PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.” Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
SInce I think there is a distinct set of questions that can be asked on the other side, and that indeed have been asked, I would not support the inclusion of this set of (in my view) leading questions without the opposing questions. To do so would be to reflect a fundamental bias. I would prefer to say something along the lines of the use of proxy services by commercial entities could be restricted by national law, where such law applies. I believe we had a lengthy discussion about defining commercial activity. It seems to me it is not for ICANN to impose such restrictions on Internet activity through its limited remit over domain name registration, a point which we have made repeatedly. If you are going to insist on the inclusion of this (in my view leading) text then we need a few more days to prepare an opposing statement.....April 30 is an artificial deadline which I am surprised to see announced at this late date. cheers Stephanie On 2015-04-29 6:17, Graeme Bunton wrote:
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
---
Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result?
--- Thanks,
Graeme Bunton & Steve Metalitz
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Hello everyone, As there have been several drafts circulated between 19 December 2014 and 23 April 2015, staff thought it might be helpful for WG members to recall where and when the language in Section 1.3.3 first made an appearance. The three questions in Section 1.3.3 of the Executive Summary (i.e. the current language in the document) have been phrased in this way since the 29 January 2015 version in which a slight change was made to Question #1. This change was made by staff based on WG discussions on Section 1.3.3 specifically, which discussion occurred on the WG call of 23 January 2015. However, the other two questions remain unchanged from the original draft Initial Report that was circulated on 19 December 2014, and it may be helpful to note that one is taken from a WG Charter question on this topic. All three questions were included in the draft report based on the WG¹s discussions and agreed preliminary conclusions dating back to mid-2014, which were presented at a community session during the ICANN meeting in London in June 2014. The same language and preliminary conclusions were again presented to the community at the ICANN meeting in Los Angeles in October 2014. We realize that it is difficult to recall exactly where, when and how certain wording and versions may have been discussed, so we hope this is useful. In relation to the 30 April deadline for additional statements, this was a date discussed with the Working Group at the 14 April meeting, prior to which the current version of the Work Plan had been circulated and to which no further changes have been made. Do note that as we are finalizing an Initial Report, there will be opportunities for WG members and their communities to comment on any part of the Initial Report during the 60-day public comment period. The WG will then review all the public comments received and, if deemed appropriate, revise and finalize its recommendations. At that stage, there will also be an opportunity for the submission of additional or minority statements, if needed, following the formal consensus call of the full WG in relation to the Final Report. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> Date: Tuesday, April 28, 2015 at 18:39 To: PPSAI <gnso-ppsai-pdp-wg@icann.org> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
SInce I think there is a distinct set of questions that can be asked on the other side, and that indeed have been asked, I would not support the inclusion of this set of (in my view) leading questions without the opposing questions. To do so would be to reflect a fundamental bias. I would prefer to say something along the lines of the use of proxy services by commercial entities could be restricted by national law, where such law applies. I believe we had a lengthy discussion about defining commercial activity. It seems to me it is not for ICANN to impose such restrictions on Internet activity through its limited remit over domain name registration, a point which we have made repeatedly. If you are going to insist on the inclusion of this (in my view leading) text then we need a few more days to prepare an opposing statement.....April 30 is an artificial deadline which I am surprised to see announced at this late date. cheers Stephanie
On 2015-04-29 6:17, Graeme Bunton wrote:
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
---
Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: ³domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.²
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of ³commercial² or ³transactional² to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?² * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result?
Thanks,
Graeme Bunton & Steve Metalitz
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai-p dp-wg
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.” Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
James As a registrar or PP service provider how am I meant to assess this? It doesn’t scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.” Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions. · Yes-->Will you be using a 3rd party>No>Not eligible for P/P. · Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James As a registrar or PP service provider how am I meant to assess this? It doesn’t scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.” Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
James If you ask for something like this then it will become enforcable by contract and if it’s purely self-declaratory then it has zero value. So why do it at all? All it would do is cause headaches for everyone. Also most registrants that use PP do so from initial registration. A lot of people / businesses have no idea exactly how they are going to use a domain name until some time later Taking that a step further – if you take the “average” small business registrant they would have no idea what the question even means You’re free to ask for this kind of thing if you want, but considering we’re about to publish the interim report I would consider this to be something best left for a future iteration. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 08:24 To: Michele Neylon, Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: RE: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions. · Yes-->Will you be using a 3rd party>No>Not eligible for P/P. · Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James As a registrar or PP service provider how am I meant to assess this? It doesn’t scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.” Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
In that case why are we asking the financial processing question at all? Surely the question of processing financial transition is going to be self-declaratory as well? If I was introducing a new concept here I would 100% agree but I’m merely asking for an existing question to be more fine grained. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:31 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James If you ask for something like this then it will become enforcable by contract and if it’s purely self-declaratory then it has zero value. So why do it at all? All it would do is cause headaches for everyone. Also most registrants that use PP do so from initial registration. A lot of people / businesses have no idea exactly how they are going to use a domain name until some time later Taking that a step further – if you take the “average” small business registrant they would have no idea what the question even means You’re free to ask for this kind of thing if you want, but considering we’re about to publish the interim report I would consider this to be something best left for a future iteration. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 08:24 To: Michele Neylon, Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: RE: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions. · Yes-->Will you be using a 3rd party>No>Not eligible for P/P. · Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James As a registrar or PP service provider how am I meant to assess this? It doesn’t scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.” Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
James I *think* it's one of the charter questions. So we have to include it, though we did discuss it in detail months ago if I recall Regards Michele Mr Michele Neylon Blacknight Hosting & Domains http://www.blacknight.host/ http://www.mneylon.social Sent from mobile so typos and brevity are normal On 30 Apr 2015, at 08:42, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote: In that case why are we asking the financial processing question at all? Surely the question of processing financial transition is going to be self-declaratory as well? If I was introducing a new concept here I would 100% agree but I’m merely asking for an existing question to be more fine grained. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:31 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James If you ask for something like this then it will become enforcable by contract and if it’s purely self-declaratory then it has zero value. So why do it at all? All it would do is cause headaches for everyone. Also most registrants that use PP do so from initial registration. A lot of people / businesses have no idea exactly how they are going to use a domain name until some time later Taking that a step further – if you take the “average” small business registrant they would have no idea what the question even means You’re free to ask for this kind of thing if you want, but considering we’re about to publish the interim report I would consider this to be something best left for a future iteration. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 08:24 To: Michele Neylon, Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: RE: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions. · Yes-->Will you be using a 3rd party>No>Not eligible for P/P. · Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James As a registrar or PP service provider how am I meant to assess this? It doesn’t scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.” Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following: * names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome. Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote:
I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below.
The registrant is asked will you be processing financial transactions.
·YesàWill you be using a 3^rd party>No>Not eligible for P/P.
·YesàWill you be using a 3^rd party>Yes>Eligible for P/P.
I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James
*From:*Michele Neylon - Blacknight [mailto:michele@blacknight.com] *Sent:* Thursday, April 30, 2015 8:17 AM *To:* James Gannon; Graeme Bunton; PPSAI *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn’t scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.press - get our latest news & media coverage
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland Company No.: 370845
*From: *James Gannon *Date: *Thursday 30 April 2015 07:45 *To: *Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" *Subject: *Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3^rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below:
If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions?
There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon
*From:*gnso-ppsai-pdp-wg-bounces@icann.org <mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Graeme Bunton *Sent:* Tuesday, April 28, 2015 10:17 PM *To:* PPSAI *Subject:* [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
---
Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result?
--- Thanks,
Graeme Bunton & Steve Metalitz
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
To add to Stephanie¹s note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG: Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG¹s deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG¹s answer to this specific issue. As part of the WG¹s deliberations which took place primarily between April and June 2014 - the more specific formulation of ³transactional² to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki. The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014. Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any ³side² in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG¹s eventual resolution of this issue as part of its preparation of the Final Report. We hope this reminder of the background is of assistance. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org" <gnso-ppsai-pdp-wg@icann.org>, James Gannon <james@cyberinvasion.net>, Michele Blacknight <michele@blacknight.com> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following: * names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome. Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote:
I don¹t see this as asking providers to enforce anything similar to other questions when registering a domain, it¹s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below.
The registrant is asked will you be processing financial transactions.
· YesàWill you be using a 3rd party>No>Not eligible for P/P.
· YesàWill you be using a 3rd party>Yes>Eligible for P/P.
I¹m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James
From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn¹t scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn¹t viable
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.press - get our latest news & media coverage
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below:
If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions?
There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon
From:gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
---
Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: ³domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.²
Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of ³commercial² or ³transactional² to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?² * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result?
--- Thanks,
Graeme Bunton & Steve Metalitz
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai-p dp-wg
Mary, Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information. It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background. K Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos. On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: To add to Stephanie’s note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG: Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG’s deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG’s answer to this specific issue. As part of the WG’s deliberations – which took place primarily between April and June 2014 - the more specific formulation of “transactional” to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki. The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014. Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any “side” in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG’s eventual resolution of this issue as part of its preparation of the Final Report. We hope this reminder of the background is of assistance. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following: * names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome. Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions. · Yes-->Will you be using a 3rd party>No>Not eligible for P/P. · Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James As a registrar or PP service provider how am I meant to assess this? It doesn’t scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.” Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
+1 to Kiran. Justin Macy, PharmD/JD Staff Pharmacist/Legal Analyst <http://www.legitscript.com/> On Thu, Apr 30, 2015 at 7:09 AM, Kiran Malancharuvil < Kiran.Malancharuvil@markmonitor.com> wrote:
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto: mary.wong@icann.org>> wrote:
To add to Stephanie’s note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG’s deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG’s answer to this specific issue. As part of the WG’s deliberations – which took place primarily between April and June 2014 - the more specific formulation of “transactional” to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any “side” in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG’s eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto: stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" < gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
· Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
· Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn’t scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto: gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto: gnso-ppsai-pdp-wg-bounces@icann.org> [mailto: gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: * Compilation of Stakeholder Group and Constituency Statements * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee * Recommendations for policies, guidelines, best practices or other proposals to address the issue * Statement of level of consensus for the recommendations presented in the Initial Report * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility
I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this. -James -----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Mary, Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information. It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background. K Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos. On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG: Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki. The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014. Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report. We hope this reminder of the background is of assistance. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following: * names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome. Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions. * Yes-->Will you be using a 3rd party>No>Not eligible for P/P. * Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James As a registrar or PP service provider how am I meant to assess this? It doesn't scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Recommendations for policies, guidelines, best practices. Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: * Compilation of Stakeholder Group and Constituency Statements * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee * Recommendations for policies, guidelines, best practices or other proposals to address the issue * Statement of level of consensus for the recommendations presented in the Initial Report * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility
I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group -James -----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Recommendations for policies, guidelines, best practices. Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: * Compilation of Stakeholder Group and Constituency Statements * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee * Recommendations for policies, guidelines, best practices or other proposals to address the issue * Statement of level of consensus for the recommendations presented in the Initial Report * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility
I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
It is a recommendation for a policy/best practice from a portion of the group. K Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: * Compilation of Stakeholder Group and Constituency Statements * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee * Recommendations for policies, guidelines, best practices or other proposals to address the issue * Statement of level of consensus for the recommendations presented in the Initial Report * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility
I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin On 2015-04-30 23:34, Kiran Malancharuvil wrote:
It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: * Compilation of Stakeholder Group and Constituency Statements * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee * Recommendations for policies, guidelines, best practices or other proposals to address the issue * Statement of level of consensus for the recommendations presented in the Initial Report * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Stephanie, You had ample opportunity to prepare and present a white paper of your own. It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion. Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case. I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position. Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: * Compilation of Stakeholder Group and Constituency Statements * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee * Recommendations for policies, guidelines, best practices or other proposals to address the issue * Statement of level of consensus for the recommendations presented in the Initial Report * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th? Thanks for the clarifications. Stephanie On 2015-04-30 23:52, Kiran Malancharuvil wrote:
Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: * Compilation of Stakeholder Group and Constituency Statements * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee * Recommendations for policies, guidelines, best practices or other proposals to address the issue * Statement of level of consensus for the recommendations presented in the Initial Report * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Steve, myself and staff are discussing how to proceed while ensuring that balance is maintained. Thank you all for your contributions. Graeme On 2015-04-30 11:02 AM, Stephanie Perrin wrote:
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th?
Thanks for the clarifications. Stephanie
On 2015-04-30 23:52, Kiran Malancharuvil wrote:
Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
> After collection and review of information, the PDP Team and > Staff are responsible for producing an Initial Report. The > Initial Report should include the following elements: > * Compilation of Stakeholder Group and Constituency Statements > * Compilation of any statements received from any ICANN > Supporting Organization or Advisory Committee > * Recommendations for policies, guidelines, best practices or > other proposals to address the issue > * Statement of level of consensus for the recommendations > presented in the Initial Report > * Information regarding the members of the PDP Team, such as the > attendance records, Statements of Interest, etc. > * A statement on the WG discussion concerning impact of the > proposed recommendations, could consider areas such as economic, > competition, operations, privacy and other rights, scalability > and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditati on system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
Graeme and I have asked staff to insert a footnote in this section, providing links to the extensive discussions of the topic in WG meetings (telephonic and face to face) and on the mailing list, as background for the public. Steve From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Thursday, April 30, 2015 11:14 AM To: gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Steve, myself and staff are discussing how to proceed while ensuring that balance is maintained. Thank you all for your contributions. Graeme On 2015-04-30 11:02 AM, Stephanie Perrin wrote:
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th?
Thanks for the clarifications. Stephanie
On 2015-04-30 23:52, Kiran Malancharuvil wrote:
Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
> After collection and review of information, the PDP Team and > Staff are responsible for producing an Initial Report. The > Initial Report should include the following elements: > * Compilation of Stakeholder Group and Constituency Statements > * Compilation of any statements received from any ICANN > Supporting Organization or Advisory Committee > * Recommendations for policies, guidelines, best practices or > other proposals to address the issue > * Statement of level of consensus for the recommendations > presented in the Initial Report > * Information regarding the members of the PDP Team, such as the > attendance records, Statements of Interest, etc. > * A statement on the WG discussion concerning impact of the > proposed recommendations, could consider areas such as economic, > competition, operations, privacy and other rights, scalability > and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca>>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org>>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com<mailto:michele@blacknight.com%3cmailto:michele@blacknight.com>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/<https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/<https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0> http://blog.blacknight.com/<https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg> http://www.blacknight.press<https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk> - get our latest news & media coverage http://www.technology.ie<https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social<https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditati on system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
Steve, That seems like a logical compromise between both sides, it has my full support. -James From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Metalitz, Steven Sent: Thursday, April 30, 2015 4:36 PM To: 'Graeme Bunton'; gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Graeme and I have asked staff to insert a footnote in this section, providing links to the extensive discussions of the topic in WG meetings (telephonic and face to face) and on the mailing list, as background for the public. Steve From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Thursday, April 30, 2015 11:14 AM To: gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Steve, myself and staff are discussing how to proceed while ensuring that balance is maintained. Thank you all for your contributions. Graeme On 2015-04-30 11:02 AM, Stephanie Perrin wrote:
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th?
