Wow, you (our WG) don't make it easy for a person to catch-up from vacation :-) I just wanted to send my apologies for missing last week's meeting (there was not much connectivity in my tent) and I look forward to the discussion today. Best, Kathy
Hi Susan,
thank you for your feedback. i think it is good to clarify the differences so we may work towards the commonalities.
If a proxy service provides an email address in the WHOIS record but nothing is relayed or only emails that hit a very narrow criteria beyond the spam filters that would not equate to reliable contact details in my opinion.
We seem to be differing mainly on the semantics of the word reliable, it seems. I see the underlying data, especially if verified, as highly reliable. The fact that it is hidden does not make it less reliable. OTOH, you seem to refer to the word as having the added meaning of usability for the purpose of anyone contacting the domain owner.
Can the data the registrant be provided be relied upon? Of course, since the service provider needs to be able to contact them. In case of a full or partial reveal, the data will be revealed as reliable. Accurate and reliable date does not suddenly become unreliable data by the mere fact that it is hidden. The data is just as reliable or unreliable whether it is public or hidden. Actually this is not my experience at all that the data provided by the underlying registrant is reliable. The information is often times inaccurate I would guess at the same inaccuracy rates of regular domain name registrations. This may have changed recently with the validation process and people becoming more aware of the need to have accurate data but I do not think we could assume the information is accurate. I do find the proxy service information to be accurate.
One part of the accreditation regime that I assumed to be a given was that the underlying email address would have to be verified at some point. This could take the form of the provider performing the verification on its own or of relying of the confirmation of the registrar that the verification has been performed already. This would greatly increase the reliability of the data of any domain names newly entering the service.
If I as a registrant wanted to build my details in a way that any mail sent to me would be met with an automated responder that instructs the sender to fill in a webform, that would be perfectly fine. Sure, I cannot be reached through that address, but I can be contacted. Why should privacy services be different?
At least if you sent an email to admin email address and received an auto response that may act as confirmation of the email being received. A proxy vendor refusing to accept email as required by the RAA and requiring a web form be filled out is changing the purposes imposed by the RAA.
I think you misunderstood my intent here. I was describing a service that would automatically trash the incoming mail but not before sending out an automated response that re-directs the sender to a web-page where he could submit the complaint. I believe this to be in full compliance with the RAA as: a) there is a working email address on display b) sending a message to that email address allows the sender to communicate with the registrant, provided he follows the further instructions. No spammer would do such a thing, but a valid complainant would. It mainly prevents automated messages from reaching the complainant, but I am sure you'd agree that any complaint would have to be vetted by a living being before being sent to ensure quality and avoid erroneous complaints.
Similarly, a privacy service might update the email address on display regularly to foil address harvesters without violating the letter or spirit of the RAA.
I think what we need to focus on is less of the small parts but rather the big picture:
a) Should there be some form of means to contact the registrant with legitimate communications? - Yes b) Should there be a means to contact the provider? - Definitely c) Can a provider chose the (reasonable) means by which the above may be accomplished, and exclude certain forms of communication? - Yes again, but that should be made clear somehow. d) Should the registrant be allowed to refuse any communication? - Probably, however in the case of refusal to accept any communication, this should be made clear to the third party.
Best,
Volker
Am 18.08.2014 18:24, schrieb Susan Kawaguchi:
What I do not understand is why a proxy registration should be treated so differently than the other 75% of gTld domain name registrations?
In the 2013 RAA section 3.7.7.1 it states the following:
3.7.7.1 The Registered Name Holder shall provide to Registraraccurate and reliable contact details and correct and update them within seven (7) days of any change during the term of the Registered Name registration, including: the full name, postal address, e-mail address, voice telephone number, and fax number if available of the Registered Name Holder; name of authorized person for contact purposes in the case of an Registered Name Holder that is an organization, association, or corporation; and the data elements listed in Subsections 3.3.1.2, 3.3.1.7 and 3.3.1.8.
Creating a new method of contacting the registered name holder and underlying licensee or not relaying communications via email or to the postal address does not appear to fulfill the requirement of "accurate and reliable contact details"
A proxy registration information may be accurate but currently the information fails as reliable contact details.
