Hi All, As requested by our chair last week, I have taken Jim Bikoff's groupings and headings as a starting point and expanded them to include Registration questions and other issues. As noted earlier, the questions that we are working off of come from a set of questions gathering by staff at the end of the RAA Negotiations from those still somewhat unhappy with the negotiations. What seems needed as balance is questions about those who are satisfied with the current p/p providers (for the most part) and why. So I have added them, included one that I see discussed a lot since our last call: /=> [//Basic Registration Issues] Should proxy/privacy services continue to be available and accessible to companies, noncommercial organizations and individual who seek them for legal and legitimate purposes? /Below, and also attached, please find an update to Jim Bikoff's excellent start, with questions from a range of perspectives and concerns to help guide our discussions ahead. Please note that I removed no questions, but only added some (in italics). Best, Kathy p.s. please add to our Mind Map as well... ---------------------------------------------------------------------------------------------------------- // · *MAINTENANCE* of privacy/proxy services; · /REGISTRATION POLICIES of privacy/proxy services;/ · *CONTACT* point provided by each privacy/proxy service; · *RELAY* of complaints to the privacy/proxy customer; and · *REVEAL* of privacy/proxy customers' identities. If we followed this categorization, the issues and questions would be grouped as follows: *_ MAIN_**_ISSUES_* 1.What, if any, are the types of Standard Service Practices that should be adopted and published by ICANN-accredited privacy/proxy service providers? 2.Should ICANN distinguish between privacy and proxy services for the purpose of the accreditation process? 3.What are the contractual obligations, if any, that, if unfulfilled, would justify termination of customer access by ICANN-accredited privacy/proxy service providers? Should there be any forms of non-compliance that would trigger cancellation or suspension of registrations? If so, which? 4.What are the effects of the privacy and proxy service specification contained in the 2013 RAA? Have these new requirements improved WHOIS quality, registrant contactability, and service usability? 5.What should be the contractual obligations of ICANN accredited registrars with regard to accredited privacy/proxy service providers? Should registrars be permitted to knowingly accept registrations where the registrant is using unaccredited service providers that are bound to the same standards as accredited service providers? *_MAINTENANCE_* 1.Should ICANN-accredited privacy/proxy service providers be required to label WHOIS entries to clearly show when a registration is made through a privacy/proxy service? 2.Should ICANN-accredited privacy/proxy service providers be required to conduct periodic checks to ensure accuracy of customer contact information; and if so, how? /And if so, to what level (e.g., following the levels of validation and verification set out in the 2013 Registrar Accreditation Agreement or some other level?)/ 3.What rights and responsibilities should [delete: customers of] /domain name registrants using /privacy/proxy services have? What obligations should ICANN-accredited privacy/proxy service providers have in managing these rights and responsibilities? Clarify how transfers, renewals, and PEDNR policies should apply. /[Note: for the sake of those in the WG not working regularly on transfers, renewals and PEDNR policies, summaries of current policies and procedures should be provided rapidly by ICANN Staff to bring everyone "up to speed."]/ */_Basic Registration Issues_/* /1.//Should proxy/privacy services continue to be available and accessible to companies, noncommercial organizations and individual who seek them for legal and legitimate purposes?[The Current Policy]/ // /2./Should ICANN-accredited privacy/proxy service providers distinguish between domain names registered or used for commercial with those registered or used for personal purposes? /What about domain names registered and used for noncommercial purposes such as political, religious, parental and hobby?/ /3./Specifically, is the use of privacy/proxy services appropriate when a domain name is registered or used for commercial purposes? /And how is "commercial purpose" defined?Is it purely for companies actively engaged in "trading" online?Or is it any business online for any reason, including informational and educational?/ /4./Should there be a difference in the data fields to be displayed if the domain name is registered or used for a commercial purpose or by a commercial entity instead of a natural person? /What is "commercial purpose" and is such an inquiry into *_use_* of the domain name even within the scope of ICANN?/ /5./Should the use of privacy/proxy services be restricted only to registrants who are private individuals using the domain name for non-commercial purposes /and noncommercial organizations engaged in the use of the domain name for non-commercial purposes? / *_CONTACT_* 1.What measures should be taken to ensure contactability and responsiveness of the providers? 2.Should ICANN-accredited privacy/proxy service providers be required to maintain dedicated points of contact for reporting abuse? If so, should the terms be consistent with the requirements applicable to registrars under Section 3.18 of the RAA? 3.Should full WHOIS contact details for ICANN-accredited privacy/proxy service providers be required? 