from ssac: SSAC hasn't tried to come up with a definition. But the GNSO did have a PDP working group for that.. Its final report is at: https://gnso.icann.org/sites/default/files/filefield_12530/rap-wg-final-repo... It says: "The RAPWG developed a consensus definition of abuse, which served as a basis to further explore the scope and definition of registration abuse. This definition reads: Abuse is an action that: a. Causes actual and substantial harm, or is a material predicate of such harm, and b. Is illegal or illegitimate, or is otherwise considered contrary to the intention and design of a stated legitimate purpose, if such purpose is disclosed." So that was an consensus-agreed, GNSO-baked definition, the result of a formal community effort. Chapter 6 is "Malicious Use of Domain Names" and is highly relevant. The issue of what's in-scope for ICANN policy-making -- and what Compliance can do because of what's in and not in the contracts -- is a related but separate issue. The report above explains those issues. Bad actors REGISTER domains in order to USE them maliciously. Sometimes when parties say there is "no agreed definition of abuse" they are talking about what specific kinds of problems should be put in the registry contract Spec 11 --which specifically mentions phishing, pharming, malware, botnets. (i found this comment useful) k