[Gnso-ppsai-pdp-wg] Privacy and Protection ServiceAccreditation Issues Working Group
John Horton
john.horton at legitscript.com
Tue Jan 14 19:00:30 UTC 2014
Hi all,
I think that the commercial/non-commercial distinction is a valid policy
question for the WG to consider. It seems to me that as part of that
deliberation, we shouldn't be taking the question of the "...use of the
Registered name.." off the table. To be clear, my point in this email isn't
to argue what the answer should be on the question of
commercial/non-commercial distinction for privacy/proxy services. Rather,
my point is that I think it's a valid (indeed, central) policy question
that is worth deliberation by this group, and that the question necessarily
implicates questions relating to the use of the Registered name.
Two points in response, if I may:
- *Registrant status vs use of the Registered name*. As to the
suggestion about looking to whether the registrant is a commercial or
non-commercial entity (as opposed to the actual use), allow me to argue why
that approach may not be entirely effective, again using the example of
rogue Internet pharmacies. The concrete problem we see is that the
proverbial "guy operating from his basement" who is not a licensed pharmacy
(and not a licensed corporation) and is selling fake drugs on the Internet,
sometimes leading to illness or death of the customer (or, for example, to
non-treatment, e.g., a patient thinking that he or she is treating their
cancer when it it only getting worse because the drugs have no active
ingredients). In this case, the registrant is only a private individual,
but is engaged in commercial activity. In many jurisdictions this triggers
consumer protection or other laws. My point here is not to start the debate
in this string as to what sort of privacy/proxy protections should or
should not be offered. Rather, my point is to argue that these are
appropriate questions for this WG to consider and discuss, and to provide
an example of why.
- *Content/Non-Content*. To build on the previous bullet, I understand
the point about content/non-content (e.g., the difference between a domain
name and content on a server), but I think that whether we all agree with
it or not, requirements in the RAA, for example, step firmly into the world
of use of a domain name and pointed-to content. Provisions in the 2013 RAA,
for example, explicitly reference "...use of a Registered name..." and the
provisions of the RAA that pertain to illegal activity (e.g., 3.18 and
1.13) certainly, I think, contemplate the content a Registered name points
to as the way that a domain name is being "used." We should look at the
ramifications of data privacy from every angle. Again, my primary point
here is not to argue that ICANN policies implicating content questions are
right or wrong; rather, I want to argue that there is no longer any
historical precedent suggesting that discussions of content or domain name
usage are not, and never have been, within the ambit of ICANN. Indeed,
such policy considerations seem necessary to discuss broader implementation
of data privacy, and the responsibilities ICANN entrusts to future
accredited privacy and proxy services providers.
Thanks,
John Horton
President, LegitScript
*Follow LegitScript*:
LinkedIn<http://www.linkedin.com/company/legitscript-com>
| Facebook <https://www.facebook.com/LegitScript> |
Twitter<https://twitter.com/legitscript>
| YouTube <https://www.youtube.com/user/LegitScript> | *Blog
<http://blog.legitscript.com>* |
Google+<https://plus.google.com/112436813474708014933/posts>
On Tue, Jan 14, 2014 at 9:56 AM, Stephanie Perrin <
stephanie.perrin at mail.utoronto.ca> wrote:
> Totally agree. This is something we have discussed in the EWG somewhat
> extensively. The internet equivalent of having a garage sale, or letting
> someone place a commercial sign in your front field or on the side of
> building, does not turn that registrant into a commercial entity,
> regardless of how the tax authorities view the matter of the monetary
> exchange. ICANN has no business going there, nor demanding that registrars
> try to sort through these inherently inter-jurisdictional nuances.
> I totally agree on the more fundamental principle of examining content too.
> Stephanie Perrin
> On 2014-01-14, at 12:33 PM, Tim Ruiz wrote:
>
> > That's exactly why we shouldn't go there. It is a rabbit hole leading to
> some crazy, unending debate about use, IMHO. If some due process is
> undertaken (outside of ICANN) and an appropriate notice/order is given to
> the p/p provider, they should take whatever course of action they are
> directed or ordered to take. We don't have to debate what is legal or isn't
> that is not our task, again IMHO.
> >
> > Tim
> >
> >
> >> On Jan 14, 2014, at 12:00 PM, "Don Blumenthal" <dblumenthal at pir.org>
> wrote:
> >>
> >> True. However, what if the use is legal but the website content creates
> >> questions about the domain¹s commercial/non-commercial designation if
> the
> >> WG recommends differentiation? To steal Gema¹s example in her first
> >> message:
> >>
> >> But, what is the difference between them? A hobbyist¹s backyard habitat
> >> website and another hobbyist¹s backyard habitat website that has, or
> later
> >> adds, an Amazon affiliate link to defray costs?
> >>
> >> Don
> >>
> >>
> >>
> >>> On 1/14/14, 10:11 AM, "Tim Ruiz" <tim at godaddy.com> wrote:
> >>>
> >>> That is an issue with use/content, which is not within ICANN's mission,
> >>> as far as I read their mission. How an accredited p/p service responds
> >>> when properly notified of illegal content (following due process),
> should
> >>> be the same as what is required of an accredited registrar.
> >>> ________________________________________
> >>> From: gnso-ppsai-pdp-wg-bounces at icann.org
> >>> <gnso-ppsai-pdp-wg-bounces at icann.org> on behalf of Campillos Gonzalez,
> >>> Gema Maria <GCAMPILLOS at minetur.es>
> >>> Sent: Tuesday, January 14, 2014 10:01 AM
> >>> To: Luc SEUFER
> >>> Cc: gnso-ppsai-pdp-wg at icann.org
> >>> Subject: Re: [Gnso-ppsai-pdp-wg] Privacy and Protection
> >>> ServiceAccreditation Issues Working Group
> >>>
> >>> Thank you for the reminder, Luc. I give another real-world and trickier
> >>> instance using the word "registrant".
> >>>
> >>> Has the registrant a commercial purpose when he runs a forum-like
> website
> >>> on which he also offers access to copyrighted works free of charge? In
> >>> this case, the registrant leads this activity for the sake of it and
> >>> doesn't get any profits at all from it. But, he is causing great damage
> >>> to right holders.
> >>>
> >>> I join the conference now.
> >>>
> >>> Regards,
> >>>
> >>> Gema
> >>>
> >>> -----Mensaje original-----
> >>> De: Luc SEUFER [mailto:lseufer at dclgroup.eu]
> >>> Enviado el: martes, 14 de enero de 2014 15:33
> >>> Para: Campillos Gonzalez, Gema Maria
> >>> CC: Jim Bikoff; gnso-ppsai-pdp-wg at icann.org
> >>> Asunto: Re: [Gnso-ppsai-pdp-wg] Privacy and Protection
> >>> ServiceAccreditation Issues Working Group
> >>>
> >>> Hello Gema,
> >>>
> >>> Just a kind reminder that ICANN is only dealing with domain names, not
> >>> websites. Thus, in my opinion, the distinction should be made on the
> >>> registrant type alone.
> >>> Hosting services are regulated by ad'hoc laws and those services are
> >>> outside of ICANN's scope.
> >>>
> >>> As you know, to serve the EU an online merchant has to abide by
> Directive
> >>> 2000/31 (its national transpositions to be more precise) and must
> publish
> >>> their details on their website. Should they fail to do so, the hosting
> >>> provider should be the party that LEA should contact, not the
> registrar.
> >>>
> >>> Luc
> >>>
> >>>
> >>>
> >>> On Jan 14, 2014, at 14:24, Campillos Gonzalez, Gema Maria
> >>> <GCAMPILLOS at minetur.es<mailto:GCAMPILLOS at minetur.es>> wrote:
> >>>
> >>> Dear all,
> >>>
> >>> I agree with commentators that this categorization is clearer than the
> >>> previous one.
> >>>
> >>> Although I am aware of your reluctance to introduce variations to the
> >>> Charter questions passed by the GNSO Council on 31st October, a doubt
> has
> >>> come up to my mind. Some of the questions rest on the difference
> between
> >>> commercial and non-commercial activities (4, 5 and 6 in the first group
> >>> and 4 in the last one). But, what is the difference between them? A
> >>> copyright infringing website where video streaming or downloads are
> free
> >>> of charge but which is supported by advertisements or SMS premium
> >>> services is a commercial or a non-commercial activity?
> >>>
> >>> Thank you,
> >>>
> >>> Gema
> >>>
> >>> De:
> >>> gnso-ppsai-pdp-wg-bounces at icann.org<mailto:
> gnso-ppsai-pdp-wg-bounces at icann
> >>> .org> [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] En nombre de Jim
> >>> Bikoff Enviado el: lunes, 13 de enero de 2014 23:05
> >>> Para: gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>
> >>> Asunto: [Gnso-ppsai-pdp-wg] FW: Privacy and Protection Service
> >>> Accreditation Issues Working Group
> >>>
> >>> Dear All,
> >>>
> >>> Although the question groupings are still being completed, it may be
> >>> helpful to our audience if we grouped the questions in the letters in
> >>> some logical, categorical manner, even if that grouping is but a draft.
> >>>
> >>> To address the substantive content of the questions, it seems that the
> >>> ultimate issue is set forth in the first question: "What, if any, are
> the
> >>> types of Standard Services Practices that should be adopted and
> published
> >>> by ICANN-accredited privacy/proxy service providers?" The questions
> >>> following it address that main issue. Most of the issues and questions
> >>> could be subsumed under the following general categories:
> >>>
> >>> * MAINTENANCE of privacy/proxy services; * CONTACT point provided by
> >>> each privacy/proxy service; * RELAY of complaints to the privacy/proxy
> >>> customer; and * REVEAL of privacy/proxy customers' identities.
> >>> If we followed this categorization, the issues and questions would be
> >>> grouped as follows:
> >>>
> >>> MAIN ISSUES
> >>>
> >>>
> >>> 1. What, if any, are the types of Standard Service Practices that
> >>> should be adopted and published by ICANN-accredited privacy/proxy
> service
> >>> providers?
> >>>
> >>> 2. Should ICANN distinguish between privacy and proxy services for
> >>> the purpose of the accreditation process?
> >>>
> >>> 3. What are the contractual obligations, if any, that, if
> >>> unfulfilled, would justify termination of customer access by
> >>> ICANN-accredited privacy/proxy service providers? Should there be any
> >>> forms of non-compliance that would trigger cancellation or suspension
> of
> >>> registrations? If so, which?
> >>>
> >>> 4. What are the effects of the privacy and proxy service
> >>> specification contained in the 2013 RAA? Have these new requirements
> >>> improved WHOIS quality, registrant contactability, and service
> usability?
> >>>
> >>> 5. What should be the contractual obligations of ICANN accredited
> >>> registrars with regard to accredited privacy/proxy service providers?
> >>> Should registrars be permitted to knowingly accept registrations where
> >>> the registrant is using unaccredited service providers that are bound
> to
> >>> the same standards as accredited service providers?
> >>>
> >>>
> >>> MAINTENANCE
> >>>
> >>>
> >>> 1. Should ICANN-accredited privacy/proxy service providers be
> >>> required to label WHOIS entries to clearly show when a registration is
> >>> made through a privacy/proxy service?
> >>>
> >>> 2. Should ICANN-accredited privacy/proxy service providers be
> >>> required to conduct periodic checks to ensure accuracy of customer
> >>> contact information; and if so, how?
> >>>
> >>> 3. What rights and responsibilities should customers of
> >>> privacy/proxy services have? What obligations should ICANN-accredited
> >>> privacy/proxy service providers have in managing these rights and
> >>> responsibilities? Clarify how transfers, renewals, and PEDNR policies
> >>> should apply.
> >>>
> >>> 4. Should ICANN-accredited privacy/proxy service providers
> >>> distinguish between domain names registered or used for commercial with
> >>> those registered or used for personal purposes? Specifically, is the
> use
> >>> of privacy/proxy services appropriate when a domain name is registered
> or
> >>> used for commercial purposes?
> >>>
> >>> 5. Should there be a difference in the data fields to be displayed
> >>> if the domain name is registered or used for a commercial purpose or
> by a
> >>> commercial entity instead of a natural person?
> >>>
> >>> 6. Should the use of privacy/proxy services be restricted only to
> >>> registrants who are private individuals using the domain name for
> >>> non-commercial purposes?
> >>>
> >>>
> >>> CONTACT
> >>>
> >>>
> >>> 1. What measures should be taken to ensure contactability and
> >>> responsiveness of the providers?
> >>>
> >>> 2. Should ICANN-accredited privacy/proxy service providers be
> >>> required to maintain dedicated points of contact for reporting abuse?
> If
> >>> so, should the terms be consistent with the requirements applicable to
> >>> registrars under Section 3.18 of the RAA?
> >>>
> >>> 3. Should full WHOIS contact details for ICANN-accredited
> >>> privacy/proxy service providers be required?
> >>>
> >>> 4. What forms of malicious conduct, if any, should be covered by a
> >>> designated published point of contact at an ICANN-accredited
> >>> privacy/proxy service provider?
> >>>
> >>>
> >>> RELAY
> >>>
> >>> 1. What, if any, baseline minimum standardized relay processes
> >>> should be adopted by ICANN-accredited privacy/proxy service providers?
> >>>
> >>> 2. Should ICANN-accredited privacy/proxy service providers be
> >>> required to forward to the customer all allegations of illegal
> activities
> >>> they receive relating to specific domain names of the customer?
> >>>
> >>>
> >>> REVEAL
> >>>
> >>>
> >>> 1. What, if any, baseline minimum standardized reveal processes
> >>> should be adopted by ICANN-accredited privacy/proxy service providers?
> >>>
> >>> 2. Should ICANN-accredited privacy/proxy service providers be
> >>> required to reveal customer identities for the specific purpose of
> >>> ensuring timely service of cease and desist letters?
> >>>
> >>> 3. What forms of alleged malicious conduct, if any, and what
> >>> evidentiary standard would be sufficient to trigger such disclosure?
> What
> >>> specific violations, if any, would be sufficient to trigger such
> >>> disclosure?
> >>>
> >>> 4. What safeguards, if any, should be put in place to ensure
> >>> adequate protections for privacy and freedom of expression? Should
> these
> >>> standards vary depending on whether the website is being used for
> >>> commercial or non-commercial purposes? What safeguards or remedies
> should
> >>> be available in cases where publication is found to have been
> unwarranted?
> >>>
> >>> 5. What circumstances, if any, would warrant access to registrant
> >>> data by law enforcement agencies?
> >>>
> >>> 6. What clear, workable, enforceable and standardized processes
> >>> should be adopted by ICANN-accredited privacy/proxy services in order
> to
> >>> regulate such access (if such access is warranted)?
> >>>
> >>>
> >>>
> >>>
> >>> Please let me know if this categorization is helpful.
> >>>
> >>> Jim
> >>>
> >>> James L. Bikoff
> >>> Silverberg, Goldman & Bikoff, LLP
> >>> 1101 30th Street, NW
> >>> Suite 120
> >>> Washington, DC 20007
> >>> Tel: 202-944-3303
> >>> Fax: 202-944-3306
> >>> jbikoff at sgbdc.com<mailto:jbikoff at sgbdc.com>
> >>>
> >>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Gnso-ppsai-pdp-wg mailing list
> >>> Gnso-ppsai-pdp-wg at icann.org<mailto:Gnso-ppsai-pdp-wg at icann.org>
> >>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
> >>>
> >>>
> >>> ________________________________
> >>>
> >>> --------------------------------------------------------
> >>>
> >>> This e-mail and any attached files are confidential and intended solely
> >>> for the use of the individual or entity to whom they are addressed. If
> >>> you have received this e-mail by mistake, please notify the sender
> >>> immediately and delete it from your system. You must not copy the
> message
> >>> or disclose its contents to anyone.
> >>>
> >>> Think of the environment: don't print this e-mail unless you really
> need
> >>> to.
> >>>
> >>> --------------------------------------------------------
> >>> _______________________________________________
> >>> Gnso-ppsai-pdp-wg mailing list
> >>> Gnso-ppsai-pdp-wg at icann.org
> >>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
> >>> _______________________________________________
> >>> Gnso-ppsai-pdp-wg mailing list
> >>> Gnso-ppsai-pdp-wg at icann.org
> >>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
> >>
> > _______________________________________________
> > Gnso-ppsai-pdp-wg mailing list
> > Gnso-ppsai-pdp-wg at icann.org
> > https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>
> _______________________________________________
> Gnso-ppsai-pdp-wg mailing list
> Gnso-ppsai-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20140114/30593c33/attachment-0001.html>
More information about the Gnso-ppsai-pdp-wg
mailing list