I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all

I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

...

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn’t wait a week:

“John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

Hi Stephanie, It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical. The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names. In general, exceptions or problems should not derail a process. --bob On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet?  I don't like asking questions that walk us into corners we cannot get out of.  Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate?  I operate in  a jurisdiction where this distinction is often extremely difficult to make.  THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit.  I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier).  The important task here is agreeing on the questions to be asked of the SO/ACs.  So we need to get back to framing the questions - not answering them, however tempting that may be.  

So the question of whether 'commercial entities' should be barred is still a useful question to ask.  The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind).   But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers.  Let's only frame the questions that will help us come to some sensible answers.  Otherwise, we'll never get to the next steps.

And my apologies for the next meeting.  I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help.  So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,   As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.      This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.    In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).   And in the second step, we could remove duplicative or vague questions.   This crystallization would make the questions more approachable, and encourage better responses.    I hope these ideas are helpful.   Best,   Jim   James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com       From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn’t wait a week:   “John came up with 4 groups. Do we have a notion that others might be extracted?  And where do we include/modify questions to address Stephanie's issue?"   Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.    Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288

Bob, Stephanie is not talking about 'exceptions' but rather a fundamental difficulty with defining what is commercial, and that is simply within her jurisdiction. Outside of Canada or common law jurisdictions, it gets even harder. For instance, on my work trips to various ICT projects in developing countries, the distinctions between commercial and noncommercial that seem plain to some just don't hold up; many ICT initiatives are part-commercial and part nonprofit because it's the only way they can survive. Even, sometimes, the human rights activists. As Stephanie points out there is a dearth of actual arguments in favour of the blanket assumption against 'commercial' enterprises accessing p/p. I, also, would like to hear the rationale for barring commercial entities from p/p, particularly given efforts to define 'commercial' as broadly as possible, even, in some quarters, to personal blogs that have tip jars or include advertising. So far, nothing I've seen has convinced me that the bid to exclude so-called commercial websites is a first principles objection so much as an attempt to exclude the biggest number of domain names possible. I also fail to see how ICANN can police this without getting into content, which is explicitly and for very good reason beyond our mandate. I would like to see on this mailing list and our phone calls some evidence-based and logically sound arguments for what is currently being claimed as an unproblematic assumption. I would also like to see a good faith willingness to engage with the difficulty of actually implementing such a distinction, if it were to be made. Maria On 20 January 2014 09:53, Volker Greimann <vgreimann@key-systems.net> wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones.

In the end it should be up to the provider which categories of clients it accepts.

Volker

Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn’t wait a week:

“John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing listGnso-ppsai-pdp-wg@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

Hi Volker, I was merely responding to Stephanie's comments about the difficulties, not advocating a position. However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem. The discussion of all this is the point of this group (and other groups). --bob On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones.

In the end it should be up to the provider which categories of clients it accepts.

Volker

Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

                      --bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet?  I don't like asking questions that walk us into corners we cannot get out of.  Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate?  I operate in  a jurisdiction where this distinction is often extremely difficult to make.  THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit.  I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

      Jin and all I agree with Jim here (and Don earlier).  The important task here is agreeing on the questions to be asked of the SO/ACs.  So we need to get back to framing the questions - not answering them, however tempting that may be.  

So the question of whether 'commercial entities' should be barred is still a useful question to ask.  The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind).   But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers.  Let's only frame the questions that will help us come to some sensible answers.  Otherwise, we'll never get to the next steps.

And my apologies for the next meeting.  I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help.  So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

      Don and all,   As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.      This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.    In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).   And in the second step, we could remove duplicative or vague questions.   This crystallization would make the questions more approachable, and encourage better responses.    I hope these ideas are helpful.   Best,   Jim   James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com       From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question       Carlton posted an issue that shouldn’t wait a week:   “John came up with 4 groups. Do we have a notion that others might be extracted?  And where do we include/modify questions to address Stephanie's issue?"   Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.    Don

      _______________________________________________       Gnso-ppsai-pdp-wg mailing list       Gnso-ppsai-pdp-wg@icann.org       https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

What are the problems commercial entities that use p/p have caused?

On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

...

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones. In the end it should be up to the provider which categories of clients it accepts. Volker Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn’t wait a week:

“John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

Criminal individuals, or criminal commercial organizations? And is it your contention that criminals provide valid identification/contact details to the P/P service? Thanks‹ J. On 1/20/14, 10:20 , "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Tim,

The harm is protecting the identities of criminnals. And I consider undermining whois a harm, as well

--bob

On Mon, 20 Jan 2014, Tim Ruiz wrote:

...

What are the problems commercial entities that use p/p have caused?

...

On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

...

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones. In the end it should be up to the provider which categories of clients it accepts. Volker Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn¹t wait a week:

³John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org

https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288

I do not believe in making all our customers pay more just to exclude a few bad apples that can also be weeded out by making an abuse report. Verification will also not help against crime, at least not as long as there are public data register like phone books or public whois as any criminal can simply duplicate verifyable data. Volker

Hi James, ===================================================================== As Don has just said that this discussion is premature, I will stop answering these emails, unless something happens to change that. If you wish to continue the discussion with me, please contact me off list. ==================================================================

Please don't be silly. Criminal whatever. And of course they lie.

If Registrars actually verified registrations, this would not be an issue.

--bob

On Mon, 20 Jan 2014, James M. Bladel wrote:

...