4.What forms of /alleged /malicious conduct, if any, should be covered by a designated published point of contact at an ICANN-accredited privacy/proxy service provider? // /5.//Does the requestor of the alleged malicious information matter, e.g., private party or law enforcement, in the same jurisdiction as the p/p service provider or in another jurisdiction (perhaps pursuant to laws different from the p/p's and registrants' jurisdictions)?/ // *_RELAY _* 1.What, if any, baseline minimum standardized relay processes should be adopted by ICANN-accredited privacy/proxy service providers? 2.Should ICANN-accredited privacy/proxy service providers be required to forward to the customer all allegations of /alleged /illegal activities they receive relating to specific domain names of the customer? /From private parties? From law enforcement?/ *_REVEAL _* 1.What, if any, baseline minimum standardized reveal processes should be adopted by ICANN-accredited privacy/proxy service providers /to hand the information over to the requestor who is a private party/? /Who is a government and/or law enforcement official?/ // /a.What are the minimum standards of proof that should be required for the identity of the requestor?/ /b. What are the minimum standards of proof that should be required for the allegations being raised by the requestor?/ /c. In what jurisdiction should the request be legal (e.g., comparative advertising is legal in the //US//, but not in //Germany//)? / /d. What limitations should the requestor be required to agree to regarding use of the revealed data (e.g., only for the purpose stated in the request and not for publication to the general public)./ // 2./When /should ICANN-accredited privacy/proxy service providers be required to reveal customer identities for the specific purpose of ensuring timely service of cease and desist letters /by private attorneys and other parties?/ // 3./When should the Registrant be notified of the request for "reveal" of his/her/its contact information to a private party?Under what circumstances should he/she/it have the opportunity to contest the Reveal _prior to it taking place?_/ 4./Same question as above for requests by government and law enforcement -- both those in the jurisdiction of the p/p service provider and outside. / 5. What forms of alleged malicious conduct, if any, and what evidentiary standard would be sufficient to trigger such disclosure? What specific violations, if any, would be sufficient to trigger such disclosure*//*/by private parties/? 6./Same question as above for requests by government and law enforcement -- both those in the jurisdiction of the p/p service provider and outside. / 7.What safeguards, if any, should be put in place to ensure adequate protections for privacy and freedom of expression /by individuals and noncommercial organizations/? 8./What safeguards, if any, should be put in place to ensure adequate protections against physical and psychological danger (perhaps unrelated to domain name use), e.g., stalking and harassment? / 9./What safeguards, if any, should be put into place to protect small businesses and entrepreneurs against anti-competitive acts by competitors? / 10.Should these standards vary depending on whether the website is being used for commercial or non-commercial purposes? 11.[Relocated from below] What circumstances, if any, would warrant access to registrant data by law enforcement agencies? 12.What clear, workable, enforceable and standardized processes should be adopted by ICANN-accredited privacy/proxy services in order to regulate such access (if such access is warranted)? // /__/ /__/ /_PUBLICATION _/ // /1.//Is publication of the registrant's contact data in the globally-available Whois database something we even want to discuss or leave to the policies of the p/p service provider (as read, understood and agreed to by the Registrant)? / // /2.//Must the Registrant be notified prior to publication and with some time to act to protect homes, business or noncommercial organizations?/ // /3.//Should the registrant have the option of relinquishing the domain name and giving it up, rather than having his/her/its contact data published globally? / 5.What safeguards or remedies should be available in cases where publication is found to have been unwarranted? /_OTHER_/ /Are there other issues we should be taking into account regarding Registrants [ providers of the data], P/P service providers, and Requestors, both public and private [users of the data]?/ ---------------------------------------------------------------------------------------------------------- :
Don and all,
As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.
This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.
In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).
And in the second step, we could remove duplicative or vague questions.
This crystallization would make the questions more approachable, and encourage better responses.
I hope these ideas are helpful.
Best,
Jim
James L. Bikoff
Silverberg, Goldman & Bikoff, LLP
1101 30th Street, NW
Suite 120
Washington, DC 20007
Tel: 202-944-3303
Fax: 202-944-3306
jbikoff@sgbdc.com <mailto:jbikoff@sgbdc.com>
*From:* Don Blumenthal <dblumenthal@pir.org <mailto:dblumenthal@pir.org>> *Date:* January 14, 2014 11:09:23 AM EST *To:* PPSAI <gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>> *Subject:* *[Gnso-ppsai-pdp-wg] Carlton's closing chat question*
Carlton posted an issue that shouldn't wait a week:
"John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"
Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.
Don
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg