[Gnso-ppsai-pdp-wg] Commercial Use - White Paper
John Horton
john.horton at legitscript.com
Tue May 13 10:33:15 UTC 2014
Hi Volker,
Thanks for your comments. We did try to think through those things, and I
think you'll find them addressed in the paper that Libby circulated.
Cheers,
John Horton
President, LegitScript
*Follow LegitScript*:
LinkedIn<http://www.linkedin.com/company/legitscript-com>
| Facebook <https://www.facebook.com/LegitScript> |
Twitter<https://twitter.com/legitscript>
| YouTube <https://www.youtube.com/user/LegitScript> | *Blog
<http://blog.legitscript.com>* |
Google+<https://plus.google.com/112436813474708014933/posts>
On Tue, May 13, 2014 at 6:18 PM, Volker Greimann
<vgreimann at key-systems.net>wrote:
> Hi John,
>
> the problem is that commercial use is a very wide scope. Some courts have
> held that providing space for Google Ads on your private blog can be held
> to be commercial use. Or if I linked to an ebay auction I set up and
> mentioned that in my blog, it could be construed to be commercially used.
> Does that mean I lose my right to use a privacy service?
>
> What about little work-from-home shops selling self-made stuff online? Do
> they really have to put their home address on their domain? If I were an
> activist for religion (or lack thereof), womens rights, abotrion, death
> penalty and sell stickers promoting my cause in a small webshop, do I
> suddenly have to tell every nutter out there where I live?
>
> While I agree that there may be abuse of the services provided by whois
> privacy, I do not agree that commercial activity is where we should draw
> the line. Illegal activity using such services is what needs to be
> prohibited, nothing else.
>
> Best,
>
> Volker
>
>
> I think it's important to note that nobody is currently proposing that
> commercial entities shouldn't be allowed to use p/p services. (Put aside
> the text in Bob's email, because I am guessing that is not what he actually
> meant. Anyway, it's not what's proposed in the paper.) Rather, the proposal
> is that p/p services should not be allowed for domain names *used for
> commercial purposes*. The status of the registrant as a registered
> business, or as an individual, is irrelevant. For some specific discussion
> on this point, I'd encourage you to review pages 8-9 of the document that
> Libby disseminated.
>
> To your specific point, pre-launch trademark searching and clearance
> wouldn't be "using the domain name" for "commercial activity" as it's
> contemplated. To be precise, the registrant might be engaged in commercial
> activity in other ways, but *not involving the use of the domain name*.
> The idea is that if a website is actually selling goods and services,
> either via the domain name or some website that it points to (e.g., all of
> the product are listed at example.com, but it points to paypal.com for
> transactions), that would be a commercial *use* of a domain name. If
> you've just registered a domain name in preparation for the launch of a new
> brand or product line, but the domain name isn't actually transacting
> business, I don't think it's commercial *use*. We're talking about
> situations where you select a product, put it in your cart, pull out your
> credit card, and conduct a financial transaction, and I'd argue that
> Internet users have the right to an accurate, transparent Whois record at
> that point in time. In any case, I think that these issues are discussed in
> more detail in the document, and in particular, pages 8-9.
>
> Let me answer your earlier question about medsindia.com. But first, let
> me first point out that in numerous cases where we've submitted evidence to
> registrars about rogue Internet pharmacies, they respond, "We unfortunately
> cannot take any action unless you prove that the Whois record is
> inaccurate." (Put aside for a moment any disagreement with this response [I
> do not think it's accurate]; the point is that it's a common response by
> some, although not all, registrars.)
>
> So, to your question, there are two possibilities:
>
> 1. The domain name is accurately registered. Great; now, perhaps, law
> enforcement or the courts can take action as appropriate.
> 2. Or, it's a falsified or inaccurate Whois. Even if it takes a little
> leg work, the inaccurate nature of the Whois information can be
> established, and a WDPRS complaint can be submitted. Either the Whois is
> corrected, or it isn't and the domain name is suspended.
