All,

 

I just wanted to provide a quick update of where we are on negotiations between the IPC and the registrars on this issue.  It looks like we have agreed on language but still have not aligned on whether the language should go in the recommendation itself or the Implementation Guidance.  The agreed on language is as follows:

 

“Reasonably Accessible Data” means Registration Data or other information searchable and available to the registrar through its own existing systems and processes in the normal course of business. The availability of data beyond Registration Data may vary based on the registrar’s business model, operational structure, and data architecture. Registrars are not required to obtain, compile, create, or access data that is not ordinarily available to them, would require disproportionate effort to obtain, or where doing so would violate applicable law or contractual obligations.

 

For the purposes of this policy, “reasonably accessible data” may include, but is not limited to:

·         Registration Data required to be collected or maintained under applicable ICANN agreements and consensus policies

·         Data otherwise held by the registrar and reasonably accessible through systems and processes used in the registrar's normal course of operations and

·         Information received by the registrar in connection with an abuse report or investigation.

Where a registrar operates through a reseller or similar business model:

·         A registrar may rely on a reseller to conduct ADC investigation steps using data reasonably available to the reseller.

·         Registrars will remain responsible for all relevant contractual obligations, as required by 3.12 of the RAA. This means the registrar is fully responsible for complying with all RAA requirements (including 3.18) even when it uses a reseller.

 

IPC continues to strongly believe that it is important to have some clear baseline requirements for the ADC and that there is no reasonable argument that Registration Data (i.e., registrant and basic domain information like nameserver) that registrars are required to collect for every registration is not reasonably accessible to that registrar.

 

With this language there are ample protections for registrars against scope creep based on change in law or from other information that they are required to collect under the RAA like audit records, etc., as the langue is limited to just the registration data they must already collect.

 

There are also ample protections for registrars in Recommendation 3 and other Recommendations that make crystal clear  that registrars do not have to use all reasonably accessible data in their ADC checks and have discretion to choose which elements to use (see e.g., Rec 4 “the specific elements considered in any given ADC, even within a single registrar, may vary depending upon the particular circumstances.”).

 

There is also no risk that we are giving bad actors a roadmap of what to avoid as it will be obvious to any bad actor that the ADC required by this policy (just like the ADC already conducted by some registrars) includes basic domain information like registrant, registration date and nameservers.

 

At the end of the day, if the ADC does not by default include basic domain information that already must be collected by registrars in the policy, then the policy is meaningless.  This is basic table stakes folks, and should be part of the policy and not subject to potentially different interpretations by the IRT or anyone else.  There is plenty of flexibility in the recommendations for the policy and registrars to adapt later as DNS Abuse tactics change.

 

Finally, we understand that the BC is on board with this so it is not accurate to say that the IPC is alone here.  We are hopeful that the registrars can get on board with this as well.  We can discuss further on Monday. 

 

Have a great weekend everyone and for those in the US, Happy 4th!

 

Best regards,

 

Marc H. Trachtenberg
Shareholder

Chair, Internet, Domain Name, e-Commerce and Social Media Practice
Greenberg Traurig, LLP

Aspen                                           Chicago

411 E. Main Street                         360 North Green Street

Suite 207 | Aspen, CO 81611        Suite 1300 | Chicago, IL 60607

T +1.970.300.5313                         T +1.312.456.1020

M +1.773.677.3305                        M +1.773.677.3305
trac@gtlaw.com | www.gtlaw.com  |  View GT Biography

Greenberg Traurig Logo

Greenberg Traurig Logo

 


If you are not an intended recipient of confidential and privileged information in this email, please delete it, notify us immediately at postmaster@gtlaw.com, and do not use or disseminate the information.