Hi again, I'd like to add that the revised policy also makes obvious mistakes and/or is misleading. In the consultation section of the PDF, they state: http://www.icann.org/registries/rsep/afilias-abuse-funnel-request-rev-03jul0... "Based upon this consultation with the Registrar Constituency members, Afilias has revised its proposed policy to remove from its definition of abusive uses the section titled “Other abusive behaviors”, which had drawn comments regarding breadth of scope, as well as removing the sentence regarding breach." While it's true that paragraph was removed, take a look at the words in the FIRST SENTENCE of the definition of "abusive use" "Afilias defines abusive use as the wrong or excessive use of power, position or ability, and **includes, without limitation,** the following:" I've added emphasis to the words "includes, without limitation." This means that Afilias is free to expand on their list, without limitation, in the future, as the list they provide is not exhaustive. Removing the section "other abusive behaviors" thus has no impact whatsoever on this poorly thought out policy proposal. This is the kind of open-ended and ambiguous language that registry operators have routinely attempted to sneak into contracts -- hopefully ICANN has learned to read contracts better than previously. Indeed, ICANN's poor past oversight of contracts has perhaps encouraged registry operators to submit these badly worded and flawed contracts/proposals in the hopes that no one notices, or notices when it's too late. If Afilias is truly listening, they would ensure that registrants have the continued right to due process, by removing all the sections that refer to cancellation of the domain names "at its discretion." Removal from the zone file is more than sufficient, without cancellation, to allow for due process. A registry should also not be immune from civil and/or criminal liability, in the event of a false positive (i.e. wrongful termination of a domain). Indeed, if it was to suspend or cancel a domain of an active site such as Amazon.com, Yahoo.com, YouTube.com, Myspace.com or Google.com even for a few hours, the actual damages to these registrants might be in the tens of millions of dollars. A registry operator would exercise far more diligence in its decision-making if it was not immune from civil damages when it inevitably makes incorrect calls --- no system is without false positives. Indeed, as I've stated before, this policy is not needed, given that there already exists a WHOIS accuracy requirement. Most, if not all, truly abusive activity takes place on domains with fake WHOIS. If someone with accurate WHOIS is conducting illegal activity, send in the police to knock on their door! If the WHOIS is not accurate, then the domain is caught by the existing policies, and can be terminated/suspended. If Afilias were to submit a proposal strengthening the WHOIS requirements to encompass registrant verification, they would receive the support from many in law enforcement and others who loathe abusive behaviour like spam, phishing, etc.. For example, they could require WHOIS verification of a new registrant (via a postal mail to the relevant address, for example, like .uk) before allowing the registered domain name to be put into the zone file (the name would be reserved, but would not resolve). (a new domain from an existing registrant could resolve almost instantly, if they use the same PIN code or whatever was used to prove the WHOIS of their first domain, assuming their address or other contact details have not changed) Sincerely, George Kirikos http://www.kirikos.com/