[Gnso-ppsai-pdp-wg] What is content and what isn't

Metalitz, Steven met at msk.com
Wed Oct 29 14:19:03 UTC 2014

As this thread originated in a comment I made on yesterday's call, let me return to the only point I am trying to make.

Abuse comes in two flavors:  abuse that derives from registration of the domain name itself, and abuse that derives from how the domain name is used.

The first category (which happens to be the one that Phil Corwin wants to exclude from disclosure requirements, but that's a different thread) requires looking at the domain name itself.  The second category requires looking at the resource (such as but not necessarily limited to a website) associated with the domain name.  Websites engaged in counterfeiting and piracy fall in the second category; so do websites used for distribution of malware.  If you wish, you can call one of these content and the other something else, but they share the important characteristic that they require looking beyond the domain name to see the abuse.

One can complain all one wishes about "regulating content,"  but there are at least two problems with that.  First, one should hesitate to do so if one has signed the 2013 RAA, which requires one to "investigate and respond appropriately" to any report of "conduct involving use of a Registered Name sponsored by Registrar that is prohibited by applicable law."

Second, nobody in this WG is talking about "regulating content."  Quite the opposite: the very purpose of disclosure is to enable a complainant to go directly to a registrant, so that registrars (or hosting providers for that matter) don't have to step in and regulate.  If registrars wish to accept responsibility for the conduct by their registrants, then there would be no need to seek disclosure of the contact details of registrants who use a service provided by registrar to keep those details secret.  But as registrars do not wish to accept that responsibility, then a mechanism is needed to define when those details should be disclosed.

If you are still with me to this point, then we are (as Volker has put it) in the same postal code, and we can roll up our sleeves to try to define that mechanism as best we can.  If not, not.

Steve Metalitz

From: gnso-ppsai-pdp-wg-bounces at icann.org [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] On Behalf Of Don Blumenthal
Sent: Tuesday, October 28, 2014 12:26 PM
To: Michele Neylon - Blacknight; PPSAI
Subject: Re: [Gnso-ppsai-pdp-wg] What is content and what isn't


We've wandered into an area where the practical considerations for contracted parties and others in the infrastructure will be different from p/p providers. As for bit.ly, it would be covered by our policy but we would not act blindly.

To be accurate, we refer to registrars for action. They have the direct contractual relationships with registrants and are in a better position to investigate.

From: Michele Blacknight <michele at blacknight.com<mailto:michele at blacknight.com>>
Date: Tuesday, October 28, 2014 at 12:12 PM
To: Don Blumenthal <dblumenthal at pir.org<mailto:dblumenthal at pir.org>>, PPSAI <gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>>
Subject: RE: What is content and what isn't


I'm not sure what the sanest way of framing this is.

We'd see malware and phishing  as being network abuse issues and treat them accordingly.

While some registries may have provisions in their policies to deal with this, hosting providers, network providers and registrars may do so also.

However the problem arises when there is a question of "judgement".

But it's never that simple ..

For example this weekend bitly was flagged for malware by Google. Sure, some links on bitly might have led to malware, but pulling down the entire domain would have been a really really bad idea.



Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.press<http://www.blacknight.press/> for all our news & media
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland  Company No.: 370845

From: gnso-ppsai-pdp-wg-bounces at icann.org<mailto:gnso-ppsai-pdp-wg-bounces at icann.org> [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] On Behalf Of Don Blumenthal
Sent: Tuesday, October 28, 2014 4:07 PM
Subject: [Gnso-ppsai-pdp-wg] What is content and what isn't

Good afternoon,

My point about whether we need to definite content was based as I said on my experience with PIR. The considerations may be different in the context of p/p obligations and processes than they are for a contracted party when reviewing a complaint about a domain.

However, I focused on Steve's description of malware as a content issue. Our posted anti-abuse policy lists malware as something that could cause us to act against a domain. The basis is that it creates a threat to the security and stability of the Internet. Malware is not a content issue for purpose of our complaint analyses.

I may be forgetting a question. Let me know.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20141029/80dc69e6/attachment.html>

More information about the Gnso-ppsai-pdp-wg mailing list