<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">I agree with Volker.<br>
Best,<br>
Kathy<br>
<br>
</div>
<blockquote cite="mid:5371E155.80602@key-systems.net" type="cite">
<div class="moz-cite-prefix">Hi John,<br>
<br>
this seems to be more of a jurisdictional problem than one of
the privacy service being in place. <br>
</div>
<blockquote
cite="mid:CADW+eusLGzTiF_OUPhT7ZkpGb-S66e4VLOdDPGgHV4hqRf9xxw@mail.gmail.com"
type="cite">
<div dir="ltr"><font color="#073763" face="arial, helvetica,
sans-serif">Being privacy protected, of course, we can’t
immediately tell who is operating the website. Can we get
law enforcement or courts in the registrar’s jurisdiction to
do anything –– e.g., go to the registrar and ask or require
them to reveal the identity of the registrant? No. Try to
buy a drug such as Xanax from this website. This Internet
pharmacy will ship anywhere in the world <u>except</u> to
Canada –– where its registrar and servers are located. To
protect its ability to sell drugs globally, the registrant
has sacrificed sales to a single country, and chosen a
registrar and servers there, to create a safe haven.
Consequently, Canadian law enforcement cannot point to a
violation of Canadian law: no drugs are being shipped into
Canada –– just everywhere else around the world. (Which, we
can infer, is why this registrant removed Canada from their
shipping destinations.) And, the reverse is true –– a court
order or law enforcement request from outside of Canada can
simply be ignored by the registrar and server companies in
Canada. Those who have argued that the best way to deal with
p/p use by illegal actors is simply to get a court order are
not accounting for this quite common scenario.</font></div>
</blockquote>
As you describe it, as no canadian laws are being broken, no
action can be taken. So how is this different from a site not
using privacy services operated openly by a canadian resident?
What would it help you to know who is operating the site if you
cannot get to him?<br>
What is the difference if the registrant operated an offline
mail-oder business from Canada instead?<br>
<blockquote
cite="mid:CADW+eusLGzTiF_OUPhT7ZkpGb-S66e4VLOdDPGgHV4hqRf9xxw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_default">
<div class="gmail_default"><font color="#073763"
face="arial, helvetica, sans-serif"><br>
</font></div>
<div class="gmail_default"><font color="#073763"
face="arial, helvetica, sans-serif">Being able to hide
their identity in the Whois record is also the perfect
set up for another reason: many registrars have said in
the past that they only way that they can (or perhaps,
will) take action on a domain name is if the Whois
record is falsified. But how would we know? It is
privacy protected. That removes the WDPRS as a mechanism
for dealing with abusive behavior. <br>
</font></div>
</div>
</div>
</blockquote>
<font color="#073763"><font face="arial, helvetica, sans-serif">As
registrar, it makes it easier to take action, because
incorrect whois is proven much more easily than illegal
action. But in the end, taking down questionable content using
whois complaints is not what the whois complaint system was
designed for. It is a crutch, in lieu of better tools, but
ultimately, it is abuse of a tool designed for better whois
quality. <br>
We have even seen whois complaints being sent against domain
names where the whois is correct. The complainant way be
thinking that if they complain often enough, one complaint may
be failed to be answered and therefore be cause for a
takedown. In te end, all that does is to slow down the
process.<br>
</font></font>
<blockquote
cite="mid:CADW+eusLGzTiF_OUPhT7ZkpGb-S66e4VLOdDPGgHV4hqRf9xxw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_default">
<div class="gmail_default"><font color="#073763"
face="arial, helvetica, sans-serif"><br>
</font></div>
<div class="gmail_default"><font color="#073763"
face="arial, helvetica, sans-serif">Does this commercial
registrant have a legitimate need for p/p services? I
would argue that that is not the question to be
answered.<b> The question is: Does a consumer, consumer
protection firm, government agency, etc. have the
right to know who is operating this website?</b> I
would submit to this group that it is incumbent upon us
to recommend a thoughtful, balanced policy that prevents
this sort of “perfect set up” for Internet criminals to
hide their identity as this one has. Keep in mind that,
as pointed out in the circulated paper, no such right
exists in the offline world –– rather, consumers have
the right to know who they are dealing with. Ample
requirements exist for business registrations to do
business transparently. There should be no difference in
the online world. <br>
</font></div>
</div>
</div>
</blockquote>
<font color="#073763"><font face="arial, helvetica, sans-serif">What
is the benefit of knowing the registrant if what he is doing
is not breaking any laws where he is situated?<br>
<br>
Also, the offline-online comparison is flawed: Offline, the
corresponding rules are made by the governments where the
service is being provided. They are called laws and
regulations. Online, the same applies. governments make the
laws for services operated under their jurisdiction. If I
operate a commercial (or oher) site in Germany, I have to have