Criminal individuals, or criminal commercial organizations?

And is it your contention that criminals provide valid identification/contact details to the P/P service?

Thanks<

J.

On 1/20/14, 10:20 , "Bob Bruen" <bruen@coldrain.net> wrote:

...

Hi Tim,

The harm is protecting the identities of criminnals. And I consider undermining whois a harm, as well

--bob

On Mon, 20 Jan 2014, Tim Ruiz wrote:

...

What are the problems commercial entities that use p/p have caused?

...

On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

...

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones. In the end it should be up to the provider which categories of clients it accepts. Volker Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn¹t wait a week:

³John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org

https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. Mit freundlichen Grüßen, Volker A. Greimann - Rechtsabteilung - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystems www.twitter.com/key_systems Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen. -------------------------------------------- Should you have any further questions, please do not hesitate to contact us. Best regards, Volker A. Greimann - legal department - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystems www.twitter.com/key_systems CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.

Hi Volker, Not sure, what to say here, because I know you know better. Spam email makes up about 75% to 85% of all email traffic. That is a lot more than a few bad apples. It is also true that abuse reports can be delivered at a 40,000 to 50,000 per day level, if ICANN and the Registrars would take them. Verification would make a huge difference and this has been shown on several occasions by KnujOn and others. Currently, many registrations have total nonsense in the fields and do not even meet format requirements (such as email format). These are almost always done by criminals (spammers, etc). The same guys who want p/p. They register domains in bulk, so looking each one up to get a real set of public data would put a burden on them. --bob On Mon, 20 Jan 2014, Volker Greimann wrote:

I do not believe in making all our customers pay more just to exclude a few bad apples that can also be weeded out by making an abuse report.

Verification will also not help against crime, at least not as long as there are public data register like phone books or public whois as any criminal can simply duplicate verifyable data.

Volker

Hi James, ===================================================================== As Don has just said that this discussion is premature, I will stop answering these emails, unless something happens to change that. If you wish to continue the discussion with me, please contact me off list. ==================================================================

Please don't be silly. Criminal whatever. And of course they lie.

If Registrars actually verified registrations, this would not be an issue.

           --bob

On Mon, 20 Jan 2014, James M. Bladel wrote:

Criminal individuals, or criminal commercial organizations?

And is it your contention that criminals provide valid identification/contact details to the P/P service?

Thanks‹

J.

On 1/20/14, 10:20 , "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Tim,

The harm is protecting the identities of criminnals. And I consider undermining whois a harm, as well

                    --bob

On Mon, 20 Jan 2014, Tim Ruiz wrote:

What are the problems commercial entities that use p/p have caused?

On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

                  --bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones. In the end it should be up to the provider which categories of clients it accepts. Volker Am 20.01.2014 02:08, schrieb Bob Bruen:

     Hi Stephanie,

     It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and      then deal with those which appear to problematical.

     The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as      spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal      with problem domain names.

     In general, exceptions or problems should not derail a process.

                           --bob

     On Sun, 19 Jan 2014, Stephanie Perrin wrote:

           I dont want to keep beating a dead horse here....but if there is a resounding            response of "yes indeed, bar commercial entities from using P/P services", then            how are you going to propose that p/p proxy service providers determine who is a            commercial entity, particularly in jurisdictions which have declined to regulate            the provision of goods and services over the Internet?  I don't like asking            questions that walk us into corners we cannot get out of. Do the fraudsters we            are worried about actually apply for business numbers and articles of            incorporation in the jurisdictions in which they operate? I operate in  a            jurisdiction where this distinction is often extremely difficult to make.  THe            determination would depend on the precise use being made of the domain            name....which gets ICANN squarely into content analysis, and which can hardly be            done for new registrations, even if t were within ICANN's remit.  I am honestly            not trying to be difficult, but I just have not heard a good answer to this            problem.            Stephanie Perrin            On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

                 Jin and all            I agree with Jim here (and Don earlier).  The important task here is            agreeing on the questions to be asked of the SO/ACs.  So we need to get            back to framing the questions - not answering them, however tempting that            may be.

           So the question of whether 'commercial entities' should be barred is still            a useful question to ask.  The next question would be whether there are            possible distinctions that should be drawn between an entity that can use            the service and one that can't and, if so, where is the line drawn. I agree            with the discussion on how difficult that will be because many entities            that have corporate status also have reasonable grounds for wanting the            protection of such a service (human rights organisations or women's refuges            come to mind).   But that is the sort of response we are seeking from            others outside of this group - so let's not prejudge answers.  Let's only            frame the questions that will help us come to some sensible answers.             Otherwise, we'll never get to the next steps.

           And my apologies for the next meeting.  I have a long day ahead on            Wednesday (Sydney time) and taking calls at 2.00am won't help.  So Ill read            the transcript and be back in a fortnight (2 weeks for those who do not use            the term)

           Holly

           On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

                 Don and all,

           As we suggested earlier, and discussed in the last Group            teleconference, it might be helpful, as a next step, if we reached a            consensus on the groups of questions before sending them out to            SO/ACs and SG/Cs.

           This would involve two steps: First, agreeing on the name of each            group; and second, streamlining the questions in each group.

           In the first step, we could consider alternative headings (perhaps            REGISTRATION instead of MAINTENANCE).

           And in the second step, we could remove duplicative or vague            questions.

           This crystallization would make the questions more approachable, and            encourage better responses.

