[Gnso-ppsai-pdp-wg] MP3 PPSAI WG - Tuesday 10 November 2015 at 14:30 UTC
Terri Agnew
terri.agnew at icann.org
Tue Nov 10 17:22:59 UTC 2015
Dear All,
Please find the MP3 recording for the Privacy and Proxy Services Accreditation Issues PDP Working group call held on Tuesday 10 November 2015 at 14:30 UTC at: http://audio.icann.org/gnso/gnso-ppsa-10nov15-en.mp3<http://mailer.samanage.com/wf/click?upn=NrFWbrBstcrPWP369qgbqlXiSKeL20xnUXzI03ZqpsuaDeNJFENHEOJrBj-2FUzvD-2BZfOTNxZP25W-2FiSIVnJYiiw-3D-3D_nEX-2FaOijqgcJlSz5SkmueJu3tRbmaDiuX89gT35tStEeSHP9whdoceObpMxYsFLQddiMZpQjIv8dk6BsBGSJXH7VWN4SGLCJgbGKCk6E-2FTErjF4OKNQt65Dk9NF54IJ9kQpmDNySj7bbNz9G4dXi5BgbCZotTx8KNfyeB0z00f8KsMfETeTNKd7vy2kKI7tttQUIwid4NAhxXgT3nZYwmg-2BZsLXHMwnSCE845BjS8Rn3JvfnMGLWq94LAv6OzxHLtlkZt859zbFfO5oCsQw0doxJrVP7Hufoe84UceglzhaFjBVwU-2FfE0AFWtjt-2FNV0NGrdoWKKCWarV6lyTYZNzfyWr8cUC7qaR3vs0mTg3jcjeD4zgFMQkMn5Fxj5tXDp8SlRY71Vhmaexw9lZaQsD-2F9ar6D8wlKzJCaaLWTfwr1crTOus6HFYmWp332cUW3-2B7QRqqODpUqPe0OdKlN9QTgw8D0lD8yYP9-2B87QdWSWshw-3D>
On page:
http://gnso.icann.org/en/group-activities/calendar#nov
The recordings and transcriptions of the calls are posted on the GNSO Master Calendar page:
http://gnso.icann.org/calendar/
Attendees:
Alex Deacon - IPC
Chris Pelling - RrSG
Darcy Southwell - RrSG
David Hughes - IPC
Frank Michlick - Individual
Graeme Bunton - RrSG
Griffin Barnett - IPC
Holly Raiche - ALAC
James Bladel - RrSG
Kathy Kleiman - NCSG
Lindsay Hamilton-Reid - RrSG
Michele Neylon - RrSG
Paul McGrady - IPC
Phil Corwin - BC
Roger Carney-RrSG
Sara Bockey - RrSG
Sarah Wyld - RrSG
Stephanie Perrin - NCSG
Steve Metalitz - IPC
Susan Kawaguchi - BC
Terri Stumme - BC
Todd Williams - IPC
Vicky Sheckler - IPC
Volker Greimann - RrSG
Apologies:
Don Blumenthal - RySG
James Gannon - NCUC
Osvaldo Novoa - ISPCP
Christian Dawson - ISPCP
Carlton Samuels - At-Large
ICANN staff:
Aysegul Tekce
Amy Bivins
Marika Konings
Mike Zupke
Mary Wong
Terri Agnew
** Please let me know if your name has been left off the list **
Mailing list archives:
http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/
Wiki page:
https://community.icann.org/x/9iCfAg
Thank you.
Kind regards,
Terri Agnew
-------------------------------
Adobe Connect chat transcript for Tuesday 10 November 2015
Terri Agnew:Welcome to the PPSAI WG call on Tuesday 10 November 2015 at 14:30 UTC for 90 minutes.
James Bladel::)
Chris Pelling:Ello all on chat :)
Chris Pelling:Earl Grey please Graeme, no milk nor sugar :)
James Bladel:Having tea here as well. In the form of a Monster Rehab energy tea.
Graeme Bunton:James: Gross.
