[Gnso-ppsai-pdp-wg] Data Collection Details

Kathy Kleiman kathy at kathykleiman.com
Tue Sep 30 13:41:40 UTC 2014 

Kiran,
Tx so much for your answers below! Do you think you might be able to 
answer all five of the questions raised for Registrars offering P/P 
services?  With your special group of clients, I would expect that the 
answers will help inform our discussion. In particular, do you contact 
your clients when someone is trying to obtain their proxied data? Do you 
give them an opportunity to respond to you before you disclose?  For 
business reasons, I would think disclosure and publication might be a 
sensitive issue with some of your clients (e.g., analysts shopping for 
merger data, new company launches, etc).

Best and tx,
Kathy

1. What are provider practices regarding customer notification when a 
disclosure request is received, and is the customer given the 
opportunity to respond?

2. Does any provider offer its customer an option other than disclosure 
or publication, e.g. an opportunity to cancel the registration instead 
(i.e. what some WG members have mentioned as a "takedown")?

3. What are provider "standards" for determining disclosure to third 
parties?

4. Can providers give the WG some general information about the 
percentage of requests for disclosure that are successful?

5. For Q4, do providers also have information about the type of claims 
those relate to e.g. If they are from LEA, 3P IP claim etc.?


:
> Hi Graeme,
>
> Thanks for this, I appreciate the elaboration.
>
> This is good insight into how Tucows deals with and/or categorizes requests for relay/reveal/disclosure/publication.  As you know, MarkMonitor is also a Registrar, and we do provide limited privacy/proxy services for our clients.  While admitting that our business model, client base and offerings are probably quite different from our provider colleagues here, we have not encountered the same difficulties that you lay out below.
>   que
> Historically we have been able to classify requests for relay/reveal neatly into simple-enough categories such as "requests for the sale of the domain" or "claim of IP infringement."  Of course categories will be slightly varied amongst Registrars, but I would suspect we could find some common umbrellas that might serve to help us see a pattern/bigger picture.
>
> As far as "measuring success" is concerned, regardless of whether it "closed the ticket" or not, we do keep records about whether we disclosed or published in response to an inquiry (or relayed as is most often the case), UDRP or other request.  I feel like that would be a best practice of any Registrar in order that they may be able to track what was done and justify their actions in case there's a challenge.
>
> Like I said, MarkMonitor has a pretty unique client base, and so most of the answers to the questions that are posed to providers would not be helpful in this context.  (e.g.: our clients are extremely responsive to requests that are relayed.)  However I can say that in the past eight years of data, there has not been a request for disclosure that wasn't related to a claim of IP infringement.
>
> As a side note, slightly off topic but relevant to the categorization topic and other discussions in this group, I note with concern your statement about categorizing claims of IP infringement.  You state that "If someone claims IP infringement, but our investigation yields no such issue, does the category still stand?"  Why is Tucows investigating and essentially determining the validity of an infringement claim?  At MarkMonitor we categorize based on what the claimant asserts (and act accordingly by relaying, etc.), but leave adjudication to WIPO or NAF professionals (for example), or courts.
>
> Thanks!  Looking forward to discussing further on list and on tomorrow's call.
>
> Best,
>
> Kiran
>
>
> Kiran Malancharuvil
>
> Policy Counselor
>
> MarkMonitor
>
> kiranm at markmonitor.com<mailto:kiranm at markmonitor.com>
>
> 415-222-8318 (t)
>
> 415-419-9138 (m)
>
> ________________________________
> From: gnso-ppsai-pdp-wg-bounces at icann.org [gnso-ppsai-pdp-wg-bounces at icann.org] on behalf of Graeme Bunton [gbunton at tucows.com]
> Sent: Sunday, September 28, 2014 3:47 PM
> To: gnso-ppsai-pdp-wg at icann.org
> Subject: [Gnso-ppsai-pdp-wg] Data Collection Details
>
> So, requests 3 and 4 on our list were:
> 3 - Can providers give the WG some general information about the percentage of requests for disclosure that are successful
> 4 - For Q4, do providers also have information about the type of claims those relate to e.g. If they are from LEA, 3P IP claim etc.?
>
> And I agreed to provide some colour as to why these are probably difficult questions to answer.  The below should be true for most providers (and really, for any support system), but should any Registrar colleagues disagree, feel free to chime in.
>
> The concise reason is that compliance desks are optimized for throughput of issues, and not for policy related reporting.
>
> In more detail -
>
> Compliance (or whatever dept that deals with issues around domains) may not use a ticketing system.  If the provider is small enough, it may just be an email address.   There is no obligation for anyone to use a system that is even capable of producing data, or from which data may easily be extracted.
>
> Even if they do use a system robust enough to allow for reporting, the data we're requesting may not typically be captured in the course of an investigation, or even useful for the running of the business. For question 3, for example, 'successful disclosure' is mostly relevant to the requester, but is not an attribute required to close the ticket.  That information may be captured as text inside a description, but if it's not a specific flag on the ticket, it's very very difficult to report on accurately.  We at Tucows occasionally mine the text of the tickets related to our retail operations, and the results are always considerably noisy.
>
> Question 4 presumes that requester type as well as as issue type are ticket attributes.  I would think that some such systems do capture the issue type (IP, defamation, offensive, etc etc) but each service provider is going to have differently defined categories that may cause difficulty in the aggregation.  As well, just because a claim is made, doesn't mean it has any particular validity which impacts categorization.  If someone claims IP infringement, but our investigation yields no such issue, does the category still stand?  As well, because requests are usually dealt with manually, categorizing requesters may be unlikely, aside from a distinction between LEA and 'other'.
>
> Lastly, as should be clear from previous discussions, there are very few black and white issues that we see.  Given the variety of issues and the multitude of interest areas that they cross, straightforward classification is exceptionally difficult, and analysis that attempts to place requests into distinct buckets is going to lose a substantial amount of detail.  Nonetheless, I'm in the process of looking into our system at the moment to see if possible to sketch out some trends.  Unfortunately, we migrated to a new platform earlier this year, so there is not much to draw from.
>
>
> Graeme
> _________________________
> Graeme Bunton
> Manager, Management Information Systems
> Manager, Public Policy
> Tucows Inc.
> PH: 416 535 0123 ext 1634
>
> _______________________________________________
> Gnso-ppsai-pdp-wg mailing list
> Gnso-ppsai-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20140930/fe7ce9a6/attachment.html>

More information about the Gnso-ppsai-pdp-wg mailing list