Theo Geurts via Gnso-dnsabuse-pdp <gnso-dnsabuse-pdp@icann.org>
Sent: Tuesday, June 2, 2026 2:16 PM
To: trachtenbergm@gtlaw.com; Dr Eberhard W Lisse <el@lisse.na>; gnso-dnsabuse-pdp@icann.org
Subject: [Gnso-dnsabuse-pdp] Re: DNS Abuse Mitigation PDP1 WG - Logging Proposal for Consideration

 

 

While we do have the logs. Though I will admit when I would have to provide the logs of 10.000 domains suspended would take me like a week or something or more. 

 

When it comes to this scenario, I would simply provide compliance with the original reporter email we send the reseller including the ADC domains we put on client hold with the evidence why we did that. 

 

It would demonstrate compliance as we it shows when we got the report, how fast we responded to the report and how fast it took down all ADC. 

 

We registrars need to be accountable to our resellers/customers, we need to inform them what happened in case they want to challenge the decision. Which makes sense, if we get it wrong. 

 

Getting the ADC wrong means registrars could be liable. 

 

We have tons of network operators or ISP's who register bot like domain names their ASN's. We get the ADC wrong, we take down the entire internet in a country. Again, get the ADC wrong, you are in a world of legal hurt. 

 

So while I understand the ask for logs, we can actually keep it simple. I realize that registrars like us and others on this WG been doing this for long time, we simply need to expand the practice to other registrars. 

 

And yes as an Alternate I broke the rules here to respond. But as an SME who basically perfected the ADC I thought I ask for forgiveness and not  permission. So Paul can call me out on the next meeting to never do this again. 

 

Best

Theo 

 

That email would include, timestamps, dates, action taken. 

 

On Mon, Jun 1, 2026, at 8:02 PM, trachtenbergm--- via Gnso-dnsabuse-pdp wrote:

It is the cost of doing business, which always increases over time in every industry.  Just like it is the cost of doing business for brand owners to submit an increasing number of abuse reports and follow up complaints to ICANN.

 

But the goal is to make it as inexpensive as possible for registrars and while  settling on some reasonable things that can be captured such that the policy has some hope of being monitored and enforced and thus to be meaningful.

 

Best regards,

 

Marc H. Trachtenberg
Shareholder

Chair, Internet, Domain Name, e-Commerce and Social Media Practice
Greenberg Traurig, LLP

Aspen                                           Chicago

411 E. Main Street                         360 North Green Street

Suite 207 | Aspen, CO 81611        Suite 1300 | Chicago, IL 60607

T +1.970.300.5313                         T +1.312.456.1020

M +1.773.677.3305                        M +1.773.677.3305
trac@gtlaw.com | www.gtlaw.com  |  View GT Biography

Greenberg Traurig Logo

Greenberg Traurig Logo

 

From: Eberhard W Lisse via Gnso-dnsabuse-pdp <gnso-dnsabuse-pdp@icann.org>
Sent: Monday, June 1, 2026 12:06 PM
To: gnso-dnsabuse-pdp@icann.org
Subject: [Gnso-dnsabuse-pdp] Re: DNS Abuse Mitigation PDP1 WG - Logging Proposal for Consideration

 

*EXTERNAL TO GT*

Who is going to pay for all of this?

 

el



--
Dr. Eberhard W. Lisse \ / Obstetrician & Gynaecologist (retired)
el@lisse.NA / * | Telephone: +264 81 124 6733 (cell)
PO Box 8421 Bachbrecht \ / If this email is signed with GPG/PGP
10007, Namibia ;____/ Sect 20 of Act No. 4 of 2019 may apply

On Jun 1, 2026 at 19:06 +0300, trachtenbergm--- via Gnso-dnsabuse-pdp <gnso-dnsabuse-pdp@icann.org>, wrote:

As I mentioned on the call today, in my view the only practical way to be able to determine if registrars are complying with the policy is if there are logs of what is done.  Unlike the DNS Abuse obligations, where external reports are the primary driver for investigation by ICANN Compliance, we know that this is unlikely to be a driver in ADC because in most cases the reporter will bever know whether the ADC was done and won’t be able to submit any evidence that it wasn’t (excluding maybe a few edge cases).  That means that the only way ICANN Compliance will be able to check for registrar compliance with the policy is through regular and /or random audits.  But what will they look at during the audit if there are no logs?  They will be doing ad hoc checks on random domains where there was actionable evidence of DNS abuse?  And then look at what if there is not even a record of whether the ADC was done or how it was done or what it found?  This will be even more complicated when Compliance is looking at something that happened (or didn’t happen) months in the past.  The only way to have even a glimmer of hope that there is some meaningful way to determine registrar compliance is by checking the logs.  Note that even for the DNS Abuse obligations where there is meaningful availability of external reports as a driver for ICANN Compliance investigations there are logging requirements for the registrars.

 

This said, I understand and acknowledge the concerns expressed by some that logging could create significant time and administrative burdens that could have undesirable impacts in other areas, like processing of abuse complaints.  Accordingly, I think a good compromise might be to agree on some basic items to be logged that will balance providing meaningful data for compliance against keeping the administrative burden as low as possible.  These elements could be:

 

  1. When was the abuse complaint where there was actionable evidence of DNS Abuse received (presumably this is already captured)
  2. Did the ADC occur
  3. When did the ADC commence
  4. What data elements were checked
  5. What domains were determined to be associated
  6. What actions were taken against associated domains
  7. When did the ADC conclude

 

These elements would seem to provide meaningful data for compliance purposes, but also for other concerns expressed like proportionality, and also for effectiveness of the policy.  It would also seem that there are efficient ways to capture this data like in a spreadsheet or simple form.

 

Note that this is just intended as a starting point for discussion.  I look forward to people’s thoughts on the above.

 

Best regards,

 

Marc H. Trachtenberg
Shareholder

Chair, Internet, Domain Name, e-Commerce and Social Media Practice
Greenberg Traurig, LLP

Aspen                                           Chicago

411 E. Main Street                         360 North Green Street

Suite 207 | Aspen, CO 81611        Suite 1300 | Chicago, IL 60607

T +1.970.300.5313                         T +1.312.456.1020

M +1.773.677.3305                        M +1.773.677.3305
trac@gtlaw.com | www.gtlaw.com  |  View GT Biography

<image001.png>

<image002.png>

 

 

 

If you are not an intended recipient of confidential and privileged information in this email, please delete it, notify us immediately at postmaster@gtlaw.com, and do not use or disseminate the information.
_______________________________________________
Gnso-dnsabuse-pdp mailing list -- gnso-dnsabuse-pdp@icann.org
To unsubscribe send an email to gnso-dnsabuse-pdp-leave@icann.org

_______________________________________________

Gnso-dnsabuse-pdp mailing list -- gnso-dnsabuse-pdp@icann.org

To unsubscribe send an email to gnso-dnsabuse-pdp-leave@icann.org