[Gnso-ppsai-pdp-wg] FW: Section 3.18 - Registrar's Abuse Contact and Duty to Investigate Reports of Abuse of the 2013 RAA

Tue Jun 10 16:09:41 UTC 2014

I would also agree that limiting the reporting process to an email address would not be the best way to go about this.  We do not want to limit innovation.

As long as it is fairly easy to report (but maybe not to easy to weed out erroneous reports) clear parameters, enough information to process the report, but not allow to much information and a response is received I would think would satisfy most legitimate reporters.
Susan Kawaguchi
Domain Name Manager
Facebook Legal Dept.

Phone - 650 485-6064

From: "James M. Bladel" <jbladel at godaddy.com<mailto:jbladel at godaddy.com>>
Date: Tuesday, June 10, 2014 at 9:01 AM
To: Michele Neylon - Blacknight <michele at blacknight.com<mailto:michele at blacknight.com>>, Marika Konings <marika.konings at icann.org<mailto:marika.konings at icann.org>>, "gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>" <gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>>
Subject: Re: [Gnso-ppsai-pdp-wg] FW: Section 3.18 - Registrar's Abuse Contact and Duty to Investigate Reports of Abuse of the 2013 RAA

Agree.  This is particularly the case for larger providers who have established separate teams for each abuse type (Spam, infringement, malware, etc.).  It requires the reporter to categorize the complaint and expedites routing to the appropriate internal resources.

Thanks—

J.

From: Michele Neylon - Blacknight <michele at blacknight.com<mailto:michele at blacknight.com>>
Date: Tuesday, June 10, 2014 at 8:49
To: Marika Konings <marika.konings at icann.org<mailto:marika.konings at icann.org>>, "gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>" <gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>>
Subject: Re: [Gnso-ppsai-pdp-wg] FW: Section 3.18 - Registrar's Abuse Contact and Duty to Investigate Reports of Abuse of the 2013 RAA

Marika
Only getting to read and digest this properly now

I would suggest that registrars and PP providers should be able to "funnel" reports by "type"

Using an email address only might not be the best way to achieve this, as many have noted that an abuse@ style email address can easily get cloggged with a lot of spurious and irrelevant emails that wouldn't even qualify as "complaints".
Offering registrars and PP providers flexibility in how they collect such reports should be encouraged as it will lead to more efficient and responsive report handling

Regards

Michele

--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.co/
http://blog.blacknight.com/
http://www.technology.ie
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Twitter: http://twitter.com/mneylon
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland  Company No.: 370845

From:gnso-ppsai-pdp-wg-bounces at icann.org<mailto:gnso-ppsai-pdp-wg-bounces at icann.org> [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] On Behalf Of Marika Konings
Sent: Tuesday, June 10, 2014 8:51 AM
To: gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>
Subject: [Gnso-ppsai-pdp-wg] FW: Section 3.18 - Registrar's Abuse Contact and Duty to Investigate Reports of Abuse of the 2013 RAA

Dear All,

Please find below the feedback from ICANN Compliance in relation to provision 3.18 of the 2013 RAA.

Best regards,

Marika

+++++++++

Section 3.18, from a Compliance perspective, is going well.  While no major barriers have been identified that frustrate ensuring compliance with the 2013 RAA, Compliance has identified two main issues leading to some community uncertainty: understanding of registrar requirements of Section 3.18.1, and the expectations of complainants.

The areas requiring clarification by registrars are abuse contact posting requirements and investigating abuse complaints.  Registrars were not conspicuously posting an abuse email address as required by Section 3.18.1, either omitting any link or providing a web form instead.  Once abuse reports were received, registrars were not taking reasonable and prompt steps to investigate reports under 3.18.1.  Some registrars did not undertake any investigation, only performed a Whois inaccuracy investigation, or confused abuse reports submitted under 3.18.1 with the requirements of 3.18.2.  Other registrars claimed that abuse reports would only be reviewed under court order, which is not a requirement in the 2013 RAA.  These issues were resolved though the 1-2-3 notice process, with approximately 5 registrars requesting conference calls to discuss and clarify the requirements of Section 3.18.1.

To date, all complaints to ICANN under Section 3.18.1 have been resolved before the formal resolution process (breach).  The number of these complaints is decreasing as more registrars understand their obligations under the 2013 RAA. ICANN Compliance has not received any complaints under Section 3.18.2.

The other area of concern is the expectations of complainants.  This includes filing abuse complaints against registrars not under the 2013 RAA, or for non-abuse concerns (such as customer service complaints).  Additionally, complainants generally expect that a domain name subject to an an abuse complaint will be suspended or deleted.  While many registrars do suspend domains in response to abuse complaints, this is not required by the 2013 RAA.  The registrar must demonstrate to ICANN that it took reasonable and prompt steps to investigate and respond appropriately.  At a minimum this includes forwarding the complaint to the registrant, and other additional steps depending upon the circumstances. Because Compliance’s informal resolution process remains confidential, a registrar may provide ICANN with sufficient documentation to demonstrate compliance with Section 3.18.1 that cannot be shared with the complainant.  Several complainants have expressed frustration to ICANN regarding the inability to force suspension or cancellation of domains subject to abuse complaints, including those involving alleged illegal activity.

Adding an abuse report requirement to the P/P Accreditation Agreement may be beneficial, however the Working Group may want to consider providing additional guidance regarding the types of abuse complaints allowed and the types of actions P/P providers should take regarding abuse reports. The Working Group may also want to consider alternative abuse report options other than publishing an email address on a website (and in the Whois output) as registrars have expressed concern regarding increasing spam volumes for published email addresses.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20140610/570c7ecd/attachment-0001.html>