[gnso-rpm-wg] Draft Letter on UDRP & URS Utilization of WHOIS-Derived Registrant Data (was Response from the Co-Chairs RE: Proposal to Shift URS review to Phase II)
jonmat
jdm at riskiq.net
Fri Apr 27 21:20:46 UTC 2018
I haven't been following the list so apologize if this was addressed. When
personal data is transferred to the providers, will they have to promise
not to share it with the complainant? That doesn't work because the
complainant may need to see the verification response if its relevant
evidence or has a good basis to see it--whether to amend the complaint or
make a request to consolidate, for example. Therefore, there will be a
possible data transfer from the provider to the complainant that contracted
parties will need to make sure is made clear to the registrants. The data
will need to be protected by the complainant in the proceeding just like by
the provider.
Jonathan Matkowsky
On Fri, Apr 27, 2018 at 12:29 AM, Jeff Neuman <jeff.neuman at comlaude.com>
wrote:
> Phil,
>
> If as you say you cannot assume that all registrars will give dispute
> providers the data, then how can you just assume that registrars will not.
> As I said I am caucusing with the registrars now to get the group some
> data.
>
> Rather than crying wolf and sending a letter directly over the heads of
> the registrars to the CEO of ICANN, I am just advocating for some direct
> dialogue with the registrars. Let’s not always assume the worst, but rather
> talk to one another first.
>
> Jeff Neuman
>
> > On Apr 26, 2018, at 11:49 PM, Corwin, Philip <pcorwin at verisign.com>
> wrote:
> >
> > Jeff:
> >
> >
> >
> > While it is good that Com Laude will continue to provide registrant data
> to UDRP dispute providers, we cannot assume that every other registrar and
> registry will make the same decision in regard to GDPR compliance. We don't
> want to see this issue fall through the cracks, and Kathy and I wanted to
> follow through on the pledge we made to made in our email of April 6th -
> and now we have.
> >
> >
> >
> > Further, as the impact of GDPR has been cited as one rationale for
> postponing URS decisions to Phase II of our work, and as we will be
> discussing that proposal on the next WG call, it seemed useful to ask staff
> to aggregate all the relevant UDRP and URS document sections that reference
> WHOIS and related matters to have a better informed conversation.
> >
> >
> >
> > I don't view this as a side issue nor do I share your concern that it
> will have an adverse effect on our other work. Kathy and I have done the
> heavy lifting here, and staff prepared material that is useful in another
> context. This can be readily and quickly resolved on the email list and
> members can suggest edits, and also opine on whether they think the letter
> should be transmitted. There's no reason this matter can't be resolved
> before our next call.
> >
> >
> >
> > Meanwhile, we have made rapid progress on URS matters through judicious
> use of sub-teams, and are in position to send out compressive questions
> next week to practitioners and providers, and to receive their responses
> in time to have well-informed discussions just prior to and in Panama --
> all prior to receipt of answers to the survey questions on TMCH, Trademark
> Claims, and Sunrise which are expected back in July. We are operating
> efficiently and are on schedule.
> >
> >
> >
> > I hope that addresses your concern.
> >
> >
> >
> > Philip
> >
> >
> >
> > Philip S. Corwin
> >
> > Policy Counsel
> >
> > VeriSign, Inc.
> >
> > 12061 Bluemont Way
> > Reston, VA 20190
> >
> > 703-948-4648/Direct
> >
> > 571-342-7489/Cell
> >
> >
> >
> > "Luck is the residue of design" -- Branch Rickey
> >
> >
> >
> > From: Jeff Neuman [mailto:jeff.neuman at comlaude.com]
> > Sent: Thursday, April 26, 2018 6:25 PM
> > To: Corwin, Philip <pcorwin at verisign.com>
> > Cc: gnso-rpm-wg at icann.org
> > Subject: [EXTERNAL] RE: Draft Letter on UDRP & URS Utilization of
> WHOIS-Derived Registrant Data (was Response from the Co-Chairs RE: Proposal
> to Shift URS review to Phase II)
> >
> >
> >
> > Phil,
> >
> >
> >
> > Has anyone asked the registries/registrars whether they would continue
> to provide the Dispute Resolution Providers with WHOIS information needed
> for the implementation of the URS/UDRP. I have not heard any registries or
> registrars say that they would cease to provide that information? In fact,
> I have heard the opposite from a number of them (including us - Com
> Laude). Providing information to dispute providers for the purpose of the
> implementation of UDRP / URS does fall under a couple of the GDPR
> exceptions.
