[Gnso-ppsai-pdp-wg] Proposal contactability

Graeme Bunton gbunton at tucows.com
Tue Aug 19 02:19:46 UTC 2014 

First off, this has been an excellent discussion.  Thanks again to 
Volker for giving us something to focus on.
A couple of my own thoughts below:

- In regards to the accurate and reliable below, I believe what Volker 
is saying is that under the 2013 RAA we know that either phone or email 
for a registrant is going to be verified.  As such the service provider 
will have some record that either is reliable. This doesn't necessarily 
mean (at least, until we've settled this discussion) that it's 
accessible to 3rd parties.

- I'm interested in James'  idea of the reporters having to identify 
themselves when submitting a request.  It gives the service provider 
greater insight into the system, allows for the mitigation of abuse,  
and could provide the submitter with information on when their requests 
were submitted, possibly including successful delivery.  Submitters in 
any relay scenario are not anonymous, as even full and automatic email 
relay could log sending email address, ip etc. This seems like it might 
increase accountability on both sides.

- Lastly, I think it's worth pointing out that legal claims have been, 
and continue to be used (and abused) as a method of curtailing free 
speech.  There are numerous cases of the DMCA being used as such, which 
is why organizations like chillingeffects.org exist.  I know of hosting 
providers receiving hundreds of thousands of spurious, generated 
complaints. We need to be able to deal with such scenarios.

