[Gnso-ppsai-pdp-wg] PPSAI - Proposed language on attestation - a few new words

Kiran Malancharuvil Kiran.Malancharuvil at markmonitor.com
Sat Apr 11 02:04:54 UTC 2015 

The attestation issue isn't going to solve the "jaw droppingly outlandish" requests issue.  People can (and do) make stupid requests acting under the full authority of the brand owner.

Kiran Malancharuvil
Internet Policy Counselor
MarkMonitor
415-419-9138 (m)

Sent from my mobile, please excuse any typos.

On Apr 10, 2015, at 5:38 PM, Christian Dawson <dawson at servint.com<mailto:dawson at servint.com>> wrote:


Actually in my opinion I think this is a really important conversation, but I can really only turn to my experience in tangential areas to illustrate why.

I'm not a registrar but coming from the cloud background, I can say that many of us occasionally see more 'bad' hosted content takedown requests than actionable ones.

I've seen DMCA notices used to try to shut down competitors on many occasions. Though it's not the norm, it is important to understand the common outlier cases. I see them almost daily where they just don't make sense - either pointing to broken links or asking for broad takedowns on whole sites for unclear or poorly demonstrated reasons.

DMCA notices require a statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of the copyright that is allegedly infringed. But that doesn't stop me from getting dumb and potentially business-disrupting DMCA notices daily. I investigate and address every one - even the jaw droppingly outlandish ones - but try to take care to do so in a way that limits the possibility of any innocent party from having their business disrupted.

I'm well aware that this isn't the DMCA, but I draw the parallel for a reason. Some individuals and organizations that utilize privacy and proxy services require confidentiality, and in the important fringe cases they even need them for life and death reasons.

I acknowledge that there are many legitimate needs for being able to get at proxied contact info, but I can promise based on my experience with the DMCA that there's going to be a plethora of illegitimate claims. Especially in those fringe cases, that's  troubling. The worst case scenario in a poorly handled DMCA complaint is that an innocent business has their content come down as they sort things out. Once the content is put back online, that problem is somewhat mitigated. In contrast, once contact information is provided to someone who shouldn't have it, that horse is out of the barn and you can never get it back in.

I've been buried with other projects and there's a chance I'm missing things, as I admit to only skimming the last few weeks of work. If so I'm eager for somebody to offer to bring me back into the loop. I'd love to be a part of this particular conversation from a more informed standpoint. Based on what I understand from today, I don't think it too much to ask to try and get some verification other than a 'statement under penalty of perjury' -which works ineffectively under the DMCA to ensure notices will pass even basic scrutiny - before we authorize companies to turn over private contact information from one who for one reason or another (and there are countless legitimate ones) felt they required confidentiality.


Christian Dawson
President; ServInt
w:  703 288 3530<tel:703%20288%203530>
http://servint.net<http://i2coalition.com/>

PGP: E955B71C
Fingerprint: 3BD3 A427 9F5E 0D86 E79D  4EB5 6AF5 3518 E955 B71C

On Apr 10, 2015, at 7:46 PM, Kiran Malancharuvil <Kiran.Malancharuvil at markmonitor.com<mailto:Kiran.Malancharuvil at markmonitor.com>> wrote:

What are you attempting to validate? The honesty of the requestor or the ability of the requestor to act specifically on behalf of the client they are representing for that specific request?

Where does this end? If we submit a request that establishes who we are acting on behalf of, you don't believe us. If we submit another document asserting that again, will that be the end? Or will we be suspect in regard to that document?

This whole conversation is reaching a point of ridiculous.

Kiran

Kiran Malancharuvil
Internet Policy Counselor
MarkMonitor
415-419-9138 (m)

Sent from my mobile, please excuse any typos.

On Apr 10, 2015, at 4:41 PM, Chris Pelling <chris at netearth.net<mailto:chris at netearth.net>> wrote:

Hi Val,

I would request it as a "standard practice" when we meet a new requester, then add it to our files as a confirmed requester.  In our case as we would be directly responsible, better to be safe than sorry, if that means an extra piece of paper and/or email then so be it.  I will always "err on the side of caution".

Obviously we do not get many of these requests, so, building up our files will take time when we get contacted, however, other far larger registrars may already have those connections in place.

Regards,
Chris

----- Original Message -----
From: "Valeriya Sherman" <vsherman at sgrlaw.com<mailto:vsherman at sgrlaw.com>>
To: chris at netearth.net<mailto:chris at netearth.net>
Cc: gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>
Sent: Saturday, 11 April, 2015 12:02:25 AM
Subject: RE: [Gnso-ppsai-pdp-wg] PPSAI - Proposed language on attestation - a few new words

That is the point of the attestation language we previously discussed, whereby the Requestor--under the penalty of perjury--attests for you that he/she has the authority to make the request.  And if you reasonably believe that, despite the repercussions from making a false attestation under the penalty of perjury, they do not have the authorization they claim, you can ask them to show some proof of it.