Terri Agnew:Welcome Lindsay Hamilton-Reid
Terri Agnew:Welcome Vicky Sheckler
Terri Agnew:Alex Deacon and Susan Kawaguchi are on audio
Lindsay Hamilton-Reid:Afternoon all
Terri Agnew:Welcome Philip Corwin
Terri Agnew:Paul McGrady has joined audio
steve metalitz:@Amy can you define FOAs?
Terri Agnew:Welcome Roger Carney
James Bladel:Registrant or Admin Contact.
Mary Wong:Form of Authorization, I think
Chris Pelling:Sorry who is htis ?
Amy Bivins:Paul McGrady, i think
Chris Pelling:ok :)
Mary Wong:Please mute your mics if you're not speaking - thank you!
Terri Agnew:Welcome Volker Greimann
James Bladel:Paul is correct. This is a question of whether or not the transfer authorization was legitimate.
Holly Raiche:Agree with James - from memory, the issue was maintaining the privacy of he beneficial registrant in the process
Holly Raiche:@ James- agree - the issue is verification of the request of the beneficial registrant in accprdance with the RAA
Chris Pelling:YEs I do please @_
Chris Pelling:* :)
Chris Pelling:Ill answer that :)
Mary Wong:Perhaps we can also clarify in the Final Report what we mean by "transfers" - distinguish between a domain name being transferred to another registrar, and transfer of a P/P registration to another P/P provider (esp in the course of de-accreditation). We can note this in the new part where we mention the additional concerns/problems that may arise with un-Affiliated P/P providers.
James Bladel:If typing please mute. Thanks! :)
Terri Agnew:Welcome Frank Michlick
Holly Raiche:@ Mary - are you suggesting that a transfer between p/p providers should not include verification of the benefical registrant? We still have to be sure that it is the actual beneficial registrant that wants the transfer
Mary Wong:@Holly, not at all - just a general suggestion that we make it clear what type of "transfer" we mean when we use that term.
Frank Michlick:sorry for being late, I was in another call
Chris Pelling:whoever is typing please mute :)
Holly Raiche:@ Mary - I thinkwe sill have an issue of ensuring that the beieficial registrant actually wants the transfer
Mary Wong:Thanks, Holly. All, FYI, here is the current language in the report regarding transfers. Per WG discussion, these are classified as best practices (I believe due to differing practices as well as not wanting to create a mandatory single standard as a result).
Mary Wong:"* P/P service providers should facilitate and not obstruct the transfer, renewal or restoration of a domain name by their customers, including without limitation a renewal during a Redemption Grace Period under the Expired Registration Recovery Policy and transfers to another registrar.* P/P service providers should use commercially reasonable efforts to avoid the need to disclose underlying customer data in the process of renewing, transferring or restoring a domain name."
steve metalitz:@Amy have any of the "what if" problems you list occurred in the registrar de-accreditation context?
steve metalitz:@Kathy, isn't that an issue of notification to the customer that the service is being de-accredited? The customer can then cancel her registration with the registrar.
Terri Agnew:Welcome Michele Neylon
James Bladel:I think we're going to need to put togther a team to work with staff, go through this deck, and come up with some high-level proposals for the WG. Some of these loose ends shouldn't be left for the implmenetation team.
James Bladel:just a suggestion.
steve metalitz:@James, good suggestion.
Darcy Southwell:Agree with James' proposal.
Holly Raiche:Agree with James on that issue
Kathy:tx Chris, good points. Could you kindly write that down because it sounds like important details the WG and ICANN implementation should know... tx!
James Bladel:Suggest we change "Account Holder" to "Privacy Customer Data"
Mary Wong:@James, presumably the problem is with the phrase "underlying P/P customer data", which is the language we are using in the recommendation in question.
Mary Wong:Rec 5 as currently phrased: "5. P/P customer data is to be validated and verified in a manner consistent with the requirements outlined in the WHOIS Accuracy Program Specification of the 2013 RAA (as may be updated from time to time). "
Kathy:I don't think that looks like my language any more...