>
> In other words, if some registrars say, "The only enforcement mechanism
> we're going to recognize against domain names is a) a court order in our
> jurisdiction, or b) a false Whois," *medsindia*.com is an example where
> all options are off the table. As explained, Canadian law enforcement has
> no jurisdiction because Canada is the one country where the drugs aren't
> shipped to; and a WDPRS is off the table because there's no way to prove
> the Whois is falsified -- it's behind a p/p service.
>
> Hope that helps!
>
> John Horton
> President, LegitScript
>
>
>
> *Follow LegitScript*: LinkedIn<http://www.linkedin.com/company/legitscript-com>
> | Facebook <https://www.facebook.com/LegitScript> | Twitter<https://twitter.com/legitscript>
> | YouTube <https://www.youtube.com/user/LegitScript> | *Blog
> <http://blog.legitscript.com>* | Google+<https://plus.google.com/112436813474708014933/posts>
>
>
> On Tue, May 13, 2014 at 9:37 AM, McGrady, Paul D. <PMcGrady at winston.com>wrote:
>
>> Hi Kiran,
>>
>> I'm not sure how pre-launch trademark searching and clearance isn't a
>> commercial activity. Further, Bob's email said: "This is one of the
>> reasons for keeping whois data public for commercial entities." There is a
>> big difference between excluding proxy services for commercial entities vs
>> excluding proxy services for websites that resolve and contain commercial
>> content ("This is one of the reasons for keeping whois data public for
>> commercial entities.").
>>
>> What is actually being proposed?
>>
>> Best,
>> Paul
>>
>>
>> -----Original Message-----
>> From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil at markmonitor.com]
>> Sent: Tuesday, May 13, 2014 8:31 AM
>> To: McGrady, Paul D.
>> Cc: John Horton; gnso-ppsai-pdp-wg at icann.org
>> Subject: Re: [Gnso-ppsai-pdp-wg] Commercial Use - White Paper
>>
>> Paul, we've discussed that as well. With the input from several of our
>> clients that engage in this as a best practice, we understand that a
>> pre-launch website would be able to utilize p/p because it is not yet
>> engaging in commercial activity. Once the product/service goes live and is
>> an active offering, it can drop the veil so-to-speak.
>>
>> K
>>
>> Kiran Malancharuvil
>> Internet Policy Counselor
>> MarkMonitor
>> 415-419-9138 (m)
>>
>> Sent from my mobile, please excuse any typos.
>>
>> > On May 12, 2014, at 5:27 PM, "McGrady, Paul D." <PMcGrady at winston.com>
>> wrote:
>> >
>> > Thanks Kiran. Thanks Bob.
>> >
>> > The other side of the balancing act on this is, of course, the
>> legitimate need for commercial entities to have access to proxy services.
>> For example, a brand owner who is trying to roll out a new brand and
>> attempting to secure the corresponding domain names in advance of their
>> first trademark filing in order to cut down on the amount of cybersquatting.
>> >
>> > Best,
>> > Paul
>> >
>> >
>> > -----Original Message-----
>> > From: Kiran Malancharuvil [mailto:Kiran.Malancharuvil at markmonitor.com]
>> > Sent: Tuesday, May 13, 2014 8:25 AM
>> > To: McGrady, Paul D.
>> > Cc: John Horton; gnso-ppsai-pdp-wg at icann.org
>> > Subject: Re: [Gnso-ppsai-pdp-wg] Commercial Use - White Paper
>> >
>> > Paul,
>> >
>> > Agree with Bob. No one expects them to be honest but with the new
>> verification requirements, they will lose the domain name.
>> >
>> > K
>> >
>> > Kiran Malancharuvil
>> > Internet Policy Counselor
>> > MarkMonitor
>> > 415-419-9138 (m)
>> >
>> > Sent from my mobile, please excuse any typos.
>> >
>> > On May 12, 2014, at 4:58 PM, "McGrady, Paul D." <PMcGrady at winston.com
>> <mailto:PMcGrady at winston.com>> wrote:
>> >
>> > John,
>> >
>> > Setting aside for a moment the specific example below, the part I don't
>> completely understand is why we think that a domain name owner who is using
>> the domain name for a blatantly illegal purpose without regard for the law
>> will somehow be inclined to provide accurate information in their WHOIS
>> records if they are not allowed to contract for a proxy service.
>> >
>> > Thanks in advance for your thoughts.
>> >
>> > Best,
>> > Paul
>> >
>> >
>> > Paul D. McGrady Jr.
>> >
>> > Partner
>> >
>> > Chair, Trademark, Domain Names and Brand Enforcement Practice
>> >
>> > Winston & Strawn LLP
>> > 35 W. Wacker Drive
>> > Chicago, IL 60601-9703
>> >
>> > D: +1 (312) 558-5963
>> >
>> > F: +1 (312) 558-5700
>> >
>> > Bio<http://www.winston.com/en/who-we-are/attorneys/mcgrady-paul-d.html>
>> | VCard<http://www.winston.com/vcards/996.vcf> | Email<mailto:
>> pmcgrady at winston.com> | winston.com<http://www.winston.com>
>> >
>> > <image001.jpg>
>> >
>> >
>> > From: gnso-ppsai-pdp-wg-bounces at icann.org<mailto:
>> gnso-ppsai-pdp-wg-bounces at icann.org> [mailto:
>> gnso-ppsai-pdp-wg-bounces at icann.org] On Behalf Of John Horton
>> > Sent: Tuesday, May 13, 2014 5:40 AM
>> > To: gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>
>> > Subject: Re: [Gnso-ppsai-pdp-wg] Commercial Use - White Paper
>> >
>> > Hi all,
>> >
>> > Following up on the white paper that Libby Baney just circulated, and
>> as we wrap up our discussion regarding distinguishing between commercial
>> and non-commercial use, I thought it might be helpful to provide a concrete
>> example of a domain name that (I trust we can all agree) is being used for
>> commercial purposes. Perhaps we can collectively think through whether it
>> makes sense for this domain name to be afforded privacy protection. For
>> simplicity, I am only using one domain name as an example, but there are
>> thousands like this in our database alone. I hope that a concrete example
>> will be helpful to the discussion.
>> >
>> > Let's take the domain name medsindia.com<http://medsindia.com>. First,
>> as you can verify with a Whois query, it is using proxy/privacy services.
>> >
>> > Registrant Name: General (c/o Rebel.com<http://Rebel.com> Privacy
>> Service) Registrant Organization: Private Domain Services Registrant
>> Street: 300-12 York Street Registrant City: Ottawa Registrant
>> State/Province: ON Registrant Postal Code: K1N 5S6 Registrant Country: CA
>> Registrant Phone: +1.866-497-3235<tel:%2B1 <%2B1>.866-497-3235>
>> > Registrant Phone Ext:
>> > Registrant Fax:
>> > Registrant Fax Ext:
>> > Registrant Email: IVP1JQKYRM3LQED1 at rebelprivacy.com<mailto:
>> IVP1JQKYRM3LQED1 at rebelprivacy.com>
>> >
>> > How is it being used? It's fairly straightforward: it sells addictive
>> (controlled substances) and other prescription drugs without a valid
>> prescription. But that's not all:
>> >
>> > * As noted, it sells prescription drugs, including controlled
>> substances, without requiring a valid prescription.
>> > * The drugs are not sold by a pharmacy licensed or otherwise
>> recognized in the patient's jurisdiction, as is the standard requirement.
>> > * The drugs are considered unapproved or falsified, depending on the
>> regulatory language in the jurisdiction. Part of the reason is that they
>> are illegally imported into the customers' jurisdiction and thus
>> unregulated for safety or authenticity.
>> > To be clear, this domain name is not being used for legal commercial
>> purposes in any jurisdiction. (Despite its claim to be using a licensed
>> pharmacy in India, not even in India, for reasons I can explain separately
>> if anyone wants to know.) I choose this domain name because I do not think
>> its unlawful or dangerous use can be disputed. I would further argue that
>> the use of the p/p protection allows the unlawful actor to continue
>> operating, as I explain below.
>> >
>> > Being privacy protected, of course, we can't immediately tell who is
>> operating the website. Can we get law enforcement or courts in the
>> registrar's jurisdiction to do anything -- e.g., go to the registrar and
>> ask or require them to reveal the identity of the registrant? No. Try to
>> buy a drug such as Xanax from this website. This Internet pharmacy will
>> ship anywhere in the world except to Canada -- where its registrar and
>> servers are located. To protect its ability to sell drugs globally, the
>> registrant has sacrificed sales to a single country, and chosen a registrar
>> and servers there, to create a safe haven. Consequently, Canadian law
>> enforcement cannot point to a violation of Canadian law: no drugs are being
>> shipped into Canada -- just everywhere else around the world. (Which, we
>> can infer, is why this registrant removed Canada from their shipping
>> destinations.) And, the reverse is true -- a court order or law enforcement
>> request from outside of Canada can simply be ignored by the registrar and
>> server companies in Canada. Those who have argued that the best way to deal
>> with p/p use by illegal actors is simply to get a court order are not
>> accounting for this quite common scenario.
>> >
>> > Being able to hide their identity in the Whois record is also the
>> perfect set up for another reason: many registrars have said in the past
>> that they only way that they can (or perhaps, will) take action on a domain
>> name is if the Whois record is falsified. But how would we know? It is
>> privacy protected. That removes the WDPRS as a mechanism for dealing with
>> abusive behavior.
>> >
>> > Does this commercial registrant have a legitimate need for p/p
>> services? I would argue that that is not the question to be answered. The
>> question is: Does a consumer, consumer protection firm, government agency,
>> etc. have the right to know who is operating this website? I would submit
>> to this group that it is incumbent upon us to recommend a thoughtful,
>> balanced policy that prevents this sort of "perfect set up" for Internet
>> criminals to hide their identity as this one has. Keep in mind that, as
>> pointed out in the circulated paper, no such right exists in the offline
>> world -- rather, consumers have the right to know who they are dealing
>> with. Ample requirements exist for business registrations to do business
>> transparently. There should be no difference in the online world.
>> >
>> > Finally, recall that the Affirmation of Commitments (AoC) requires
>> "timely, unrestricted and public access to accurate and complete WHOIS
>> information." The AoC goes on to state that WHOIS policy and its
>> implementation needs to meet "the legitimate needs of law enforcement and
>> promote consumer trust." I ask the group, is ICANN fulfilling its
>> commitment, not only to law enforcement but especially to promote consumer
>> trust, if it allows websites like this to continue using p/p services?
>> >
>> > Thank you for your consideration.
>> >
>> > John Horton
>> > President, LegitScript
>> > [
>> https://static.legitscript.com/assets/logo-smaller-cdb8a6f307ce2c6172e72257dc6dfc34.png
>> ]
>> >
>> >
>> >
>> > Follow LegitScript: LinkedIn<
>> http://www.linkedin.com/company/legitscript-com> | Facebook<
>> https://www.facebook.com/LegitScript> | Twitter<
>> https://twitter.com/legitscript> | YouTube<
>> https://www.youtube.com/user/LegitScript> | Blog<
>> http://blog.legitscript.com> | Google+<
>> https://plus.google.com/112436813474708014933/posts>
>> >
>> > On Mon, May 12, 2014 at 11:40 PM, Libby Baney <
>> libby.baney at fwdstrategies.com<mailto:libby.baney at fwdstrategies.com>>
>> wrote:
>> > All --
>> >
>> > I appreciate the dialogue the group has begun regarding WHOIS
>> transparency for entities engaged in commercial activity. With the hope of
>> encouraging discussion on the merits of the issue, I am pleased to share
>> the attached white paper: Commercial Use of Domain Names: An Analysis of
>> Multiple Jurisdictions.
>> >
>> > As you'll see, the paper addresses the following question: Should
>> domain name registrants who sell products or services on their websites
>> should be able to conceal their identity and location in the domain name
>> registration? The paper argues that they should not. Rather, the authors
>> find that requiring domain name registrants engaged in commercial activity
>> to provide transparent WHOIS information falls squarely in line both with
>> ICANN's commitment to Internet users and existing global public policy to
>> keep businesses honest and consumers safe. Accordingly, the paper
>> recommends an approach that balances personal privacy and consumer
>> protection rights. On the one hand, domain names used for non-commercial
>> purposes (e.g., personal blogs) should, the authors believe, be permitted
>> to utilize privacy or proxy registration. This reflects a fundamental right
>> to privacy of domain name registrants not engaged in commerce. However, the
>> authors do not believe the same right exists for registrants of websites
>> engaged in commerce - a conclusion borne out by our research.
>> >
>> > It goes without saying that this group is divided on the issue of
>> requiring WHOIS transparency for sites engaged in commercial activity. As
>> some in the PPSAI WG have commented, these issues may be complicated but
>> they nonetheless merit our full consideration. We hope the attached white
>> paper stimulates further thinking and group discussion on the issues.
>> >
>> > I look forward to continuing the discussion tomorrow.
>> >
>> > Libby
>> >
>> > --
>> > Libby Baney, JD
>> > President
>> > FWD Strategies International
>> > www.fwdstrategies.com<http://www.fwdstrategies.com>
>> > P: 202-499-2296<tel:202-499-2296>
>> >
>> >
>> > _______________________________________________
>> > Gnso-ppsai-pdp-wg mailing list
>> > Gnso-ppsai-pdp-wg at icann.org<mailto:Gnso-ppsai-pdp-wg at icann.org>
>> > https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>> >
>> >
>> > The contents of this message may be privileged and confidential.
>> Therefore, if this message has been received in error, please delete it
>> without reading it. Your receipt of this message is not intended to waive
>> any applicable privilege. Please do not disseminate this message without
>> the permission of the author.
>> ******************************************************************************
>> Any tax advice contained in this email was not intended to be used, and
>> cannot be used, by you (or any other taxpayer) to avoid penalties under the
>> Internal Revenue Code of 1986, as amended.
>> > _______________________________________________
>> > Gnso-ppsai-pdp-wg mailing list
>> > Gnso-ppsai-pdp-wg at icann.org<mailto:Gnso-ppsai-pdp-wg at icann.org>
>> > https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>> > The contents of this message may be privileged and confidential.
>> Therefore, if this message has been received in error, please delete it
>> without reading it. Your receipt of this message is not intended to waive
>> any applicable privilege. Please do not disseminate this message without
>> the permission of the author.
>> ******************************************************************************
>> Any tax advice contained in this email was not intended to be used, and
>> cannot be used, by you (or any other taxpayer) to avoid penalties under the
>> Internal Revenue Code of 1986, as amended.
>> The contents of this message may be privileged and confidential.
>> Therefore, if this message has been received in error, please delete it
>> without reading it. Your receipt of this message is not intended to waive
>> any applicable privilege. Please do not disseminate this message without
>> the permission of the author.
>> ******************************************************************************
>> Any tax advice contained in this email was not intended to be used, and
>> cannot be used, by you (or any other taxpayer) to avoid penalties under the
>> Internal Revenue Code of 1986, as amended.
>>
>
>
>
> _______________________________________________
> Gnso-ppsai-pdp-wg mailing listGnso-ppsai-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>
>
>
> _______________________________________________
> Gnso-ppsai-pdp-wg mailing list
> Gnso-ppsai-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20140513/2f2803a6/attachment-0001.html>
More information about the Gnso-ppsai-pdp-wg
mailing list