Thanks

Graeme



On 8/18/2014 2:29 PM, Susan Kawaguchi wrote:
> Hi Volker,
>
> Please see my comments in red.
>
> I do appreciate the discussion.
>
> Susan Kawaguchi
>
> Domain Name Manager
>
> Facebook Legal Dept.
>
> Phone - 650 485-6064
>
>
> From: Volker Greimann <vgreimann at key-systems.net 
> <mailto:vgreimann at key-systems.net>>
> Date: Monday, August 18, 2014 at 10:27 AM
> To: Susan Kawaguchi <susank at fb.com <mailto:susank at fb.com>>, "Williams, 
> Todd" <Todd.Williams at turner.com <mailto:Todd.Williams at turner.com>>, 
> "James M. Bladel" <jbladel at godaddy.com <mailto:jbladel at godaddy.com>>, 
> "gnso-ppsai-pdp-wg at icann.org <mailto:gnso-ppsai-pdp-wg at icann.org>" 
> <gnso-ppsai-pdp-wg at icann.org <mailto:gnso-ppsai-pdp-wg at icann.org>>
> Subject: Re: [Gnso-ppsai-pdp-wg] Proposal contactability
>
> Hi Susan,
>
> I do not see it as necessarily as a different treatment. The 
> registrant is still required to provide accurate and reliable contact 
> details, these details are just not published. Just in the same way I 
> can have a functioning email address but route undesired mails to the 
> trashcan automatically prior to retrieving the mails, so can other 
> automated or manual means be employed to filter undesired 
> communications. A privacy service is just another of those means.
>
> If a proxy service provides an email address in the WHOIS record but 
> nothing is relayed or only emails that hit a very narrow criteria 
> beyond the spam filters that would not equate to reliable contact 
> details in my opinion.
>
> Can the data the registrant be provided be relied upon? Of course, 
> since the service provider needs to be able to contact them. In case 
> of a full or partial reveal, the data will be revealed as reliable. 
> Accurate and reliable date does not suddenly become unreliable data by 
> the mere fact that it is hidden. The data is just as reliable or 
> unreliable whether it is public or hidden.
> Actually this is not my experience at all that the data provided by 
> the underlying registrant is reliable.  The information is often times 
> inaccurate I would guess at the same inaccuracy rates of regular 
> domain name registrations.  This may have changed recently with the 
> validation process and people becoming more aware of the need to have 
> accurate data but I do not think we could assume the information is 
> accurate. I do find the proxy service information to be accurate.
> If I as a registrant wanted to build my details in a way that any mail 
> sent to me would be met with an automated responder that instructs the 
> sender to fill in a webform, that would be perfectly fine. Sure, I 
> cannot be reached through that address, but I can be contacted. Why 
> should privacy services be different?
>
> At least if you sent an email to admin email address and received an 
> auto response that may act as confirmation of the email being 
> received.  A proxy vendor refusing to accept email as required by the 
> RAA and requiring a web form be filled out is changing the purposes 
> imposed by the RAA.
>
> Best,
>
> Volker
>
> Am 18.08.2014 18:24, schrieb Susan Kawaguchi:
>>
>> What I do not understand is why a proxy registration should be 
>> treated so differently than the other 75% of gTld domain name 
>> registrations?
>>
>> In the 2013 RAA section 3.7.7.1 it states the following:
>>
>> 3.7.7.1 The Registered Name Holder shall provide to Registraraccurate 
>> and reliable contact details and correct and update them within seven 
>> (7) days of any change during the term of the Registered Name 
>> registration, including: the full name, postal address, e-mail 
>> address, voice telephone number, and fax number if available of the 
>> Registered Name Holder; name of authorized person for contact 
>> purposes in the case of an Registered Name Holder that is an 
>> organization, association, or corporation; and the data elements 
>> listed in Subsections 3.3.1.2, 3.3.1.7 and 3.3.1.8.
>>
>> Creating a new method of contacting the registered name holder and 
>> underlying licensee or not relaying communications via email or to 
>> the postal address does not appear to fulfill the requirement of 
>> "accurate and reliable contact details"
>>
>> A proxy registration information may be accurate but currently the 
>> information fails as reliable contact details.
>>
>> Requiring a webform be filled out and submitted to contact the 
>> Registered name holder and underlying licensee when the other 75% of 
>> gTld domain name registrations are required to have a reliable email 
>> address and postal address sets the proxy registrations apart.  The 
>> webform is not listed as a requirement in section 3. 7.7.1.    Why 
>> would we afford this special treatment to the proxy registrations?
>>
>> I realize the service has developed in this manner but it is also the 
>> reason we are continuing to discuss this issue.
>>
>> Susan Kawaguchi
>>
>> Domain Name Manager
>>
>> Facebook Legal Dept.
>>
>> Phone - 650 485-6064
>>
>>
>> From: <Williams>, Todd <Todd.Williams at turner.com 
>> <mailto:Todd.Williams at turner.com>>
>> Date: Monday, August 18, 2014 at 8:19 AM
>> To: "James M. Bladel" <jbladel at godaddy.com 
>> <mailto:jbladel at godaddy.com>>, Volker Greimann 
>> <vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>>, 
>> "gnso-ppsai-pdp-wg at icann.org <mailto:gnso-ppsai-pdp-wg at icann.org>" 
>> <gnso-ppsai-pdp-wg at icann.org <mailto:gnso-ppsai-pdp-wg at icann.org>>
>> Subject: Re: [Gnso-ppsai-pdp-wg] Proposal contactability
>>
>> Thanks James.  Quick question: if, as you note, most of your P/P 