           I hope these ideas are helpful.

           Best,

           Jim

           James L. Bikoff            Silverberg, Goldman & Bikoff, LLP            1101 30th Street, NW            Suite 120            Washington, DC 20007            Tel: 202-944-3303            Fax: 202-944-3306            jbikoff@sgbdc.com

           From: Don Blumenthal <dblumenthal@pir.org>            Date: January 14, 2014 11:09:23 AM EST            To: PPSAI <gnso-ppsai-pdp-wg@icann.org>            Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question                  Carlton posted an issue that shouldn¹t wait a week:

           ³John came up with 4 groups. Do we have a notion that others            might be extracted?  And where do we include/modify questions            to address Stephanie's issue?"

           Jim had four groups and an umbrella Main category, which may be            instructive in itself in guiding how we proceed            organizationally. Regardless, the consensus of commenters has            been that his document is a significant improvement over where            we were before, and I suggest that we use it as a baseline.            However, we still have work to do on it. Feel free to suggest            modifications.

           Don

                 _______________________________________________                  Gnso-ppsai-pdp-wg mailing list                  Gnso-ppsai-pdp-wg@icann.org

https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

           _______________________________________________            Gnso-ppsai-pdp-wg mailing list            Gnso-ppsai-pdp-wg@icann.org            https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

           _______________________________________________            Gnso-ppsai-pdp-wg mailing list            Gnso-ppsai-pdp-wg@icann.org            https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288

On Mon, 20 Jan 2014, Volker Greimann wrote: Hi Volker, inline, bob

Hi Bob,

...

Not sure, what to say here, because I know you know better. Spam email makes up about 75% to 85% of all email traffic. That is a lot more than a few bad apples.

I am sure you agree with me, that while the volume of spam may be high, this is usually sent by a small percentage of registrants. Actually, spammers do not even need a domain, they need a botnet.

Actually I do not agree with you. There may be a small number of bad actors, compared to all registrants, but they register millions of domain names (yes, I can verify that). Yes, they use botnets for sending, but they need their own sites for landing/transaction sites, which are they ones to be shutdown.

So when looking at all registrants, the number of "bad registrants" is more likely to be in the thousands of a percent.

Not if you count the number of domain names.

...

It is also true that abuse reports can be delivered at a 40,000 to 50,000 per day level, if ICANN and the Registrars would take them.

If you want to clog up abuse channels with duplicate reports and therefore extend reaction times to nearly infinite, then do that. I am sure the real criminals will love that.

You know that, for example. KnujOn eliminates all the duplicates. That 40k-50k are real, non-duplicated sites. If your abuse channels are unable to handle that volume, perhaps you could consider not offering bulk, automated registrations. I am also sure, that there are places that could you help with your problem.

That said, we take and review _all_ complaints we get.

...

Verification would make a huge difference and this has been shown on several occasions by KnujOn and others. Currently, many registrations have total nonsense in the fields and do not even meet format requirements (such as email format). These are almost always done by criminals (spammers, etc). The same guys who want p/p. Convince me then (but off-list, since verification is not currently what we are looking at).

However, please also explain then how verification will not simply lead to an increase of identity theft and harassment of innocents who just happen to have their private details abused by a criminal in order to have verifyable data.

This is merely speculation on your part. The current situation is that they put nonsense in the registration forms.

...

They register domains in bulk, so looking each one up to get a real set of public data would put a burden on them.

Not if they automate it. There are enough online databases and if they are sophisticated enough to create bbotnets and online storefronts, they will most likely also be able to parse a database in their bulk registration engines...

Verification to me is a red herring.

Volker

...

On Mon, 20 Jan 2014, Volker Greimann wrote:

...

I do not believe in making all our customers pay more just to exclude a few bad apples that can also be weeded out by making an abuse report.

Verification will also not help against crime, at least not as long as there are public data register like phone books or public whois as any criminal can simply duplicate verifyable data.

Volker

Hi James, ===================================================================== As Don has just said that this discussion is premature, I will stop answering these emails, unless something happens to change that. If you wish to continue the discussion with me, please contact me off list. ==================================================================

Please don't be silly. Criminal whatever. And of course they lie.

If Registrars actually verified registrations, this would not be an issue.

--bob

On Mon, 20 Jan 2014, James M. Bladel wrote:

Criminal individuals, or criminal commercial organizations?

And is it your contention that criminals provide valid identification/contact details to the P/P service?

Thanks‹

J.

On 1/20/14, 10:20 , "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Tim,

The harm is protecting the identities of criminnals. And I consider undermining whois a harm, as well

--bob

On Mon, 20 Jan 2014, Tim Ruiz wrote:

What are the problems commercial entities that use p/p have caused?

On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones. In the end it should be up to the provider which categories of clients it accepts. Volker Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn¹t wait a week:

³John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org

https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org

https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org

https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288

No identities of criminals are effectively protected by privacy services, provided they are required to reveal such identities to law enforcement of appropriate jurisdiction. Private individuals, vigilantes or other interested parties on the other hand have no real legitimate interest to receive data on alleged criminals data unless they want to take matters best left to LEAs into their own hands. There is a reason why even criminals have the right to privacy and not to have their full names and likenesses published. Heck, in Japan, TV stations even mosaic handcuffs of suspects. Volker

Hi Tim,

The harm is protecting the identities of criminnals. And I consider undermining whois a harm, as well

--bob

On Mon, 20 Jan 2014, Tim Ruiz wrote:

...

