Input to Expert Working Group on gTLD Directory Services Comment to EWG's Status Update

[David Jaquette (LCA)]

Dear Mr. Baril:


Microsoft Corporation ("Microsoft") welcomes this opportunity to provide additional comments to the Expert Working Group on gTLD Directory Services ("EWG") regarding its Status Update Report of November 11, 2013.
In large part, the EWG has made commendable progress since its Initial Report.  The EWG has answered many of Microsoft's questions raised in its letter of September 6, 2013, including those relating to data validation and data availability.  However, Microsoft has several continuing concerns with the EWG's proposals that could greatly impact the efficacy of a next generation gTLD Registration Directory Service ("RDS"):


1)      API-Based Searches:  Microsoft relies heavily on API-based searches to effectuate its botnet and malicious website takedowns.  These automated searches allow Microsoft to identify criminal syndicates and hold them accountable for their criminal activities, as it recently did with the ZeroAccess botnet<http://www.microsoft.com/en-us/news/press/2013/dec13/12-05zeroaccessbotnetpr.aspx> takedown, which infected over 2 million computers worldwide.  Furthermore, these API-based searches assist in identifying domain names associated to trans-national organized crime networks involved in counterfeiting activities.



If Microsoft and criminal investigators lose the ability to run these automated API-based searches (e.g., by needing to manually justify each lookup), it would cripple current investigative techniques and allow criminals to escape accountability.  For this reason, Microsoft is encouraged that the EWG has listed as one of its Gated Access Principles that "[t]he RDS should accommodate automation for large-scale lookups for various use cases and purposes" (pg. 20), and we encourage the EWG to allow automated API-based searches in its Final Report without any obstacles for justified users.



2)      Reverse WHOIS Lookups:  Brand owners, including Microsoft, rely heavily on Reverse WHOIS lookups to investigate and pursue cybersquatters and infringers.  However, other than the reference to "reverse WHOIS" on page 53, the Status Report does not confirm that brand owners will be able to perform Reverse WHOIS lookups on certain data elements in the WHOIS information set.  For example, brand owners can currently look up all domain names associated with a registrant's e-mail address or name.  They can also order reports on a domain name's WHOIS history.  These reports allow brand owners to investigate the full scope of infringement and take action accordingly.  If cybersquatters and infringers find a way to shield their activities behind multiple Contact IDs, brand owners will need the ability to analyze overlapping data elements and WHOIS history.  At a time when cybersquatting and infringement is bound to increase, preserving these tools is of paramount importance.



3)      Privacy / Shield Reveal Requests:  While the EWG answered Microsoft's question about the process for submitting a reveal request, Microsoft disagrees with the EWG's recommendation that the proxy service provider assess whether a requester has articulated an "actionable" harm (pg. 40).  Determining whether something is "actionable" is necessarily a function of local law and could put the proxy service provider in the inappropriate position of making legal determinations.  Instead, the requester should simply be required to allege the legal basis for the reveal request along with a statement that the request is submitted in good faith.



4)      Accreditation Process / Purpose-Based Access:  Several of Microsoft's questions related to the RDS accreditation process and RDS lookup "purpose" have gone unanswered, though they remain vitally important.  In the EWG's next report, it should clarify the "legal action" and "abuse mitigation" categories of "purpose-based access", and explain that users are not required to take action on each and every lookup to remain a user in good standing.



5)      Expiration Dates:  The EWG did not recommend that a domain name's expiration date be included in the WHOIS data set.  This data point is common in WHOIS reporting today, as evidenced by the sample WHOIS report displayed on page 35 of the Status Update Report.  The expiration date allows companies to decide whether to take legal action in the case of infringement or, in cases of non-infringement, whether to acquire a domain name or wait for it to lapse.  Given the utility of this information and the minor burden on registrars to provide it, the EWG should make a domain name's expiration date available to all users.

Microsoft would like to reiterate its appreciation for the work of the EWG in tackling this complex subject.  If the EWG would like to schedule a call with a representative of Microsoft's Cybercrime Center to discuss any of the above in greater detail, please let us know.

Sincerely,

David Jaquette


[Description: MSFT_logo_Gray DE sized SIG1.png]

David Jaquette



Trademark Attorney
LCA - Legal and Corporate Affairs
Office:   (425) 722-3829
davidjaq at microsoft.com<mailto:davidjaq at microsoft.com>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/input-to-ewg/attachments/20140320/8fa11f73/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.jpg
Type: image/jpeg
Size: 1612 bytes
Desc: image003.jpg
URL: <http://mm.icann.org/pipermail/input-to-ewg/attachments/20140320/8fa11f73/image003.jpg>