Good morning Chris, Thanks for the input. We don't investigate or determine validity of claims, EVER. We relay and allow our clients and/or their attorneys deal with the complaint as they see fit. We are not their attorneys and would not feel at all comfortable making a determination that may be incorrect, thereby exposing them (and us) to additional liability. Thanks, Kiran Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.

On Sep 30, 2014, at 2:30 AM, Chris Pelling <chris@netearth.net> wrote:

Good morning Kiran,

I apologize for jumping in on this, but, I would agree with Graeme, each and every case of "IP infringement" has to be investigated by the registrar in the interests of the customer and the complainee, sorry if that sounds rude, but, we don't and won't simply take someones "word" for it that a domain / site / content has infringing material. On investigation we then notify the complainee of their options that we see it fitting into regardless of a domain being under PP or not. Its a bit like someone taking their car into the dealership and complaining the gears are knackered and the dealership discovers after investigation the "driver" doesn't know how to use a clutch properly. SImplistic view I appreciate, but, every complaint received takes time to process even the odd 1 or 2 we have received from MarkMoniter. We probably the same for Tucows and most registrars protect the respectability of our registrar in the public eye.

My Kayako system also is not "geared" for statistics in the same fashion Graeme mentioned, as there are so few cases its not something I have ever considered setting up for, however your's probably is because IP protection being one of your companies MAIN focuses.

Surely you investigate each and every claim ? As from your text you are suggesting maybe registrars should not.

Kind regards,

Chris

...

On 29/09/2014 11:44 PM, Kiran Malancharuvil wrote: Hi Graeme,

Thanks for this, I appreciate the elaboration.

This is good insight into how Tucows deals with and/or categorizes requests for relay/reveal/disclosure/publication. As you know, MarkMonitor is also a Registrar, and we do provide limited privacy/proxy services for our clients. While admitting that our business model, client base and offerings are probably quite different from our provider colleagues here, we have not encountered the same difficulties that you lay out below.

Historically we have been able to classify requests for relay/reveal neatly into simple-enough categories such as "requests for the sale of the domain" or "claim of IP infringement." Of course categories will be slightly varied amongst Registrars, but I would suspect we could find some common umbrellas that might serve to help us see a pattern/bigger picture.

As far as "measuring success" is concerned, regardless of whether it "closed the ticket" or not, we do keep records about whether we disclosed or published in response to an inquiry (or relayed as is most often the case), UDRP or other request. I feel like that would be a best practice of any Registrar in order that they may be able to track what was done and justify their actions in case there's a challenge.

Like I said, MarkMonitor has a pretty unique client base, and so most of the answers to the questions that are posed to providers would not be helpful in this context. (e.g.: our clients are extremely responsive to requests that are relayed.) However I can say that in the past eight years of data, there has not been a request for disclosure that wasn't related to a claim of IP infringement.

As a side note, slightly off topic but relevant to the categorization topic and other discussions in this group, I note with concern your statement about categorizing claims of IP infringement. You state that "If someone claims IP infringement, but our investigation yields no such issue, does the category still stand?" Why is Tucows investigating and essentially determining the validity of an infringement claim? At MarkMonitor we categorize based on what the claimant asserts (and act accordingly by relaying, etc.), but leave adjudication to WIPO or NAF professionals (for example), or courts.

Thanks! Looking forward to discussing further on list and on tomorrow's call.

Best,

Kiran

Kiran Malancharuvil

Policy Counselor

MarkMonitor

kiranm@markmonitor.com<mailto:kiranm@markmonitor.com>

415-222-8318 (t)

415-419-9138 (m)

________________________________ From: gnso-ppsai-pdp-wg-bounces@icann.org [gnso-ppsai-pdp-wg-bounces@icann.org] on behalf of Graeme Bunton [gbunton@tucows.com] Sent: Sunday, September 28, 2014 3:47 PM To: gnso-ppsai-pdp-wg@icann.org Subject: [Gnso-ppsai-pdp-wg] Data Collection Details

So, requests 3 and 4 on our list were: 3 - Can providers give the WG some general information about the percentage of requests for disclosure that are successful 4 - For Q4, do providers also have information about the type of claims those relate to e.g. If they are from LEA, 3P IP claim etc.?

And I agreed to provide some colour as to why these are probably difficult questions to answer. The below should be true for most providers (and really, for any support system), but should any Registrar colleagues disagree, feel free to chime in.

The concise reason is that compliance desks are optimized for throughput of issues, and not for policy related reporting.

In more detail -

Compliance (or whatever dept that deals with issues around domains) may not use a ticketing system. If the provider is small enough, it may just be an email address. There is no obligation for anyone to use a system that is even capable of producing data, or from which data may easily be extracted.

Even if they do use a system robust enough to allow for reporting, the data we're requesting may not typically be captured in the course of an investigation, or even useful for the running of the business. For question 3, for example, 'successful disclosure' is mostly relevant to the requester, but is not an attribute required to close the ticket. That information may be captured as text inside a description, but if it's not a specific flag on the ticket, it's very very difficult to report on accurately. We at Tucows occasionally mine the text of the tickets related to our retail operations, and the results are always considerably noisy.

Question 4 presumes that requester type as well as as issue type are ticket attributes. I would think that some such systems do capture the issue type (IP, defamation, offensive, etc etc) but each service provider is going to have differently defined categories that may cause difficulty in the aggregation. As well, just because a claim is made, doesn't mean it has any particular validity which impacts categorization. If someone claims IP infringement, but our investigation yields no such issue, does the category still stand? As well, because requests are usually dealt with manually, categorizing requesters may be unlikely, aside from a distinction between LEA and 'other'.

Lastly, as should be clear from previous discussions, there are very few black and white issues that we see. Given the variety of issues and the multitude of interest areas that they cross, straightforward classification is exceptionally difficult, and analysis that attempts to place requests into distinct buckets is going to lose a substantial amount of detail. Nonetheless, I'm in the process of looking into our system at the moment to see if possible to sketch out some trends. Unfortunately, we migrated to a new platform earlier this year, so there is not much to draw from.