Mike Zupke:The recommendations refer to using the RAA's whois validation & verification requirements. Our goal is to make sure we all have the same thinking: our interpretation is that the PP verification would work like "Account Holder" verification (which doesn't mandatorily lead to suspension upon failure), not registrant verification, which would lead to mandatory suspension upon failure of both automated and manual reviews.
Mary Wong:@Kathy, the co-chairs dropped the phrase "through their website" for registrars accepting registrations, and amended the words about "process created by this WG" to refer to ICANN instead.
Graeme Bunton:Thanks Mary
steve metalitz:Kathy's language propsosed 10/20: Why don't define much more precisely what we mean and have discussed throughout our 2 years of work: that Registrars will not take registrations on their websites (using their DN registration systems) using proxy/privacy service providers who are not accredited through the process we have created.
Mary Wong:Thanks for further clarifying, Steve - my note was from memory :(
Kathy:I was offering a concept -- what is include vs. what is excluded. language to be worked out :-)
steve metalitz:Agree re "knowingly"
Volker A. Greimann:We regulare all or we regulate none
Volker A. Greimann:otherwise, no deal
Chris Pelling:+1 Volker
Volker A. Greimann:sorry for all the work
Volker A. Greimann:then there is no way that we will achieve consensus
Lindsay Hamilton-Reid:Surely this is not about client confidentiality - if the law firm wants to act as a privacy and proxy provider then they must become accredited. This then is not about protecting your clients but providing a privacy and proxy service which is regulated by ICANN.
Volker A. Greimann:a lawyer acting as a gun dealer also falls under gun dealership regulation
Volker A. Greimann:right?
Holly Raiche:I think the larger question is whether/the extent to which the provision of a domain name is necessarily covered by the lawyer/client priviledge
Mary Wong:Per James' comments, the obligations of a RNH vis-a-vis a Registrar (and vice versa) are spelled out in Section 3.7.7 of the RAA.
Volker A. Greimann:indeed
Mary Wong:For example: "3.7.7.3 Any Registered Name Holder that intends to license use of a domain name to a third party is nonetheless the Registered Name Holder of record and is responsible for providing its own full contact information and for providing and updating accurate technical and administrative contact information adequate to facilitate timely resolution of any problems that arise in connection with the Registered Name. A Registered Name Holder licensing use of a Registered Name according to this provision shall accept liability for harm caused by wrongful use of the Registered Name, unless it discloses the current contact information provided by the licensee and the identity of the licensee within seven (7) days to a party providing the Registered Name Holder reasonable evidence of actionable harm."
Chris Pelling:it is still in the law firms company name, and thus they are "liable" for it
James Bladel:@Phil - I presume that someone would report such a law firm to a Registrar, who would be obligated to investigate.
James Bladel:@Susan - thanks for the plug. :)
Volker A. Greimann:in that case, they could agree to the terms of the accreditation policy, and you would be aware, right Susan?
Kathy:@Susan: I am not sure that most people pay their lawyers for responsiveness. Some pay them Not to be responsive.
Phiip Corwin:@James--yes, that might happen for a "law firm" that holds itself out to the general poublic as providing P/P services -- but should thesde rules apply to a legitimate law firm that occasionally registers names for clients as an accommodation? Would any domain registration by a law firm automatically be presumed to be for P/P purposes?
Volker A. Greimann:either we regulate everyone who offers this service, or no one?
Chris Pelling:so hang on Susan, you mention you might use Domain by Proxy, and use as the underlying the information as your lawyers, but, they are still not hte registrant
Volker A. Greimann:otherwise, would doctors, journalists and priests also benefit from this excemption?
Susan Kawaguchi:@Chris the law firm would be the registrant and respond appropriately
Susan Kawaguchi:@ volker do not follow you.