>> customers engage the service to avoid being spammed -- why is that 
>> objective/purpose not sufficiently protected by a standard that says 
>> "A provider must relay all electronic requests received (including 
>> emails and via web forms), but may implement commercially reasonable 
>> safeguards (including CAPTCHA) to filter out spam."?
>>
>> By asking the question I don't necessarily mean to make a judgment on 
>> your "access whitelist" idea.  I'm just not sure I understand its 
>> utility on this specific question (relay), where a means to address 
>> the problem that it is trying to solve (i.e., spam) appears to have 
>> already been baked in.
>>
>> Thanks
>>
>>
>> TW.
>>
>> *From:*gnso-ppsai-pdp-wg-bounces at icann.org 
>> <mailto:gnso-ppsai-pdp-wg-bounces at icann.org> 
>> [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] *On Behalf Of *James M. 
>> Bladel
>> *Sent:* Sunday, August 17, 2014 6:23 PM
>> *To:* Volker Greimann; gnso <mailto:gnso-ppsai-pdp-wg at icann.org>(most 
>> of our P/P customers engage the service to avoid being spammed).
>>
>> *Subject:* Re: [Gnso-ppsai-pdp-wg] Proposal contactability
>>
>> Thanks to Volker for getting this conversation started.  I also share 
>> the belief that we should define a system that assures reporters 
>> their claims will be relayed by P/P services.  However, I disagree on 
>> some key points raised by Volker and others.
>>
>> First, I do not believe there should be any attempt to filter 
>> submitted reports based on content.  That approach does not scale, 
>> and simply results in an arms race where would-be spammers attempt to 
>> circumvent the filters.  Also, I do not believe P/P services should 
>> relay ---all---reports.  This treats the P/P email point of contact 
>> as an email "alias" for the beneficial user's real address, and 
>> completely defeats the purpose of the service
>>
>> I favor an approach that is modeled after ICANN's Invalid WHOIS 
>> Reporting System, and one that many Registrars have implemented to 
>> guard against WHOIS harvesting -- an access whitelist.  Speaking 
>> generally, such a system would require reporters to identify 
>> themselves when submitting a claim for relay.  Is reporter should 
>> also have to designate the email address from which relay claims will 
>> originate, and the service provider agrees to honor relay request 
>> from that Address without discriminating on its content.  The P/P 
>> service provider can then monitor the use of the relay system by each 
>> reporter, and suspend or terminate access for any reporter that is 
>> found to be abusing the system.
>>
>> If this sounds familiar, it is blatantly copied from the EWG's 
>> proposed RDS concept. I think this idea has merit, and regardless of 
>> what happens to the rest of the EWG's recommendations, we should 
>> consider opportunities to implement this proposal in existing contexts.
>>
>> Look forward to continuing our discussions on this point on Tuesday.
>>
>> Thanks---
>>
>> J.
>>
>> *From: *Volker Greimann <vgreimann at key-systems.net 
>> <mailto:vgreimann at key-systems.net>>
>> *Date: *Wednesday, August 13, 2014 at 4:27
>> *To: *"gnso-ppsai-pdp-wg at icann.org 
>> <mailto:gnso-ppsai-pdp-wg at icann.org>" <gnso-ppsai-pdp-wg at icann.org 
>> <mailto:gnso-ppsai-pdp-wg at icann.org>>
>> *Subject: *[Gnso-ppsai-pdp-wg] Proposal contactability
>>
>> As Susan and Steve have repeatedly asked what my proposal would be to 
>> ensure contactability of the beneficial owner/registrant.
>>
>> As a basis, a spec derivative of the WAP spec to the RAA would have 
>> to be developed. I took the liberty of modifying the WAP for this 
>> purpose as a basis for discussion.
>> This would bring the obligation of the privacy service provider to 
>> validate and verify the contact details to the same level of that of 
>> the registrar, thus ensuring the Service Provider has either accurate 
>> details or a duty to verify and validate.
>>
>> Now, I would agree that some level of a contactibility guarantee is 
>> warranted. This could be something to this tune, as a basis for 
>> discussion:
>>
>> /"Service Provider are required provide a means for third parties to 
>> directly or indirectly communicate with the Beneficial Owner. Such 
>> means may include any of the following:
>> a) providing a postal mail forwarding address
>> b) providing a collective email point of contact for all domain names 
>> under the Service (such as abuse at service.provider 
>> <mailto:abuse at service.provider>)
>> c) providing an individual email point of contact for each domain 
>> name under the Service (such as string at domain.name 
>> <mailto:string at domain.name> or domain.name at service.provider 
>> <mailto:domain.name at service.provider>)
>> ...
>> ...
>>
>> Service Provider must inform potential complainants about the 
>> accepted means of communication on its website. Service provider may 
>> refuse to forward, process or even accept communications sent by a 
>> non-accepted means of communication. In case forwarding of postal 
>> communications is offered, Service Provider may charge complainant 
>> reasonable handling fees and costs for the forwarding service and 
>> defer the forwarding of communications until payment is received.
>>
>> Service Provider may refuse to forward spam, duplicate messages, 
>> purchase or business inquiries, harrassing communications, anonymous 
>> communications and/or unwanted communications. Service Provider is 
>> authorized to update or modify the means of communication from time 
>> to time. Service Provider is authorized to blacklist complainants 
>> with a history of abusing the provided means of communication."/
>>
>> All subject to further discussion, ofc.
>>
>> I realize this draft goes into detail more than we should in this WG, 
>> but having been asked for a proposal, I felt it necessary in order to 
>> move the discussion ahead.
>> Terms:
>> Service Provider - Privacy/Proxy Service Provider
>> Beneficial Owner - Replaces "Registrant"
>> filter - not deliver to Beneficial owner
>> Service - the privacy/proxy services
>>
>> -- 
>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>   
>> Mit freundlichen Grüßen,
>>   
>> Volker A. Greimann
>> - Rechtsabteilung -
>>   
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> 66386 St. Ingbert
>> Tel.: +49 (0) 6894 - 9396 901
>> Fax.: +49 (0) 6894 - 9396 851
>> Email:vgreimann at key-systems.net  <mailto:vgreimann at key-systems.net>
>>   
>> Web:www.key-systems.net  <https://urldefense.proofpoint.com/v1/url?u=http://www.key-systems.net&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=4e44656b6cbaf5db47c35c0942dd8686b9a3c5b61a616dcf66ec92e0f2b2365c>  /www.RRPproxy.net  <https://urldefense.proofpoint.com/v1/url?u=http://www.RRPproxy.net&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=9f6208e6e8f1dac0b3f5ee9154870f7a5e52ad42b0bd13ae5241fab95f59dec7>www.domaindiscount24.com  <https://urldefense.proofpoint.com/v1/url?u=http://www.domaindiscount24.com&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=467ef77b19e86ea9839635601853bb74d4fc3%0Ac295fa9d207090fbae89c45c15a>  /www.BrandShelter.com  <https://urldefense.proofpoint.com/v1/url?u=http://www.BrandShelter.com&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=9973e10c6103daf421cc592932f808958673ace58cec9628db00f8780f812776>
>>   
>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>> www.facebook.com/KeySystems  <http://www.facebook.com/KeySystems>www.twitter.com/key_systems  <https://urldefense.proofpoint.com/v1/url?u=http://www.twitter.com/key_systems&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=f553929a498d60da6ca0d20730fca68ec4cd4b34da81d7f164a6eaae314073e5>
>>   
>> Geschäftsführer: Alexander Siffrin
>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>> Umsatzsteuer ID.: DE211006534
>>   
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu  <https://urldefense.proofpoint.com/v1/url?u=http://www.keydrive.lu&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=5823884812c16616b8974fd5b1dfd309e902a2b3547c612cfa7f2f4e2e317500>  
>>   
>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>>   
>> --------------------------------------------
>>   
>> Should you have any further questions, please do not hesitate to contact us.
>>   
>> Best regards,
>>   
>> Volker A. Greimann
>> - legal department -
>>   
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> 66386 St. Ingbert
>> Tel.: +49 (0) 6894 - 9396 901
>> Fax.: +49 (0) 6894 - 9396 851
>> Email:vgreimann at key-systems.net  <mailto:vgreimann at key-systems.net>
>>   
>> Web:www.key-systems.net  <https://urldefense.proofpoint.com/v1/url?u=http://www.key-systems.net&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=4e44656b6cbaf5db47c35c0942dd8686b9a3c5b61a616dcf66ec92e0f2b2365c>  /www.RRPproxy.net  <https://urldefense.proofpoint.com/v1/url?u=http://www.RRPproxy.net&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=9f6208e6e8f1dac0b3f5ee9154870f7a5e52ad42b0bd13ae5241fab95f59dec7>www.domaindiscount24.com  <https://urldefense.proofpoint.com/v1/url?u=http://www.domaindiscount24.com&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=467ef77b19e86ea9839635601853bb74d4fc3%0Ac295fa9d207090fbae89c45c15a>  /www.BrandShelter.com  <https://urldefense.proofpoint.com/v1/url?u=http://www.BrandShelter.com&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=9973e10c6103daf421cc592932f808958673ace58cec9628db00f8780f812776>
>>   
>> Follow us on Twitter or join our fan community on Facebook and stay updated:
>> www.facebook.com/KeySystems  <http://www.facebook.com/KeySystems>www.twitter.com/key_systems  <https://urldefense.proofpoint.com/v1/url?u=http://www.twitter.com/key_systems&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=f553929a498d60da6ca0d20730fca68ec4cd4b34da81d7f164a6eaae314073e5>
>>   
>> CEO: Alexander Siffrin
>> Registration No.: HR B 18835 - Saarbruecken
>> V.A.T. ID.: DE211006534
>>   
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu  <https://urldefense.proofpoint.com/v1/url?u=http://www.keydrive.lu&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=cjstkpAuvAi4gqeqX5O18A%3D%3D%0A&m=rsFCYyZQt%2BsXOx2xX91EkpDm0Bf86Akjt0kI7PeOKQc%3D%0A&s=5823884812c16616b8974fd5b1dfd309e902a2b3547c612cfa7f2f4e2e317500>  
>>   
>> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>>   
>>   
>>   
>
> -- 
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email:vgreimann at key-systems.net
>
> Web:www.key-systems.net  /www.RRPproxy.netwww.domaindiscount24.com  /www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu  
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email:vgreimann at key-systems.net
>
> Web:www.key-systems.net  /www.RRPproxy.netwww.domaindiscount24.com  /www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:
> www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu  
>
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>
>
>
>
>
> _______________________________________________
> Gnso-ppsai-pdp-wg mailing list
> Gnso-ppsai-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-- 
_________________________
Graeme Bunton
Information Specialist
Tucows Inc.
PH: 416 535 0123 ext 1634

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20140818/61274f8c/attachment-0001.html>

More information about the Gnso-ppsai-pdp-wg mailing list