[council] AGP Limits Policy - Status Report Inquiry

Alan Greenberg alan.greenberg at mcgill.ca
Fri Apr 2 23:02:55 UTC 2010

Chuck, if I am reading your message correctly (and specifically the 
part that says "then we expect them to be able to substantiate their 
claim and not just use one of the industry's hot buzz words and 
expect that we will grant the exemption"), this means that you are 
rejecting claims that simply cite "fraud", but that if a registrar 
were to make a claim with specific details indicating the particulars 
(on X date, we received Y registrations within a Z hour period all 
using different credit card numbers or whatever) and backing it up 
with records from their credit-card service, and perhaps a plan to 
avoid the problem in the future, you might treat it as an valid exception?


At 02/04/2010 06:10 PM, Gomes, Chuck wrote:
>I contacted Barbara Steele in our customer affairs office and she 
>shared the following.
>Given that there is a 10% deletion allowance, it is their opinion 
>that this should be adequate to address any issues that a registrar 
>is having with traditional fraud, i.e., stolen credit cards, 
>etc.  If they have deletes of more than 10% "due to fraud", then the 
>registrars experiencing this have bigger issues that they are not 
>addressing.  What we have found is that registrars would claim fraud 
>when submitting a request for an exemption and when we denied the 
>request indicating that we don't view fraud as an extraordinary 
>circumstance, the registrar's AGP deletion percentage would drop 
>down below the 10% threshold or they moved on to claims of 
>phishing.  We do want registrars to "do the right thing" and take 
>down domains that are being used for nefarious activity but if they 
>are exceeding the AGP threshold, then we expect them to be able to 
>substantiate their claim and not just use one of the industry's hot 
>buzz words and expect that we will grant the exemption.
>If fraud (and unsubstantiated phishing) were deemed to be valid 
>examples of extraordinary circumstances, then I think that ICANN 
>would find that their 'successful' policy is not so 'successful' 
>after all.  Even with the low number of exemption requests that we 
>receive each month, we spend a huge amount of time trying to 
>substantiate the claims and then getting the internal approvals of 
>our recommendations.  I have concerns that if "fraud" and "phishing" 
>become the "get out of jail" free card for submitting exemption 
>requests, then we will see more registrars exceeding the 10% 
>threshold and then submitting an exemption request for the domain 
>names over the threshold.  I don't think that VeriSign (or any other 
>registry) would want to hire the number of people that it would take 
>to process the increase in claims and I don't think that ICANN would 
>be very happy with the number of AGP deletes increasing.
>From: owner-council at gnso.icann.org 
>[mailto:owner-council at gnso.icann.org] On Behalf Of Mike Rodenbaugh
>Sent: Friday, April 02, 2010 3:48 PM
>To: 'Craig Schwartz'; 'GNSO Council'
>Subject: RE: [council] AGP Limits Policy - Status Report Inquiry
>Thanks Craig.
>I am curious to know from contract parties whether the fraud issue 
>is really a significant issue needed Council 
>consideration.  Otherwise, I think this issue can be closed and no 
>further reports are needed to the Council since the stats are 
>reported in the monthly registry reports anyway.
>Mike Rodenbaugh
>tel/fax:  +1 (415) 738-8087
>From: owner-council at gnso.icann.org 
>[mailto:owner-council at gnso.icann.org] On Behalf Of Craig Schwartz
>Sent: Friday, April 02, 2010 6:38 AM
>To: GNSO Council
>Subject: [council] AGP Limits Policy - Status Report Inquiry
>Dear Councilors,
>The AGP Limits Policy contains a provision that requires ICANN staff 
>to provide semi-annual updates to the GSNO on the implementation of 
>the Policy. To date ICANN has issued two reports, the first in June 
>2009 and the second in December 2009. With excessive AGP deletes 
>down by 99.7%, the Policy is achieving its desired outcome and this 
>was stated in the last report.
>Also noted in the last report were some registrar complaints about 
>exemptions requests that had been denied when the basis for the 
>request was fraud. From the 14 December 2009 report, ICANN noted: A 
>question the GNSO Council may wish to consider in the future is 
>whether modifications to the Policy are necessary and/or appropriate 
>given the results and community reaction to date. For example, 
>should the GNSO Council consider defining the terms "extraordinary 
>circumstances" or "reoccur regularly?" During the policy development 
>process on domain tasting some community members suggested that the 
>mitigation of instances of consumer fraud may be a legitimate use of 
>AGP deletes. Additionally, if a registrar proactively takes down 
>(i.e., deletes) domains that are known to propagate a fraudulent 
>activity such as phishing, should the registrar bear the cost if the 
>deletions cause the registrar to exceed the threshold defined in the Policy?
>Staff recommends that the GSNO consider whether further work is 
>needed in light of the fact that excessive AGP deletes are down by 
>99.7%.  Staff further recommends that the Council consider whether 
>semi-annual reports should be continued and if so, with what frequency?
>I'm happy to join the next GNSO call to discuss this and to answer 
>any questions you may have.
>Craig Schwartz
>Chief gTLD Registry Liaison
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/council/attachments/20100402/37ee72b7/attachment.html>

More information about the council mailing list