Graeme _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

Lindsay, To clarify, you pass along the claim regardless of the results of your independent verification? For categorization purposes, doesn't this kind of attention paid to IP related claims make it easier to identify and categorize? Thanks for the additional clarification and discussion all, very helpful information. K Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.

On Sep 30, 2014, at 2:56 AM, Lindsay Hamilton-Reid <Lindsay.Hamilton-Reid@fasthosts.com> wrote:

Hi all

We investigate every claim; once we are put on notice of infringement, then we have to act or we are open to liability. We would not take down a customer's site on the say so of the complainant. We always pass on the complaint to our customer and hear what they have to say. In some cases, the infringement is clear, others are not so transparent.

Many thanks

Lindsay

-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: 30 September 2014 10:45 To: Chris Pelling Cc: gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] Data Collection Details

Good morning Chris,

Thanks for the input.

We don't investigate or determine validity of claims, EVER. We relay and allow our clients and/or their attorneys deal with the complaint as they see fit. We are not their attorneys and would not feel at all comfortable making a determination that may be incorrect, thereby exposing them (and us) to additional liability.

Thanks,

Kiran

Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)

Sent from my mobile, please excuse any typos.

...

On Sep 30, 2014, at 2:30 AM, Chris Pelling <chris@netearth.net> wrote:

Good morning Kiran,

I apologize for jumping in on this, but, I would agree with Graeme, each and every case of "IP infringement" has to be investigated by the registrar in the interests of the customer and the complainee, sorry if that sounds rude, but, we don't and won't simply take someones "word" for it that a domain / site / content has infringing material. On investigation we then notify the complainee of their options that we see it fitting into regardless of a domain being under PP or not. Its a bit like someone taking their car into the dealership and complaining the gears are knackered and the dealership discovers after investigation the "driver" doesn't know how to use a clutch properly. SImplistic view I appreciate, but, every complaint received takes time to process even the odd 1 or 2 we have received from MarkMoniter. We probably the same for Tucows and most registrars protect the respectability of our registrar in the public eye.

My Kayako system also is not "geared" for statistics in the same fashion Graeme mentioned, as there are so few cases its not something I have ever considered setting up for, however your's probably is because IP protection being one of your companies MAIN focuses.

Surely you investigate each and every claim ? As from your text you are suggesting maybe registrars should not.

Kind regards,

Chris

...

On 29/09/2014 11:44 PM, Kiran Malancharuvil wrote: Hi Graeme,

Thanks for this, I appreciate the elaboration.

This is good insight into how Tucows deals with and/or categorizes requests for relay/reveal/disclosure/publication. As you know, MarkMonitor is also a Registrar, and we do provide limited privacy/proxy services for our clients. While admitting that our business model, client base and offerings are probably quite different from our provider colleagues here, we have not encountered the same difficulties that you lay out below.

Historically we have been able to classify requests for relay/reveal neatly into simple-enough categories such as "requests for the sale of the domain" or "claim of IP infringement." Of course categories will be slightly varied amongst Registrars, but I would suspect we could find some common umbrellas that might serve to help us see a pattern/bigger picture.

As far as "measuring success" is concerned, regardless of whether it "closed the ticket" or not, we do keep records about whether we disclosed or published in response to an inquiry (or relayed as is most often the case), UDRP or other request. I feel like that would be a best practice of any Registrar in order that they may be able to track what was done and justify their actions in case there's a challenge.

Like I said, MarkMonitor has a pretty unique client base, and so most of the answers to the questions that are posed to providers would not be helpful in this context. (e.g.: our clients are extremely responsive to requests that are relayed.) However I can say that in the past eight years of data, there has not been a request for disclosure that wasn't related to a claim of IP infringement.

As a side note, slightly off topic but relevant to the categorization topic and other discussions in this group, I note with concern your statement about categorizing claims of IP infringement. You state that "If someone claims IP infringement, but our investigation yields no such issue, does the category still stand?" Why is Tucows investigating and essentially determining the validity of an infringement claim? At MarkMonitor we categorize based on what the claimant asserts (and act accordingly by relaying, etc.), but leave adjudication to WIPO or NAF professionals (for example), or courts.

Thanks! Looking forward to discussing further on list and on tomorrow's call.

Best,

Kiran

Kiran Malancharuvil

Policy Counselor

MarkMonitor

kiranm@markmonitor.com<mailto:kiranm@markmonitor.com>

415-222-8318 (t)

415-419-9138 (m)

________________________________ From: gnso-ppsai-pdp-wg-bounces@icann.org [gnso-ppsai-pdp-wg-bounces@icann.org] on behalf of Graeme Bunton [gbunton@tucows.com] Sent: Sunday, September 28, 2014 3:47 PM To: gnso-ppsai-pdp-wg@icann.org Subject: [Gnso-ppsai-pdp-wg] Data Collection Details

So, requests 3 and 4 on our list were: 3 - Can providers give the WG some general information about the percentage of requests for disclosure that are successful 4 - For Q4, do providers also have information about the type of claims those relate to e.g. If they are from LEA, 3P IP claim etc.?

And I agreed to provide some colour as to why these are probably difficult questions to answer. The below should be true for most providers (and really, for any support system), but should any Registrar colleagues disagree, feel free to chime in.

The concise reason is that compliance desks are optimized for throughput of issues, and not for policy related reporting.

In more detail -

Compliance (or whatever dept that deals with issues around domains) may not use a ticketing system. If the provider is small enough, it may just be an email address. There is no obligation for anyone to use a system that is even capable of producing data, or from which data may easily be extracted.

Even if they do use a system robust enough to allow for reporting, the data we're requesting may not typically be captured in the course of an investigation, or even useful for the running of the business. For question 3, for example, 'successful disclosure' is mostly relevant to the requester, but is not an attribute required to close the ticket. That information may be captured as text inside a description, but if it's not a specific flag on the ticket, it's very very difficult to report on accurately. We at Tucows occasionally mine the text of the tickets related to our retail operations, and the results are always considerably noisy.