Volker A. Greimann:no one is regulating lawyers, we are regulating privacy proxy service providers who happen to be lawyers
Chris Pelling:BUt they are still not the the "actual owner" or controlling person of the domain name Susan
Chris Pelling:as you requested them to register it
Susan Kawaguchi:sure the law firm has control of the domain name
Chris Pelling:Mary - how is the owner of a doamin name specified in the RAA ? I thought is was the requester of that domain name
Stephanie Perrin:Paul, you are a US attorney. We cannot assume the same standards globally.
steve metalitz:Note our recomendation 4: Domain name registrations involving p/p service providers should be clearly labeled as such. So in the scenario we are discussing is the registration by law firm (whether 1 or 1000) so labeled?
Susan Kawaguchi:and they can take any action they feel they need to with the registration including tranferring into Facebook's name
Stephanie Perrin:Good point Steve...that would be very helpful if they were labelled
Stephanie Perrin:Problem being how do you enforce if not accredited
Michele Neylon:you can't
Mary Wong:@Chris: "Account Holder" means the person or entity that is paying for the Registered Name or otherwise controls the management of the registered name, when that person or entity is not the Registered Name Holder. Also, ""Registered Name Holder" means the holder of a Registered Name."
Phiip Corwin:@Steve--would your law firm label itself aP/P service provider and voluntarily submit to ICANN regulation vis-a-vis entering into an accreditation agreement if a client asked you to register a domain name for a still-secret product or service?
Kathy:Creating exemptions is a dangerous process
Phiip Corwin:And, BTW, how would we even make sure that every lawyer and law firm in the world knows of this P/P accreditation framework. Lots of folks are still ignorant of new gTLDs.
James Bladel:So much for Graeme's optimism. :)
steve metalitz:@Phil: No, my law firm is not a privacy/proxy service provider
Kathy:@Graeme: this is not my language either
Chris Pelling:So Mary, in that instance, as Susan would be paying her lawyer for the domain name, Susan would be classed (Facebook) as the registered name holder ?
Volker A. Greimann:we worked with lawyers who offer similar services in ccTLDs, trustee services and many of these create a separate entity for this
Phiip Corwin:Thx Steve. I expected that asnwer -- and have no quarrel with it.
Todd Williams:I have to say: if my doctor or priest is running a side business as a P/P Provider, I've got bigger worries than whether they're accredited or not.
James Bladel:Still think the simplest approach is to put some teeth around 3.7.7 for unaccredited providers. Law firms wouldn't have an issue, since they already represent their client. Would provide an incentive for service providers to come under the "Accrediation Umbrella"
Chris Pelling:** That should have been acount holder in my point there
Mary Wong:@Kathy, sorry if I misspoke but this is the language that was sent to the Sub Team yesterday for your consideration. You are right that this is not what was discussed on the WG call last week, but is the follow up from that call based on Steve's suggestions then.
Mary Wong:That's why I felt it necessary to note that this is not language that the Sub Team has agreed on.
Kathy:Someone changed the langauge in numerous ways, including changing an AND to an OR - now the Requester is agreeing to nothing.
Stephanie Perrin:As it seems unlikely we will get to my hand being up, I would liketo note that this does not correct the power imbalance. between requestor and beneficial registrant. we need the ability to request a bond be placed, managed by ICANN compliance.
Phiip Corwin:Support kathy on changing or to and. Agree with james that we shouldn't reference registrant's domicile because that is unknown at time of request.
Michele Neylon:+1 James
Volker A. Greimann:also, why worry? this would only hurt complainants abusing the system
James Bladel:Let's just move everything to California. It's the ICANN way. :)
Phiip Corwin:@James. the CA Bar Assn thanks you! ;-)
James Bladel:I'll volunteer fo rthat team Graeme.
Mary Wong:Thanks, James - noted.
Susan Kawaguchi:I will volunteer alos
Mary Wong:And thanks too, Susan.
Kathy:I think we have two very difficult issues left
Sara Bockey:thank you all!
Darcy Southwell:Thanks, all!
Kathy:Tx Graeme and All
Lindsay Hamilton-Reid:Thanks
Phiip Corwin:Bye all
Chris Pelling:Thanks all
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20151110/69b31f9c/attachment-0001.html>
More information about the Gnso-ppsai-pdp-wg
mailing list