Thanks for the clarifications. Stephanie
On 2015-04-30 23:52, Kiran Malancharuvil wrote:
Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
> After collection and review of information, the PDP Team and > Staff are responsible for producing an Initial Report. The > Initial Report should include the following elements: > * Compilation of Stakeholder Group and Constituency Statements > * Compilation of any statements received from any ICANN > Supporting Organization or Advisory Committee > * Recommendations for policies, guidelines, best practices or > other proposals to address the issue > * Statement of level of consensus for the recommendations > presented in the Initial Report > * Information regarding the members of the PDP Team, such as the > attendance records, Statements of Interest, etc. > * A statement on the WG discussion concerning impact of the > proposed recommendations, could consider areas such as economic, > competition, operations, privacy and other rights, scalability > and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca>>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org>>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com<mailto:michele@blacknight.com%3cmailto:michele@blacknight.com>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/<https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/<https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0> http://blog.blacknight.com/<https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg> http://www.blacknight.press<https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk> - get our latest news & media coverage http://www.technology.ie<https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social<https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditati on system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
I agree, very sensible, assuming this means you will withdraw the proposed ancillary questions which have kicked off this debate. Kind regards Stephanie On 2015-05-01 0:42, James Gannon wrote: > > Steve, > > That seems like a logical compromise between both sides, it has my > full support. > > -James > > *From:*gnso-ppsai-pdp-wg-bounces@icann.org > [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Metalitz, > Steven > *Sent:* Thursday, April 30, 2015 4:36 PM > *To:* 'Graeme Bunton'; gnso-ppsai-pdp-wg@icann.org > *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 > > Graeme and I have asked staff to insert a footnote in this section, > providing links to the extensive discussions of the topic in WG > meetings (telephonic and face to face) and on the mailing list, as > background for the public. > > Steve > > *From:*gnso-ppsai-pdp-wg-bounces@icann.org > <mailto:gnso-ppsai-pdp-wg-bounces@icann.org> > [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Graeme Bunton > *Sent:* Thursday, April 30, 2015 11:14 AM > *To:* gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org> > *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 > > Steve, myself and staff are discussing how to proceed while ensuring > that balance is maintained. > Thank you all for your contributions. > > Graeme > On 2015-04-30 11:02 AM, Stephanie Perrin wrote: > > So let me get this very very clear, as i am new to the process. > > 1. The research report you offered was sent to the list. > > 2. It has never been part of the record. > > 3. You wish to see it added now, April 30th, 23:58 KST. > > 4, You are telling me I could have done the same thing. > > 5. I have Exactly how much time to submit a minority report in order > > to comply with the deadline of April 30th? > > > > Thanks for the clarifications. > > Stephanie > > > > On 2015-04-30 23:52, Kiran Malancharuvil wrote: > >> Stephanie, > >> > >> You had ample opportunity to prepare and present a white paper of > >> your own. > >> > >> It was not unsolicited, as at any time, members of the group are > >> welcome and encouraged to present their views on the matter under > >> discussion. > >> > >> Are you really saying that a well researched policy position and a > >> presentation of that research is NOT meant to be a part of the PDP > >> process? I really do not think that it the case. > >> > >> I know that you object to the position that the white paper explains, > >> but unless there is a concrete prohibition on linking to it (staff?) > >> it needs to be included, as we have every right to present the > >> complex legal argument behind our position. > >> > >> Kiran Malancharuvil > >> Internet Policy Counselor > >> MarkMonitor > >> 415-419-9138 (m) > >> > >> Sent from my mobile, please excuse any typos. > >> > >>> On Apr 30, 2015, at 7:45 AM, Stephanie Perrin > >>> <stephanie.perrin@mail.utoronto.ca > <mailto:stephanie.perrin@mail.utoronto.ca>> wrote: > >>> > >>> With great respect to Kiran and to the law firm that compiled the > >>> "white paper", I objected at the time and there was no indication > >>> that we accepted the white paper in our discussions, other than to > >>> say thanks. I would object strenuously to it being included. That > >>> was a totally unsolicited contribution from parties wishing to > >>> advance their case. You cannot attach that paper, without giving > >>> those on the other side an opportunity to counter it with another > >>> white paper. Frankly, the PDP process is not supposed to be about > >>> dualling unsolicited white papers. IF we need to have research > >>> done, we have to agree on what needs to be done if it is to be > >>> attached to the official call for comments. I don't wish to be > >>> ungracious, but the paper should not be added. > >>> Stephanie Perrin > >>> > >>>> On 2015-04-30 23:34, Kiran Malancharuvil wrote: > >>>> It is a recommendation for a policy/best practice from a portion of > >>>> the group. > >>>> > >>>> K > >>>> > >>>> Kiran Malancharuvil > >>>> Internet Policy Counselor > >>>> MarkMonitor > >>>> 415-419-9138 (m) > >>>> > >>>> Sent from my mobile, please excuse any typos. > >>>> > >>>>> On Apr 30, 2015, at 7:33 AM, James Gannon > >>>>> <james@cyberinvasion.net <mailto:james@cyberinvasion.net>> wrote: > >>>>> > >>>>> Unless we are suggesting that the whitepaper is consensus policy > >>>>> or best practice it does not fall under that category. We are > >>>>> presenting our policy recommendation already, which is the work > >>>>> product of the group > >>>>> > >>>>> -James > >>>>> > >>>>> -----Original Message----- > >>>>> From: Kiran Malancharuvil > >>>>> [mailto:Kiran.Malancharuvil@markmonitor.com] > >>>>> Sent: Thursday, April 30, 2015 3:31 PM > >>>>> To: James Gannon > >>>>> Cc: Mary Wong; PPSAI > >>>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section > >>>>> 1.3.3 > >>>>> > >>>>> Recommendations for policies, guidelines, best practices. > >>>>> > >>>>> Kiran Malancharuvil > >>>>> Internet Policy Counselor > >>>>> MarkMonitor > >>>>> 415-419-9138 (m) > >>>>> > >>>>> Sent from my mobile, please excuse any typos. > >>>>> > >>>>>> On Apr 30, 2015, at 7:29 AM, James Gannon > >>>>>> <james@cyberinvasion.net <mailto:james@cyberinvasion.net>> wrote: > >>>>>> > >>>>>> Quoting from the PDP Manual, there seems to be strong guidelines > >>>>>> of what goes out with the Initial Report: > >>>>>> > >>>>>>> After collection and review of information, the PDP Team and > >>>>>>> Staff are responsible for producing an Initial Report. The > >>>>>>> Initial Report should include the following elements: > >>>>>>> * Compilation of Stakeholder Group and Constituency Statements > >>>>>>> * Compilation of any statements received from any ICANN > >>>>>>> Supporting Organization or Advisory Committee > >>>>>>> * Recommendations for policies, guidelines, best practices or > >>>>>>> other proposals to address the issue > >>>>>>> * Statement of level of consensus for the recommendations > >>>>>>> presented in the Initial Report > >>>>>>> * Information regarding the members of the PDP Team, such as the > >>>>>>> attendance records, Statements of Interest, etc. > >>>>>>> * A statement on the WG discussion concerning impact of the > >>>>>>> proposed recommendations, could consider areas such as economic, > >>>>>>> competition, operations, privacy and other rights, scalability > >>>>>>> and feasibility > >>>>>> I don't see where in that framework the whitepaper would sit. I > >>>>>> would welcome others thoughts on this. > >>>>>> > >>>>>> -James > >>>>>> > >>>>>> -----Original Message----- > >>>>>> From: gnso-ppsai-pdp-wg-bounces@icann.org > <mailto:gnso-ppsai-pdp-wg-bounces@icann.org> > >>>>>> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran > >>>>>> Malancharuvil > >>>>>> Sent: Thursday, April 30, 2015 3:09 PM > >>>>>> To: Mary Wong > >>>>>> Cc: PPSAI > >>>>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section > >>>>>> 1.3.3 > >>>>>> > >>>>>> Mary, > >>>>>> > >>>>>> Since one side of this issue prepared a lengthy legal review to > >>>>>> address this question, I would request that that white paper be > >>>>>> included in the reference materials for the public comment. Since > >>>>>> public comment is meant to "resolve" this issue, commenters need > >>>>>> all of the information. > >>>>>> > >>>>>> It's not just down to feasibility of self-declaration at > >>>>>> registration (which frankly, many of us see as a cop out since > >>>>>> it's already done in some TLDs), but also legality. > >>>>>> Not trying to re-open the debate, but please, let's make sure the > >>>>>> community understands the various points and the background. > >>>>>> > >>>>>> K > >>>>>> > >>>>>> > >>>>>> Kiran Malancharuvil > >>>>>> Internet Policy Counselor > >>>>>> MarkMonitor > >>>>>> 415-419-9138 (m) > >>>>>> > >>>>>> Sent from my mobile, please excuse any typos. > >>>>>> > >>>>>> On Apr 30, 2015, at 6:58 AM, Mary Wong > >>>>>> <mary.wong@icann.org<mailto:mary.wong@icann.org > <mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>> wrote: > >>>>>> > >>>>>> To add to Stephanie's note that this specific issue - whether > >>>>>> registrants of domain names actively used for commercial > >>>>>> transactions ought to be disallowed from using P/P services - had > >>>>>> been discussed at some length by the WG: > >>>>>> > >>>>>> Please note that this part of the Initial Report draws heavily on > >>>>>> the detailed WG template for Charter Category C that was the > >>>>>> basis for the WG's deliberations on this topic. That template > >>>>>> contains lengthy descriptions of what had previously been termed > >>>>>> the majority and minority positions on the WG's answer to this > >>>>>> specific issue. As part of the WG's deliberations - which took > >>>>>> place primarily between April and June 2014 - the more specific > >>>>>> formulation of "transactional" to describe the sort of commercial > >>>>>> (i.e. Involving financial transactions) activities that were > >>>>>> being discussed was included in the language. All the templates > >>>>>> and suggested formulations discussed by the WG are recorded and > >>>>>> published on the WG wiki. > >>>>>> > >>>>>> The WG ultimately agreed to retain the two positions in the > >>>>>> Initial Report and to revisit the question during its review of > >>>>>> the public comments received. As noted previously, the WG's views > >>>>>> were presented to the community in London in June 2014 and again > >>>>>> in Los Angeles in October 2014. > >>>>>> > >>>>>> Therefore, the three questions in Section 1.3.3 of the Executive > >>>>>> Summary only go toward soliciting community input on this single > >>>>>> issue. They were not intended to represent a view of any "side" > >>>>>> in the WG with regard to this matter. If the WG prefers, we can > >>>>>> add a sentence to clarify and specify the reason for the > >>>>>> questions in Section 1.3.3. Fundamentally, the idea is that > >>>>>> public comments will facilitate the WG's eventual resolution of > >>>>>> this issue as part of its preparation of the Final Report. > >>>>>> > >>>>>> We hope this reminder of the background is of assistance. > >>>>>> > >>>>>> Cheers > >>>>>> Mary > >>>>>> > >>>>>> Mary Wong > >>>>>> Senior Policy Director > >>>>>> Internet Corporation for Assigned Names & Numbers (ICANN) > >>>>>> Telephone: +1 603 574 4892 > >>>>>> Email: mary.wong@icann.org<mailto:mary.wong@icann.org > <mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> From: Stephanie Perrin > >>>>>> > <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca > <mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca>>> > >>>>>> Date: Thursday, April 30, 2015 at 09:20 > >>>>>> To: > >>>>>> > "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org> > <mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" > > >>>>>> <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org > <mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org>>>, > James > >>>>>> Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net > <mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>>, > >>>>>> Michele Blacknight > >>>>>> <michele@blacknight.com<mailto:michele@blacknight.com > <mailto:michele@blacknight.com%3cmailto:michele@blacknight.com>>> > >>>>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section > >>>>>> 1.3.3 > >>>>>> > >>>>>> James, prior to you joining the group, we had discussed this at > >>>>>> some length. IN fact, I really thought that the many reasons why > >>>>>> sorting out the purpose of a registration is problematic had > >>>>>> buried this debate, but apparently not. Some of the issues > >>>>>> raised, according to my recollection were the following: > >>>>>> > >>>>>> * names are registered prior to decisions about content > >>>>>> * content changes over time > >>>>>> * most countries regulate e-commerce in some fashion, so that > >>>>>> website commercial activity does not have to be regulated by ICANN > >>>>>> * ICANN should not be in the business of regulating content in > >>>>>> the first place (and sorting out who is extracting a material > >>>>>> consideration from a website in order to deny them the ability to > >>>>>> use a proxy registration is certainly a form of regulation) > >>>>>> * definitions of commercial activity vary widely around the world > >>>>>> * bad actors will not declare, registrars cannot police this > >>>>>> matter > >>>>>> * criminal prosecution is not dependent on WHOIS information > >>>>>> * if this is really about the ability to detect market > >>>>>> information, ICANN should not be in the business of making > >>>>>> registrant information available for market purposes, it does it > >>>>>> for security and stability. > >>>>>> * contactability remains, regardless of which registrant info > >>>>>> appears in WHOIS > >>>>>> > >>>>>> I am planning to reformulate these into questions to match the > >>>>>> questions on the other side, suggestions welcome. > >>>>>> > >>>>>> Stephanie Perrin > >>>>>> On 2015-04-30 16:24, James Gannon wrote: > >>>>>> I don't see this as asking providers to enforce anything similar > >>>>>> to other questions when registering a domain, it's a > >>>>>> self-reported assessment. All it does is add an additional branch > >>>>>> to the decision tree for eligibility, which will already be there > >>>>>> to determine eligibility due to the other reasons listed below. > >>>>>> The registrant is asked will you be processing financial > >>>>>> transactions. > >>>>>> > >>>>>> > >>>>>> * Yes-->Will you be using a 3rd party>No>Not eligible for > >>>>>> P/P. > >>>>>> > >>>>>> * Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. > >>>>>> > >>>>>> > >>>>>> I'm