Question 4 presumes that requester type as well as as issue type are ticket attributes. I would think that some such systems do capture the issue type (IP, defamation, offensive, etc etc) but each service provider is going to have differently defined categories that may cause difficulty in the aggregation. As well, just because a claim is made, doesn't mean it has any particular validity which impacts categorization. If someone claims IP infringement, but our investigation yields no such issue, does the category still stand? As well, because requests are usually dealt with manually, categorizing requesters may be unlikely, aside from a distinction between LEA and 'other'.

Lastly, as should be clear from previous discussions, there are very few black and white issues that we see. Given the variety of issues and the multitude of interest areas that they cross, straightforward classification is exceptionally difficult, and analysis that attempts to place requests into distinct buckets is going to lose a substantial amount of detail. Nonetheless, I'm in the process of looking into our system at the moment to see if possible to sketch out some trends. Unfortunately, we migrated to a new platform earlier this year, so there is not much to draw from.

Graeme _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

---

Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

Thanks Lindsay, very interesting. So back to the original questions and Graeme's response. If this much attention is paid to these kinds of claims and probably others (in order to determine whether the request merits investigation), I'm still at a loss as to why it is difficult to answer questions 4 and 5. Thanks, Kiran Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.

On Sep 30, 2014, at 3:25 AM, Lindsay Hamilton-Reid <Lindsay.Hamilton-Reid@fasthosts.com> wrote:

Hi Kiran

Yes we always pass on the complaint - if we feel that it is infringing we require the customer to remove the offending content or take down the website. If they refuse, then we give them a specific period of time to remove the website before we take it down. If we feel it is not infringing, we still let the customer know and report back to the complainant that we will not be taking any action.

While we could categorise many cases as IP infringement, it is still important to investigate each one and take it on its own merit and until the investigation is complete, it is not always clear that it could be categorised in a certain way.

Many thanks

Lindsay

-----Original Message----- From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil@markmonitor.com] Sent: 30 September 2014 11:11 To: Lindsay Hamilton-Reid Cc: Chris Pelling; gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] Data Collection Details

Lindsay,

To clarify, you pass along the claim regardless of the results of your independent verification?

For categorization purposes, doesn't this kind of attention paid to IP related claims make it easier to identify and categorize?

Thanks for the additional clarification and discussion all, very helpful information.

K

Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)

Sent from my mobile, please excuse any typos.

...

On Sep 30, 2014, at 2:56 AM, Lindsay Hamilton-Reid <Lindsay.Hamilton-Reid@fasthosts.com> wrote:

Hi all

We investigate every claim; once we are put on notice of infringement, then we have to act or we are open to liability. We would not take down a customer's site on the say so of the complainant. We always pass on the complaint to our customer and hear what they have to say. In some cases, the infringement is clear, others are not so transparent.

Many thanks

Lindsay

-----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: 30 September 2014 10:45 To: Chris Pelling Cc: gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] Data Collection Details

Good morning Chris,

Thanks for the input.

We don't investigate or determine validity of claims, EVER. We relay and allow our clients and/or their attorneys deal with the complaint as they see fit. We are not their attorneys and would not feel at all comfortable making a determination that may be incorrect, thereby exposing them (and us) to additional liability.

Thanks,

Kiran

Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m)

Sent from my mobile, please excuse any typos.

...

On Sep 30, 2014, at 2:30 AM, Chris Pelling <chris@netearth.net> wrote:

Good morning Kiran,

I apologize for jumping in on this, but, I would agree with Graeme, each and every case of "IP infringement" has to be investigated by the registrar in the interests of the customer and the complainee, sorry if that sounds rude, but, we don't and won't simply take someones "word" for it that a domain / site / content has infringing material. On investigation we then notify the complainee of their options that we see it fitting into regardless of a domain being under PP or not. Its a bit like someone taking their car into the dealership and complaining the gears are knackered and the dealership discovers after investigation the "driver" doesn't know how to use a clutch properly. SImplistic view I appreciate, but, every complaint received takes time to process even the odd 1 or 2 we have received from MarkMoniter. We probably the same for Tucows and most registrars protect the respectability of our registrar in the public eye.

My Kayako system also is not "geared" for statistics in the same fashion Graeme mentioned, as there are so few cases its not something I have ever considered setting up for, however your's probably is because IP protection being one of your companies MAIN focuses.

Surely you investigate each and every claim ? As from your text you are suggesting maybe registrars should not.

Kind regards,

Chris

...

On 29/09/2014 11:44 PM, Kiran Malancharuvil wrote: Hi Graeme,

Thanks for this, I appreciate the elaboration.

This is good insight into how Tucows deals with and/or categorizes requests for relay/reveal/disclosure/publication. As you know, MarkMonitor is also a Registrar, and we do provide limited privacy/proxy services for our clients. While admitting that our business model, client base and offerings are probably quite different from our provider colleagues here, we have not encountered the same difficulties that you lay out below.

Historically we have been able to classify requests for relay/reveal neatly into simple-enough categories such as "requests for the sale of the domain" or "claim of IP infringement." Of course categories will be slightly varied amongst Registrars, but I would suspect we could find some common umbrellas that might serve to help us see a pattern/bigger picture.

As far as "measuring success" is concerned, regardless of whether it "closed the ticket" or not, we do keep records about whether we disclosed or published in response to an inquiry (or relayed as is most often the case), UDRP or other request. I feel like that would be a best practice of any Registrar in order that they may be able to track what was done and justify their actions in case there's a challenge.

Like I said, MarkMonitor has a pretty unique client base, and so most of the answers to the questions that are posed to providers would not be helpful in this context. (e.g.: our clients are extremely responsive to requests that are relayed.) However I can say that in the past eight years of data, there has not been a request for disclosure that wasn't related to a claim of IP infringement.

As a side note, slightly off topic but relevant to the categorization topic and other discussions in this group, I note with concern your statement about categorizing claims of IP infringement. You state that "If someone claims IP infringement, but our investigation yields no such issue, does the category still stand?" Why is Tucows investigating and essentially determining the validity of an infringement claim? At MarkMonitor we categorize based on what the claimant asserts (and act accordingly by relaying, etc.), but leave adjudication to WIPO or NAF professionals (for example), or courts.