What are the problems commercial entities that use p/p have caused?

...

On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

...

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones. In the end it should be up to the provider which categories of clients it accepts. Volker Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn't wait a week:

"John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. Mit freundlichen Grüßen, Volker A. Greimann - Rechtsabteilung - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystems www.twitter.com/key_systems Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen. -------------------------------------------- Should you have any further questions, please do not hesitate to contact us. Best regards, Volker A. Greimann - legal department - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystems www.twitter.com/key_systems CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.

As a European, I believe in data protection and data privacy. Information that needs to be public should be. Information that does not should not. "The public" indeed does not need that data. If you think that is extreme... BTW: I also have an issue with tapping phones, logging connection data, logging private communication, etc. Volker Am 20.01.2014 18:36, schrieb Bob Bruen:

Hi Volker,

Law Enforcement has been compaining for years about access to whois and still do. This is just an obstacle thrown up to slow down finding who the bad actors are. Getting court orders and warrants just to see who owns a domain (commercial) is way out there. The information was intended to be public in the first place.

It appears that you have decided that the general public does not deserve access to public whois data. Again, I do not know what to say to something so extreme.

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

...

No identities of criminals are effectively protected by privacy services, provided they are required to reveal such identities to law enforcement of appropriate jurisdiction.

Private individuals, vigilantes or other interested parties on the other hand have no real legitimate interest to receive data on alleged criminals data unless they want to take matters best left to LEAs into their own hands.

There is a reason why even criminals have the right to privacy and not to have their full names and likenesses published. Heck, in Japan, TV stations even mosaic handcuffs of suspects.

Volker

Hi Tim,

The harm is protecting the identities of criminnals. And I consider undermining whois a harm, as well

--bob

On Mon, 20 Jan 2014, Tim Ruiz wrote:

What are the problems commercial entities that use p/p have caused?

On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones. In the end it should be up to the provider which categories of clients it accepts. Volker Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn’t wait a week:

“John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. Mit freundlichen Grüßen, Volker A. Greimann - Rechtsabteilung - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystems www.twitter.com/key_systems Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen. -------------------------------------------- Should you have any further questions, please do not hesitate to contact us. Best regards, Volker A. Greimann - legal department - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystems www.twitter.com/key_systems CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.

Actually, FWIW, I don't think Whois data was intended to be public. When it was created, as part of the NSFNET, it was information shared in a trusted network among members of the trusted (and closed) network. Further, it was never personal or home information. Domain names were registered largely by universities, e.g., Harvard.edu, and the Whois data was Scott Bradner's (Harvard IT) and other university IT office locations (and some government and military agencies) - in a closed network). The DNS then expanded broadly in the 1990s, NSF forwarded to the US Department of Commerce and then it was sent on to the new ICANN (someone has written about this transition and lack of evaluation of Whois as an academic piece; Milton I think). I've spoken with Scott Bradner about this... Best, Kathy

...

As a European, I believe in data protection and data privacy. Information that needs to be public should be. Information that does not should not. "The public" indeed does not need that data. If you think that is extreme...

BTW: I also have an issue with tapping phones, logging connection data, logging private communication, etc.

Volker

Am 20.01.2014 18:36, schrieb Bob Bruen:

...

Hi Volker,

Law Enforcement has been compaining for years about access to whois and still do. This is just an obstacle thrown up to slow down finding who the bad actors are. Getting court orders and warrants just to see who owns a domain (commercial) is way out there. The information was intended to be public in the first place.

It appears that you have decided that the general public does not deserve access to public whois data. Again, I do not know what to say to something so extreme.

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

...

No identities of criminals are effectively protected by privacy services, provided they are required to reveal such identities to law enforcement of appropriate jurisdiction.

Private individuals, vigilantes or other interested parties on the other hand have no real legitimate interest to receive data on alleged criminals data unless they want to take matters best left to LEAs into their own hands.

There is a reason why even criminals have the right to privacy and not to have their full names and likenesses published. Heck, in Japan, TV stations even mosaic handcuffs of suspects.

Volker

Hi Tim,

The harm is protecting the identities of criminnals. And I consider undermining whois a harm, as well

--bob

On Mon, 20 Jan 2014, Tim Ruiz wrote:

What are the problems commercial entities that use p/p have caused?

On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones. In the end it should be up to the provider which categories of clients it accepts. Volker Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn't wait a week:

"John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

Hi Stephanie, I believe I am responsible for the remark about "slowing down a process to achieve a personal agenda." It was not aimed at you. Most of my criticisms are reserved for the registrars :) It was intended for those who slow things down as method of preventing something, not for people who slow things down to think in a serious way about a problem. --bob On Mon, 20 Jan 2014, Stephanie Perrin wrote:

This was discussed at some length at the EWG, and that was the conclusion.  Part of the reason the EWG  was set up was indeed to set a fresh look, and avoid paving the cow path, as the saying goes. (apologies to non-english speakers).  Which brings me to the merits of multistakeholderism, and an earlier remark from someone (I forget whom and am not going to look it up) about personal agenda, and a purpose of stalling the process.  While I am prepared to apologize daily for not understanding the intricacies of registration and business models of registrars of all types, I make no apology for intervening (and thus slowing any process) on matters where it appears I have expertise that could be lacking in the discussion.  This expertise would include managing multi-stakeholder negotiations on matters of public  policy in a domestic government setting, and in International government fora.   It would also include data protection law, which is no less important than criminal or competition or IP law in the eyes of those who count on human rights law to protect the individual, and in the fabric of the constitution of many jurisdictions. I do hope that the remark about slowing down the process to achieve a personal agenda was not aimed at me; I am paid by noone and I am honestly trying to make sure ICANN does not do something really stupid here and thus collect more black marks on the multistakeholder model report card.      respectfully, Stephanie Perrin On 2014-01-20, at 1:26 PM, Kathy Kleiman wrote:

Actually, FWIW, I don't think Whois data was intended to be public. When it was created, as part of the NSFNET, it was information shared in a trusted network among members of the trusted (and closed) network.

Further, it was never personal or home information.  Domain names were registered largely by universities, e.g., Harvard.edu, and the Whois data was Scott Bradner's (Harvard IT) and other university IT office locations (and some government and military agencies) - in a closed network).

The DNS then expanded broadly in the 1990s, NSF forwarded to the US Department of Commerce and then it was sent on to the new ICANN (someone has written about this transition and lack of evaluation of Whois as an academic piece; Milton I think).

I've spoken with Scott Bradner about this...  Best, Kathy

As a European, I believe in data protection and data privacy. Information that needs to be public should be. Information that does not should not. "The public" indeed does not need that data. If you think that is extreme...

BTW: I also have an issue with tapping phones, logging connection data, logging private communication, etc.

Volker

Am 20.01.2014 18:36, schrieb Bob Bruen: Hi Volker,

Law Enforcement has been compaining for years about access to whois and still do. This is just an obstacle thrown up to slow down finding who the bad actors are. Getting court orders and warrants just to see who owns a domain (commercial) is way out there. The information was intended to be public in the first place.

It appears that you have decided that the general public does not deserve access to public whois data. Again, I do not know what to say to something so extreme.

               --bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

No identities of criminals are effectively protected by privacy services, provided they are required to reveal such identities to law enforcement of appropriate jurisdiction.

Private individuals, vigilantes or other interested parties on the other hand have no real legitimate interest to receive data on alleged criminals data unless they want to take matters best left to LEAs into their own hands.

There is a reason why even criminals have the right to privacy and not to have their full names and likenesses published. Heck, in Japan, TV stations even mosaic handcuffs of suspects.

Volker

      Hi Tim,

      The harm is protecting the identities of criminnals. And I consider undermining whois a harm, as well

                          --bob

      On Mon, 20 Jan 2014, Tim Ruiz wrote:

            What are the problems commercial entities that use p/p have caused?

                  On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

                  Hi Volker,

                  I was merely responding to Stephanie's comments about the difficulties, not advocating a                   position.

                  However, as you are aware, I do advocate barring commercial entities from using p/p,                   because the use has already caused harm and we should fix that. The providers created                   the problem in the first place, so allowing them to continue to control it simply                   continues the problem.

                  The discussion of all this is the point of this group (and other groups).

                                    --bob

                        On Mon, 20 Jan 2014, Volker Greimann wrote:

                        I agree that it would be possible to bar commercial entities from using p/p                         services, however I am not sure it is the                         sensible thing to do. Certainly, there is abuse, but by creating a blanket                         prohibition, i fear more damage will be done to                         legitimate interests than good is done to illegitimate ones.                         In the end it should be up to the provider which categories of clients it                         accepts.                         Volker                         Am 20.01.2014 02:08, schrieb Bob Bruen:

                             Hi Stephanie,

                             It is entirely possible to decide to bar commercial entities, create a                         definition of "comercial entities" and                              then deal with those which appear to problematical.

                             The fraudsters probably will not be a set up as a legitimate bussiness,                         but their sites can be identified as                              spam, malware, etc types and thus taking money, therefore a business. I                         am sure there are other methods to deal                              with problem domain names.

                             In general, exceptions or problems should not derail a process.

                                                   --bob

                             On Sun, 19 Jan 2014, Stephanie Perrin wrote:

                                   I dont want to keep beating a dead horse here....but if there is                         a resounding                                    response of "yes indeed, bar commercial entities from using P/P                         services", then                                    how are you going to propose that p/p proxy service providers                         determine who is a                                    commercial entity, particularly in jurisdictions which have                         declined to regulate                                    the provision of goods and services over the Internet?  I don't                         like asking                                    questions that walk us into corners we cannot get out of.  Do the                         fraudsters we                                    are worried about actually apply for business numbers and                         articles of                                    incorporation in the jurisdictions in which they operate?  I                         operate in  a                                    jurisdiction where this distinction is often extremely difficult                         to make.  THe                                    determination would depend on the precise use being made of the                         domain                                    name....which gets ICANN squarely into content analysis, and                         which can hardly be                                    done for new registrations, even if t were within ICANN's remit.                         I am honestly                                    not trying to be difficult, but I just have not heard a good                         answer to this                                    problem.                                    Stephanie Perrin                                    On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

                                         Jin and all                                    I agree with Jim here (and Don earlier).  The important task here                         is                                    agreeing on the questions to be asked of the SO/ACs.  So we need                         to get                                    back to framing the questions - not answering them, however                         tempting that                                    may be.

                                   So the question of whether 'commercial entities' should be barred                         is still                                    a useful question to ask. The next question would be whether                         there are                                    possible distinctions that should be drawn between an entity that                         can use                                    the service and one that can't and, if so, where is the line                         drawn. I agree                                    with the discussion on how difficult that will be because many                         entities                                    that have corporate status also have reasonable grounds for                         wanting the                                    protection of such a service (human rights organisations or                         women's refuges                                    come to mind).   But that is the sort of response we are seeking                         from                                    others outside of this group - so let's not prejudge answers.                         Let's only                                    frame the questions that will help us come to some sensible                         answers.                                     Otherwise, we'll never get to the next steps.

                                   And my apologies for the next meeting. I have a long day ahead                         on                                    Wednesday (Sydney time) and taking calls at 2.00am won't help.                         So Ill read                                    the transcript and be back in a fortnight (2 weeks for those who                         do not use                                    the term)

                                   Holly

                                   On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

                                         Don and all,

                                   As we suggested earlier, and discussed in the last Group                                    teleconference, it might be helpful, as a next step, if we                         reached a                                    consensus on the groups of questions before sending them out to                                    SO/ACs and SG/Cs.

                                   This would involve two steps: First, agreeing on the name of each                                    group; and second, streamlining the questions in each group.

                                   In the first step, we could consider alternative headings                         (perhaps                                    REGISTRATION instead of MAINTENANCE).

                                   And in the second step, we could remove duplicative or vague                                    questions.

                                   This crystallization would make the questions more approachable,                         and                                    encourage better responses.

                                   I hope these ideas are helpful.

                                   Best,

                                   Jim

                                   James L. Bikoff                                    Silverberg, Goldman & Bikoff, LLP                                    1101 30th Street, NW                                    Suite 120                                    Washington, DC 20007                                    Tel: 202-944-3303                                    Fax: 202-944-3306                                    jbikoff@sgbdc.com

                                   From: Don Blumenthal <dblumenthal@pir.org>                                    Date: January 14, 2014 11:09:23 AM EST                                    To: PPSAI <gnso-ppsai-pdp-wg@icann.org>                                    Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question                                          Carlton posted an issue that shouldn’t wait a week:

                                   “John came up with 4 groups. Do we have a notion that others                                    might be extracted?  And where do we include/modify questions                                    to address Stephanie's issue?"

                                   Jim had four groups and an umbrella Main category, which may be                                    instructive in itself in guiding how we proceed                                    organizationally. Regardless, the consensus of commenters has                                    been that his document is a significant improvement over where                                    we were before, and I suggest that we use it as a baseline.                                    However, we still have work to do on it. Feel free to suggest                                    modifications.

                                   Don

_______________________________________________                                          Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________                                    Gnso-ppsai-pdp-wg mailing list                                    Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________                                    Gnso-ppsai-pdp-wg mailing list                                    Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________                         Gnso-ppsai-pdp-wg mailing list                         Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

                  --                   Dr. Robert Bruen                   Cold Rain Labs                   http://coldrain.net/bruen                   +1.802.579.6288 _______________________________________________                   Gnso-ppsai-pdp-wg mailing list                   Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________                   Gnso-ppsai-pdp-wg mailing list                   Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288

Well at least we now know your agenda.

On Jan 20, 2014, at 2:54 PM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Stephanie,

I believe I am responsible for the remark about "slowing down a process to achieve a personal agenda." It was not aimed at you. Most of my criticisms are reserved for the registrars :)

It was intended for those who slow things down as method of preventing something, not for people who slow things down to think in a serious way about a problem.

--bob

...

On Mon, 20 Jan 2014, Stephanie Perrin wrote:

This was discussed at some length at the EWG, and that was the conclusion. Part of the reason the EWG was set up was indeed to set a fresh look, and avoid paving the cow path, as the saying goes. (apologies to non-english speakers). Which brings me to the merits of multistakeholderism, and an earlier remark from someone (I forget whom and am not going to look it up) about personal agenda, and a purpose of stalling the process. While I am prepared to apologize daily for not understanding the intricacies of registration and business models of registrars of all types, I make no apology for intervening (and thus slowing any process) on matters where it appears I have expertise that could be lacking in the discussion. This expertise would include managing multi-stakeholder negotiations on matters of public policy in a domestic government setting, and in International government fora. It would also include data protection law, which is no less important than criminal or competition or IP law in the eyes of those who count on human rights law to protect the individual, and in the fabric of the constitution of many jurisdictions. I do hope that the remark about slowing down the process to achieve a personal agenda was not aimed at me; I am paid by noone and I am honestly trying to make sure ICANN does not do something really stupid here and thus collect more black marks on the multistakeholder model report card. respectfully, Stephanie Perrin On 2014-01-20, at 1:26 PM, Kathy Kleiman wrote:

Actually, FWIW, I don't think Whois data was intended to be public. When it was created, as part of the NSFNET, it was information shared in a trusted network among members of the trusted (and closed) network.

Further, it was never personal or home information. Domain names were registered largely by universities, e.g., Harvard.edu, and the Whois data was Scott Bradner's (Harvard IT) and other university IT office locations (and some government and military agencies) - in a closed network).

The DNS then expanded broadly in the 1990s, NSF forwarded to the US Department of Commerce and then it was sent on to the new ICANN (someone has written about this transition and lack of evaluation of Whois as an academic piece; Milton I think).

I've spoken with Scott Bradner about this... Best, Kathy

As a European, I believe in data protection and data privacy. Information that needs to be public should be. Information that does not should not. "The public" indeed does not need that data. If you think that is extreme...