Valeriya  Sherman | Attorney at Law

202-973-2611 Phone
202-263-4326 Fax
www.sgrlaw.com<http://www.sgrlaw.com>
vsherman at sgrlaw.com<mailto:vsherman at sgrlaw.com>

1055 Thomas Jefferson Street, N.W.
Suite 400
Washington, D.C. 20007

Ms. Sherman's practice is limited to matters before federal courts and before the United States Patent and Trademark Office.
She is not admitted in the District of Columbia.

Smith, Gambrell & Russell, LLP

-----Original Message-----
From: Chris Pelling [mailto:chris at netearth.net]
Sent: Friday, April 10, 2015 6:25 PM
To: Sherman, Valeriya
Cc: Graeme Bunton; gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>
Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI - Proposed language on attestation - a few new words

Hi Val,

I have a small point to make on "Requestor is unauthorized to act on behalf of the rights holder" how are we as the provider supposed to know that XYZ acts on behalf of Apple inc ?

In my case, I would simply go on the stance, request the confirmation, then once received continue the process.  Also then note in our records XYZ acts on behalf if Apple, and should we not get another request from the requester for another year - get a "refreshing" confirmation.

Chris

----- Original Message -----
From: "Valeriya Sherman" <vsherman at sgrlaw.com<mailto:vsherman at sgrlaw.com>>
To: "Graeme Bunton" <gbunton at tucows.com<mailto:gbunton at tucows.com>>, gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>
Sent: Friday, 10 April, 2015 9:57:18 PM
Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI - Proposed language on attestation - a few new words







Thank you, Kathy for this language. It is a positive step in the right direction. We would like to propose a slight variation to it:



d) Where the signatory is not the rights holder, an officer of the rights holder (if a corporate entity) or an attorney of the rights holder, and the Provider has a reasonable basis to believe that the Requestor is unauthorized to act on behalf of the rights holder, the Provider may request, and the Requestor shall provide, sufficient proof of agency.



Happy to hear others’ thoughts on this.



Val








Valeriya Sherman | Attorney at Law


202-973-2611 phone
202-263-4326 fax
www.sgrlaw.com<http://www.sgrlaw.com>
vsherman at sgrlaw.com<mailto:vsherman at sgrlaw.com>


1055 Thomas Jefferson Street, N.W.
Suite 400
Washington, D.C. 20007


Ms. Sherman's practice is limited to matters before federal courts and before the United States Patent and Trademark Office.
She is not admitted in the District of Columbia.


Smith, Gambrell & Russell, LLP






From: gnso-ppsai-pdp-wg-bounces at icann.org<mailto:gnso-ppsai-pdp-wg-bounces at icann.org> [mailto:gnso-ppsai-pdp-wg-bounces at icann.org] On Behalf Of Graeme Bunton
Sent: Friday, April 10, 2015 4:20 PM
To: gnso-ppsai-pdp-wg at icann.org<mailto:gnso-ppsai-pdp-wg at icann.org>
Subject: Re: [Gnso-ppsai-pdp-wg] PPSAI - Proposed language on attestation - a few new words



Thanks Kathy,

Originally, I had concerns about this, similar to what Michele was expressing on the call.

In talking with our compliance team, it sounds like they have, for a new or unknown requester that's a third party, attempted to verify the relationship between them and the rights holder.

The below language seems reasonable to me, and I wouldn't think it would generate anything that doesn't already exist. Having it available may even make requests more efficient.

Graeme





On 2015-04-10 3:14 PM, Kathy Kleiman wrote:



Hi Todd and All,

It sounds like we all agree that the requester must have the rights holders' authorization to make the submit the reveal request, make the infringement allegation and bind the rights holder to the limitations on the revealed data. For rights holders, that agency will be reflected in a document -- an agency agreement (or equivalent). That's all we're asking for -- the ability to see it if there are questions. We circulated some longer language earlier, but have been reviewing it. Building on Val's language, it may now boil down to a few additional words. They are below (in italics) and attached in the Reveal Policy (using the text by Mary for our meeting last Tues):



-----------------------------------------------





















Confidentiality Notice
This message is being sent by or on behalf of a lawyer. It is intended exclusively for the individual or entity to which it is addressed. This communication may contain information that is proprietary, privileged or confidential or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message.

_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg at icann.org<mailto:Gnso-ppsai-pdp-wg at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

________________________________
Confidentiality Notice
This message is being sent by or on behalf of a lawyer. It is intended exclusively for the individual or entity to which it is addressed. This communication may contain information that is proprietary, privileged or confidential or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message.
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg at icann.org<mailto:Gnso-ppsai-pdp-wg at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
_______________________________________________
Gnso-ppsai-pdp-wg mailing list
Gnso-ppsai-pdp-wg at icann.org<mailto:Gnso-ppsai-pdp-wg at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg

More information about the Gnso-ppsai-pdp-wg mailing list