Thanks! Looking forward to discussing further on list and on tomorrow's call.

Best,

Kiran

Kiran Malancharuvil

Policy Counselor

MarkMonitor

kiranm@markmonitor.com<mailto:kiranm@markmonitor.com>

415-222-8318 (t)

415-419-9138 (m)

________________________________ From: gnso-ppsai-pdp-wg-bounces@icann.org [gnso-ppsai-pdp-wg-bounces@icann.org] on behalf of Graeme Bunton [gbunton@tucows.com] Sent: Sunday, September 28, 2014 3:47 PM To: gnso-ppsai-pdp-wg@icann.org Subject: [Gnso-ppsai-pdp-wg] Data Collection Details

So, requests 3 and 4 on our list were: 3 - Can providers give the WG some general information about the percentage of requests for disclosure that are successful 4 - For Q4, do providers also have information about the type of claims those relate to e.g. If they are from LEA, 3P IP claim etc.?

And I agreed to provide some colour as to why these are probably difficult questions to answer. The below should be true for most providers (and really, for any support system), but should any Registrar colleagues disagree, feel free to chime in.

The concise reason is that compliance desks are optimized for throughput of issues, and not for policy related reporting.

In more detail -

Compliance (or whatever dept that deals with issues around domains) may not use a ticketing system. If the provider is small enough, it may just be an email address. There is no obligation for anyone to use a system that is even capable of producing data, or from which data may easily be extracted.

Even if they do use a system robust enough to allow for reporting, the data we're requesting may not typically be captured in the course of an investigation, or even useful for the running of the business. For question 3, for example, 'successful disclosure' is mostly relevant to the requester, but is not an attribute required to close the ticket. That information may be captured as text inside a description, but if it's not a specific flag on the ticket, it's very very difficult to report on accurately. We at Tucows occasionally mine the text of the tickets related to our retail operations, and the results are always considerably noisy.

Question 4 presumes that requester type as well as as issue type are ticket attributes. I would think that some such systems do capture the issue type (IP, defamation, offensive, etc etc) but each service provider is going to have differently defined categories that may cause difficulty in the aggregation. As well, just because a claim is made, doesn't mean it has any particular validity which impacts categorization. If someone claims IP infringement, but our investigation yields no such issue, does the category still stand? As well, because requests are usually dealt with manually, categorizing requesters may be unlikely, aside from a distinction between LEA and 'other'.

Lastly, as should be clear from previous discussions, there are very few black and white issues that we see. Given the variety of issues and the multitude of interest areas that they cross, straightforward classification is exceptionally difficult, and analysis that attempts to place requests into distinct buckets is going to lose a substantial amount of detail. Nonetheless, I'm in the process of looking into our system at the moment to see if possible to sketch out some trends. Unfortunately, we migrated to a new platform earlier this year, so there is not much to draw from.

Graeme _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

---

Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

I can appreciate the concerns regarding potential liability. In fact, I think that is one of the real benefits of what we are trying to accomplish here. By developing agreed-upon approaches to relay and reveal, p/p services that receive notices of infringement relating to a relay and/or reveal will know what steps they need to take to address any concerns they might have about potential liability. As opposed to the situation we appear to have now, in which each p/p services' interpretation of what they need to do (either to avoid potential liability or for other reasons) is not entirely clear, which results in each p/p service taking an approach that is either bit different or very different from one another. Keith Kupferschmid -----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Lindsay Hamilton-Reid Sent: Tuesday, September 30, 2014 5:56 AM To: Kiran Malancharuvil; Chris Pelling Cc: gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] Data Collection Details Hi all We investigate every claim; once we are put on notice of infringement, then we have to act or we are open to liability. We would not take down a customer's site on the say so of the complainant. We always pass on the complaint to our customer and hear what they have to say. In some cases, the infringement is clear, others are not so transparent. Many thanks Lindsay -----Original Message----- From: gnso-ppsai-pdp-wg-bounces@icann.org [mailto:gnso-ppsai-pdp-wg-bounces@icann.org] On Behalf Of Kiran Malancharuvil Sent: 30 September 2014 10:45 To: Chris Pelling Cc: gnso-ppsai-pdp-wg@icann.org Subject: Re: [Gnso-ppsai-pdp-wg] Data Collection Details Good morning Chris, Thanks for the input. We don't investigate or determine validity of claims, EVER. We relay and allow our clients and/or their attorneys deal with the complaint as they see fit. We are not their attorneys and would not feel at all comfortable making a determination that may be incorrect, thereby exposing them (and us) to additional liability. Thanks, Kiran Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos.

On Sep 30, 2014, at 2:30 AM, Chris Pelling <chris@netearth.net> wrote:

Good morning Kiran,

I apologize for jumping in on this, but, I would agree with Graeme, each and every case of "IP infringement" has to be investigated by the registrar in the interests of the customer and the complainee, sorry if that sounds rude, but, we don't and won't simply take someones "word" for it that a domain / site / content has infringing material. On investigation we then notify the complainee of their options that we see it fitting into regardless of a domain being under PP or not. Its a bit like someone taking their car into the dealership and complaining the gears are knackered and the dealership discovers after investigation the "driver" doesn't know how to use a clutch properly. SImplistic view I appreciate, but, every complaint received takes time to process even the odd 1 or 2 we have received from MarkMoniter. We probably the same for Tucows and most registrars protect the respectability of our registrar in the public eye.

My Kayako system also is not "geared" for statistics in the same fashion Graeme mentioned, as there are so few cases its not something I have ever considered setting up for, however your's probably is because IP protection being one of your companies MAIN focuses.

Surely you investigate each and every claim ? As from your text you are suggesting maybe registrars should not.

Kind regards,

Chris

...

On 29/09/2014 11:44 PM, Kiran Malancharuvil wrote: Hi Graeme,

Thanks for this, I appreciate the elaboration.

This is good insight into how Tucows deals with and/or categorizes requests for relay/reveal/disclosure/publication. As you know, MarkMonitor is also a Registrar, and we do provide limited privacy/proxy services for our clients. While admitting that our business model, client base and offerings are probably quite different from our provider colleagues here, we have not encountered the same difficulties that you lay out below.

Historically we have been able to classify requests for relay/reveal neatly into simple-enough categories such as "requests for the sale of the domain" or "claim of IP infringement." Of course categories will be slightly varied amongst Registrars, but I would suspect we could find some common umbrellas that might serve to help us see a pattern/bigger picture.

As far as "measuring success" is concerned, regardless of whether it "closed the ticket" or not, we do keep records about whether we disclosed or published in response to an inquiry (or relayed as is most often the case), UDRP or other request. I feel like that would be a best practice of any Registrar in order that they may be able to track what was done and justify their actions in case there's a challenge.

Like I said, MarkMonitor has a pretty unique client base, and so most of the answers to the questions that are posed to providers would not be helpful in this context. (e.g.: our clients are extremely responsive to requests that are relayed.) However I can say that in the past eight years of data, there has not been a request for disclosure that wasn't related to a claim of IP infringement.

As a side note, slightly off topic but relevant to the categorization topic and other discussions in this group, I note with concern your statement about categorizing claims of IP infringement. You state that "If someone claims IP infringement, but our investigation yields no such issue, does the category still stand?" Why is Tucows investigating and essentially determining the validity of an infringement claim? At MarkMonitor we categorize based on what the claimant asserts (and act accordingly by relaying, etc.), but leave adjudication to WIPO or NAF professionals (for example), or courts.

Thanks! Looking forward to discussing further on list and on tomorrow's call.

Best,

Kiran

Kiran Malancharuvil

Policy Counselor

MarkMonitor

kiranm@markmonitor.com<mailto:kiranm@markmonitor.com>

415-222-8318 (t)

415-419-9138 (m)

________________________________ From: gnso-ppsai-pdp-wg-bounces@icann.org [gnso-ppsai-pdp-wg-bounces@icann.org] on behalf of Graeme Bunton [gbunton@tucows.com] Sent: Sunday, September 28, 2014 3:47 PM To: gnso-ppsai-pdp-wg@icann.org Subject: [Gnso-ppsai-pdp-wg] Data Collection Details

So, requests 3 and 4 on our list were: 3 - Can providers give the WG some general information about the percentage of requests for disclosure that are successful 4 - For Q4, do providers also have information about the type of claims those relate to e.g. If they are from LEA, 3P IP claim etc.?

And I agreed to provide some colour as to why these are probably difficult questions to answer. The below should be true for most providers (and really, for any support system), but should any Registrar colleagues disagree, feel free to chime in.

The concise reason is that compliance desks are optimized for throughput of issues, and not for policy related reporting.

In more detail -

Compliance (or whatever dept that deals with issues around domains) may not use a ticketing system. If the provider is small enough, it may just be an email address. There is no obligation for anyone to use a system that is even capable of producing data, or from which data may easily be extracted.

Even if they do use a system robust enough to allow for reporting, the data we're requesting may not typically be captured in the course of an investigation, or even useful for the running of the business. For question 3, for example, 'successful disclosure' is mostly relevant to the requester, but is not an attribute required to close the ticket. That information may be captured as text inside a description, but if it's not a specific flag on the ticket, it's very very difficult to report on accurately. We at Tucows occasionally mine the text of the tickets related to our retail operations, and the results are always considerably noisy.

Question 4 presumes that requester type as well as as issue type are ticket attributes. I would think that some such systems do capture the issue type (IP, defamation, offensive, etc etc) but each service provider is going to have differently defined categories that may cause difficulty in the aggregation. As well, just because a claim is made, doesn't mean it has any particular validity which impacts categorization. If someone claims IP infringement, but our investigation yields no such issue, does the category still stand? As well, because requests are usually dealt with manually, categorizing requesters may be unlikely, aside from a distinction between LEA and 'other'.

Lastly, as should be clear from previous discussions, there are very few black and white issues that we see. Given the variety of issues and the multitude of interest areas that they cross, straightforward classification is exceptionally difficult, and analysis that attempts to place requests into distinct buckets is going to lose a substantial amount of detail. Nonetheless, I'm in the process of looking into our system at the moment to see if possible to sketch out some trends. Unfortunately, we migrated to a new platform earlier this year, so there is not much to draw from.

Graeme _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

While we are on the topic of data collection / statistics: I am wondering if there are any metrics on the use & efficacy of existing relay/disclose/publication mechanisms. Useful data would include a general idea of the volume of requests sent, the ³hit² rate (when the process yields the underlying data), the ³miss² rate (no response, etc.), and whether this varies among service providers. I don¹t recall this being discussed in the WHOIS RT. And sorry to pick on Susan and Michele, but was any of this collected as part of the work of the EWG? As we have previously discussed, this industry encompasses tens of millions of domain names and users. If we are going to transform it, it should be based on a measurable and targeted problem, rather than outliers/exceptions. Thanks! J. On 9/30/14, 4:28 , "Chris Pelling" <chris@netearth.net> wrote:

Good morning Kiran,

I apologize for jumping in on this, but, I would agree with Graeme, each and every case of "IP infringement" has to be investigated by the registrar in the interests of the customer and the complainee, sorry if that sounds rude, but, we don't and won't simply take someones "word" for it that a domain / site / content has infringing material. On investigation we then notify the complainee of their options that we see it fitting into regardless of a domain being under PP or not. Its a bit like someone taking their car into the dealership and complaining the gears are knackered and the dealership discovers after investigation the "driver" doesn't know how to use a clutch properly. SImplistic view I appreciate, but, every complaint received takes time to process even the odd 1 or 2 we have received from MarkMoniter. We probably the same for Tucows and most registrars protect the respectability of our registrar in the public eye.

My Kayako system also is not "geared" for statistics in the same fashion Graeme mentioned, as there are so few cases its not something I have ever considered setting up for, however your's probably is because IP protection being one of your companies MAIN focuses.

Surely you investigate each and every claim ? As from your text you are suggesting maybe registrars should not.

Kind regards,

Chris

On 29/09/2014 11:44 PM, Kiran Malancharuvil wrote:

...

Hi Graeme,

Thanks for this, I appreciate the elaboration.

This is good insight into how Tucows deals with and/or categorizes requests for relay/reveal/disclosure/publication. As you know, MarkMonitor is also a Registrar, and we do provide limited privacy/proxy services for our clients. While admitting that our business model, client base and offerings are probably quite different from our provider colleagues here, we have not encountered the same difficulties that you lay out below.

Historically we have been able to classify requests for relay/reveal neatly into simple-enough categories such as "requests for the sale of the domain" or "claim of IP infringement." Of course categories will be slightly varied amongst Registrars, but I would suspect we could find some common umbrellas that might serve to help us see a pattern/bigger picture.

As far as "measuring success" is concerned, regardless of whether it "closed the ticket" or not, we do keep records about whether we disclosed or published in response to an inquiry (or relayed as is most often the case), UDRP or other request. I feel like that would be a best practice of any Registrar in order that they may be able to track what was done and justify their actions in case there's a challenge.

Like I said, MarkMonitor has a pretty unique client base, and so most of the answers to the questions that are posed to providers would not be helpful in this context. (e.g.: our clients are extremely responsive to requests that are relayed.) However I can say that in the past eight years of data, there has not been a request for disclosure that wasn't related to a claim of IP infringement.

As a side note, slightly off topic but relevant to the categorization topic and other discussions in this group, I note with concern your statement about categorizing claims of IP infringement. You state that "If someone claims IP infringement, but our investigation yields no such issue, does the category still stand?" Why is Tucows investigating and essentially determining the validity of an infringement claim? At MarkMonitor we categorize based on what the claimant asserts (and act accordingly by relaying, etc.), but leave adjudication to WIPO or NAF professionals (for example), or courts.

Thanks! Looking forward to discussing further on list and on tomorrow's call.

Best,

Kiran

Kiran Malancharuvil

Policy Counselor

MarkMonitor

kiranm@markmonitor.com<mailto:kiranm@markmonitor.com>

415-222-8318 (t)

415-419-9138 (m)

________________________________ From: gnso-ppsai-pdp-wg-bounces@icann.org [gnso-ppsai-pdp-wg-bounces@icann.org] on behalf of Graeme Bunton [gbunton@tucows.com] Sent: Sunday, September 28, 2014 3:47 PM To: gnso-ppsai-pdp-wg@icann.org Subject: [Gnso-ppsai-pdp-wg] Data Collection Details

So, requests 3 and 4 on our list were: 3 - Can providers give the WG some general information about the percentage of requests for disclosure that are successful 4 - For Q4, do providers also have information about the type of claims those relate to e.g. If they are from LEA, 3P IP claim etc.?

And I agreed to provide some colour as to why these are probably difficult questions to answer. The below should be true for most providers (and really, for any support system), but should any Registrar colleagues disagree, feel free to chime in.

The concise reason is that compliance desks are optimized for throughput of issues, and not for policy related reporting.

In more detail -

Compliance (or whatever dept that deals with issues around domains) may not use a ticketing system. If the provider is small enough, it may just be an email address. There is no obligation for anyone to use a system that is even capable of producing data, or from which data may easily be extracted.

Even if they do use a system robust enough to allow for reporting, the data we're requesting may not typically be captured in the course of an investigation, or even useful for the running of the business. For question 3, for example, 'successful disclosure' is mostly relevant to the requester, but is not an attribute required to close the ticket. That information may be captured as text inside a description, but if it's not a specific flag on the ticket, it's very very difficult to report on accurately. We at Tucows occasionally mine the text of the tickets related to our retail operations, and the results are always considerably noisy.

Question 4 presumes that requester type as well as as issue type are ticket attributes. I would think that some such systems do capture the issue type (IP, defamation, offensive, etc etc) but each service provider is going to have differently defined categories that may cause difficulty in the aggregation. As well, just because a claim is made, doesn't mean it has any particular validity which impacts categorization. If someone claims IP infringement, but our investigation yields no such issue, does the category still stand? As well, because requests are usually dealt with manually, categorizing requesters may be unlikely, aside from a distinction between LEA and 'other'.

Lastly, as should be clear from previous discussions, there are very few black and white issues that we see. Given the variety of issues and the multitude of interest areas that they cross, straightforward classification is exceptionally difficult, and analysis that attempts to place requests into distinct buckets is going to lose a substantial amount of detail. Nonetheless, I'm in the process of looking into our system at the moment to see if possible to sketch out some trends. Unfortunately, we migrated to a new platform earlier this year, so there is not much to draw from.

Graeme _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

I think James' posting makes a lot of sense. We have some real worries here - freedom of expression and other forms of people/organizations/small businesses being pursued for a number of reasons -- including those not being expressly submitted to the Proxy/Privacy Provider. Still evaluating, but the idea of a measurable, targeted problem makes enormous sense. It would give us something to work on and towards. Best, Kathy :

While we are on the topic of data collection / statistics:

I am wondering if there are any metrics on the use & efficacy of existing relay/disclose/publication mechanisms. Useful data would include a general idea of the volume of requests sent, the ³hit² rate (when the process yields the underlying data), the ³miss² rate (no response, etc.), and whether this varies among service providers.

I don¹t recall this being discussed in the WHOIS RT. And sorry to pick on Susan and Michele, but was any of this collected as part of the work of the EWG?

As we have previously discussed, this industry encompasses tens of millions of domain names and users. If we are going to transform it, it should be based on a measurable and targeted problem, rather than outliers/exceptions.

Thanks!

J.

On 9/30/14, 4:28 , "Chris Pelling" <chris@netearth.net> wrote:

...

Good morning Kiran,

I apologize for jumping in on this, but, I would agree with Graeme, each and every case of "IP infringement" has to be investigated by the registrar in the interests of the customer and the complainee, sorry if that sounds rude, but, we don't and won't simply take someones "word" for it that a domain / site / content has infringing material. On investigation we then notify the complainee of their options that we see it fitting into regardless of a domain being under PP or not. Its a bit like someone taking their car into the dealership and complaining the gears are knackered and the dealership discovers after investigation the "driver" doesn't know how to use a clutch properly. SImplistic view I appreciate, but, every complaint received takes time to process even the odd 1 or 2 we have received from MarkMoniter. We probably the same for Tucows and most registrars protect the respectability of our registrar in the public eye.

My Kayako system also is not "geared" for statistics in the same fashion Graeme mentioned, as there are so few cases its not something I have ever considered setting up for, however your's probably is because IP protection being one of your companies MAIN focuses.

Surely you investigate each and every claim ? As from your text you are suggesting maybe registrars should not.

Kind regards,

Chris

On 29/09/2014 11:44 PM, Kiran Malancharuvil wrote:

...

Hi Graeme,

Thanks for this, I appreciate the elaboration.

This is good insight into how Tucows deals with and/or categorizes requests for relay/reveal/disclosure/publication. As you know, MarkMonitor is also a Registrar, and we do provide limited privacy/proxy services for our clients. While admitting that our business model, client base and offerings are probably quite different from our provider colleagues here, we have not encountered the same difficulties that you lay out below.

Historically we have been able to classify requests for relay/reveal neatly into simple-enough categories such as "requests for the sale of the domain" or "claim of IP infringement." Of course categories will be slightly varied amongst Registrars, but I would suspect we could find some common umbrellas that might serve to help us see a pattern/bigger picture.

As far as "measuring success" is concerned, regardless of whether it "closed the ticket" or not, we do keep records about whether we disclosed or published in response to an inquiry (or relayed as is most often the case), UDRP or other request. I feel like that would be a best practice of any Registrar in order that they may be able to track what was done and justify their actions in case there's a challenge.

Like I said, MarkMonitor has a pretty unique client base, and so most of the answers to the questions that are posed to providers would not be helpful in this context. (e.g.: our clients are extremely responsive to requests that are relayed.) However I can say that in the past eight years of data, there has not been a request for disclosure that wasn't related to a claim of IP infringement.

As a side note, slightly off topic but relevant to the categorization topic and other discussions in this group, I note with concern your statement about categorizing claims of IP infringement. You state that "If someone claims IP infringement, but our investigation yields no such issue, does the category still stand?" Why is Tucows investigating and essentially determining the validity of an infringement claim? At MarkMonitor we categorize based on what the claimant asserts (and act accordingly by relaying, etc.), but leave adjudication to WIPO or NAF professionals (for example), or courts.

Thanks! Looking forward to discussing further on list and on tomorrow's call.

Best,

Kiran

Kiran Malancharuvil

Policy Counselor

MarkMonitor

kiranm@markmonitor.com<mailto:kiranm@markmonitor.com>

415-222-8318 (t)

415-419-9138 (m)

________________________________ From: gnso-ppsai-pdp-wg-bounces@icann.org [gnso-ppsai-pdp-wg-bounces@icann.org] on behalf of Graeme Bunton [gbunton@tucows.com] Sent: Sunday, September 28, 2014 3:47 PM To: gnso-ppsai-pdp-wg@icann.org Subject: [Gnso-ppsai-pdp-wg] Data Collection Details

So, requests 3 and 4 on our list were: 3 - Can providers give the WG some general information about the percentage of requests for disclosure that are successful 4 - For Q4, do providers also have information about the type of claims those relate to e.g. If they are from LEA, 3P IP claim etc.?

And I agreed to provide some colour as to why these are probably difficult questions to answer. The below should be true for most providers (and really, for any support system), but should any Registrar colleagues disagree, feel free to chime in.

The concise reason is that compliance desks are optimized for throughput of issues, and not for policy related reporting.

In more detail -

Compliance (or whatever dept that deals with issues around domains) may not use a ticketing system. If the provider is small enough, it may just be an email address. There is no obligation for anyone to use a system that is even capable of producing data, or from which data may easily be extracted.

Even if they do use a system robust enough to allow for reporting, the data we're requesting may not typically be captured in the course of an investigation, or even useful for the running of the business. For question 3, for example, 'successful disclosure' is mostly relevant to the requester, but is not an attribute required to close the ticket. That information may be captured as text inside a description, but if it's not a specific flag on the ticket, it's very very difficult to report on accurately. We at Tucows occasionally mine the text of the tickets related to our retail operations, and the results are always considerably noisy.

Question 4 presumes that requester type as well as as issue type are ticket attributes. I would think that some such systems do capture the issue type (IP, defamation, offensive, etc etc) but each service provider is going to have differently defined categories that may cause difficulty in the aggregation. As well, just because a claim is made, doesn't mean it has any particular validity which impacts categorization. If someone claims IP infringement, but our investigation yields no such issue, does the category still stand? As well, because requests are usually dealt with manually, categorizing requesters may be unlikely, aside from a distinction between LEA and 'other'.

Lastly, as should be clear from previous discussions, there are very few black and white issues that we see. Given the variety of issues and the multitude of interest areas that they cross, straightforward classification is exceptionally difficult, and analysis that attempts to place requests into distinct buckets is going to lose a substantial amount of detail. Nonetheless, I'm in the process of looking into our system at the moment to see if possible to sketch out some trends. Unfortunately, we migrated to a new platform earlier this year, so there is not much to draw from.

Graeme _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634

_______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

---

Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

---

Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

I can and will provide answers this week of the group thinks it's helpful. To quickly answer your specific concerns, we relay everything to our clients except spam. We have never (in the last eight years of data) had a request for disclosure that wasn't related to ip infringement and every one of those cases were dealt with directly by the client. We did not have to disclose against the clients wishes nor disclose in the absence of communication with the client. As you say, our base is different. But there ya go. Kiran Malancharuvil Internet Policy Counselor MarkMonitor 415-419-9138 (m) Sent from my mobile, please excuse any typos. On Sep 30, 2014, at 6:43 AM, Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> wrote: Kiran, Tx so much for your answers below! Do you think you might be able to answer all five of the questions raised for Registrars offering P/P services? With your special group of clients, I would expect that the answers will help inform our discussion. In particular, do you contact your clients when someone is trying to obtain their proxied data? Do you give them an opportunity to respond to you before you disclose? For business reasons, I would think disclosure and publication might be a sensitive issue with some of your clients (e.g., analysts shopping for merger data, new company launches, etc). Best and tx, Kathy 1. What are provider practices regarding customer notification when a disclosure request is received, and is the customer given the opportunity to respond? 2. Does any provider offer its customer an option other than disclosure or publication, e.g. an opportunity to cancel the registration instead (i.e. what some WG members have mentioned as a “takedown”)? 3. What are provider “standards" for determining disclosure to third parties? 4. Can providers give the WG some general information about the percentage of requests for disclosure that are successful? 5. For Q4, do providers also have information about the type of claims those relate to e.g. If they are from LEA, 3P IP claim etc.? : Hi Graeme, Thanks for this, I appreciate the elaboration. This is good insight into how Tucows deals with and/or categorizes requests for relay/reveal/disclosure/publication. As you know, MarkMonitor is also a Registrar, and we do provide limited privacy/proxy services for our clients. While admitting that our business model, client base and offerings are probably quite different from our provider colleagues here, we have not encountered the same difficulties that you lay out below. que Historically we have been able to classify requests for relay/reveal neatly into simple-enough categories such as "requests for the sale of the domain" or "claim of IP infringement." Of course categories will be slightly varied amongst Registrars, but I would suspect we could find some common umbrellas that might serve to help us see a pattern/bigger picture. As far as "measuring success" is concerned, regardless of whether it "closed the ticket" or not, we do keep records about whether we disclosed or published in response to an inquiry (or relayed as is most often the case), UDRP or other request. I feel like that would be a best practice of any Registrar in order that they may be able to track what was done and justify their actions in case there's a challenge. Like I said, MarkMonitor has a pretty unique client base, and so most of the answers to the questions that are posed to providers would not be helpful in this context. (e.g.: our clients are extremely responsive to requests that are relayed.) However I can say that in the past eight years of data, there has not been a request for disclosure that wasn't related to a claim of IP infringement. As a side note, slightly off topic but relevant to the categorization topic and other discussions in this group, I note with concern your statement about categorizing claims of IP infringement. You state that "If someone claims IP infringement, but our investigation yields no such issue, does the category still stand?" Why is Tucows investigating and essentially determining the validity of an infringement claim? At MarkMonitor we categorize based on what the claimant asserts (and act accordingly by relaying, etc.), but leave adjudication to WIPO or NAF professionals (for example), or courts. Thanks! Looking forward to discussing further on list and on tomorrow's call. Best, Kiran Kiran Malancharuvil Policy Counselor MarkMonitor kiranm@markmonitor.com<mailto:kiranm@markmonitor.com><mailto:kiranm@markmonitor.com><mailto:kiranm@markmonitor.com> 415-222-8318 (t) 415-419-9138 (m) ________________________________ From: gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org> [gnso-ppsai-pdp-wg-bounces@icann.org<mailto:gnso-ppsai-pdp-wg-bounces@icann.org>] on behalf of Graeme Bunton [gbunton@tucows.com<mailto:gbunton@tucows.com>] Sent: Sunday, September 28, 2014 3:47 PM To: gnso-ppsai-pdp-wg@icann.org<mailto:gnso-ppsai-pdp-wg@icann.org> Subject: [Gnso-ppsai-pdp-wg] Data Collection Details So, requests 3 and 4 on our list were: 3 - Can providers give the WG some general information about the percentage of requests for disclosure that are successful 4 - For Q4, do providers also have information about the type of claims those relate to e.g. If they are from LEA, 3P IP claim etc.? And I agreed to provide some colour as to why these are probably difficult questions to answer. The below should be true for most providers (and really, for any support system), but should any Registrar colleagues disagree, feel free to chime in. The concise reason is that compliance desks are optimized for throughput of issues, and not for policy related reporting. In more detail - Compliance (or whatever dept that deals with issues around domains) may not use a ticketing system. If the provider is small enough, it may just be an email address. There is no obligation for anyone to use a system that is even capable of producing data, or from which data may easily be extracted. Even if they do use a system robust enough to allow for reporting, the data we're requesting may not typically be captured in the course of an investigation, or even useful for the running of the business. For question 3, for example, 'successful disclosure' is mostly relevant to the requester, but is not an attribute required to close the ticket. That information may be captured as text inside a description, but if it's not a specific flag on the ticket, it's very very difficult to report on accurately. We at Tucows occasionally mine the text of the tickets related to our retail operations, and the results are always considerably noisy. Question 4 presumes that requester type as well as as issue type are ticket attributes. I would think that some such systems do capture the issue type (IP, defamation, offensive, etc etc) but each service provider is going to have differently defined categories that may cause difficulty in the aggregation. As well, just because a claim is made, doesn't mean it has any particular validity which impacts categorization. If someone claims IP infringement, but our investigation yields no such issue, does the category still stand? As well, because requests are usually dealt with manually, categorizing requesters may be unlikely, aside from a distinction between LEA and 'other'. Lastly, as should be clear from previous discussions, there are very few black and white issues that we see. Given the variety of issues and the multitude of interest areas that they cross, straightforward classification is exceptionally difficult, and analysis that attempts to place requests into distinct buckets is going to lose a substantial amount of detail. Nonetheless, I'm in the process of looking into our system at the moment to see if possible to sketch out some trends. Unfortunately, we migrated to a new platform earlier this year, so there is not much to draw from. Graeme _________________________ Graeme Bunton Manager, Management Information Systems Manager, Public Policy Tucows Inc. PH: 416 535 0123 ext 1634 _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg _______________________________________________ Gnso-ppsai-pdp-wg mailing list Gnso-ppsai-pdp-wg@icann.org<mailto:Gnso-ppsai-pdp-wg@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg