[Gnso-ppsai-pdp-wg] What is content and what isn't

McGrady, Paul D. PMcGrady at winston.com
Wed Oct 29 20:41:01 UTC 2014 

I haven't seen anyone on this list advocate for "unilateral 'steam rolling'".  

-----Original Message-----
From: gnso-ppsai-pdp-wg-bounces at icann.org [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] On Behalf Of Chris Pelling
Sent: Wednesday, October 29, 2014 3:35 PM
To: Steven Metalitz
Cc: PPSAI
Subject: Re: [Gnso-ppsai-pdp-wg] What is content and what isn't

Hi Steve,

I am already in that postal code - thank you very much.

I don't however and won't agree to allow unilateral "steam rolling" of a consumers right to privacy.  If that consumer has done nothing wrong, nor has the actual "domain name" in question.

We as a registrar already have to provide via the 2009 RAA and 2013 RAA  (we are not signed up for 2013 RAA as we cannot because of EU privacy law) escrow data in the form of the RDE specification.  Whatever next, not able to get the data from the PP provider, lobby ICANN for access to a registrars escrowed data ?  Over the top - granted.

Also we (NEO) do not host websites, so if someone came along to request assistance, we help them, either passing them UDRP info if the "actual domain" is in violation or the hosting company - so currently we do not normally fall into the crack of having to provide data access.

Lastly, yes, LEA requests data, if it is from the UK Police force, they get it BECAUSE of who they are.  UK Court order demands it - yes we provide it to the court

Chris



----- Original Message -----
From: "Steven Metalitz" <met at msk.com>
To: "Chris Pelling" <chris at netearthone.com>, "PPSAI" <gnso-ppsai-pdp-wg at icann.org>
Sent: Wednesday, 29 October, 2014 7:08:45 PM
Subject: Re: [Gnso-ppsai-pdp-wg] What is content and what isn't

Chris:  

You state, in reference to disclosure of contact data masked by a proxy/privacy service,  "No IP lawyer nor Brand protection company has the right to breach or violate a consumers right to privacy without due process - period."

However, as a registrar, your company reserves the right to do so with your customers:  

We only share personal information with other companies or individuals in the following limited circumstances:
•......
•We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to:
 (a) satisfy any applicable law, regulation, legal process or enforceable governmental request,
 (b) enforce applicable Terms of Service, including investigation of potential violations thereof,
 (c) detect, prevent, or otherwise address fraud, security or technical issues, or
 (d) protect against harm to rights, property or safety, of our users, us or the public as required or permitted by law.

Source:  http://www.netearthone.com/support/privacy.php 

I don't see anything in there about "due process of law." 

If you would post to this list the Terms of Service for whatever privacy/proxy service you provide to registrants (I recognize that since your company is not listed as having signed the 2013 RAA you may not be legally required to do so), I strongly suspect that those terms would allow you to terminate the service (thus causing contact data to be not only "disclosed," as this group has defined the term, but "published") without "due process of law."    

Please feel free to join us in the postal code where we have moved beyond simplistic slogans and  are working to craft some fair and comprehensive rules defining the circumstances under which p/p services should disclose this information to a requester. 

Steve Metalitz

-----Original Message-----
From: gnso-ppsai-pdp-wg-bounces at icann.org [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] On Behalf Of Chris Pelling
Sent: Wednesday, October 29, 2014 2:34 PM
To: PPSAI
Subject: Re: [Gnso-ppsai-pdp-wg] What is content and what isn't

Firstly my apologies to those that may have got this twice (first one missing a chunk) :

Surely we are not going to re-inventing the wheel here?

As per the Oxford English Dictionary :

Disclosure : The action of making new or secret information known:
ref : http://www.oxforddictionaries.com/definition/english/disclosure

Relay *verb* : Receive and pass on (information or a message):
ref : http://www.oxforddictionaries.com/definition/english/relay

This whole point regarding "Breach of privacy" on mere speculation you are requesting that someones private information be made public -  even if public to the requester, it is by definition still public.  In Europe which ICANN has to appreciate there will be PP providers this is a breach/violation of a persons right.

To do a relay - no breach/violation of privacy - thats how simple it is.  

No IP lawyer nor Brand protection company has the right to breach or violate a consumers right to privacy without due process - period.

Kind Regards,

Chris

NetEarth One, inc

----- Original Message -----
From: "Kiran Malancharuvil" <Kiran.Malancharuvil at markmonitor.com>
To: "Michele Neylon - Blacknight" <michele at blacknight.com>
Cc: "PPSAI" <gnso-ppsai-pdp-wg at icann.org>
Sent: Wednesday, 29 October, 2014 3:33:24 PM
Subject: Re: [Gnso-ppsai-pdp-wg] What is content and what isn't

This is a conclusion we have yet to reach.

Kiran Malancharuvil
Internet Policy Counselor
MarkMonitor
415-419-9138 (m)

Sent from my mobile, please excuse any typos.

On Oct 29, 2014, at 7:28 AM, Michele Neylon - Blacknight <michele at blacknight.com<mailto:michele at blacknight.com>> wrote:

Steve

Disclosure = breach of privacy

Relay = communication

It's that simple.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.host/
http://blog.blacknight.com/
http://www.technology.ie<http://www.technology.ie/>
http://www.blacknight.press<http://www.blacknight.press/> for all our news & media Intl. +353 (0) 59  9183072 Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland  Company No.: 370845

From: Metalitz, Steven [mailto:met at msk.com]
Sent: Wednesday, October 29, 2014 2:19 PM
To: 'Don Blumenthal'; Michele Neylon - Blacknight; PPSAI
Subject: RE: What is content and what isn't

As this thread originated in a comment I made on yesterday’s call, let me return to the only point I am trying to make.

Abuse comes in two flavors:  abuse that derives from registration of the domain name itself, and abuse that derives from how the domain name is used.

The first category (which happens to be the one that Phil Corwin wants to exclude from disclosure requirements, but that’s a different thread) requires looking at the domain name itself.  The second category requires looking at the resource (such as but not necessarily limited to a website) associated with the domain name.  Websites engaged in counterfeiting and piracy fall in the second category; so do websites used for distribution of malware.  If you wish, you can call one of these content and the other something else, but they share the important characteristic that they require looking beyond the domain name to see the abuse.

One can complain all one wishes about “regulating content,”  but there are at least two problems with that.  First, one should hesitate to do so if one has signed the 2013 RAA, which requires one to “investigate and respond appropriately” to any report of “conduct involving use of a Registered Name sponsored by Registrar that is prohibited by applicable law.”

Second, nobody in this WG is talking about “regulating content.”  Quite the opposite: the very purpose of disclosure is to enable a complainant to go directly to a registrant, so that registrars (or hosting providers for that matter) don’t have to step in and regulate.  If registrars wish to accept responsibility for the conduct by their registrants, then there would be no need to seek disclosure of the contact details of registrants who use a service provided by registrar to keep those details secret.  But as registrars do not wish to accept that responsibility, then a mechanism is needed to define when those details should be disclosed.

If you are still with me to this point, then we are (as Volker has put it) in the same postal code, and we can roll up our sleeves to try to define that mechanism as best we can.  If not, not.

Steve Metalitz

From: gnso-ppsai-pdp-wg-bounces at icann.org<mailto:gnso-ppsai-pdp-wg-bounces at icann.org> [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] On Behalf Of Don Blumenthal
Sent: Tuesday, October 28, 2014 12:26 PM
To: Michele Neylon - Blacknight; PPSAI
Subject: Re: [Gnso-ppsai-pdp-wg] What is content and what isn't

Michele,

We’ve wandered into an area where the practical considerations for contracted parties and others in the infrastructure will be different from p/p providers. As for bit.ly<http://bit.ly>, it would be covered by our policy but we would not act blindly.

To be accurate, we refer to registrars for action. They have the direct contractual relationships with registrants and are in a better position to investigate.

From: Michele Blacknight <michele at blacknight.com<mailto:michele at blacknight.com>>
Date: Tuesday, October 28, 2014 at 12:12 PM
To: Don Blumenthal <dblumenthal at pir.org<mailto:dblumenthal at pir.org>>, PPSAI <gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>>
Subject: RE: What is content and what isn't

Don

I'm not sure what the sanest way of framing this is.

We'd see malware and phishing  as being network abuse issues and treat them accordingly.

While some registries may have provisions in their policies to deal with this, hosting providers, network providers and registrars may do so also.

However the problem arises when there is a question of "judgement".

But it's never that simple ..

For example this weekend bitly was flagged for malware by Google. Sure, some links on bitly might have led to malware, but pulling down the entire domain would have been a really really bad idea.

Regards

Michele



--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
http://www.blacknight.host/
http://blog.blacknight.com/
http://www.technology.ie<http://www.technology.ie/>
http://www.blacknight.press<http://www.blacknight.press/> for all our news & media Intl. +353 (0) 59  9183072 Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland  Company No.: 370845

From: gnso-ppsai-pdp-wg-bounces at icann.org<mailto:gnso-ppsai-pdp-wg-bounces at icann.org> [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] On Behalf Of Don Blumenthal
Sent: Tuesday, October 28, 2014 4:07 PM
To: PPSAI
Subject: [Gnso-ppsai-pdp-wg] What is content and what isn't

Good afternoon,

My point about whether we need to definite content was based as I said on my experience with PIR. The considerations may be different in the context of p/p obligations and processes than they are for a contracted party when reviewing a complaint about a domain.

However, I focused on Steve’s description of malware as a content issue. Our posted anti-abuse policy lists malware as something that could cause us to act against a domain. The basis is that it creates a threat to the security and stability of the Internet. Malware is not a content issue for purpose of our complaint analyses.

I may be forgetting a question. Let me know.

Don

_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg at icann.org<mailto:Gnso-ppsai-pdp-wg at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
The contents of this message may be privileged and confidential. Therefore, if this message has been received in error, please delete it without reading it. Your receipt of this message is not intended to waive any applicable privilege. Please do not disseminate this message without the permission of the author.

More information about the Gnso-ppsai-pdp-wg mailing list