an Impressum, i.e. a page stating who I am and how to reach
me. If Canada wanted such a law, they should enact it. If the
US wants Canada to enact such a law, they should engage in
diplomacy. In the end, it is not our role to make public
policy better relegated to the state level.<br>
<br>
</font></font>
<blockquote
cite="mid:CADW+eusLGzTiF_OUPhT7ZkpGb-S66e4VLOdDPGgHV4hqRf9xxw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_default">
<div class="gmail_default"><font color="#073763"
face="arial, helvetica, sans-serif">Finally, recall that
the Affirmation of Commitments (AoC) requires "timely,
unrestricted and public access to accurate and complete
WHOIS information." The AoC goes on to state that WHOIS
policy and its implementation needs to meet "the
legitimate needs of law enforcement and promote consumer
trust." I ask the group, is ICANN fulfilling its
commitment, not only to law enforcement but especially
to promote consumer trust, if it allows websites like
this to continue using p/p services?</font></div>
</div>
</div>
</blockquote>
<font color="#073763" face="arial, helvetica, sans-serif">Whois
privacy services provide "accurate and complete WHOIS
information"</font>, therefore I cannot see what you are
inferring. Law enforcement of appropriate jurisdiction can contact
the service provider and get the data, provided there is a legal
basis for that. <br>
<br>
Best,<br>
<br>
Volker<br>
<blockquote
cite="mid:CADW+eusLGzTiF_OUPhT7ZkpGb-S66e4VLOdDPGgHV4hqRf9xxw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra"><br>
<div class="gmail_quote">On Mon, May 12, 2014 at 11:40 PM,
Libby Baney <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:libby.baney@fwdstrategies.com"
target="_blank">libby.baney@fwdstrategies.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>
<div>All --</div>
<div><br>
</div>
<div>I appreciate the dialogue the group has begun
regarding WHOIS transparency for entities
engaged in commercial activity. With the hope of
encouraging discussion on the merits of the
issue, I am pleased to share the attached white
paper: <i><b>Commercial Use of Domain Names: An
Analysis of Multiple Jurisdictions. </b></i></div>
<div><br>
</div>
<div>As you'll see, the paper addresses the
following question: Should domain name
registrants who sell products or services on
their websites should be able to conceal their
identity and location in the domain name
registration? The paper argues that they should
not. Rather, the authors find that requiring
domain name registrants engaged in commercial
activity to provide transparent WHOIS
information falls squarely in line both with
ICANN’s commitment to Internet users and
existing global public policy to keep businesses
honest and consumers safe. Accordingly, the
paper recommends an approach that balances
personal privacy and consumer protection rights.
On the one hand, domain names used for
non-commercial purposes (e.g., personal blogs)
should, the authors believe, be permitted to
utilize privacy or proxy registration. This
reflects a fundamental right to privacy of
domain name registrants not engaged in commerce.
However, the authors do not believe the same
right exists for registrants of websites engaged
in commerce – a conclusion borne out by our
research. </div>
<div><br>
</div>
</div>
<div>It goes without saying that this group is
divided on the issue of requiring WHOIS
transparency for sites engaged in commercial
activity. As some in the PPSAI WG have commented,
these issues may be complicated but they
nonetheless merit our full consideration. We hope
the attached white paper stimulates further
thinking and group discussion on the issues. </div>
<div>
<div><br>
</div>
<div>I look forward to continuing the discussion
tomorrow.</div>
<div><br>
</div>
<div>Libby</div>
</div>
</div>
<div>
<div><br>
</div>
-- <br>
<div dir="ltr"><font face="trebuchet ms, sans-serif">Libby
Baney, JD</font>
<div> <font face="trebuchet ms, sans-serif">President</font></div>
<div><font face="trebuchet ms, sans-serif">FWD
Strategies International</font></div>
<div><font face="trebuchet ms, sans-serif"><a
moz-do-not-send="true"
href="http://www.fwdstrategies.com"
target="_blank">www.fwdstrategies.com</a></font></div>
<div> <font face="trebuchet ms, sans-serif">P: <a
moz-do-not-send="true"
href="tel:202-499-2296" value="+12024992296"
target="_blank">202-499-2296</a></font></div>
<div><br>
</div>
</div>
</div>
</div>
<br>
_______________________________________________<br>
Gnso-ppsai-pdp-wg mailing list<br>
<a moz-do-not-send="true"
href="mailto:Gnso-ppsai-pdp-wg@icann.org"
target="_blank">Gnso-ppsai-pdp-wg@icann.org</a><br>
<a moz-do-not-send="true"
href="https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg"
target="_blank">https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg</a><br>
</blockquote>
</div>
<br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Gnso-ppsai-pdp-wg mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Gnso-ppsai-pdp-wg@icann.org">Gnso-ppsai-pdp-wg@icann.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg</a></pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Gnso-ppsai-pdp-wg mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Gnso-ppsai-pdp-wg@icann.org">Gnso-ppsai-pdp-wg@icann.org</a>
<a class="moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg</a></pre>
</blockquote>
<br>
</body>
</html>