Requiring a webform be filled out and submitted to contact the Registered name holder and underlying licensee when the other 75% of gTld domain name registrations are required to have a reliable email address and postal address sets the proxy registrations apart. The webform is not listed as a requirement in section 3. 7.7.1. Why would we afford this special treatment to the proxy registrations?
I realize the service has developed in this manner but it is also the reason we are continuing to discuss this issue.
Susan Kawaguchi
Domain Name Manager
Facebook Legal Dept.
Phone - 650 485-6064
From: <Williams>, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> Date: Monday, August 18, 2014 at 8:19 AM To: "James M. Bladel" <jbladel@godaddy.com <mailto:jbladel@godaddy.com>>, Volker Greimann <vgreimann@key-systems.net <mailto:vgreimann@key-systems.net>>, "gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>> Subject: Re: [Gnso-ppsai-pdp-wg] Proposal contactability
Thanks James. Quick question: if, as you note, most of your P/P customers engage the service to avoid being spammed -- why is that objective/purpose not sufficiently protected by a standard that says "A provider must relay all electronic requests received (including emails and via web forms), but may implement commercially reasonable safeguards (including CAPTCHA) to filter out spam."?
By asking the question I don't necessarily mean to make a judgment on your "access whitelist" idea. I'm just not sure I understand its utility on this specific question (relay), where a means to address the problem that it is trying to solve (i.e., spam) appears to have already been baked in.
Thanks
TW.
*From:*gnso-ppsai-pdp-wg-bounces@icann.org <mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *James M. Bladel *Sent:* Sunday, August 17, 2014 6:23 PM *To:* Volker Greimann; gnso <mailto:gnso-ppsai-pdp-wg@icann.org>(most of our P/P customers engage the service to avoid being spammed).
*Subject:* Re: [Gnso-ppsai-pdp-wg] Proposal contactability
Thanks to Volker for getting this conversation started. I also share the belief that we should define a system that assures reporters their claims will be relayed by P/P services. However, I disagree on some key points raised by Volker and others.
First, I do not believe there should be any attempt to filter submitted reports based on content. That approach does not scale, and simply results in an arms race where would-be spammers attempt to circumvent the filters. Also, I do not believe P/P services should relay ---all---reports. This treats the P/P email point of contact as an email "alias" for the beneficial user's real address, and completely defeats the purpose of the service
I favor an approach that is modeled after ICANN's Invalid WHOIS Reporting System, and one that many Registrars have implemented to guard against WHOIS harvesting -- an access whitelist. Speaking generally, such a system would require reporters to identify themselves when submitting a claim for relay. Is reporter should also have to designate the email address from which relay claims will originate, and the service provider agrees to honor relay request from that Address without discriminating on its content. The P/P service provider can then monitor the use of the relay system by each reporter, and suspend or terminate access for any reporter that is found to be abusing the system.
If this sounds familiar, it is blatantly copied from the EWG's proposed RDS concept. I think this idea has merit, and regardless of what happens to the rest of the EWG's recommendations, we should consider opportunities to implement this proposal in existing contexts.
Look forward to continuing our discussions on this point on Tuesday.
Thanks---
J.
*From: *Volker Greimann <vgreimann@key-systems.net <mailto:vgreimann@key-systems.net>> *Date: *Wednesday, August 13, 2014 at 4:27 *To: *"gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>> *Subject: *[Gnso-ppsai-pdp-wg] Proposal contactability
As Susan and Steve have repeatedly asked what my proposal would be to ensure contactability of the beneficial owner/registrant.
As a basis, a spec derivative of the WAP spec to the RAA would have to be developed. I took the liberty of modifying the WAP for this purpose as a basis for discussion. This would bring the obligation of the privacy service provider to validate and verify the contact details to the same level of that of the registrar, thus ensuring the Service Provider has either accurate details or a duty to verify and validate.
Now, I would agree that some level of a contactibility guarantee is warranted. This could be something to this tune, as a basis for discussion:
/"Service Provider are required provide a means for third parties to directly or indirectly communicate with the Beneficial Owner. Such means may include any of the following: a) providing a postal mail forwarding address b) providing a collective email point of contact for all domain names under the Service (such as abuse@service.provider <mailto:abuse@service.provider>) c) providing an individual email point of contact for each domain name under the Service (such as string@domain.name <mailto:string@domain.name> or domain.name@service.provider <mailto:domain.name@service.provider>) ... ...
Service Provider must inform potential complainants about the accepted means of communication on its website. Service provider may refuse to forward, process or even accept communications sent by a non-accepted means of communication. In case forwarding of postal communications is offered, Service Provider may charge complainant reasonable handling fees and costs for the forwarding service and defer the forwarding of communications until payment is received.
Service Provider may refuse to forward spam, duplicate messages, purchase or business inquiries, harrassing communications, anonymous communications and/or unwanted communications. Service Provider is authorized to update or modify the means of communication from time to time. Service Provider is authorized to blacklist complainants with a history of abusing the provided means of communication."/
All subject to further discussion, ofc.
I realize this draft goes into detail more than we should in this WG, but having been asked for a proposal, I felt it necessary in order to move the discussion ahead. Terms: Service Provider - Privacy/Proxy Service Provider Beneficial Owner - Replaces "Registrant" filter - not deliver to Beneficial owner Service - the privacy/proxy services
-- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann - Rechtsabteilung -
Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email:vgreimann@key-systems.net <mailto:vgreimann@key-systems.net>
Web:www.key-systems.net <https://urldefense.proofpoint.com/v1/url?u=http://www.key-systems.net&k=ZVNj...> /www.RRPproxy.net <https://urldefense.proofpoint.com/v1/url?u=http://www.RRPproxy.net&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=9f6208e6e8f1dac0b3f5ee9154870f7a5e52ad42b0bd13ae5241fab95f59dec7>www.domaindiscount24.com <https://urldefense.proofpoint.com/v1/url?u=http://www.domaindiscount24.com&k...> /www.BrandShelter.com <https://urldefense.proofpoint.com/v1/url?u=http://www.BrandShelter.com&k=ZVN...>
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystems <http://www.facebook.com/KeySystems>www.twitter.com/key_systems <https://urldefense.proofpoint.com/v1/url?u=http://www.twitter.com/key_system...>
Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP www.keydrive.lu <https://urldefense.proofpoint.com/v1/url?u=http://www.keydrive.lu&k=ZVNjlDMF...>
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
--------------------------------------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann - legal department -
Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email:vgreimann@key-systems.net <mailto:vgreimann@key-systems.net>
Web:www.key-systems.net <https://urldefense.proofpoint.com/v1/url?u=http://www.key-systems.net&k=ZVNj...> /www.RRPproxy.net <https://urldefense.proofpoint.com/v1/url?u=http://www.RRPproxy.net&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=9f6208e6e8f1dac0b3f5ee9154870f7a5e52ad42b0bd13ae5241fab95f59dec7>www.domaindiscount24.com <https://urldefense.proofpoint.com/v1/url?u=http://www.domaindiscount24.com&k...> /www.BrandShelter.com <https://urldefense.proofpoint.com/v1/url?u=http://www.BrandShelter.com&k=ZVN...>
Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystems <http://www.facebook.com/KeySystems>www.twitter.com/key_systems <https://urldefense.proofpoint.com/v1/url?u=http://www.twitter.com/key_system...>
CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP www.keydrive.lu <https://urldefense.proofpoint.com/v1/url?u=http://www.keydrive.lu&k=ZVNjlDMF...>
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
-- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann - Rechtsabteilung -
Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email:vgreimann@key-systems.net
Web:www.key-systems.net /www.RRPproxy.netwww.domaindiscount24.com /www.BrandShelter.com
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystemswww.twitter.com/key_systems
Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP www.keydrive.lu
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
--------------------------------------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann - legal department -
Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email:vgreimann@key-systems.net
Web:www.key-systems.net /www.RRPproxy.netwww.domaindiscount24.com /www.BrandShelter.com
Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystemswww.twitter.com/key_systems
CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP www.keydrive.lu
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
-- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann - Rechtsabteilung -
Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email:vgreimann@key-systems.net
Web:www.key-systems.net /www.RRPproxy.net www.domaindiscount24.com /www.BrandShelter.com
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystems www.twitter.com/key_systems
Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP www.keydrive.lu
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
--------------------------------------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann - legal department -
Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email:vgreimann@key-systems.net
Web:www.key-systems.net /www.RRPproxy.net www.domaindiscount24.com /www.BrandShelter.com
Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystems www.twitter.com/key_systems
CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP www.keydrive.lu
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg