Re: [Rt4-whois] The New Proxy Language
I am going into a meeting right now for the next 3 hours and will not be able to communicate except occasionally on my iphone. I am fine your with additional language Seth. Unfortunately, Facebook is demanding my attention to other issues.... From: Seth M Reiss [mailto:seth.reiss@lex-ip.com] Sent: Thursday, December 01, 2011 11:34 AM To: Susan Kawaguchi; 'Smith, Bill' Cc: rt4-whois@icann.org Subject: RE: [Rt4-whois] The New Proxy Language Very good Susan. See my slight tweaks below: -----Original Message----- From: Susan Kawaguchi [mailto:susank@fb.com] Sent: Thursday, December 01, 2011 9:25 AM To: Seth M Reiss; 'Smith, Bill' Cc: rt4-whois@icann.org Subject: RE: [Rt4-whois] The New Proxy Language Not everyone on the team has chimed in yet on this issue today but according to my count the following are agreeing to Lynn's proposal agreeing # 2 in Emily's email this morning. Lynn Omar Michael James Kathy Susan Those who have not weighed in today Emily Lutz - although liked Seth's proposal last night Sarmad Wilfried Sharon Peter - but earlier this morning did sound like he was probably favoring Seth's language. (if I have characterized this incorrectly for anyone please accept my apologies and please weigh in) I would recommend that we leave both the Dakar recommendation in and the best practices recommendation in ( I do not feel they are mutually exclusive) We could lead into the two recommendations with the following: Review Team members are in unanimous agreement that the status quo regarding proxy registrations is not sustainable, is not fair to legitimate participants in the domain name marketplace, frustrates valuable social goals such as law enforcement [and the protection of intellectual property], and reflects poorly on ICANN's commitment to serve the public interest. We are also in agreement that the goal should be to give accredited registrars strong incentives not to foster this undesirable status quo, and that such incentives should arise both from the terms of the ICANN contracts with registrars, and from principles of legal responsibility under national law. ICANN can control the first source of these incentives; its contractual provisions may influence, but cannot control, the second, since neither of the parties most directly involved -- the proxy service customers, and the law enforcement or other party seeking to identify them and hold them accountable -- is under contract to ICANN. We have not reached consensus on how best to advance this common goal. Some believe that the best approach is to start with the proxy services that are made available in connection with domain name registration, and require these services to follow best practices for promptly disclosing the identity of the party actually in control of the domain name, with registrars facing consequences if they do business with services that do not fulfill best practices. Others prefer the approach of denying any recognition of proxy services in ICANN contracts, and treating all such services simply as registrants, regardless of their practices, with the view that every registrant, including proxy service registrants, should accept full responsibility for the manner of use of the domain name they register. We set forth below alternative recommendations reflecting these dual approaches, and solicit community comment on them. One other area of agreement is that neither approach will be successful without proactive ICANN compliance measures, either to police observance of best practices, in the first approach, or to press registrars to cancel registrations of proxy services that do not fulfill their contractual obligations as set forth in the RAA. A well resourced and credible compliance program is essential to reforming the unacceptable status quo in this area. -----Original Message----- From: Seth M Reiss [mailto:seth.reiss@lex-ip.com] Sent: Thursday, December 01, 2011 10:52 AM To: Susan Kawaguchi; 'Smith, Bill' Cc: rt4-whois@icann.org Subject: RE: [Rt4-whois] The New Proxy Language OK, guys, I finally woke up. But now I kind of wish I had not! I am not entirely comfortable with what I wrote (option 3). I continue to agree with Bill's analysis and thinking, but I am also concerned that the statements I wrote go well beyond what our Team was tasked to do. It goes beyond WHOIS accuracy into the realm of security etc. But so does James' and Susan's proposal (option 2). The Dakar statement (option 1 as most recently modified by Emily) comes closest to us staying within our purview. Note that Susan agrees that language should be removed from the RRA and proxy service provider should be responsible for the domain name. So perhaps this could a bullet point under Dakar. Or better yet, how about this to make the group happy, or at least happier. How about the Dakar statement as most recently modified by Emily go into the recommendations. Everything else, some of proposal 2 and maybe a bit of proposal 3, or perhaps just the statement Susan made about language being removed from the RAA, go into the discussion. I agree with Bill that a voluntary set of best practices cannot reach the goal of eliminating irresponsible proxy services. But the discussion section could indicate this was one of the ideas that was considered by our team as a possible solution and that is something that the community may wish to follow up on. Finally, regarding the DMCA, the United States Congress, in its wisdom, decided that web hosts and neutral bill boards and the like should be given a level of immunity to function and so adopted the DMCA and other measure to provide safe havens from copyright infringement claims and other claims for content posted by others if they registered as an agent and carefully followed a number of specific take down/put up practices. The process is mandatory, carefully detailed and all governed by a centralized law that is consistent across the national territory. We, unfortunately, do not operate in a landscape of consistent laws, plus we are not a legislature, plus (as Bill has reiterated on several occasions) a voluntary practice will not get us there. Seth -----Original Message----- From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of Susan Kawaguchi Sent: Thursday, December 01, 2011 8:11 AM To: Smith, Bill Cc: rt4-whois@icann.org Subject: Re: [Rt4-whois] The New Proxy Language Yes I agree a registrant is a contracted party I guess I am use to seeing so much bad behavior by registrants that I do not think of them that way. I still do not see our two recommendations as polar opposites. I agree the language in the RAA should be removed and the proxy service provider should be responsible for the domain name. But that does not exclude the need for best practices in this industry and if we can get movement in the right direction along with calling for the proxy service providers to be responsible it is a win win situation. (I am not comparing the DMCA to this situation but I think this is a good example) When the DMCA was put into US law it required interpretation and best practices were developed over a period of time. In my opinion eBay took the lead and put in place the VeRO program which went beyond some of the requirements. Many other companies followed their lead and you will see pieces of the VeRO program in many companies processes. I think several registrars have taken a similar path with their affiliate proxy services and established procedures that are good. Why can't we advocate for both positions? I think we are in agreement that neither approach will be successful without proactive ICANN compliance measures, either to police observance of best practices, in the first approach, or to press registrars to cancel registrations of proxy services that do not fulfill their contractual obligations as set forth in the RAA. A well resourced and credible compliance program is essential to reforming the unacceptable status quo in this area. -----Original Message----- From: Smith, Bill [mailto:bill.smith@paypal-inc.com] Sent: Thursday, December 01, 2011 9:46 AM To: Susan Kawaguchi Cc: James M. Bladel; rt4-whois@icann.org Subject: Re: [Rt4-whois] The New Proxy Language Susan, Isn't everyone a contracted party in this ecosystem? Registrars and Registries with ICANN and Registrants with Registrants (with required terms from ICANN). I believe we need SLAs in each of the agreements that put some teeth into the compliance provisions. For example, the current RAA language says that failure to correct WHOIS data *may* result in revocation of the Domain Name (or something similar to that). Action is voluntary on the part of the Registrant and Registrar with the public paying the cost, much like with toxic waste. This isn't a direct cost but indirect, and getting larger all the time. I sincerely doubt that a voluntary code, though admirable, will mitigate these costs. If we have SLAs in each of the agreements, then failure by any party to abide by them results in action and/or penalties up to and including loss of name. The current system doesn't, while threatening such an eventuality rarely reaches that point as we've heard. If ICANN wants to honor the AoC with respect to WHOIS, it firmly believe it needs to shift from the voluntary mechanisms that don't work to a simple though comprehensive set of mandatory mechanisms that will work. These mechanisms should exist outside of any "at law"remedies but should be in concert with them. I'll think about adding the VC to 4. My gut reaction is that it will still allow too much legal room if/when the legal system is required. Bill On Dec 1, 2011, at 9:04 AM, "Susan Kawaguchi" <susank@fb.com> wrote:
Hi Bill,
I agree with most of what is in your and Seth's recommendation but do not
understand how an SLA will work with non-contracted parties.
What if we added the voluntary best practices to #4?
Susan
-----Original Message-----
From: Smith, Bill [mailto:bill.smith@paypal-inc.com]
Sent: Thursday, December 01, 2011 7:44 AM
To: James M. Bladel
Cc: Susan Kawaguchi; rt4-whois@icann.org
Subject: Re: [Rt4-whois] The New Proxy Language
I have no problem with folks not being "on board". However, we did agree
to language in Dakar in essence saying that ICANN should avoid mentioning proxies in the RAA. I realize that some may not have been fully on board with that, and there have been suggestion to change our position.
From my perspective, the changes are from the Dakar position to the
Voluntary Code proposal.
I've pointed out how the VC can and likely will be circumvented,
especially by "bad actors". If someone can demonstrate a way that the VC deals with this issue and avoids a return to the current state, I'm all ears.
One way for the VC to work is to have a set of SLAs that mandate action in
response to non-compliance to the SLAs. I don't see a mention of that in the VC and I'd want to understand exactly what we're talking about regarding times for roundtrip reveal/relay and the consequences for failure to respond in a timely fashion.
On Dec 1, 2011, at 7:23 AM, James M. Bladel wrote:
Agree with Susan. These are very significant changes coming very late in
the game.
J.
-------- Original Message --------
Subject: Re: [Rt4-whois] The New Proxy Language
From: Susan Kawaguchi <susank@fb.com<mailto:susank@fb.com>>
Date: Thu, December 01, 2011 8:58 am
To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>
Cc: "rt4-whois@icann.org<mailto:rt4-whois@icann.org>"
<rt4-whois@icann.org<mailto:rt4-whois@icann.org>>
Hi Kathy
I am not onboard with Bill and Seth's recommendation but I am willing to
explore this direction.
Susan
Sent from my iPhone
On Dec 1, 2011, at 6:18 AM, "Kathy Kleiman"
<kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> wrote:
But what James and Susan did so brilliantly, and for the first time in
history, was to begin to bring the proxy services into the ICANN tent
and into sight. The idea of disclosing relationships, sharing ownership
and contractual relationships, is an enormous step forward. I think we
are losing something now...
Kathy:
My preference is to replace the Voluntary Best Practices Guidelines. I
think there is useful information in that language to guide development of SLAs regarding Registrant responsibilities and response times so would hate to see that work "tossed".
Seth's language is an attempt to "flesh out" the simple text we had in
Dakar, that said ICANN should remove reference to proxy services from the RAA. I think he's done a good job, albeit perhaps a first cut, at doing that and getting a conversation going on the practical implications of, let's call it the Dakar proxy compact.
As I recall, one of the reasons we decided to recommend removing proxies
from the RAA is that no matter how hard we, or ICANN tries to control or regulate the proxy business, anyone can operate such a service outside of the control of ICANN or the community. They simply register names and act on behalf of someone else.
What we, asa community, can do is develop some policies that set out
what is expected of all parties, including Registrants and have consequences, mandatory in some cases, for failure to comply with the policies. The consequence of last resort is revocation of the name.
These policies wouldn't take the place of legal action, but they would
fill the void where Registrants, or their proxies, are non-responsive.
The alternative is the voluntary code, but we know that can be avoided,
and letting the courts handle the situation... but that's basically where we are today so I don't see how a code, voluntary or not helps in the end.
On Dec 1, 2011, at 5:32 AM, Kathy Kleiman wrote:
Hi All,
What a night! I can see the 24*7 party of the WRT continued. Thanks so
very much!
Regarding the language below, could someone be an expert guide? Is it a
replacement of the whole of the Proxy Recommendations, or in addition to the Voluntary Best Practices Guidelines (which I really liked)
Otherwise, I am thinking and researching. I think this is a big change
below, and I am not keen on #3 at all. Many, many people use proxy services for many, many things, and the Recommendations section seems an odd place to put a value judgement on that.
Otherwise, there are some fascinating legal concepts, and my brain
already hurts!
Thinking hard first thing in the AM and still reviewing.
I would like to know what James thinks,
Kathy
Data Access- Proxy Service
1. The Review Team considers a Proxy Service as a relationship in
which
the registrant is acting on behalf of another. The WHOIS data is that
of the
agent/proxy service and the agent/proxy service alone obtains all
rights and
assumes all responsibility for the domain name and its manner of use.
2. ICANN should clarify that any registrant that may be acting as a
proxy service for another is in all respects still the registrant and,
in
ICANN's view, should be held fully responsible for the use of the
domain
name including for any and all harm that results from the use of the
domain
name.
2. Because of ICANN's position on proxy services to date, which
tolerates the proxy service industry that has arisen and which through
RAA
provisions gives recognition and attempts to regulate that industry,
has
been used by courts and others to allow proxy services to escape
liability
for bad acts of the proxy service customers, ICANN should either
delete or
amend those provisions of the RAA that can or have been used to allow
proxy
services to escape liability.
3. The Review Team acknowledges that there may be legitimate reasons
for the occasional use of a proxy service, as for example to protect a
valuable trade secret at product launch. At the same time proxy
services
should not be viewed or used as a substitute for privacy services that
are
designed to shield an individual's personal contact information. The
legitimate use a proxy service would be the exception and not
widespread.
4. A proxy service industry willing to accept full risks and
liabilities
for the manner in which domain names through its service will be used
will
take the necessary precautionary measures, in its relationship with
its
customers, such that domain names so registered are unlikely to be
misused
and, if misused, a remedy for those victimized will more likely be
available.
_______________________________________________
Rt4-whois mailing list
Rt4-whois@icann.org<mailto:Rt4-whois@icann.org>
_______________________________________________
Rt4-whois mailing list
Rt4-whois@icann.org<mailto:Rt4-whois@icann.org>
--
_______________________________________________
Rt4-whois mailing list
Rt4-whois@icann.org<mailto:Rt4-whois@icann.org>
_______________________________________________
Rt4-whois mailing list
Rt4-whois@icann.org<mailto:Rt4-whois@icann.org>
_______________________________________________
Rt4-whois mailing list
Rt4-whois@icann.org<mailto:Rt4-whois@icann.org>
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois
participants (1)
-
Susan Kawaguchi