not asking registrars to enforce law but to see if a more > >>>>>> finely grained eligibility process can be enacted. Or at least is > >>>>>> there is public support for more granularity. > >>>>>> > >>>>>> -James > >>>>>> From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] > >>>>>> Sent: Thursday, April 30, 2015 8:17 AM > >>>>>> To: James Gannon; Graeme Bunton; PPSAI > >>>>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section > >>>>>> 1.3.3 > >>>>>> > >>>>>> James > >>>>>> > >>>>>> As a registrar or PP service provider how am I meant to assess > this? > >>>>>> > >>>>>> It doesn't scale > >>>>>> > >>>>>> Seriously. > >>>>>> > >>>>>> If, for example, there is an Irish operated website that is not > >>>>>> complying with Irish law then it would be up to the ODCE > >>>>>> (http://www.odce.ie/ > <https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg>) > to enforce whatever needs enforcing, as it > >>>>>> would be up to the DPA to enforce any issues around data privacy > >>>>>> etc., etc., > >>>>>> > >>>>>> Attempting to force registrars and PP providers to make these > >>>>>> kind of evaluations is not going to work. > >>>>>> > >>>>>> Issues like PCI-DSS compliance are matters that should be dealt > >>>>>> with by the DPA and the banks. > >>>>>> > >>>>>> Forcing registrars and PP providers to start getting involved in > >>>>>> that kind of assessment isn't viable > >>>>>> > >>>>>> Regards > >>>>>> > >>>>>> Michele > >>>>>> > >>>>>> -- > >>>>>> Mr Michele Neylon > >>>>>> Blacknight Solutions > >>>>>> Hosting, Colocation & Domains > >>>>>> http://www.blacknight.host/ > <https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0> > >>>>>> http://blog.blacknight.com/ > <https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg> > >>>>>> http://www.blacknight.press > <https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk> > - get our latest news & media > >>>>>> coverage http://www.technology.ie > <https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc> > Intl. +353 (0) 59 9183072 > >>>>>> Direct Dial: +353 (0)59 9183090 > >>>>>> Social: http://mneylon.social > <https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY> > >>>>>> ------------------------------- > >>>>>> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business > >>>>>> Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 > >>>>>> > >>>>>> From: James Gannon > >>>>>> Date: Thursday 30 April 2015 07:45 > >>>>>> To: Graeme Bunton, > >>>>>> > "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org> > <mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" > >>>>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section > >>>>>> 1.3.3 > >>>>>> > >>>>>> I would personally like to see if there is public traction for > >>>>>> distinguishing between sites directly processing financial > >>>>>> truncations and sites who use 3rd parties for processing > >>>>>> financial transactions as this is a very important distinction. A > >>>>>> simple and I hope non-controversial additional question to the > >>>>>> ones below: > >>>>>> If so, should domains which use a third party to process > >>>>>> financial transactions (i.e Paypal, Stripe), and thus do not > >>>>>> directly process financial information, be subject to the same > >>>>>> restrictions? > >>>>>> There are strong existing distinctions both in national laws and > >>>>>> in regulations such as PCI-DSS between these two forms. > >>>>>> > >>>>>> -James Gannon > >>>>>> > From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> > > >>>>>> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme > >>>>>> Bunton > >>>>>> Sent: Tuesday, April 28, 2015 10:17 PM > >>>>>> To: PPSAI > >>>>>> Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 > >>>>>> > >>>>>> Thanks to all WG members for a very productive call earlier > >>>>>> today(and to Steve for his chairing acumen). The co-chairs and > >>>>>> staff met this afternoon to tie down two loose ends from the call. > >>>>>> > >>>>>> Regarding the deadline for public comments on the Initial Report, > >>>>>> we recognize there is considerable support for extending the > >>>>>> public comment period to 60 days instead of the standard 40 days > >>>>>> on which we have all been planning. We are prepared to agree to > >>>>>> this, but with the caveat that this will have repercussions on > >>>>>> the pace and intensity of our work once public comments have been > >>>>>> received. Specifically, if the public comment deadline is > >>>>>> extended until July 3 (60 days after our publication date of May > >>>>>> 4), we will need to plan on at least weekly calls throughout July > >>>>>> and August, some of which may need to be more than an hour in > >>>>>> length, to review these comments and move toward a Final Report. > >>>>>> Otherwise, we jeopardize the prospects for getting the Final > >>>>>> Report in front of the GNSO council no later than the Dublin > >>>>>> ICANN meeting. As was noted on the call today, many additional > >>>>>> steps need to take place even after this WG issues its Final > >>>>>> Report before any new accreditati > > on > >>>> system can be implemented, so the time pressure imposed by the > >>>> expiration of the Interim Specification at the end of next year is > >>>> already real. > >>>>>> Also, as previously announced over the past few weeks, if any WG > >>>>>> members (or group of members) wish to submit a brief separate or > >>>>>> additional statement for inclusion in the package posted for > >>>>>> public comment next Monday, such statements need to be received > >>>>>> by staff no later than Thursday, April 30. > >>>>>> > >>>>>> Lastly, the other loose end involves proposed revisions to > >>>>>> section 1.3.3 of the Initial Report, which were presented on the > >>>>>> call earlier today but which we did not have time to discuss > >>>>>> fully. We agree that this section could benefit from some > >>>>>> revision, but believe it should take the form of greater > >>>>>> concision, not additional presentation of arguments for the > >>>>>> divergent positions. Thus we suggest that section 1.3.3 be > >>>>>> revised to read as follows: > >>>>>> > >>>>>> --- > >>>>>> Although the WG agreed that the mere fact that a domain name is > >>>>>> registered by a commercial entity or by anyone conducting > >>>>>> commercial activity should not preclude the use of P/P services , > >>>>>> there was disagreement over whether domain names that are > >>>>>> actively used for commercial transactions (e.g. the sale or > >>>>>> exchange of goods or services) should be prohibited from using > >>>>>> P/P services. While most WG members did not believe such a > >>>>>> prohibition is necessary or practical, some members believed that > >>>>>> registrants of such domain names should not be able to use or > >>>>>> continue using proxy or privacy services. > >>>>>> > >>>>>> For those that argued that it is necessary and practical to limit > >>>>>> access to P/P services to exclude commercial entities, the > >>>>>> following text was proposed to clarify and define their position: > >>>>>> "domains used for online financial transactions for commercial > >>>>>> purpose should be ineligible for privacy and proxy registrations." > >>>>>> > >>>>>> Public comment is therefore specifically invited on the following > >>>>>> questions: > >>>>>> > >>>>>> * Should registrants of domain names associated with commercial > >>>>>> activities and which are used for online financial transactions > >>>>>> be prohibited from using, or continuing to use, privacy and proxy > >>>>>> services? > >>>>>> * If so, will it be useful to adopt a definition of > >>>>>> "commercial" or "transactional" to define those domains for which > >>>>>> P/P service registrations should be disallowed? And if so, what > >>>>>> should the definition(s) be?" > >>>>>> * Will it be necessary to make a distinction in the WHOIS data > >>>>>> fields to be displayed as a result? > >>>>>> --- > >>>>>> Thanks, > >>>>>> > >>>>>> Graeme Bunton & Steve Metalitz > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> -- > >>>>>> > >>>>>> _________________________ > >>>>>> > >>>>>> Graeme Bunton > >>>>>> > >>>>>> Manager, Management Information Systems > >>>>>> > >>>>>> Manager, Public Policy > >>>>>> > >>>>>> Tucows Inc. > >>>>>> > >>>>>> PH: 416 535 0123 ext 1634 > >>>>>> > >>>>>> > >>>>>> > >>>>>> _______________________________________________ > >>>>>> Gnso-ppsai-pdp-wg mailing list > >>>>>> > Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg > <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> > > >>>>>> > >>>>>> > >>>>>> _______________________________________________ > >>>>>> Gnso-ppsai-pdp-wg mailing list > >>>>>> Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org > <mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> > >>>>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg > <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> > >>>>>> _______________________________________________ > >>>>>> Gnso-ppsai-pdp-wg mailing list > >>>>>> Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org> > >>>>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg > <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> > >>>> _______________________________________________ > >>>> Gnso-ppsai-pdp-wg mailing list > >>>> Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org> > >>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg > <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> > >>> > >>> _______________________________________________ > >>> Gnso-ppsai-pdp-wg mailing list > >>> Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org> > >>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg > <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> > > > > > > _______________________________________________ > > Gnso-ppsai-pdp-wg mailing list > > Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org> > > https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg > <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> > > -- > _________________________ > Graeme Bunton > Manager, Management Information Systems > Manager, Public Policy > Tucows Inc. > PH: 416 535 0123 ext 1634 > > _______________________________________________ > Gnso-ppsai-pdp-wg mailing list > Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg > <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> > > > > _______________________________________________ > Gnso-ppsai-pdp-wg mailing list > Gnso-ppsai-pdp-wg@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Stephanie, this crossed my message supporting some of your suggestions for making those questions clearer. From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Stephanie Perrin Sent: Thursday, April 30, 2015 11:56 AM To: gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I agree, very sensible, assuming this means you will withdraw the proposed ancillary questions which have kicked off this debate. Kind regards Stephanie On 2015-05-01 0:42, James Gannon wrote: Steve, That seems like a logical compromise between both sides, it has my full support. -James From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Metalitz, Steven Sent: Thursday, April 30, 2015 4:36 PM To: 'Graeme Bunton'; gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Graeme and I have asked staff to insert a footnote in this section, providing links to the extensive discussions of the topic in WG meetings (telephonic and face to face) and on the mailing list, as background for the public. Steve From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Thursday, April 30, 2015 11:14 AM To: gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Steve, myself and staff are discussing how to proceed while ensuring that balance is maintained. Thank you all for your contributions. Graeme On 2015-04-30 11:02 AM, Stephanie Perrin wrote:
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th?
Thanks for the clarifications. Stephanie
On 2015-04-30 23:52, Kiran Malancharuvil wrote:
Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
> After collection and review of information, the PDP Team and > Staff are responsible for producing an Initial Report. The > Initial Report should include the following elements: > * Compilation of Stakeholder Group and Constituency Statements > * Compilation of any statements received from any ICANN > Supporting Organization or Advisory Committee > * Recommendations for policies, guidelines, best practices or > other proposals to address the issue > * Statement of level of consensus for the recommendations > presented in the Initial Report > * Information regarding the members of the PDP Team, such as the > attendance records, Statements of Interest, etc. > * A statement on the WG discussion concerning impact of the > proposed recommendations, could consider areas such as economic, > competition, operations, privacy and other rights, scalability > and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca>>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org>>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com<mailto:michele@blacknight.com%3cmailto:michele@blacknight.com>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/<https://protect-us.mimecast.com/r/4lNzdG4V_LBmiovLA6p9BZsfLgWW8IZSZ8mzFYFSEGMRVcYO2zG2wkLeacYjtsSRf_sSF--BDXNIv1JkaSjK7YDkV7Wh91AMXWzAHM8Zc7w5foIbeKPzTB9Jb3n8Rk3oYWdB4A_Jt2ltxZR7APcRWG0IyDnycx5VoJ08erpju3GxLxy1dILiNWX72a25S9Yyrm1Fh6eWqHxtrhsqZmkrRym4-JZgjGuT25ptP-Tf0ChXEp9Oy2VafY---UlWYnIhutuM8Qeql3uCVIJEvhilzgK06gmUWfWZUI409JAcmXc-w5egvrI21Srqo5zbQdnsPIl2yRBRiJy4YZ-h-c7WM_Y0EMYghq1BrKeMdTU94YwRb9V0rLPfV6BN36pbf5NyooXX3sVlMzjnI4nh6u0IpcQrhd1oL7F3QAsO8MVGCWywmASjHPWQatBHt4UH0ihcq6sfPIxUCQHG8ffuWeD1uJ8KMuVubzQxqF8KnvhpmA_Th65ShbIpsv0BqAqVZ9ZNvoP627Jn5avKDQthQYCUxg>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/<https://protect-us.mimecast.com/r/l1oPubFTSPL9jkLJYE-i_s_cVzwLdAYnEJLnyze4qcofGbVp0De8ZHa2UK3gf0UhGuOGUKJQPGBL8lrGKGKjds5fxrj5NlbVvg9BxM3Opb82UmPCznna5WJ9PwzhPNi5xrpUMWyCGaWGfCaocAES27yfoPTWBDpFvCjuT5lto5W4SvdmLIEzA858Pp4koY144mx4sCSiYqVF1oSQjBUoaxLy4o0qUijmXox-r3SZwQHhehoe25fdF04TqxWWiSTMxwITNDqt5fEHRfaCHadDi3x8h2yaBwI4D9yYpnjwhcylZi_w_tU7osnBvi4lhetcT-sBjy_UxmIawTToN10n7w-_l-0AzyR-eFJd-kg218qDM3-LAJNnPlGoBQ7sXSeedCLC_8MZKx2jkESGtfItjyfLdRPa4i03KBw0P7yCMwqaaG83u4JpwuR-pJjmqEhj_IYYcrKA-B6fCjuTzUuEUnmzG5IvmmhU4_FC5JETN9UcdPuTdmsRn4IgbqDMivZgyLKNiyUi2PbzBwz2O4AmjzBgrFeG-75fubDeaQQBFnSdlGYaje4umIN-mXeQ2jP1> http://blog.blacknight.com/<https://protect-us.mimecast.com/r/4W4r20DAZy2h6dpYp2Tzq7FTSQAmTYs1vfAQIkdyfvJMDu0tcKmiKOwsAOTvBSlLTi59FHgM_on9QsvD9CudMpRih0I6gjXq2A4dY6O3q-el3LcyPasQf5tNiiIjFSoLe4-RGWuQcN2f9jXygxx1wp1E3sv8txhcCC1UoD9h6Kzi2vgT9SkXvpFHliyZIF2T31a9K0Lwnl55R94GruRYOcDjbX7Gf_cm6XnmW7UXZuI--pr5KLNxaqYBbS75-hjmGoQi0uOfRwccxXRwvyYLDmdbReZa5H9CpX_Ci4xt8r9IL23kJlIOZSvO7l-a0YReANZnxal2lCMTQxwhNiLimdPtU5VOy2Ioa22r1qJ3jY-4L6N9nCH8stI-uLtVpkYUPc3RvOiu_yOfgfI1l70U4w-qK81Jaixy9HpNT1Ux06f6VAWKbEkySx61Yb-Y6D7Eu4QgIjDhJlsJsub-Psbz12zynvHmip6LmH0FyLQpmZ8NhSxHFxm3YUX03mPL3m6Jw4wsHiFDp8mOLyq83OvhEiG8-KJrVmORyqJbvdaAGpN_hwtrXjLL30rKl_G8yzmQ> http://www.blacknight.press<https://protect-us.mimecast.com/r/zPN5CjAJdRJWk2B85RfU9bzzLTFtJr4NLfR-96KjMGyFiGknSAd74cCJ9GvA9kaD-vS8gui8v0NBYOirWVK2xaxEySYrhl2eJjehgZhqe6EM2ROpf-ga40yWnn5xy-c-63NhmIm1zcBNoKTSYjeNP-JoK3ZTuo9fcXf-gjUC0geZ0i9lAqAcPsy8IEGy_8nCJaqJ0jLbzqGABaam2zacCALcPGMdo7ZbSmL1Gxs2K3bztp9EWXROi2v6xvmD3GvF30-zcbF_W2yoR57XnsOemzhLSFe1TvxKwMC7qpk2ZcuWiNHdc6IpLVyFrtCoJSOyZmRX5XwWUrqwrs3DfQJOrN3MfKD1mb52hx-puFq3DmM-8xYWTvoyidluw_-iyz10fHE4jnJ8a0bNMzEjJsQlG80jFpqfalyc8sayVT7t6qzyZudj7E8-67SeBCUbqzsbck6ckMrMqVZlZpG7MELOH-otpZvr-Y8ELA8omOG7Jx60KL9ssVcKQnEEIJ2zoKuO-w1CvJ6aO838upI02RQnBFQHaWAg2HIAC4FUg-N8MfLY-WEjSnVXkhmi5PF3oy_h> - get our latest news & media coverage http://www.technology.ie<https://protect-us.mimecast.com/r/CUWs47OhCB2aa9RLj9Ftm3OqyHdbegkLXSOpMV8uBRbvwT8HsSuNUBKuLqaFsB7wEKsfGHvZUVWYE-BMah9Ne8IWBG2s_bX5r7b_TJL__FuNOKKGwGL-8U1r4vABiKSmYEwflrHGjQyceV-8DAd_fT1NCFaQJTyaRS0syYAweeUF8-iRajucVR2j2TBJBJdWPqQfVlJc9USo93NJROMUjbZ19wmQiF9AfNy9_OPxB3m0aLhvE0ZO4ciBDl5x4cBlLzPLm1Yjva9JRou5CLrxVpqUAX1aaGCqGi1UqaZErXONEpv4r0LDdvXud_hwOHoD4gjKskjzkZoSqfXgfWeHDLtWlGygCxcKp2Gltk1vfrZVDQysBdb1iuphpR7R8ptrBwXr-qekyrlGwPnvmJ4b1zktVIjl3VTNZEtfoSxFdDJDyRnwRQo7gPwrON4tVFHPQQ6X3uw4CiOWAlwb2sGkEUkOj3bucsbxHpwc3Pq6O5ujbwB9uw08FQv2_5n3Cu_tw7LpdTxd1QMI8rfIRMqiFuB5vdiI-2hipGCXEpIXSbnB_h4aee2mjP129nm7QevJ> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social<https://protect-us.mimecast.com/r/0oGY1mVf_smwKlCBVH2VOnpfmhsH1QKCI9PoPtiLiBYOkQKP5WYNb14N4SlMX7ATkUU7bDnJB3KdSXOHn_F7Li19YrJbT2HfbkvMlX4QZXNtM-djZW8BymhcAivn1_ZLP2AfKbDLzRQmtzWdiif_JIJZ9hvfSwiUATjMrCjPDQ9T9eDIhS6VIc7PQoyGuTTPlSDtMYVcWwoJ07XRHLWmFbQ8FODMPVY-EM3fEmYldXDJy7Ny6i2n6RQP7Q6zU3B4jHg7VefC-bqS3GASQocWI-UUSAFU53eZEcCWcFa4-H1mi2LgFvtmsddIS1K73ev9yE13XK_mNgM6r1AUH6sEzkQXKc_gSb71qAt70xEUBTorPTxPkG0FEkZBb-6XlspCaqcxR4-6PzMMotyuWLBhZ15PH09fH4arj25zvTD6O-4WXLfkfHH8Iq7NAOUGOV8ifAdQt74uWvJWU8Kja_RDjE7Z9NhMhCAAQmWozknnPPWSRPnwheQYRgPrmVI0ZQt79ZlVbwiH7IioW4efxkCaQU3TOhOd_YjWWljTbAVTBWhbXPGl1CnbR12PBoP0MZMr> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:From:gnso-ppsai-pdp-wg-bounces@icann.org><mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditati on system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org><mailto:Gnso-ppsai-pdp-wg@icann.org><mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
Steve, I'm not sure I understand what is being proposed here. Are we still able to submit our statement (the deadline is today)? Are we allowed to link to the white paper in our statement? What links are to be provided? Just a link to the mailing list archive and call transcripts? That would not be appropriate. Asking folks to sort through the emails/calls looking for relevant information means that it will be essentially buried and inaccessible. K Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos. On Apr 30, 2015, at 8:38 AM, Metalitz, Steven <met@msk.com<mailto:met@msk.com>> wrote: Graeme and I have asked staff to insert a footnote in this section, providing links to the extensive discussions of the topic in WG meetings (telephonic and face to face) and on the mailing list, as background for the public. Steve From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Thursday, April 30, 2015 11:14 AM To: gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Steve, myself and staff are discussing how to proceed while ensuring that balance is maintained. Thank you all for your contributions. Graeme On 2015-04-30 11:02 AM, Stephanie Perrin wrote:
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th?
Thanks for the clarifications. Stephanie
On 2015-04-30 23:52, Kiran Malancharuvil wrote:
Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
> After collection and review of information, the PDP Team and > Staff are responsible for producing an Initial Report. The > Initial Report should include the following elements: > * Compilation of Stakeholder Group and Constituency Statements > * Compilation of any statements received from any ICANN > Supporting Organization or Advisory Committee > * Recommendations for policies, guidelines, best practices or > other proposals to address the issue > * Statement of level of consensus for the recommendations > presented in the Initial Report > * Information regarding the members of the PDP Team, such as the > attendance records, Statements of Interest, etc. > * A statement on the WG discussion concerning impact of the > proposed recommendations, could consider areas such as economic, > competition, operations, privacy and other rights, scalability > and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca>>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org>>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com<mailto:michele@blacknight.com%3cmailto:michele@blacknight.com>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/<https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/<https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0> http://blog.blacknight.com/<https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg> http://www.blacknight.press<https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk> - get our latest news & media coverage http://www.technology.ie<https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social<https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:ppsai-pdp-wg-bounces@icann.org><mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditati on system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org><mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Kiran, Of course you (and any other member of the WG) can submit a separate statement today and can include in it whatever you wish. We have asked that statements be limited to 1-2 pages if at all possible. Steve From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 12:26 PM To: Metalitz, Steven Cc: Graeme Bunton; gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Steve, I'm not sure I understand what is being proposed here. Are we still able to submit our statement (the deadline is today)? Are we allowed to link to the white paper in our statement? What links are to be provided? Just a link to the mailing list archive and call transcripts? That would not be appropriate. Asking folks to sort through the emails/calls looking for relevant information means that it will be essentially buried and inaccessible. K Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos. On Apr 30, 2015, at 8:38 AM, Metalitz, Steven <met@msk.com<mailto:met@msk.com<mailto:met@msk.com%3cmailto:met@msk.com>>> wrote: Graeme and I have asked staff to insert a footnote in this section, providing links to the extensive discussions of the topic in WG meetings (telephonic and face to face) and on the mailing list, as background for the public. Steve From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org%3cmailto:gnso-ppsai-pdp-wg-bounces@icann.org>> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Thursday, April 30, 2015 11:14 AM To: gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Steve, myself and staff are discussing how to proceed while ensuring that balance is maintained. Thank you all for your contributions. Graeme On 2015-04-30 11:02 AM, Stephanie Perrin wrote:
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th?
Thanks for the clarifications. Stephanie
On 2015-04-30 23:52, Kiran Malancharuvil wrote:
Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca>>> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
> After collection and review of information, the PDP Team and > Staff are responsible for producing an Initial Report. The > Initial Report should include the following elements: > * Compilation of Stakeholder Group and Constituency Statements > * Compilation of any statements received from any ICANN > Supporting Organization or Advisory Committee > * Recommendations for policies, guidelines, best practices or > other proposals to address the issue > * Statement of level of consensus for the recommendations > presented in the Initial Report > * Information regarding the members of the PDP Team, such as the > attendance records, Statements of Interest, etc. > * A statement on the WG discussion concerning impact of the > proposed recommendations, could consider areas such as economic, > competition, operations, privacy and other rights, scalability > and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org%3cmailto:gnso-ppsai-pdp-wg-bounces@icann.org>> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca>>>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e%3cmailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e%3e>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org>>>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com<mailto:michele@blacknight.com%3cmailto:michele@blacknight.com<mailto:michele@blacknight.com%3cmailto:michele@blacknight.com%3cmailto:michele@blacknight.com%3cmailto:michele@blacknight.com>>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/<https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg><https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg<https://protect-us.mimecast.com/r/4lNzdG4V_LBmiovLA6p9BZsfLgWW8IZSZ8mzFYFSEGMRVcYO2zG2wkLeacYjtsSRf_sSF--BDXNIv1JkaSjK7YDkV7Wh91AMXWzAHM8Zc7w5foIbeKPzTB9Jb3n8Rk3oYWdB4A_Jt2ltxZR7APcRWG0IyDnycx5VoJ08erpju3GxLxy1dILiNWX72a25S9Yyrm1Fh6eWqHxtrhsqZmkrRym4-JZgjGuT25ptP-Tf0ChXEp9Oy2VafY---UlWYnIhutuM8Qeql3uCVIJEvhilzgK06gmUWfWZUI409JAcmXc-w5egvrI21Srqo5zbQdnsPIl2yRBRiJy4YZ-h-c7WM_Y0EMYghq1BrKeMdTU94YwRb9V0rLPfV6BN36pbf5NyooXX3sVlMzjnI4nh6u0IpcQrhd1oL7F3QAsO8MVGCWywmASjHPWQatBHt4UH0ihcq6sfPIxUCQHG8ffuWeD1uJ8KMuVubzQxqF8KnvhpmA_Th65ShbIpsv0BqAqVZ9ZNvoP627Jn5avKDQthQYCUxg>>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/<https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0><https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0<https://protect-us.mimecast.com/r/l1oPubFTSPL9jkLJYE-i_s_cVzwLdAYnEJLnyze4qcofGbVp0De8ZHa2UK3gf0UhGuOGUKJQPGBL8lrGKGKjds5fxrj5NlbVvg9BxM3Opb82UmPCznna5WJ9PwzhPNi5xrpUMWyCGaWGfCaocAES27yfoPTWBDpFvCjuT5lto5W4SvdmLIEzA858Pp4koY144mx4sCSiYqVF1oSQjBUoaxLy4o0qUijmXox-r3SZwQHhehoe25fdF04TqxWWiSTMxwITNDqt5fEHRfaCHadDi3x8h2yaBwI4D9yYpnjwhcylZi_w_tU7osnBvi4lhetcT-sBjy_UxmIawTToN10n7w-_l-0AzyR-eFJd-kg218qDM3-LAJNnPlGoBQ7sXSeedCLC_8MZKx2jkESGtfItjyfLdRPa4i03KBw0P7yCMwqaaG83u4JpwuR-pJjmqEhj_IYYcrKA-B6fCjuTzUuEUnmzG5IvmmhU4_FC5JETN9UcdPuTdmsRn4IgbqDMivZgyLKNiyUi2PbzBwz2O4AmjzBgrFeG-75fubDeaQQBFnSdlGYaje4umIN-mXeQ2jP1>> http://blog.blacknight.com/<https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg><https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg<https://protect-us.mimecast.com/r/4W4r20DAZy2h6dpYp2Tzq7FTSQAmTYs1vfAQIkdyfvJMDu0tcKmiKOwsAOTvBSlLTi59FHgM_on9QsvD9CudMpRih0I6gjXq2A4dY6O3q-el3LcyPasQf5tNiiIjFSoLe4-RGWuQcN2f9jXygxx1wp1E3sv8txhcCC1UoD9h6Kzi2vgT9SkXvpFHliyZIF2T31a9K0Lwnl55R94GruRYOcDjbX7Gf_cm6XnmW7UXZuI--pr5KLNxaqYBbS75-hjmGoQi0uOfRwccxXRwvyYLDmdbReZa5H9CpX_Ci4xt8r9IL23kJlIOZSvO7l-a0YReANZnxal2lCMTQxwhNiLimdPtU5VOy2Ioa22r1qJ3jY-4L6N9nCH8stI-uLtVpkYUPc3RvOiu_yOfgfI1l70U4w-qK81Jaixy9HpNT1Ux06f6VAWKbEkySx61Yb-Y6D7Eu4QgIjDhJlsJsub-Psbz12zynvHmip6LmH0FyLQpmZ8NhSxHFxm3YUX03mPL3m6Jw4wsHiFDp8mOLyq83OvhEiG8-KJrVmORyqJbvdaAGpN_hwtrXjLL30rKl_G8yzmQ>> http://www.blacknight.press<https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk><https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk<https://protect-us.mimecast.com/r/zPN5CjAJdRJWk2B85RfU9bzzLTFtJr4NLfR-96KjMGyFiGknSAd74cCJ9GvA9kaD-vS8gui8v0NBYOirWVK2xaxEySYrhl2eJjehgZhqe6EM2ROpf-ga40yWnn5xy-c-63NhmIm1zcBNoKTSYjeNP-JoK3ZTuo9fcXf-gjUC0geZ0i9lAqAcPsy8IEGy_8nCJaqJ0jLbzqGABaam2zacCALcPGMdo7ZbSmL1Gxs2K3bztp9EWXROi2v6xvmD3GvF30-zcbF_W2yoR57XnsOemzhLSFe1TvxKwMC7qpk2ZcuWiNHdc6IpLVyFrtCoJSOyZmRX5XwWUrqwrs3DfQJOrN3MfKD1mb52hx-puFq3DmM-8xYWTvoyidluw_-iyz10fHE4jnJ8a0bNMzEjJsQlG80jFpqfalyc8sayVT7t6qzyZudj7E8-67SeBCUbqzsbck6ckMrMqVZlZpG7MELOH-otpZvr-Y8ELA8omOG7Jx60KL9ssVcKQnEEIJ2zoKuO-w1CvJ6aO838upI02RQnBFQHaWAg2HIAC4FUg-N8MfLY-WEjSnVXkhmi5PF3oy_h>> - get our latest news & media coverage http://www.technology.ie<https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc><https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc<https://protect-us.mimecast.com/r/CUWs47OhCB2aa9RLj9Ftm3OqyHdbegkLXSOpMV8uBRbvwT8HsSuNUBKuLqaFsB7wEKsfGHvZUVWYE-BMah9Ne8IWBG2s_bX5r7b_TJL__FuNOKKGwGL-8U1r4vABiKSmYEwflrHGjQyceV-8DAd_fT1NCFaQJTyaRS0syYAweeUF8-iRajucVR2j2TBJBJdWPqQfVlJc9USo93NJROMUjbZ19wmQiF9AfNy9_OPxB3m0aLhvE0ZO4ciBDl5x4cBlLzPLm1Yjva9JRou5CLrxVpqUAX1aaGCqGi1UqaZErXONEpv4r0LDdvXud_hwOHoD4gjKskjzkZoSqfXgfWeHDLtWlGygCxcKp2Gltk1vfrZVDQysBdb1iuphpR7R8ptrBwXr-qekyrlGwPnvmJ4b1zktVIjl3VTNZEtfoSxFdDJDyRnwRQo7gPwrON4tVFHPQQ6X3uw4CiOWAlwb2sGkEUkOj3bucsbxHpwc3Pq6O5ujbwB9uw08FQv2_5n3Cu_tw7LpdTxd1QMI8rfIRMqiFuB5vdiI-2hipGCXEpIXSbnB_h4aee2mjP129nm7QevJ>> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social<https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY><https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY<https://protect-us.mimecast.com/r/0oGY1mVf_smwKlCBVH2VOnpfmhsH1QKCI9PoPtiLiBYOkQKP5WYNb14N4SlMX7ATkUU7bDnJB3KdSXOHn_F7Li19YrJbT2HfbkvMlX4QZXNtM-djZW8BymhcAivn1_ZLP2AfKbDLzRQmtzWdiif_JIJZ9hvfSwiUATjMrCjPDQ9T9eDIhS6VIc7PQoyGuTTPlSDtMYVcWwoJ07XRHLWmFbQ8FODMPVY-EM3fEmYldXDJy7Ny6i2n6RQP7Q6zU3B4jHg7VefC-bqS3GASQocWI-UUSAFU53eZEcCWcFa4-H1mi2LgFvtmsddIS1K73ev9yE13XK_mNgM6r1AUH6sEzkQXKc_gSb71qAt70xEUBTorPTxPkG0FEkZBb-6XlspCaqcxR4-6PzMMotyuWLBhZ15PH09fH4arj25zvTD6O-4WXLfkfHH8Iq7NAOUGOV8ifAdQt74uWvJWU8Kja_RDjE7Z9NhMhCAAQmWozknnPPWSRPnwheQYRgPrmVI0ZQt79ZlVbwiH7IioW4efxkCaQU3TOhOd_YjWWljTbAVTBWhbXPGl1CnbR12PBoP0MZMr>> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e%3cmailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e%3e>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:ppsai-pdp-wg-bounces@icann.org><mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditati on system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org><mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
Thanks Steve! K From: Metalitz, Steven [mailto:met@msk.com] Sent: Thursday, April 30, 2015 9:28 AM To: Kiran Malancharuvil Cc: Graeme Bunton; gnso-ppsai-pdp-wg@icann.org Subject: RE: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Kiran, Of course you (and any other member of the WG) can submit a separate statement today and can include in it whatever you wish. We have asked that statements be limited to 1-2 pages if at all possible. Steve From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 12:26 PM To: Metalitz, Steven Cc: Graeme Bunton; gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Steve, I'm not sure I understand what is being proposed here. Are we still able to submit our statement (the deadline is today)? Are we allowed to link to the white paper in our statement? What links are to be provided? Just a link to the mailing list archive and call transcripts? That would not be appropriate. Asking folks to sort through the emails/calls looking for relevant information means that it will be essentially buried and inaccessible. K Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos. On Apr 30, 2015, at 8:38 AM, Metalitz, Steven <met@msk.com<mailto:met@msk.com<mailto:met@msk.com%3cmailto:met@msk.com>>> wrote: Graeme and I have asked staff to insert a footnote in this section, providing links to the extensive discussions of the topic in WG meetings (telephonic and face to face) and on the mailing list, as background for the public. Steve From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org%3cmailto:gnso-ppsai-pdp-wg-bounces@icann.org>> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Thursday, April 30, 2015 11:14 AM To: gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Steve, myself and staff are discussing how to proceed while ensuring that balance is maintained. Thank you all for your contributions. Graeme On 2015-04-30 11:02 AM, Stephanie Perrin wrote:
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th?
Thanks for the clarifications. Stephanie
On 2015-04-30 23:52, Kiran Malancharuvil wrote:
Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca>>> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
> After collection and review of information, the PDP Team and > Staff are responsible for producing an Initial Report. The > Initial Report should include the following elements: > * Compilation of Stakeholder Group and Constituency Statements > * Compilation of any statements received from any ICANN > Supporting Organization or Advisory Committee > * Recommendations for policies, guidelines, best practices or > other proposals to address the issue > * Statement of level of consensus for the recommendations > presented in the Initial Report > * Information regarding the members of the PDP Team, such as the > attendance records, Statements of Interest, etc. > * A statement on the WG discussion concerning impact of the > proposed recommendations, could consider areas such as economic, > competition, operations, privacy and other rights, scalability > and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org%3cmailto:gnso-ppsai-pdp-wg-bounces@icann.org>> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org<mailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org%3cmailto:mary.wong@icann.org>>>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca%3cmailto:stephanie.perrin@mail.utoronto.ca>>>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e%3cmailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e%3e>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org>>>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net<mailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net%3cmailto:james@cyberinvasion.net>>>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com<mailto:michele@blacknight.com%3cmailto:michele@blacknight.com<mailto:michele@blacknight.com%3cmailto:michele@blacknight.com%3cmailto:michele@blacknight.com%3cmailto:michele@blacknight.com>>>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/<https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg><https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg<https://protect-us.mimecast.com/r/4lNzdG4V_LBmiovLA6p9BZsfLgWW8IZSZ8mzFYFSEGMRVcYO2zG2wkLeacYjtsSRf_sSF--BDXNIv1JkaSjK7YDkV7Wh91AMXWzAHM8Zc7w5foIbeKPzTB9Jb3n8Rk3oYWdB4A_Jt2ltxZR7APcRWG0IyDnycx5VoJ08erpju3GxLxy1dILiNWX72a25S9Yyrm1Fh6eWqHxtrhsqZmkrRym4-JZgjGuT25ptP-Tf0ChXEp9Oy2VafY---UlWYnIhutuM8Qeql3uCVIJEvhilzgK06gmUWfWZUI409JAcmXc-w5egvrI21Srqo5zbQdnsPIl2yRBRiJy4YZ-h-c7WM_Y0EMYghq1BrKeMdTU94YwRb9V0rLPfV6BN36pbf5NyooXX3sVlMzjnI4nh6u0IpcQrhd1oL7F3QAsO8MVGCWywmASjHPWQatBHt4UH0ihcq6sfPIxUCQHG8ffuWeD1uJ8KMuVubzQxqF8KnvhpmA_Th65ShbIpsv0BqAqVZ9ZNvoP627Jn5avKDQthQYCUxg>>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/<https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0><https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0<https://protect-us.mimecast.com/r/l1oPubFTSPL9jkLJYE-i_s_cVzwLdAYnEJLnyze4qcofGbVp0De8ZHa2UK3gf0UhGuOGUKJQPGBL8lrGKGKjds5fxrj5NlbVvg9BxM3Opb82UmPCznna5WJ9PwzhPNi5xrpUMWyCGaWGfCaocAES27yfoPTWBDpFvCjuT5lto5W4SvdmLIEzA858Pp4koY144mx4sCSiYqVF1oSQjBUoaxLy4o0qUijmXox-r3SZwQHhehoe25fdF04TqxWWiSTMxwITNDqt5fEHRfaCHadDi3x8h2yaBwI4D9yYpnjwhcylZi_w_tU7osnBvi4lhetcT-sBjy_UxmIawTToN10n7w-_l-0AzyR-eFJd-kg218qDM3-LAJNnPlGoBQ7sXSeedCLC_8MZKx2jkESGtfItjyfLdRPa4i03KBw0P7yCMwqaaG83u4JpwuR-pJjmqEhj_IYYcrKA-B6fCjuTzUuEUnmzG5IvmmhU4_FC5JETN9UcdPuTdmsRn4IgbqDMivZgyLKNiyUi2PbzBwz2O4AmjzBgrFeG-75fubDeaQQBFnSdlGYaje4umIN-mXeQ2jP1>> http://blog.blacknight.com/<https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg><https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg<https://protect-us.mimecast.com/r/4W4r20DAZy2h6dpYp2Tzq7FTSQAmTYs1vfAQIkdyfvJMDu0tcKmiKOwsAOTvBSlLTi59FHgM_on9QsvD9CudMpRih0I6gjXq2A4dY6O3q-el3LcyPasQf5tNiiIjFSoLe4-RGWuQcN2f9jXygxx1wp1E3sv8txhcCC1UoD9h6Kzi2vgT9SkXvpFHliyZIF2T31a9K0Lwnl55R94GruRYOcDjbX7Gf_cm6XnmW7UXZuI--pr5KLNxaqYBbS75-hjmGoQi0uOfRwccxXRwvyYLDmdbReZa5H9CpX_Ci4xt8r9IL23kJlIOZSvO7l-a0YReANZnxal2lCMTQxwhNiLimdPtU5VOy2Ioa22r1qJ3jY-4L6N9nCH8stI-uLtVpkYUPc3RvOiu_yOfgfI1l70U4w-qK81Jaixy9HpNT1Ux06f6VAWKbEkySx61Yb-Y6D7Eu4QgIjDhJlsJsub-Psbz12zynvHmip6LmH0FyLQpmZ8NhSxHFxm3YUX03mPL3m6Jw4wsHiFDp8mOLyq83OvhEiG8-KJrVmORyqJbvdaAGpN_hwtrXjLL30rKl_G8yzmQ>> http://www.blacknight.press<https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk><https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk<https://protect-us.mimecast.com/r/zPN5CjAJdRJWk2B85RfU9bzzLTFtJr4NLfR-96KjMGyFiGknSAd74cCJ9GvA9kaD-vS8gui8v0NBYOirWVK2xaxEySYrhl2eJjehgZhqe6EM2ROpf-ga40yWnn5xy-c-63NhmIm1zcBNoKTSYjeNP-JoK3ZTuo9fcXf-gjUC0geZ0i9lAqAcPsy8IEGy_8nCJaqJ0jLbzqGABaam2zacCALcPGMdo7ZbSmL1Gxs2K3bztp9EWXROi2v6xvmD3GvF30-zcbF_W2yoR57XnsOemzhLSFe1TvxKwMC7qpk2ZcuWiNHdc6IpLVyFrtCoJSOyZmRX5XwWUrqwrs3DfQJOrN3MfKD1mb52hx-puFq3DmM-8xYWTvoyidluw_-iyz10fHE4jnJ8a0bNMzEjJsQlG80jFpqfalyc8sayVT7t6qzyZudj7E8-67SeBCUbqzsbck6ckMrMqVZlZpG7MELOH-otpZvr-Y8ELA8omOG7Jx60KL9ssVcKQnEEIJ2zoKuO-w1CvJ6aO838upI02RQnBFQHaWAg2HIAC4FUg-N8MfLY-WEjSnVXkhmi5PF3oy_h>> - get our latest news & media coverage http://www.technology.ie<https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc><https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc<https://protect-us.mimecast.com/r/CUWs47OhCB2aa9RLj9Ftm3OqyHdbegkLXSOpMV8uBRbvwT8HsSuNUBKuLqaFsB7wEKsfGHvZUVWYE-BMah9Ne8IWBG2s_bX5r7b_TJL__FuNOKKGwGL-8U1r4vABiKSmYEwflrHGjQyceV-8DAd_fT1NCFaQJTyaRS0syYAweeUF8-iRajucVR2j2TBJBJdWPqQfVlJc9USo93NJROMUjbZ19wmQiF9AfNy9_OPxB3m0aLhvE0ZO4ciBDl5x4cBlLzPLm1Yjva9JRou5CLrxVpqUAX1aaGCqGi1UqaZErXONEpv4r0LDdvXud_hwOHoD4gjKskjzkZoSqfXgfWeHDLtWlGygCxcKp2Gltk1vfrZVDQysBdb1iuphpR7R8ptrBwXr-qekyrlGwPnvmJ4b1zktVIjl3VTNZEtfoSxFdDJDyRnwRQo7gPwrON4tVFHPQQ6X3uw4CiOWAlwb2sGkEUkOj3bucsbxHpwc3Pq6O5ujbwB9uw08FQv2_5n3Cu_tw7LpdTxd1QMI8rfIRMqiFuB5vdiI-2hipGCXEpIXSbnB_h4aee2mjP129nm7QevJ>> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social<https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY><https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY<https://protect-us.mimecast.com/r/0oGY1mVf_smwKlCBVH2VOnpfmhsH1QKCI9PoPtiLiBYOkQKP5WYNb14N4SlMX7ATkUU7bDnJB3KdSXOHn_F7Li19YrJbT2HfbkvMlX4QZXNtM-djZW8BymhcAivn1_ZLP2AfKbDLzRQmtzWdiif_JIJZ9hvfSwiUATjMrCjPDQ9T9eDIhS6VIc7PQoyGuTTPlSDtMYVcWwoJ07XRHLWmFbQ8FODMPVY-EM3fEmYldXDJy7Ny6i2n6RQP7Q6zU3B4jHg7VefC-bqS3GASQocWI-UUSAFU53eZEcCWcFa4-H1mi2LgFvtmsddIS1K73ev9yE13XK_mNgM6r1AUH6sEzkQXKc_gSb71qAt70xEUBTorPTxPkG0FEkZBb-6XlspCaqcxR4-6PzMMotyuWLBhZ15PH09fH4arj25zvTD6O-4WXLfkfHH8Iq7NAOUGOV8ifAdQt74uWvJWU8Kja_RDjE7Z9NhMhCAAQmWozknnPPWSRPnwheQYRgPrmVI0ZQt79ZlVbwiH7IioW4efxkCaQU3TOhOd_YjWWljTbAVTBWhbXPGl1CnbR12PBoP0MZMr>> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e><mailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e%3cmailto:gnso-ppsai-pdp-wg@icann.org%3cmailto:gnso-ppsai-pdp-wg@icann.org%3e%3e>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:ppsai-pdp-wg-bounces@icann.org><mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditati on system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org><mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>>
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg><https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg<https://protect-us.mimecast.com/r/NkE1wHjmuxt3o9SjDC8u3UaEBOfWC2mFXjFJa1_yo4CBlxqC8_PtvDo7WfWJYT_YaNpXYz45ijCcYjA7oYYpLl0toLP6bJpkzDTK3R9OrjFh5nT4QkOopUtxiqubExt6q7UZTuNoom_4ejyw2wpm9vymemagb7YNIBY9WQ1ySPRTD0g1HGkyw6BJZrBTQ5bn3eb3Z2m63UxQvS6jFuhrBwNCteGQ-aziLTklBEQieWlioi2gYnClBNYrEHFgvWWSEvgar2P-tWJHPPeIwuO1U_utMPhVBW-kuhn8kQ2mtOv5v6KvIjRrN8bV1DSkPeuNGC4pfFkeDmG__ztmWkRIOq5sGpyoEOJHeydqHXpPURbDoGJH4X1-XBOw9xyUQUH2FxUzKjIYwzIsoWRAH-mtaFpnV-yPYzPFOpLczOu5V0S3wAh77gKBYS0Ims0rAmTm4RALGvo_wlPWZLAZZxcznxiU05FXCxycKWSOlLj6vi9pO9hzfr_77ovw17c-o3KHHuMnCKx-PLdlg8F4Dlr-11-NMFS960KQ6y3mrSOt4DP_WEt8kbLW7HnKwQyhHZgE7-jC7-oKZvPXlL_lzz0NbUCv9P-sLtO35WLCQIeslyoVS7lZahikA8xuNn1grSIZ>> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org%3cmailto:Gnso-ppsai-pdp-wg@icann.org>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
Stephanie, The report has been part of the "record" (as in, recorded on the public mailing list) for months. (A year?) The deadline of today for including statements was set by staff. Sorry you're unhappy with one of the proposed statements, but it's not a dispositive thing. Object to the content in the comment period, but don't you dare stifle our right to present our speech in the first place. K Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 8:02 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th?
Thanks for the clarifications. Stephanie
On 2015-04-30 23:52, Kiran Malancharuvil wrote: Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
> After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: > * Compilation of Stakeholder Group and Constituency Statements > * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee > * Recommendations for policies, guidelines, best practices or other proposals to address the issue > * Statement of level of consensus for the recommendations presented in the Initial Report > * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. > * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
We are not in a court room Kiran, let's not be theatrical. The document being posted for comment is our draft report, not your legal backgrounder, If you wanted it included, it should have been proposed as an appendix in my view and we could have debated its inclusion in the working group over the past numerous meetings . You of course have every right to submit it as a minority report ( if you ask by the deadline). And of course include it in your comments. Cheers SP On 2015-05-01 0:28, Kiran Malancharuvil wrote:
Stephanie,
The report has been part of the "record" (as in, recorded on the public mailing list) for months. (A year?)
The deadline of today for including statements was set by staff. Sorry you're unhappy with one of the proposed statements, but it's not a dispositive thing. Object to the content in the comment period, but don't you dare stifle our right to present our speech in the first place.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 8:02 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:
So let me get this very very clear, as i am new to the process. 1. The research report you offered was sent to the list. 2. It has never been part of the record. 3. You wish to see it added now, April 30th, 23:58 KST. 4, You are telling me I could have done the same thing. 5. I have Exactly how much time to submit a minority report in order to comply with the deadline of April 30th?
Thanks for the clarifications. Stephanie
On 2015-04-30 23:52, Kiran Malancharuvil wrote: Stephanie,
You had ample opportunity to prepare and present a white paper of your own.
It was not unsolicited, as at any time, members of the group are welcome and encouraged to present their views on the matter under discussion.
Are you really saying that a well researched policy position and a presentation of that research is NOT meant to be a part of the PDP process? I really do not think that it the case.
I know that you object to the position that the white paper explains, but unless there is a concrete prohibition on linking to it (staff?) it needs to be included, as we have every right to present the complex legal argument behind our position.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:
With great respect to Kiran and to the law firm that compiled the "white paper", I objected at the time and there was no indication that we accepted the white paper in our discussions, other than to say thanks. I would object strenuously to it being included. That was a totally unsolicited contribution from parties wishing to advance their case. You cannot attach that paper, without giving those on the other side an opportunity to counter it with another white paper. Frankly, the PDP process is not supposed to be about dualling unsolicited white papers. IF we need to have research done, we have to agree on what needs to be done if it is to be attached to the official call for comments. I don't wish to be ungracious, but the paper should not be added. Stephanie Perrin
On 2015-04-30 23:34, Kiran Malancharuvil wrote: It is a recommendation for a policy/best practice from a portion of the group.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:33 AM, James Gannon <james@cyberinvasion.net> wrote:
Unless we are suggesting that the whitepaper is consensus policy or best practice it does not fall under that category. We are presenting our policy recommendation already, which is the work product of the group
-James
-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: Thursday, April 30, 2015 3:31 PM To: James Gannon Cc: Mary Wong; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Recommendations for policies, guidelines, best practices.
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
> On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote: > > Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report: > >> After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: >> * Compilation of Stakeholder Group and Constituency Statements >> * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee >> * Recommendations for policies, guidelines, best practices or other proposals to address the issue >> * Statement of level of consensus for the recommendations presented in the Initial Report >> * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. >> * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility > I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this. > > -James > > -----Original Message----- > From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil > Sent: Thursday, April 30, 2015 3:09 PM > To: Mary Wong > Cc: PPSAI > Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 > > Mary, > > Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information. > > It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. > Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background. > > K > > > Kiran Malancharuvil > Internet Policy Counselor > MarkMonitor > 415-419-9138 (m) > > Sent from my mobile, please excuse any typos. > > On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: > > To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG: > > Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki. > > The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014. > > Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report. > > We hope this reminder of the background is of assistance. > > Cheers > Mary > > Mary Wong > Senior Policy Director > Internet Corporation for Assigned Names & Numbers (ICANN) > Telephone: +1 603 574 4892 > Email: mary.wong@icann.org<mailto:mary.wong@icann.org> > > > > From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> > Date: Thursday, April 30, 2015 at 09:20 > To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> > Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 > > James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following: > > * names are registered prior to decisions about content > * content changes over time > * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN > * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) > * definitions of commercial activity vary widely around the world > * bad actors will not declare, registrars cannot police this matter > * criminal prosecution is not dependent on WHOIS information > * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. > * contactability remains, regardless of which registrant info appears in WHOIS > > I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome. > > Stephanie Perrin > On 2015-04-30 16:24, James Gannon wrote: > I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. > The registrant is asked will you be processing financial transactions. > > > * Yes-->Will you be using a 3rd party>No>Not eligible for P/P. > > * Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. > > > I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. > > -James > From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] > Sent: Thursday, April 30, 2015 8:17 AM > To: James Gannon; Graeme Bunton; PPSAI > Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 > > James > > As a registrar or PP service provider how am I meant to assess this? > > It doesn't scale > > Seriously. > > If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., > > Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. > > Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. > > Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable > > Regards > > Michele > > -- > Mr Michele Neylon > Blacknight Solutions > Hosting, Colocation & Domains > http://www.blacknight.host/ > http://blog.blacknight.com/ > http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 > Social: http://mneylon.social > ------------------------------- > Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 > > From: James Gannon > Date: Thursday 30 April 2015 07:45 > To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" > Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 > > I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: > If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? > There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. > > -James Gannon > From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton > Sent: Tuesday, April 28, 2015 10:17 PM > To: PPSAI > Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 > > Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. > > Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. > Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. > > Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: > > --- > Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. > > For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." > > Public comment is therefore specifically invited on the following questions: > > * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? > * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" > * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? > --- > Thanks, > > Graeme Bunton & Steve Metalitz > > > > > -- > > _________________________ > > Graeme Bunton > > Manager, Management Information Systems > > Manager, Public Policy > > Tucows Inc. > > PH: 416 535 0123 ext 1634 > > > > _______________________________________________ > Gnso-ppsai-pdp-wg mailing list > Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg > > _______________________________________________ > Gnso-ppsai-pdp-wg mailing list > Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg > _______________________________________________ > Gnso-ppsai-pdp-wg mailing list > Gnso-ppsai-pdp-wg@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
In addition, please note my request is to add it as background information WITH the initial report, not IN the Initial Report. Background information and contextual documents are OFTEN included in the public comment page with the initial report. What's the issue with including it? Are you really advocating that people shouldn't have all of the information about the issue and how it was addressed and presented in the group? K Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 7:29 AM, James Gannon <james@cyberinvasion.net> wrote:
Quoting from the PDP Manual, there seems to be strong guidelines of what goes out with the Initial Report:
After collection and review of information, the PDP Team and Staff are responsible for producing an Initial Report. The Initial Report should include the following elements: * Compilation of Stakeholder Group and Constituency Statements * Compilation of any statements received from any ICANN Supporting Organization or Advisory Committee * Recommendations for policies, guidelines, best practices or other proposals to address the issue * Statement of level of consensus for the recommendations presented in the Initial Report * Information regarding the members of the PDP Team, such as the attendance records, Statements of Interest, etc. * A statement on the WG discussion concerning impact of the proposed recommendations, could consider areas such as economic, competition, operations, privacy and other rights, scalability and feasibility
I don't see where in that framework the whitepaper would sit. I would welcome others thoughts on this.
-James
-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: Thursday, April 30, 2015 3:09 PM To: Mary Wong Cc: PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Mary,
Since one side of this issue prepared a lengthy legal review to address this question, I would request that that white paper be included in the reference materials for the public comment. Since public comment is meant to "resolve" this issue, commenters need all of the information.
It's not just down to feasibility of self-declaration at registration (which frankly, many of us see as a cop out since it's already done in some TLDs), but also legality. Not trying to re-open the debate, but please, let's make sure the community understands the various points and the background.
K
Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)
Sent from my mobile, please excuse any typos.
On Apr 30, 2015, at 6:58 AM, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions.
* Yes-->Will you be using a 3rd party>No>Not eligible for P/P.
* Yes-->Will you be using a 3rd party>Yes>Eligible for P/P.
I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn't scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
--- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations."
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
But Mary, the questions could indeed be a bit less one-sided. We did also talk about a) the German law that requires identification of appropriate businesses and their locations (but not all organizations raising funds for any reason); b) the limited mandate and scope of ICANN; c) the difficulty of distinguishing across the spectrum and not treating a mom-owned home business like an Amazon. It seems like a simple question into you dive into the complexities... and that's what I think Stephanie and I and others would like to shed light on -- even and especially in this Interim Report. Best, Kathy :
To add to Stephanie’s note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG’s deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG’s answer to this specific issue. As part of the WG’s deliberations – which took place primarily between April and June 2014 - the more specific formulation of “transactional” to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary _only_ go toward soliciting community input on this single issue. They were not intended to represent a view of any “side” in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG’s eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca <mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net <mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com <mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote:
I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below.
The registrant is asked will you be processing financial transactions.
·YesàWill you be using a 3^rd party>No>Not eligible for P/P.
·YesàWill you be using a 3^rd party>Yes>Eligible for P/P.
I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James
*From:*Michele Neylon - Blacknight [mailto:michele@blacknight.com] *Sent:* Thursday, April 30, 2015 8:17 AM *To:* James Gannon; Graeme Bunton; PPSAI *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn’t scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.press - get our latest news & media coverage
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland Company No.: 370845
*From: *James Gannon *Date: *Thursday 30 April 2015 07:45 *To: *Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" *Subject: *Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3^rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below:
If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions?
There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon
*From:*gnso-ppsai-pdp-wg-bounces@icann.org <mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Graeme Bunton *Sent:* Tuesday, April 28, 2015 10:17 PM *To:* PPSAI *Subject:* [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
---
Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result?
--- Thanks,
Graeme Bunton & Steve Metalitz
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Thanks Mary, very helpful. Returning to the original text, I offer the following suggestions: For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.” Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If [so, will] *you agree with this position, do you think it would* be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * {Will} *Would *it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???) The use of the word "will" here appears to imply agreement with the text, you need the conditional. Then you need to seek clarification on the other side: * If you disagree with the proposal to deny the use of privacy and proxy services to domain names associated with commercial activities and which are used for online financial transactions, what are the reasons for your rejection of this proposal? Kind regards as always, Stephanie Perrin On 2015-04-30 22:54, Mary Wong wrote:
To add to Stephanie’s note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG’s deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG’s answer to this specific issue. As part of the WG’s deliberations – which took place primarily between April and June 2014 - the more specific formulation of “transactional” to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary _only_ go toward soliciting community input on this single issue. They were not intended to represent a view of any “side” in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG’s eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org
From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca <mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net <mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com <mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote:
I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below.
The registrant is asked will you be processing financial transactions.
·YesàWill you be using a 3^rd party>No>Not eligible for P/P.
·YesàWill you be using a 3^rd party>Yes>Eligible for P/P.
I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James
*From:*Michele Neylon - Blacknight [mailto:michele@blacknight.com] *Sent:* Thursday, April 30, 2015 8:17 AM *To:* James Gannon; Graeme Bunton; PPSAI *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn’t scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.press - get our latest news & media coverage
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland Company No.: 370845
*From: *James Gannon *Date: *Thursday 30 April 2015 07:45 *To: *Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" *Subject: *Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3^rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below:
If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions?
There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon
*From:*gnso-ppsai-pdp-wg-bounces@icann.org <mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Graeme Bunton *Sent:* Tuesday, April 28, 2015 10:17 PM *To:* PPSAI *Subject:* [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
---
Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result?
--- Thanks,
Graeme Bunton & Steve Metalitz
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
I think making the framing more neutral as per Stephanie's suggestion is a good idea, and the proposed edits do so without changing any of the substance of the questioning. -James From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Stephanie Perrin Sent: Thursday, April 30, 2015 4:23 PM To: gnso-ppsai-pdp-wg@icann.org; Mary Wong Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks Mary, very helpful. Returning to the original text, I offer the following suggestions: For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If [so, will] you agree with this position, do you think it would be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * {Will} Would it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???) The use of the word "will" here appears to imply agreement with the text, you need the conditional. Then you need to seek clarification on the other side: * If you disagree with the proposal to deny the use of privacy and proxy services to domain names associated with commercial activities and which are used for online financial transactions, what are the reasons for your rejection of this proposal? Kind regards as always, Stephanie Perrin On 2015-04-30 22:54, Mary Wong wrote: To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG: Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki. The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014. Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report. We hope this reminder of the background is of assistance. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following: * names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome. Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions. ? Yes-->Will you be using a 3rd party>No>Not eligible for P/P. ? Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James As a registrar or PP service provider how am I meant to assess this? It doesn't scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." Public comment is therefore specifically invited on the following questions: ? Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? ? If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" ? Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
Perhaps a simpler way to accomplish this would be to insert the following at the end of the first bullet: "If so, why, and if not, why not?" We could then introduce the next two questions with "If so," and change "will" to "would" as Stephanie suggests. From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Stephanie Perrin Sent: Thursday, April 30, 2015 11:23 AM To: gnso-ppsai-pdp-wg@icann.org; Mary Wong Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks Mary, very helpful. Returning to the original text, I offer the following suggestions: For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If [so, will] you agree with this position, do you think it would be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * {Will} Would it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???) The use of the word "will" here appears to imply agreement with the text, you need the conditional. Then you need to seek clarification on the other side: * If you disagree with the proposal to deny the use of privacy and proxy services to domain names associated with commercial activities and which are used for online financial transactions, what are the reasons for your rejection of this proposal? Kind regards as always, Stephanie Perrin On 2015-04-30 22:54, Mary Wong wrote: To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG: Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki. The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014. Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report. We hope this reminder of the background is of assistance. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following: * names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome. Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions. · Yes-->Will you be using a 3rd party>No>Not eligible for P/P. · Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James As a registrar or PP service provider how am I meant to assess this? It doesn't scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/<https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/<https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0> http://blog.blacknight.com/<https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg> http://www.blacknight.press<https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk> - get our latest news & media coverage http://www.technology.ie<https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social<https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg>
Good suggestions, Steve. Thank you, Graeme On 2015-04-30 11:58 AM, Metalitz, Steven wrote:
Perhaps a simpler way to accomplish this would be to insert the following at the end of the first bullet:
“If so, why, and if not, why not?”
We could then introduce the next two questions with “If so,” and change “will” to “would” as Stephanie suggests.
*From:*gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Stephanie Perrin *Sent:* Thursday, April 30, 2015 11:23 AM *To:* gnso-ppsai-pdp-wg@icann.org; Mary Wong *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks Mary, very helpful. Returning to the original text, I offer the following suggestions:
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If [so, will] *you agree with this position, do you think it would* be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * {Will} *Would *it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???)
The use of the word "will" here appears to imply agreement with the text, you need the conditional. Then you need to seek clarification on the other side:
* If you disagree with the proposal to deny the use of privacy and proxy services to domain names associated with commercial activities and which are used for online financial transactions, what are the reasons for your rejection of this proposal?
Kind regards as always, Stephanie Perrin
On 2015-04-30 22:54, Mary Wong wrote:
To add to Stephanie’s note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG’s deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG’s answer to this specific issue. As part of the WG’s deliberations – which took place primarily between April and June 2014 - the more specific formulation of “transactional” to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary _only_ go toward soliciting community input on this single issue. They were not intended to represent a view of any “side” in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG’s eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4892
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Stephanie Perrin <stephanie.perrin@mail.utoronto.ca <mailto:stephanie.perrin@mail.utoronto.ca>> *Date: *Thursday, April 30, 2015 at 09:20 *To: *"gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net <mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com <mailto:michele@blacknight.com>> *Subject: *Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin
On 2015-04-30 16:24, James Gannon wrote:
I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below.
The registrant is asked will you be processing financial transactions.
·YesàWill you be using a 3^rd party>No>Not eligible for P/P.
·YesàWill you be using a 3^rd party>Yes>Eligible for P/P.
I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James
*From:*Michele Neylon - Blacknight [mailto:michele@blacknight.com] *Sent:* Thursday, April 30, 2015 8:17 AM *To:* James Gannon; Graeme Bunton; PPSAI *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn’t scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/ <https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKA...>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.host/ <https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-...>
http://blog.blacknight.com/ <https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVh...>
http://www.blacknight.press <https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnh...> - get our latest news & media coverage
http://www.technology.ie <https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-F...>
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social <https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh...>
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland Company No.: 370845
*From: *James Gannon *Date: *Thursday 30 April 2015 07:45 *To: *Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" *Subject: *Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3^rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below:
If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions?
There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon
*From:*gnso-ppsai-pdp-wg-bounces@icann.org <mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Graeme Bunton *Sent:* Tuesday, April 28, 2015 10:17 PM *To:* PPSAI *Subject:* [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
---
Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result?
--- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0...>
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0...>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
Actually, and I do hate to belabor this but: 1. I thought you were proposing to drop the entire proposed new section and merely footnote the disagreement. I like that option a lot. 2. If we are proposing to keep the text, then there should be a balanced construction. I include once again the preamble, which affects that balance: /Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. // //// //For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." // //*For those that argued that limiting access to P/P services to exclude entities who were engaged in online financial transactions was impracticable and created an unacceptable risk to NGOs and vulnerable organizations who had legitimate needs for the services*//, the following text was proposed to clarify and define their position: "Attempting to distinguish the end purposes of a domain registration is not practicable for the purposes of determining eligibility for privacy/proxy services, and may unfairly discriminate against vulnerable groups and organizations who wish to exercise their rights of free speech on the Internet".// //// //Public comment is therefore specifically invited on the following questions: // //// / * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? If so, why, and if not, why not? * If [so, will] *you agree with this position, do you think it would* be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * {Will} *Would *it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???) / / /** What risks do you foresee with either option?*/ I would note that the clarifying questions here go to proposing draft text for the report, right down to the definition and data fields. I have added a question on risk....because before coming up with draft text to implement the banning of P/P use by those engaged in commercial activity (via the comments in response to this invitation), we have to look at the many risks here....key among them being that privacy proxy services will be priced out of the market by the complexity of the exercise, a point that registrars made on a number of occasions. This is an excellent outcome for those who do not favor them, but the NCSG certainly considers the services to be essential (I can only speak for them, but I know there is support in other quarters). Further, the final question is neutral, as there are clearly risks on both sides, and we seek the answers for both. Cheers SP --- On 2015-05-01 1:06, Graeme Bunton wrote:
Good suggestions, Steve. Thank you, Graeme
On 2015-04-30 11:58 AM, Metalitz, Steven wrote:
Perhaps a simpler way to accomplish this would be to insert the following at the end of the first bullet:
“If so, why, and if not, why not?”
We could then introduce the next two questions with “If so,” and change “will” to “would” as Stephanie suggests.
*From:*gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Stephanie Perrin *Sent:* Thursday, April 30, 2015 11:23 AM *To:* gnso-ppsai-pdp-wg@icann.org; Mary Wong *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks Mary, very helpful. Returning to the original text, I offer the following suggestions:
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If [so, will] *you agree with this position, do you think it would* be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * {Will} *Would *it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???)
The use of the word "will" here appears to imply agreement with the text, you need the conditional. Then you need to seek clarification on the other side:
* If you disagree with the proposal to deny the use of privacy and proxy services to domain names associated with commercial activities and which are used for online financial transactions, what are the reasons for your rejection of this proposal?
Kind regards as always, Stephanie Perrin
On 2015-04-30 22:54, Mary Wong wrote:
To add to Stephanie’s note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG’s deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG’s answer to this specific issue. As part of the WG’s deliberations – which took place primarily between April and June 2014 - the more specific formulation of “transactional” to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary _only_ go toward soliciting community input on this single issue. They were not intended to represent a view of any “side” in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG’s eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4892
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Stephanie Perrin <stephanie.perrin@mail.utoronto.ca <mailto:stephanie.perrin@mail.utoronto.ca>> *Date: *Thursday, April 30, 2015 at 09:20 *To: *"gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net <mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com <mailto:michele@blacknight.com>> *Subject: *Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
* names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin
On 2015-04-30 16:24, James Gannon wrote:
I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below.
The registrant is asked will you be processing financial transactions.
·YesàWill you be using a 3^rd party>No>Not eligible for P/P.
·YesàWill you be using a 3^rd party>Yes>Eligible for P/P.
I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James
*From:*Michele Neylon - Blacknight [mailto:michele@blacknight.com] *Sent:* Thursday, April 30, 2015 8:17 AM *To:* James Gannon; Graeme Bunton; PPSAI *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn’t scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/ <https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKA...>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.host/ <https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-...>
http://blog.blacknight.com/ <https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVh...>
http://www.blacknight.press <https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnh...> - get our latest news & media coverage
http://www.technology.ie <https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-F...>
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social <https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh...>
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland Company No.: 370845
*From: *James Gannon *Date: *Thursday 30 April 2015 07:45 *To: *Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org <mailto:gnso-ppsai-pdp-wg@icann.org>" *Subject: *Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3^rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below:
If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions?
There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon
*From:*gnso-ppsai-pdp-wg-bounces@icann.org <mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Graeme Bunton *Sent:* Tuesday, April 28, 2015 10:17 PM *To:* PPSAI *Subject:* [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
---
Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
* Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result?
--- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0...>
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg@icann.org <mailto:Gnso-ppsai-pdp-wg@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0...>
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
-- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
I don't support footnoting the disagreement. It's far too significant of an issue for a footnote. I support Steve's suggestion on the language. K From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Stephanie Perrin Sent: Thursday, April 30, 2015 9:49 AM To: gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Actually, and I do hate to belabor this but: 1. I thought you were proposing to drop the entire proposed new section and merely footnote the disagreement. I like that option a lot. 2. If we are proposing to keep the text, then there should be a balanced construction. I include once again the preamble, which affects that balance: Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." For those that argued that limiting access to P/P services to exclude entities who were engaged in online financial transactions was impracticable and created an unacceptable risk to NGOs and vulnerable organizations who had legitimate needs for the services, the following text was proposed to clarify and define their position: "Attempting to distinguish the end purposes of a domain registration is not practicable for the purposes of determining eligibility for privacy/proxy services, and may unfairly discriminate against vulnerable groups and organizations who wish to exercise their rights of free speech on the Internet". Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? If so, why, and if not, why not? * If [so, will] you agree with this position, do you think it would be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * {Will} Would it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???) * What risks do you foresee with either option? I would note that the clarifying questions here go to proposing draft text for the report, right down to the definition and data fields. I have added a question on risk....because before coming up with draft text to implement the banning of P/P use by those engaged in commercial activity (via the comments in response to this invitation), we have to look at the many risks here....key among them being that privacy proxy services will be priced out of the market by the complexity of the exercise, a point that registrars made on a number of occasions. This is an excellent outcome for those who do not favor them, but the NCSG certainly considers the services to be essential (I can only speak for them, but I know there is support in other quarters). Further, the final question is neutral, as there are clearly risks on both sides, and we seek the answers for both. Cheers SP --- On 2015-05-01 1:06, Graeme Bunton wrote: Good suggestions, Steve. Thank you, Graeme On 2015-04-30 11:58 AM, Metalitz, Steven wrote: Perhaps a simpler way to accomplish this would be to insert the following at the end of the first bullet: "If so, why, and if not, why not?" We could then introduce the next two questions with "If so," and change "will" to "would" as Stephanie suggests. From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Stephanie Perrin Sent: Thursday, April 30, 2015 11:23 AM To: gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>; Mary Wong Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks Mary, very helpful. Returning to the original text, I offer the following suggestions: For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If [so, will] you agree with this position, do you think it would be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * {Will} Would it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???) The use of the word "will" here appears to imply agreement with the text, you need the conditional. Then you need to seek clarification on the other side: * If you disagree with the proposal to deny the use of privacy and proxy services to domain names associated with commercial activities and which are used for online financial transactions, what are the reasons for your rejection of this proposal? Kind regards as always, Stephanie Perrin On 2015-04-30 22:54, Mary Wong wrote: To add to Stephanie's note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG: Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG's deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG's answer to this specific issue. As part of the WG's deliberations - which took place primarily between April and June 2014 - the more specific formulation of "transactional" to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki. The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014. Therefore, the three questions in Section 1.3.3 of the Executive Summary only go toward soliciting community input on this single issue. They were not intended to represent a view of any "side" in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG's eventual resolution of this issue as part of its preparation of the Final Report. We hope this reminder of the background is of assistance. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4892 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca<mailto:stephanie.perrin@mail.utoronto.ca>> Date: Thursday, April 30, 2015 at 09:20 To: "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" <gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>>, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>>, Michele Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following: * names are registered prior to decisions about content * content changes over time * most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN * ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) * definitions of commercial activity vary widely around the world * bad actors will not declare, registrars cannot police this matter * criminal prosecution is not dependent on WHOIS information * if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. * contactability remains, regardless of which registrant info appears in WHOIS I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome. Stephanie Perrin On 2015-04-30 16:24, James Gannon wrote: I don't see this as asking providers to enforce anything similar to other questions when registering a domain, it's a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below. The registrant is asked will you be processing financial transactions. · Yes-->Will you be using a 3rd party>No>Not eligible for P/P. · Yes-->Will you be using a 3rd party>Yes>Eligible for P/P. I'm not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, April 30, 2015 8:17 AM To: James Gannon; Graeme Bunton; PPSAI Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 James As a registrar or PP service provider how am I meant to assess this? It doesn't scale Seriously. If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/<https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKActStEmX7ndjfqnEIgUMkdhXCAGe_aALVo69T0irIiCOftGW0RRkFeeJXP_SQ_bxxN5c9ZWrJzjnfSpDUeI4UjuT2dsrtgXox-JsiUyGsBvbDhSHcf2gH3gqSI2YwvUnORJuOhanPP2uCSQp3bey2BqQKbirhovyP6hDiunUi2Ilg>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc., Attempting to force registrars and PP providers to make these kind of evaluations is not going to work. Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks. Forcing registrars and PP providers to start getting involved in that kind of assessment isn't viable Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/<https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-J4kMLvQtMGZn5lKnoQO8ikZnQiTNL6FLbYD67s4dF-tWj2IbgtPVbZIrmLhFiT8cZvRoXUKLem6cyG8n3JE6-tis8tEkBPwKkOuqFU7azbPzFSZPBE0XjNt1o6W5MAy5yWOEr-3QLGcTYMC5oDDDwuftYuz9pHDOyvEieReE36N1UxTeWXBI__3g1_xmHN4S0> http://blog.blacknight.com/<https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVhCgpAj6NRi9Y8zMxa9MvTN2vhD-EWNpvAhObo3t9Jl-Kh7ki557bXwOMPGhz-Up4X8e1Q8UR-DF0d4jYhrGpb0LrotD50UduC3QQRYUJ24nEnbyayh-GPs3hk77LhEpDwYrSf4v_RqmohacWFuO-pMc6Ap8I9JulleUf0h9FbW-MHMc1xlq8F7WXPVnekaa_Tg> http://www.blacknight.press<https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnhsCzIT83jwX24BSxN_VMtJYpUgkSGF-Qst71LuBVQLY87bs-vewJiEDX8p5ABHKofJc69pmthPRFaowH9cz7b4wBdr45nD9yW3n5wmmAGAorNORPO2oD8fx1b7Ch4UucRtocG7TVoD8q8xePkXjqmELFjL3powas7Q8SOSYQE947lLpZzCcGrOwqu7wogrVuvk> - get our latest news & media coverage http://www.technology.ie<https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-Fmr9Q1_uNxFISl4UXNQGJAa4ABDSoMKKJoH4LBI6dPDpw1IcPIW2UD6KmY-khZffkUgGyGTLPU0VW-nWld8z7P0H2Ru_lA2gyfCIuoaN7WmFU6IRQ9AVVBKNMpsRsxQkxp27qp4b1vr0Nu7xAxlXjinmqCYcWDyv6BlIGk1JID86YB5QMhEW98wyZ5sollRXTc> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social<https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh-ZFyKYiMOesCOSW0IbP_Hk74wcQMPR4LFdtPIo3qwpdVxkGjxnPEF73YlWOioKWfm0ASY6v7enF3zKmqddqH2G4dXIbPg_PVqGwzzZzhWQxKSK2MKPyc4QXazyYJjS7H_X2JdIq2B8eAZeCDmgPBWH09Ix-VujUi5pHJeE_GXWIlFrE4TTH0hP08WIPWYQvhY> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: James Gannon Date: Thursday 30 April 2015 07:45 To: Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org>" Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below: If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions? There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms. -James Gannon From:gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Graeme Bunton Sent: Tuesday, April 28, 2015 10:17 PM To: PPSAI Subject: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3 Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call. Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real. Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30. Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows: --- Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." Public comment is therefore specifically invited on the following questions: * Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? * If so, will it be useful to adopt a definition of "commercial" or "transactional" to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?" * Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? --- Thanks, Graeme Bunton & Steve Metalitz -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg<https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0uUoFWQcH4C1vKnhAJR8I5CDUGd3f75FQZ0RrGQoOiumi5fkuGEeAdPoDjA3DGFVt5fCde0OuGcKsc4syb-86Vd3ZsMEWNubiso-WCMGJKqofC67xfNJVO1oqFPAmL7abae98k88hH_BDY04YcHIhprEG-vGcToOzkceYzCw4sYw77Sj8DHh1iwNuJPKagRVm5XkaPrKRnvsIqURxFUU964UWsThNMfSE_TxYg9ZhC-Fg> _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg -- _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
+1 (Kiran) John Horton President and CEO, LegitScript *Follow LegitScript*: LinkedIn <http://www.linkedin.com/company/legitscript-com> | Facebook <https://www.facebook.com/LegitScript> | Twitter <https://twitter.com/legitscript> | YouTube <https://www.youtube.com/user/LegitScript> | *Blog <http://blog.legitscript.com>* | Google+ <https://plus.google.com/112436813474708014933/posts> On Thu, Apr 30, 2015 at 10:08 AM, Kiran Malancharuvil < Kiran.Malancharuvil@markmonitor.com> wrote:
I don’t support footnoting the disagreement. It’s far too significant of an issue for a footnote.
I support Steve’s suggestion on the language.
K
*From:* gnso-ppsai-pdp-wg-bounces@icann.org [mailto: gnso-ppsai-pdp-wg-bounces@icann.org] *On Behalf Of *Stephanie Perrin *Sent:* Thursday, April 30, 2015 9:49 AM *To:* gnso-ppsai-pdp-wg@icann.org
*Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Actually, and I do hate to belabor this but: 1. I thought you were proposing to drop the entire proposed new section and merely footnote the disagreement. I like that option a lot. 2. If we are proposing to keep the text, then there should be a balanced construction. I include once again the preamble, which affects that balance:
*Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services. For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: "domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations." For those that argued that limiting access to P/P services to exclude entities who were engaged in online financial transactions was impracticable and created an unacceptable risk to NGOs and vulnerable organizations who had legitimate needs for the services, the following text was proposed to clarify and define their position: "Attempting to distinguish the end purposes of a domain registration is not practicable for the purposes of determining eligibility for privacy/proxy services, and may unfairly discriminate against vulnerable groups and organizations who wish to exercise their rights of free speech on the Internet". Public comment is therefore specifically invited on the following questions: *
- Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? If so, why, and if not, why not?
- If [so, will] *you agree with this position, do you think it would* be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” - {Will} *Would *it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???)
** What risks do you foresee with either option?*
I would note that the clarifying questions here go to proposing draft text for the report, right down to the definition and data fields. I have added a question on risk....because before coming up with draft text to implement the banning of P/P use by those engaged in commercial activity (via the comments in response to this invitation), we have to look at the many risks here....key among them being that privacy proxy services will be priced out of the market by the complexity of the exercise, a point that registrars made on a number of occasions. This is an excellent outcome for those who do not favor them, but the NCSG certainly considers the services to be essential (I can only speak for them, but I know there is support in other quarters). Further, the final question is neutral, as there are clearly risks on both sides, and we seek the answers for both.
Cheers SP
---
On 2015-05-01 1:06, Graeme Bunton wrote:
Good suggestions, Steve. Thank you, Graeme
On 2015-04-30 11:58 AM, Metalitz, Steven wrote:
Perhaps a simpler way to accomplish this would be to insert the following at the end of the first bullet:
“If so, why, and if not, why not?”
We could then introduce the next two questions with “If so,” and change “will” to “would” as Stephanie suggests.
*From:* gnso-ppsai-pdp-wg-bounces@icann.org [ mailto:gnso-ppsai-pdp-wg-bounces@icann.org <gnso-ppsai-pdp-wg-bounces@icann.org>] *On Behalf Of *Stephanie Perrin *Sent:* Thursday, April 30, 2015 11:23 AM *To:* gnso-ppsai-pdp-wg@icann.org; Mary Wong *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks Mary, very helpful. Returning to the original text, I offer the following suggestions:
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
- Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? - If [so, will] *you agree with this position, do you think it would* be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” - {Will} *Would *it be necessary to make a distinction in the WHOIS data fields to be displayed as a result? (this question is not clear, in my view, it needs more detail on the nature of the distinction, the data fields we are talking about, and to what does "as a result" refer? As a result of the decision to deny privacy proxy services???)
The use of the word "will" here appears to imply agreement with the text, you need the conditional. Then you need to seek clarification on the other side:
- If you disagree with the proposal to deny the use of privacy and proxy services to domain names associated with commercial activities and which are used for online financial transactions, what are the reasons for your rejection of this proposal?
Kind regards as always, Stephanie Perrin
On 2015-04-30 22:54, Mary Wong wrote:
To add to Stephanie’s note that this specific issue - whether registrants of domain names actively used for commercial transactions ought to be disallowed from using P/P services - had been discussed at some length by the WG:
Please note that this part of the Initial Report draws heavily on the detailed WG template for Charter Category C that was the basis for the WG’s deliberations on this topic. That template contains lengthy descriptions of what had previously been termed the majority and minority positions on the WG’s answer to this specific issue. As part of the WG’s deliberations – which took place primarily between April and June 2014 - the more specific formulation of “transactional” to describe the sort of commercial (i.e. Involving financial transactions) activities that were being discussed was included in the language. All the templates and suggested formulations discussed by the WG are recorded and published on the WG wiki.
The WG ultimately agreed to retain the two positions in the Initial Report and to revisit the question during its review of the public comments received. As noted previously, the WG's views were presented to the community in London in June 2014 and again in Los Angeles in October 2014.
Therefore, the three questions in Section 1.3.3 of the Executive Summary *only* go toward soliciting community input on this single issue. They were not intended to represent a view of any “side” in the WG with regard to this matter. If the WG prefers, we can add a sentence to clarify and specify the reason for the questions in Section 1.3.3. Fundamentally, the idea is that public comments will facilitate the WG’s eventual resolution of this issue as part of its preparation of the Final Report.
We hope this reminder of the background is of assistance.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4892
Email: mary.wong@icann.org
*From: *Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> *Date: *Thursday, April 30, 2015 at 09:20 *To: *"gnso-ppsai-pdp-wg@icann.org" <gnso-ppsai-pdp-wg@icann.org>, James Gannon <james@cyberinvasion.net>, Michele Blacknight < michele@blacknight.com> *Subject: *Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James, prior to you joining the group, we had discussed this at some length. IN fact, I really thought that the many reasons why sorting out the purpose of a registration is problematic had buried this debate, but apparently not. Some of the issues raised, according to my recollection were the following:
- names are registered prior to decisions about content - content changes over time - most countries regulate e-commerce in some fashion, so that website commercial activity does not have to be regulated by ICANN - ICANN should not be in the business of regulating content in the first place (and sorting out who is extracting a material consideration from a website in order to deny them the ability to use a proxy registration is certainly a form of regulation) - definitions of commercial activity vary widely around the world - bad actors will not declare, registrars cannot police this matter - criminal prosecution is not dependent on WHOIS information - if this is really about the ability to detect market information, ICANN should not be in the business of making registrant information available for market purposes, it does it for security and stability. - contactability remains, regardless of which registrant info appears in WHOIS
I am planning to reformulate these into questions to match the questions on the other side, suggestions welcome.
Stephanie Perrin
On 2015-04-30 16:24, James Gannon wrote:
I don’t see this as asking providers to enforce anything similar to other questions when registering a domain, it’s a self-reported assessment. All it does is add an additional branch to the decision tree for eligibility, which will already be there to determine eligibility due to the other reasons listed below.
The registrant is asked will you be processing financial transactions.
· YesàWill you be using a 3rd party>No>Not eligible for P/P.
· YesàWill you be using a 3rd party>Yes>Eligible for P/P.
I’m not asking registrars to enforce law but to see if a more finely grained eligibility process can be enacted. Or at least is there is public support for more granularity.
-James
*From:* Michele Neylon - Blacknight [mailto:michele@blacknight.com <michele@blacknight.com>] *Sent:* Thursday, April 30, 2015 8:17 AM *To:* James Gannon; Graeme Bunton; PPSAI *Subject:* Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
James
As a registrar or PP service provider how am I meant to assess this?
It doesn’t scale
Seriously.
If, for example, there is an Irish operated website that is not complying with Irish law then it would be up to the ODCE (http://www.odce.ie/ <https://protect-us.mimecast.com/r/IqfLPS2xhmx-5GDCPCM4mLmlw-jOPQHGmhpzAjWDKA...>) to enforce whatever needs enforcing, as it would be up to the DPA to enforce any issues around data privacy etc., etc.,
Attempting to force registrars and PP providers to make these kind of evaluations is not going to work.
Issues like PCI-DSS compliance are matters that should be dealt with by the DPA and the banks.
Forcing registrars and PP providers to start getting involved in that kind of assessment isn’t viable
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.host/ <https://protect-us.mimecast.com/r/r0QiXaZk72F7OmWKc9_pO3HAiIAvI3h06-RcgETJh-...>
http://blog.blacknight.com/ <https://protect-us.mimecast.com/r/wl1MfvJ8aWTxnqz6FCsjG4QE5Lt8k3OKgMWheA8wVh...>
http://www.blacknight.press <https://protect-us.mimecast.com/r/-MRGGedz53TF8UWq3rKo8GI39ai_ismqN0UYggzFnh...> - get our latest news & media coverage
http://www.technology.ie <https://protect-us.mimecast.com/r/suwZNIiJfrdSpqE4iC56mMY3x3S91aHmdyA2bCRS-F...>
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social <https://protect-us.mimecast.com/r/c9ciyb99CMvSHLw2MJX2WYjWAGojFAv6abNbJNSbdh...>
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland Company No.: 370845
*From: *James Gannon *Date: *Thursday 30 April 2015 07:45 *To: *Graeme Bunton, "gnso-ppsai-pdp-wg@icann.org" *Subject: *Re: [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
I would personally like to see if there is public traction for distinguishing between sites directly processing financial truncations and sites who use 3rd parties for processing financial transactions as this is a very important distinction. A simple and I hope non-controversial additional question to the ones below:
If so, should domains which use a third party to process financial transactions (i.e Paypal, Stripe), and thus do not directly process financial information, be subject to the same restrictions?
There are strong existing distinctions both in national laws and in regulations such as PCI-DSS between these two forms.
-James Gannon
*From:*gnso-ppsai-pdp-wg-bounces@icann.org [ mailto:gnso-ppsai-pdp-wg-bounces@icann.org <gnso-ppsai-pdp-wg-bounces@icann.org>] *On Behalf Of *Graeme Bunton *Sent:* Tuesday, April 28, 2015 10:17 PM *To:* PPSAI *Subject:* [Gnso-ppsai-pdp-wg] PPSAI Comment Period and Section 1.3.3
Thanks to all WG members for a very productive call earlier today(and to Steve for his chairing acumen). The co-chairs and staff met this afternoon to tie down two loose ends from the call.
Regarding the deadline for public comments on the Initial Report, we recognize there is considerable support for extending the public comment period to 60 days instead of the standard 40 days on which we have all been planning. We are prepared to agree to this, but with the caveat that this will have repercussions on the pace and intensity of our work once public comments have been received. Specifically, if the public comment deadline is extended until July 3 (60 days after our publication date of May 4), we will need to plan on at least weekly calls throughout July and August, some of which may need to be more than an hour in length, to review these comments and move toward a Final Report. Otherwise, we jeopardize the prospects for getting the Final Report in front of the GNSO council no later than the Dublin ICANN meeting. As was noted on the call today, many additional steps need to take place even after this WG issues its Final Report before any new accreditation system can be implemented, so the time pressure imposed by the expiration of the Interim Specification at the end of next year is already real.
Also, as previously announced over the past few weeks, if any WG members (or group of members) wish to submit a brief separate or additional statement for inclusion in the package posted for public comment next Monday, such statements need to be received by staff no later than Thursday, April 30.
Lastly, the other loose end involves proposed revisions to section 1.3.3 of the Initial Report, which were presented on the call earlier today but which we did not have time to discuss fully. We agree that this section could benefit from some revision, but believe it should take the form of greater concision, not additional presentation of arguments for the divergent positions. Thus we suggest that section 1.3.3 be revised to read as follows:
---
Although the WG agreed that the mere fact that a domain name is registered by a commercial entity or by anyone conducting commercial activity should not preclude the use of P/P services , there was disagreement over whether domain names that are actively used for commercial transactions (e.g. the sale or exchange of goods or services) should be prohibited from using P/P services. While most WG members did not believe such a prohibition is necessary or practical, some members believed that registrants of such domain names should not be able to use or continue using proxy or privacy services.
For those that argued that it is necessary and practical to limit access to P/P services to exclude commercial entities, the following text was proposed to clarify and define their position: “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy registrations.”
Public comment is therefore specifically invited on the following questions:
- Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, privacy and proxy services? - If so, will it be useful to adopt a definition of “commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? And if so, what should the definition(s) be?” - Will it be necessary to make a distinction in the WHOIS data fields to be displayed as a result?
--- Thanks,
Graeme Bunton & Steve Metalitz
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0...>
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg <https://protect-us.mimecast.com/r/w4cOGJpN8aqiFBeZDDCfM61L9zSPPQ8yJTOsuokgr0...>
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
--
_________________________
Graeme Bunton
Manager, Management Information Systems
Manager, Public Policy
Tucows Inc.
PH: 416 535 0123 ext 1634
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
participants (10)
-
Graeme Bunton -
James Gannon -
John Horton -
Justin Macy -
Kathy Kleiman -
Kiran Malancharuvil -
Mary Wong -
Metalitz, Steven -
Michele Neylon - Blacknight -
Stephanie Perrin