> >
> >
> >
> > It seems to me that we may be spending a lot of time on a letter when
> registries and registrars would likely provide that information after the
> filing of an applicable dispute. We should be focusing on getting the work
> done we have before us rather than delving into these side issues.
> >
> >
> >
> > I will also being this issue up in the registrars SG to confirm what I
> have been hearing.
> >
> >
> >
> > Jeffrey J. Neuman
> >
> > Senior Vice President |Valideus USA | Com Laude USA
> >
> > 1751 Pinnacle Drive, Suite 600
> >
> > Mclean, VA 22102, United States
> >
> > E: jeff.neuman at valideus.com or jeff.neuman at comlaude.com
> >
> > T: +1.703.635.7514
> >
> > M: +1.202.549.5079
> >
> > @Jintlaw
> >
> >
> >
> > From: gnso-rpm-wg <gnso-rpm-wg-bounces at icann.org> On Behalf Of Corwin,
> Philip via gnso-rpm-wg
> > Sent: Thursday, April 26, 2018 8:58 PM
> > To: gnso-rpm-wg at icann.org
> > Subject: [gnso-rpm-wg] Draft Letter on UDRP & URS Utilization of
> WHOIS-Derived Registrant Data (was Response from the Co-Chairs RE: Proposal
> to Shift URS review to Phase II)
> > Importance: High
> >
> >
> >
> > WG members:
> >
> >
> >
> > Following up on the co-chairs email of April 6th, in which we stated--
> >
> > In regard to the ability of URS and UDRP providers to continue to have
> access to the data elements necessary to fulfill their dispute resolution
> provider (DRP) roles, it is our intent to prepare a draft letter to ICANN's
> CEO noting that such continued access for DRPs is essential to maintaining
> these non-judicial alternatives for addressing trademark infringement in
> the DNS, and requesting that ICANN raise this important matter in its
> continuing discussions with EU Data Protection Authorities. We will work
> with staff to prepare this draft letter and then share it with WG members
> for review and comment, after which we will coordinate with Council
> Leadership and the WG Liaison regarding transmission of a final text to
> ICANN management. -
> >
> >
> >
> > Kathy and I have now prepared a draft letter to the GNSO Council, for
> transmission onward to ICANN management and other parties, for your
> review. It addresses the subject of the relationship of UDRP and URS
> administration based upon registrant data obtained from WHOIS records. In
> preparing this letter we relied extensively on the attached listing of UDRP
> Policy and Rules and URS Rules and Procedure that mention or are related to
> registrant data and WHOIS.
> >
> >
> >
> > Please review this attached letter at your earliest opportunity and post
> any suggested revisions or additions to the WG email list. As initiation of
> GDPR enforcement is now less than one month away time is of the essence in
> transmitting this information.
> >
> >
> >
> > Thank you and best regards,
> >
> > Philip & Kathy
> >
> >
> >
> >
> >
> > Philip S. Corwin
> >
> > Policy Counsel
> >
> > VeriSign, Inc.