BTW: I also have an issue with tapping phones, logging connection data, logging private communication, etc.

Volker

Am 20.01.2014 18:36, schrieb Bob Bruen: Hi Volker,

Law Enforcement has been compaining for years about access to whois and still do. This is just an obstacle thrown up to slow down finding who the bad actors are. Getting court orders and warrants just to see who owns a domain (commercial) is way out there. The information was intended to be public in the first place.

It appears that you have decided that the general public does not deserve access to public whois data. Again, I do not know what to say to something so extreme.

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

No identities of criminals are effectively protected by privacy services, provided they are required to reveal such identities to law enforcement of appropriate jurisdiction.

Private individuals, vigilantes or other interested parties on the other hand have no real legitimate interest to receive data on alleged criminals data unless they want to take matters best left to LEAs into their own hands.

There is a reason why even criminals have the right to privacy and not to have their full names and likenesses published. Heck, in Japan, TV stations even mosaic handcuffs of suspects.

Volker

Hi Tim,

The harm is protecting the identities of criminnals. And I consider undermining whois a harm, as well

--bob

On Mon, 20 Jan 2014, Tim Ruiz wrote:

What are the problems commercial entities that use p/p have caused?

On Jan 20, 2014, at 8:11 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones. In the end it should be up to the provider which categories of clients it accepts. Volker Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn't wait a week:

"John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

I disagree with any proposal to create ³categories² or ³classes² of registrants, with limited or restricted privileges. Specifically: ‹How would P/P services detect/enforce the correct Class? Particularly given that bad actors will do what they always do, and just lie. ‹How would we address edge cases, such as sole proprietors, or aspirant entrepreneurs? Are political campaigns, individual candidates, or churches seeking donations considered ³commercial² users? ‹What other current (and future) ICANN policies would be bifurcated and applied differently to different Classes? Should there also be a process to upgrade/downgrade a Registrant post-registration? ‹ And finally, I do not agree with the blanket (and unsupported) contention that all commercial users of P/P services are causing ³harms.² In fact, the WHOIS Review Team and other groups have clearly articulated several legitimate use cases for commercial access to these services. Thanks‹ J. On 1/20/14, 7:10 , "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

...

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones.

In the end it should be up to the provider which categories of clients it accepts.

Volker

Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn¹t wait a week:

³John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org

https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288

Hi Kathy,

From my point of view only:

Individuals - not relevant because not commercial Non-Profit - not relevant because not commercial Commercial with reasons - These reasons in general are temporary and create a limited use class.

From my experience (and others) these uses make up a small number of the whole p/p group.

--bob On Mon, 20 Jan 2014, Kathy Kleiman wrote:

Hi All, The Whois Review Team did find legitimate use cases for commercial access to proxy/privacy services -- based in large part on a candid discussion with commercial communities in ICANN about how they use proxy/privacy services, including when they are launching a new business, naming a new good or service (get the cool domain name then develop the marketing campaign, then unveil it), not disclosing a merger before its time (to avoid reflections on stock prices), not disclosing a movie name before its time (this happened to great embarrassment and now attorneys and p/p service providers are used until it is time to unveil the movie's promotional campaign). 

Please see Recommendation 10 of the Whois Review Team report, which includes:

"Privacy and Proxy Services Findings

Privacy and proxy services have arisen to fill an ICANN policy vacuum. These services are clearly meeting a market demand, and it is equally clear that these services are complicating the WHOIS landscape.

Privacy and proxy services are used to address noncommercial and commercial interests, which many view as legitimate. For example,

Individuals – who prefer not to have their personal data published on the Internet as part of a WHOIS record; Organizations – as religious, political or ethnic minority, or sharing controversial moral or sexual information; and Companies – for upcoming mergers, new product or service names, new movie names, or other product launches."

Please see the full Recommendation 10 at --- http://www.icann.org/en/about/aoc-review/whois/final-report-11may12-en.pdf

Best, Kathy -----

James Bladel wrote -----

I disagree with any proposal to create ³categories² or ³classes² of registrants, with limited or restricted privileges. Specifically:

‹How would P/P services detect/enforce the correct Class? Particularly given that bad actors will do what they always do, and just lie.

‹How would we address edge cases, such as sole proprietors, or aspirant entrepreneurs? Are political campaigns, individual candidates, or churches seeking donations considered ³commercial² users?

‹What other current (and future) ICANN policies would be bifurcated and applied differently to different Classes? Should there also be a process to upgrade/downgrade a Registrant post-registration?

‹ And finally, I do not agree with the blanket (and unsupported) contention that all commercial users of P/P services are causing ³harms.² In fact, the WHOIS Review Team and other groups have clearly articulated several legitimate use cases for commercial access to these services.

Thanks‹

J.

On 1/20/14, 7:10 , "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones.

In the end it should be up to the provider which categories of clients it accepts.

Volker

Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn¹t wait a week:

³John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org

https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

I apologize for dropping out of sight. I wasn¹t able to use a keyboard for a few days. I am going to take this message to catch up on a few overdue responses. I am addressing one of Bob¹s points but it is an example of ma broader issue. The discussion of commercial vs noncommercial isn¹t the point of this group. We¹re here to address a broad range of issues concerning proxy and privacy accreditation. While it may turn out to be chicken and egg routine, the commercial issue will arise only if the group decides that we need categorization. Even then it might not be on the basis of commercial vs non commercial. Regardless, these discussions are premature, although I am saving messages for later reference. As I have suggested before and Holly and John wrote over the past couple of days, we need to define our questions and issues before addressing substance. We will send final versions of the letters today. While we will spend a few minutes on them during tomorrow's, the idea is to distribute later in the day. They are an important step in gathering community thoughts, and we will be hampered somewhat in our own work until we get the answers. The letters are organized by the categories that we have been working from, and we have added definitions that we could gather from ICANN materials only. Crafting our own biases the process. Please keep in mind that the letters are different from the charter document that we have been working on. It is for the WG¹s use and we can, and should, take more time on it. I envision revisiting it as long as we remain at work. Talk to you tomorrow. Regards, Don On 1/20/14, 8:10 AM, "Bob Bruen" <bruen@coldrain.net> wrote:

Hi Volker,

I was merely responding to Stephanie's comments about the difficulties, not advocating a position.

However, as you are aware, I do advocate barring commercial entities from using p/p, because the use has already caused harm and we should fix that. The providers created the problem in the first place, so allowing them to continue to control it simply continues the problem.

The discussion of all this is the point of this group (and other groups).

--bob

On Mon, 20 Jan 2014, Volker Greimann wrote:

...

I agree that it would be possible to bar commercial entities from using p/p services, however I am not sure it is the sensible thing to do. Certainly, there is abuse, but by creating a blanket prohibition, i fear more damage will be done to legitimate interests than good is done to illegitimate ones.

In the end it should be up to the provider which categories of clients it accepts.

Volker

Am 20.01.2014 02:08, schrieb Bob Bruen:

Hi Stephanie,

It is entirely possible to decide to bar commercial entities, create a definition of "comercial entities" and then deal with those which appear to problematical.

The fraudsters probably will not be a set up as a legitimate bussiness, but their sites can be identified as spam, malware, etc types and thus taking money, therefore a business. I am sure there are other methods to deal with problem domain names.

In general, exceptions or problems should not derail a process.

--bob

On Sun, 19 Jan 2014, Stephanie Perrin wrote:

I dont want to keep beating a dead horse here....but if there is a resounding response of "yes indeed, bar commercial entities from using P/P services", then how are you going to propose that p/p proxy service providers determine who is a commercial entity, particularly in jurisdictions which have declined to regulate the provision of goods and services over the Internet? I don't like asking questions that walk us into corners we cannot get out of. Do the fraudsters we are worried about actually apply for business numbers and articles of incorporation in the jurisdictions in which they operate? I operate in a jurisdiction where this distinction is often extremely difficult to make. THe determination would depend on the precise use being made of the domain name....which gets ICANN squarely into content analysis, and which can hardly be done for new registrations, even if t were within ICANN's remit. I am honestly not trying to be difficult, but I just have not heard a good answer to this problem. Stephanie Perrin On 2014-01-19, at 4:38 PM, Holly Raiche wrote:

Jin and all I agree with Jim here (and Don earlier). The important task here is agreeing on the questions to be asked of the SO/ACs. So we need to get back to framing the questions - not answering them, however tempting that may be.

So the question of whether 'commercial entities' should be barred is still a useful question to ask. The next question would be whether there are possible distinctions that should be drawn between an entity that can use the service and one that can't and, if so, where is the line drawn. I agree with the discussion on how difficult that will be because many entities that have corporate status also have reasonable grounds for wanting the protection of such a service (human rights organisations or women's refuges come to mind). But that is the sort of response we are seeking from others outside of this group - so let's not prejudge answers. Let's only frame the questions that will help us come to some sensible answers. Otherwise, we'll never get to the next steps.

And my apologies for the next meeting. I have a long day ahead on Wednesday (Sydney time) and taking calls at 2.00am won't help. So Ill read the transcript and be back in a fortnight (2 weeks for those who do not use the term)

Holly

On 16/01/2014, at 5:39 AM, Jim Bikoff wrote:

Don and all,

As we suggested earlier, and discussed in the last Group teleconference, it might be helpful, as a next step, if we reached a consensus on the groups of questions before sending them out to SO/ACs and SG/Cs.

This would involve two steps: First, agreeing on the name of each group; and second, streamlining the questions in each group.

In the first step, we could consider alternative headings (perhaps REGISTRATION instead of MAINTENANCE).

And in the second step, we could remove duplicative or vague questions.

This crystallization would make the questions more approachable, and encourage better responses.

I hope these ideas are helpful.

Best,

Jim

James L. Bikoff Silverberg, Goldman & Bikoff, LLP 1101 30th Street, NW Suite 120 Washington, DC 20007 Tel: 202-944-3303 Fax: 202-944-3306 jbikoff@sgbdc.com

From: Don Blumenthal <dblumenthal@pir.org> Date: January 14, 2014 11:09:23 AM EST To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Carlton's closing chat question Carlton posted an issue that shouldn¹t wait a week:

³John came up with 4 groups. Do we have a notion that others might be extracted? And where do we include/modify questions to address Stephanie's issue?"

Jim had four groups and an umbrella Main category, which may be instructive in itself in guiding how we proceed organizationally. Regardless, the consensus of commenters has been that his document is a significant improvement over where we were before, and I suggest that we use it as a baseline. However, we still have work to do on it. Feel free to suggest modifications.

Don

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org

https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- Dr. Robert Bruen Cold Rain Labs http://coldrain.net/bruen +1.802.579.6288