> >
> > 12061 Bluemont Way
> > Reston, VA 20190
> >
> > 703-948-4648/Direct
> >
> > 571-342-7489/Cell
> >
> >
> >
> > "Luck is the residue of design" -- Branch Rickey
> >
> >
> >
> > From: Corwin, Philip
> > Sent: Friday, April 06, 2018 11:03 AM
> > To: 'john.mcelwaine at nelsonmullins.com' <john.mcelwaine at nelsonmullins.com>;
> 'gnso-rpm-wg at icann.org' <gnso-rpm-wg at icann.org>
> > Subject: Response from the Co-Chairs RE: Proposal to Shift URS review to
> Phase II
> >
> >
> >
> > Dear John:
> >
> >
> >
> > Thank you for your submission regarding a variety of proposed changes to
> this Working Group's Charter. Our understanding from discussions with staff
> is that, while there is no set requirement for the level of support within
> a WG required to request that GNSO Council consider a Charter revision,
> such revisions are relatively rare and have in the past been supported by a
> substantial majority of WG members in the absence of significant opposition
> prior to transmission to Council for its consideration.
> >
> >
> >
> > We therefore strongly encourage all WG members to carefully review your
> proposal and, regardless of whether one supports or opposes it, to provide
> some feedback to the full WG email list so that we can begin to gauge
> overall support. Such email discussion can be preliminary to a full WG oral
> discussion on a call sometime in late April or early May, if there are
> indications of substantial support within the WG and a desire to engage in
> further discussion. The full WG will resume its regular Wednesday calls by
> mid-April (we anticipate April 18), after the URS Documents, Practitioners
> and Providers sub-teams have completed their current work.
> >
> >
> >
> > We also note that your proposal raises multiple issues, including:
> >
> > * Amendment of the WG Charter to move the URS review and
> recommendations to Phase II
> > * Amendment of the WG Charter to define issues that must, may, and
> may not be addressed
> > * Adjustment of the WG Charter to provide additional guidance on the
> scope of URS and UDRP Review
> > * Adjustment of the WG leadership structure for Phase II
> > * Potential pause in the start of Phase II keyed to GDPR impact
> understanding
> >
> >
> >
> > These are all major issues and we encourage WG members to comment on all
> of them.
> >
> >
> >
> > Finally, regardless of whether there is substantial support within the
> WG for any of the elements of your proposal, we agree that the impending
> enforcement of GDPR raises substantial WHOIS data access issues for
> trademark owners and for URS and UDRP dispute resolution providers. The
> issues for trademark owners are currently being discussed within the full
> ICANN community regarding interim and final compliance models, the latter
> involving accreditation and tiered data access.
> >
> >
> >
> > In regard to the ability of URS and UDRP providers to continue to have
> access to the data elements necessary to fulfill their dispute resolution
> provider (DRP) roles, it is our intent to prepare a draft letter to ICANN's
> CEO noting that such continued access for DRPs is essential to maintaining
> these non-judicial alternatives for addressing trademark infringement in
> the DNS, and requesting that ICANN raise this important matter in its
> continuing discussions with EU Data Protection Authorities. We will work
> with staff to prepare this draft letter and then share it with WG members
> for review and comment, after which we will coordinate with Council
> Leadership and the WG Liaison regarding transmission of a final text to
> ICANN management.
> >
> >
> >
> > Best regards,
> >
> > Philip & Kathy
> >
> >
> >
> >
> >
> >
> >
> > Philip S. Corwin
> >
> > Policy Counsel
> >
> > VeriSign, Inc.
> >
> > 12061 Bluemont Way
> > Reston, VA 20190
> >
> > 703-948-4648/Direct
> >
> > 571-342-7489/Cell
> >
> >
> >
> > "Luck is the residue of design" -- Branch Rickey
> >
> >
> >
> > From: gnso-rpm-wg [mailto:gnso-rpm-wg-bounces at icann.org] On Behalf Of
> John McElwaine
> > Sent: Thursday, April 05, 2018 9:55 PM
> > To: gnso-rpm-wg <gnso-rpm-wg at icann.org>
> > Subject: [EXTERNAL] [gnso-rpm-wg] Proposal to Shift URS review to Phase
> II
> >
> >
> >
> > Dear RPM Working Group:
> >
> >
> >
> > In our meeting in San Juan, Puerto Rico, I raised the issue of moving
> the work set forth in this Working Group's charter relating to the URS to
> Phase II. The Chairs asked that I put something in writing detailing the
> specific recommendation and reasoning, which I present below and have also
> attached hereto in a Word document for your review and consideration.
> >
> >
> >
> > Kind regards,
> >
> >
> >
> > John
> >
> >
> >
> > Proposal to Shift URS from Phase I to Phase II:
> >
> >
> >
> > 1. On 15 December 2011, the GNSO Council requested that eighteen (18)
> months after the launch of the New gTLD Program ICANN staff prepare and
> publish an Issue Report on the state of all rights protection mechanisms
> implemented for both existing and new gTLDs, including but not limited to
> the UDRP and URS. The Council subsequently agreed to extend the timeline
> for a report by a further six (6) months.
> >
> >
> >
> > 2. On 9 October 2015, a Preliminary Issues Report was published
> discussing the scope of this potential PDP and outlining three possible
> options for moving forward. The third option ultimately was elected at
> that time:
> >
> >
> >
> > The "third option would be to conduct a policy review of all the RPMs in
> two phases, with the initial phase being a review only of the RPMs
> developed for the New gTLD Program. . . . The second, subsequent phase of
> work would be a review of the UDRP, based on the concerns specific to its
> scope that were raised in the 2011 GNSO Issue Report and any additional
> relevant topics derived from the first phase of work concerning the RPMs
> developed for the New gTLD Program."
> >
> >
> >
> > 3. On 15 March 2016, the two phase approach was approved in the
> Charter for the Review of all Rights Protection Mechanisms (RPMs) in all
> gTLDs PDP Working Group ("RPM Working Group"). Phase One was to focus on a
> review of all the RPMs that were developed for the New gTLD Program, and
> Phase Two will focus on a review of the UDRP.
> >
> >
> >
> > 4. The Objective & Goals in the PDP's Charter were to examine (i) the
> RPMs effectiveness, (ii) whether the RPMs collectively fulfil their
> purposes, and (iii) whether additional policy specific recommendations are
> needed, including to clarify and unify the policy goals. RPM Working Group
> Charter, at p. 3. The Objectives & Goals in the PDP's Charter were broadly
> defined:
> >
> >
> >
> > "In addition to an assessment of the effectiveness of each RPM, the PDP
> Working Group is expected to consider, at the appropriate stage of its
> work, the overarching issue as to whether or not all the RPMs collectively
> fulfill the purposes for which they were created, or whether additional
> policy recommendations are needed, including to clarify and unify the
> policy goals. If such additional policy recommendations are needed, the
> Working Group is expected to develop recommendations to address the
> specific issues identified. The Working Group is also directed to bear in
> mind that a fundamental underlying intention of conducting a review of all
> RPMs in all gTLDs is to create a framework for consistent and uniform
> reviews of these mechanisms in the future."
> >
> >
> >
> > 5. However, the RPM Working Group Charter also contains a lengthy
> attachment entitled "LIST OF POTENTIAL ISSUES FOR CONSIDERATION IN THIS
> PDP" This "list was derived from various community suggestions in different
> forums, they are not listed in any particular order of importance nor has
> staff attempted to analyze the merits, relevance or significance of each
> issue". This list contains topics that are out of scope when compared with
> the Objectives and Goals, including:
> >
> >
> >
> > 1. Are generic dictionary words being adequately protected so that
> they are available for all to use as allowed under their national laws and
> international treaties? E.g. sun, window
> > 2. Should monetary damages be awarded?
> > 3. Are last names and geographic places adequately protected so that
> they are available for all to use as allowed under their national laws,
> e.g, Smith, McDonald, Capitol Hill Cafe, Old Town Deli?
> > 4. Should injunctive relief be available?
> > 5. Now that Reverse Domain Name Hijacking is a regular finding of
> UDRP panels, indicating that domain name registrants are being abused by
> complaints brought against them in the UDRP process, what penalties and
> sanctions should be imposed on Complainants found to be reverse domain name
> hijackers? How can those penalties and sanctions be aligned so as to be
> fair, as compared to the loss of a domain name taken from a registrant
> found to be a "cybersquatter"?
> >
> >
> >
> > 6. Issues from this list and other new out of scope issues,
> complaints and modifications are causing the work of the RPM Working Group
> to slow and are polarizing the members; thus, harming the ability to
> achieve consensus in the Working Group. As recommend by the PDP breakout
> group and discussed by the Community in attendance at the Sunday gNSO
> Working Session in San Juan, it would be particularly useful if working
> group charters would:
> >
> >
> >
> > 1. Define clearly what success for the proposed working group "should
> look like". (K. Kleiman reporting on breakout session, Transcript ICANN61
> San Juan GNSO Working Session Part 2 Sunday, 11 March 2018 at 10:30 AS
> ("Transcript") at p. 5).
> > 2. Define topics or issues that must be addressed, may be addressed
> and may not be addressed. (Transcript at p. 4).
> > 3. Have "more defined issues, [be] more bounded, more limited."
> (Transcript at p. 5).
> > 4. Have a narrower scope and be broken up into separate projects.
> (Transcript at p. 5).
> > 5. Having a charter drafting team that "that are experts, and that
> might mean a legal expert, but we should also have people that have
> experience, practical experience." (S. DelBianco reporting on breakout
> session, Transcript at p. 5).
> >
> >
> >
> > 7. The Trademark Clearinghouse, Sunrise and Trademark Claims Notices
> are RPMs relating to the registration process of domain names in the new
> gTLDs. The URS is more akin to the UDRP, and like the UDRP is a mandatory
> dispute resolution proceeding to recover a domain name that has been
> clearly registered in bad faith. Since the URS is intended to be
> complementary of the UDRP and will have similar issues it would be more
> efficient to address these RPMs in a more cohesive manner.
> >
> >
> >
> > 8. With respect to the URS and UDRP, The European Parliament, the
> Council of the European Union, and the European Commission have enacted a
> new data privacy regulation in 2016 entitled the General Data Protection
> Regulation (GDPR) that will likely adversely impact the ability of the URS
> and UDRP to function as these policies are currently implemented. The new
> regulation is scheduled to take effect on May 25, 2018. Among other ways,
> GDRP may adversely impact the URS and the UDRP by:
> >
> >
> >
> > 1. Procedure for UDRP/URS:
> >
> > 1. Possibility that Providers cannot serve the UDRP/URS Complaint if
> an email address cannot be obtained.
> > 2. Possibility that the Language of the URS proceeding cannot be
> determined.
> >
> > 2. Procedure for URS:
> >
> > 1. Possibility that the URS provider cannot translate the notice of
> URS complaint into the predominant language used in the Registrant's
> country or territory.
> > 2. Possibility that URS complainants cannot know the language of a
> possible response.
> > 3. Possibility that URS complainants do not know whether the URS
> complaint was translated into the correct language(s) and that proceedings
> were administered correctly.
> >
> > 3. UDRP Element 2 / URS:
> >
> > 1. Cannot argue that the registrant is not commonly known by the
> Domain Name at issue.
> > 2. Cannot determine if the registrant has been authorized by the
> Trademark holder.
> > 3. Cannot determine if the registrant is an authorized reseller of
> the Trademark holder's product.
> > 4. Cannot determine on what date the domain name was "registered" by
> the current domain name holder if it was transferred to this current domain
> name holder. (requires being able to see the WhoIs history). This could
> prevent baseless claims from being filed.
> >
> > 4. UDRP Element 3:
> >
> > 1. Cannot determine if registrant has engaged in a pattern of bad
> faith registrations. Rule 4(b)(ii).
> > 2. Cannot determine if registrant has been found to engage other
> unlawful actions, such as malware, phishing or scams.
> > 3. Cannot determine if the registrant is in a particular geographic
> region to be better assess the possibility of legitimate co-existence (thus
> possibly even foregoing the filing of a case, and response, in the first
> place).
> > 4. Cannot determine if the registrant is technically a "competitor"
> that has registered the Domain Name for the purpose of disrupting the
> business of the Complainant. Rule 4(b)(iii).
> >
> >
> >
> > 9. Due to GDPR compliance issues, ICANN org is considering
> substantial changes to WhoIs, and has published an Interim Model for GDPR
> Compliance, e.g. "The CookBook" which proposes to significantly limit the
> public display of WhoIs data after May 25, 2018." see:
> https://www.icann.org/en/system/files/files/gdpr-compliance-interim-model-
> 08mar18-en.pdf. Aggressive current timelines for tiered access to WhoIs
> data that might provide some fix for the above issues is December 2018.
> There is no question that GDPR will require policy consideration relating
> to the URS and UDRP that cannot be predicted and analyzed at this time.
> >
> >
> >
> > Recommendation:
> >
> >
> >
> > 1. The RPM Working Group finishes its already well-advanced work
> and issues an Initial Report on the PDDRP, Trademark Clearinghouse,
> Sunrise, and Trademark Claims Notices for public comment.
> >
> > 2. After comments have been analyzed for those elements, that the
> RPM Working Group finishes its work and issues its Final Report on the
> PDDRP, Trademark Clearinghouse, Sunrise, and Trademark Claims Notices.
> >
> > 3. The RPM Working Group issues a request through its Appointed
> Working Group Liaison to the GNSO Council to amend the RPM Working Group
> Charter as follows:
> >
> > 1. shift the work related to the URS to Phase II and, if necessary,
> pause starting Phase II until after the permanent impacts of GDPR on the
> URS and UDRP are known;
> >
> > 2. provide clear guidance to the WG on the issues that (i) must be
> addressed, (ii) may be addressed, and (iii) may not be addressed;
> >
> > 3. provide clear guidance on the scope of the review of the URS and
> UDRP.
> >
> >
> >
> > Although a separate issue from this proposal, it is also recommended
> that Phase II Working Group has one chairperson with appropriate neutrality
> and experience in PDP consensus building and parliamentary procedures.
> Assistance to the chair can be provided by utilizing vice-chairs and
> well-structured sub-teams.
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > JOHN C. MCELWAINE PARTNER
> >
> > john.mcelwaine at nelsonmullins.com
> >
> > LIBERTY CENTER | SUITE 600
> >
> > 151 MEETING STREET | CHARLESTON, SC 29401
> >
> > T 843.534.4302 F 843.722.8700
> >
> >
> >
> > 101 CONSTITUTION AVENUE, NW | SUITE 900
> >
> > WASHINGTON, D.C., 20001
> >
> > T 202.689.2939 F 202.689.2862
> >
> >
> >
> > NELSONMULLINS.COM VCARD VIEW BIO
> >
> >
> >
> >
> >
> > Confidentiality Notice
> >
> > This message is intended exclusively for the individual or entity to
> which it is addressed. This communication may contain information that is
> proprietary, privileged, confidential or otherwise legally exempt from
> disclosure.
> >
> > If you are not the named addressee, you are not authorized to read,
> print, retain, copy or disseminate this message or any part of it. If you
> have received this message in error, please notify the sender immediately
> either by phone (800-237-2000) or reply to this e-mail and delete all
> copies of this message.
> >
> _______________________________________________
> gnso-rpm-wg mailing list
> gnso-rpm-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rpm-wg
>
--
*******************************************************************
This
message was sent from RiskIQ, and is intended only for the designated
recipient(s). It may contain confidential or proprietary information and
may be subject to confidentiality protections. If you are not a designated
recipient, you may not review, copy or distribute this message. If you
receive this in error, please notify the sender by reply e-mail and delete
this message. Thank you.
*******************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rpm-wg/attachments/20180427/b47085d2/attachment-0001.html>
More information about the gnso-rpm-wg
mailing list