[GNSO-RPM-WG] FW: New Q15 Proposal re: Actions & Notes: RPM PDP WG Meeting 16 October 2019

John McElwaine john.mcelwaine at nelsonmullins.com
Wed Oct 23 17:00:53 UTC 2019 

I recall that the issue of the confidentiality of the TMCH database specifically came up in the Implementation Assistance Group (IAG) which was the group putting together the details and rules of the TMCH.

Having “Data Access” limited to a “need to know basis” was how the subject was originally introduced to the IAG.  I believe (but am not sure) that this “Data Access” may have resulted out of Section 8.1 of the STI Report which stated:

If feasible, the TM Claims Notice should provide links, or provide alternative methods of providing access, to the registrant for accessing the TC Database information referenced in the TM Claims Notice for a fuller understanding of the TM rights being claimed by the trademark owner. These links shall be provided in real time without cost to the Registrant. The implementation details should be left to ICANN Staff to determine how to easily provide access to registrants to this information.

From the September 26, 2012 Report of the IAG which was used to prepare “the draft implementation model of the Trademark Clearinghouse published by ICANN for discussion purposes”:

Misuse of Data
To minimize abuse, distribution of TMCH data should be limited to situations where necessary to implement TMCH functionality. It should also be justified by technical, performance, uptime, availability, and economic factors. At a minimum, there should be sufficient contractual restrictions to provide enforcement capabilities to guard against abuse of the access and information provided through the TMCH. Specifically, rights holders have expressed concerns related to the aggregation of mark data through the TMCH, which may expose their brand protection strategies or be used to gather competitive intelligence by competitors. If the TMCH database is freely searchable and accessible, it could be possible to identify a rights holder’s gaps in its intellectual property protection strategies. For example, it might be possible to identify jurisdictions in which the rights holder has not registered its trademarks or in which it has not chosen to defensively register domain names. In this regard, this information could be misused by criminals, such as to conduct phishing attacks or other types of social engineering attacks.

In addition, concerns were raised with regard to limiting information submitted in the TMCH that may be valuable to a competitor, especially with regards to a brand-related registry. If it is possible to do extensive searching of the database to compile a list of marks that a mark holder has registered, some IAG members believed that this can reveal the mark holder’s brand protection strategy because it shows which marks it believes are more valuable than others. If someone can access all of the countries where a specific brand is registered, this may also create competitive advantage because a competitor might go to the unprotected jurisdiction and register the mark before the mark holder. The TMCH should not allow extensive searching to be done in a manner where a trademark holder’s entire portfolio could be easily accessed. Accordingly, the TMCH should be structured to address how to minimize data mining by a registry of a competitor’s trademark registration patterns.

The above report and analysis was related to work undertaken by the IAG looking at the “Data Access” (which labeled issue T1).  From the April 13, 2012 Draft Implementation Model:

Specifically, some rights holders indicated concern that the aggregation of rights data through the Clearinghouse may expose corporate strategies or be used to gather competitive intelligence, particularly if the database is freely searchable and accessible. For example, it might be possible to identify jurisdictions in which a rights holder has not registered its trademarks or in which it has not chosen to register domain names. In this regard, this information could drive uses such as phishing or other types of social engineering activities.





From: GNSO-RPM-WG <gnso-rpm-wg-bounces at icann.org> On Behalf Of Kathy Kleiman
Sent: Wednesday, October 23, 2019 11:22 AM
To: gnso-rpm-wg at icann.org
Subject: Re: [GNSO-RPM-WG] FW: New Q15 Proposal re: Actions & Notes: RPM PDP WG Meeting 16 October 2019

◄External Email► - From: gnso-rpm-wg-bounces at icann.org<mailto:gnso-rpm-wg-bounces at icann.org>


The Trademark Clearinghouse database -- as negotiated by the GNSO Council appointed group and approved unanimously by the GNSO Council and ICANN Board -- was *not* secret or confidential. It's openness was discussed, debated and agreed to as a monitoring and oversight mechanism, and additionally because so much of what was already within the TMCH would be public materials -- registered trademarks themselves.



Kathy (with my hat as member of the STI)


On 10/23/2019 10:52 AM, Marie Pattullo wrote:
Thanks, Julie. I’m about to go into a call so apologies for the hit & run response, but initial thoughts inline:

Para one:
The Working Group understands that, on the one hand, trademark owners may register trademarks and enter them into the Trademark Clearinghouse as part of a business-confidential strategy, including for new products yet to enter the market. Access to the database would allow misuse, including by bad actors and/or competitors. On the other hand, some Working Group members have noted that it was not clear, during the lead up to the launch of the 2012 New gTLD Program, that the Trademark Clearinghouse database was intended to be a non-publicly-accessible, confidential database. I wasn’t involved then, but I thought Claudio said that it was always intended to be confidential? I’ve never seen reference to it being considered as being an open resources.  In addition, some Working Group members expressed concern that potential registrants may benefit from knowing what marks are already in the Trademark Clearinghouse database prior to attempting a registration, especially in view of the likelihood (based on discussions the Working Group has held with the current Trademark Clearinghouse validator) that some marks may consist of generic words which potential registrants may legitimately wish to use as a domain name. If it’s a legitimate use, then brand holders won’t stop them.
The Working Group agrees in principle that an audit of the Trademark Clearinghouse database can be beneficial. I still have reservations about this – I don’t think the potential harm, based on fact, is an equal balance for the potential gain, based on supposition. Accordingly, the Working Group recommends that, in order to inform the next review of the Trademark Clearinghouse, a small group of community volunteers be formed that will have limited, specifically-defined, confidential access to the Trademark Clearinghouse database, for the sole purpose of working with ICANN Org and any appointed third party examiner on such review. The scope of such confidential access is to be limited to oversight purposes only and must not violate any terms of confidentiality that apply to trademark owners whose marks are already in the Trademark Clearinghouse database at that time. Should this be take forward, any trademark owners that have chosen to enter their trademarks in the Trademark Clearinghouse must first be given time to consider if they wish to remove them, and to do so, before they are made known to any such community members, with appropriate safeguards considered for the effect that this may have on such trademark owners.

From: GNSO-RPM-WG <gnso-rpm-wg-bounces at icann.org><mailto:gnso-rpm-wg-bounces at icann.org> On Behalf Of Tushnet, Rebecca
Sent: Wednesday, October 23, 2019 3:15 PM
To: Julie Hedlund <julie.hedlund at icann.org><mailto:julie.hedlund at icann.org>; gnso-rpm-wg at icann.org<mailto:gnso-rpm-wg at icann.org>
Subject: Re: [GNSO-RPM-WG] New Q15 Proposal re: Actions & Notes: RPM PDP WG Meeting 16 October 2019

I asked this in the meeting but didn't directly address it to Staff: Analysis Group reported on the top ten queried terms in the TMCH. Is it Staff's understanding that this disclosure by AG breached a confidentiality duty?

The description "non-publicly-accessible, confidential database" is not accurate, given that members of the public with no duties of confidentiality can find out on a term-by-term basis by attempting to register.  I would suggest something like "database that is inaccessible to the public except through individual registration attempts."

More generally, I think the proposal needs to state ICANN's understanding of the current rule.  Without a clear statement of the current rule, I don't think this audit proposal is understandable--and to the extent it suggests that disclosing anything, including a top ten list, is a violation of confidentiality, that seems like a worsening of the problem.


Rebecca Tushnet
Frank Stanton Professor of First Amendment Law, Harvard Law School
703 593 6759
________________________________
From: GNSO-RPM-WG <gnso-rpm-wg-bounces at icann.org<mailto:gnso-rpm-wg-bounces at icann.org>> on behalf of Julie Hedlund <julie.hedlund at icann.org<mailto:julie.hedlund at icann.org>>
Sent: Wednesday, October 23, 2019 9:01 AM
To: gnso-rpm-wg at icann.org<mailto:gnso-rpm-wg at icann.org> <gnso-rpm-wg at icann.org<mailto:gnso-rpm-wg at icann.org>>
Subject: [GNSO-RPM-WG] New Q15 Proposal re: Actions & Notes: RPM PDP WG Meeting 16 October 2019


Dear WG members,



Per the action item below to draft a new Q15 proposal relating to the discussion during the meeting on 16 October, staff submits for your consideration the following suggested text.  We very much look forward to working with you on further revisions as needed, as well as to the discussion on today’s call.



Kind regards,

Mary, Ariel, and Julie



Staff-suggested draft (based on Working Group discussions and suggestions made on the Working Group call of 16 October):

The Working Group understands that, on the one hand, trademark owners may register trademarks and enter them into the Trademark Clearinghouse as part of a business-confidential strategy, including for new products yet to enter the market. On the other hand, some Working Group members have noted that it was not clear, during the lead up to the launch of the 2012 New gTLD Program, that the Trademark Clearinghouse database was intended to be a non-publicly-accessible, confidential database. In addition, some Working Group members expressed concern that potential registrants may benefit from knowing what marks are already in the Trademark Clearinghouse database prior to attempting a registration, especially in view of the likelihood (based on discussions the Working Group has held with the current Trademark Clearinghouse validator) that some marks may consist of generic words which potential registrants may legitimately wish to use as a domain name.



The Working Group agrees in principle that an audit of the Trademark Clearinghouse database can be beneficial. Accordingly, the Working Group recommends that, in order to inform the next review of the Trademark Clearinghouse, a small group of community volunteers be formed that will have limited, specifically-defined, confidential access to the Trademark Clearinghouse database, for the sole purpose of working with ICANN Org and any appointed third party examiner on such review. The scope of such confidential access is to be limited to oversight purposes only and must not violate any terms of confidentiality that apply to trademark owners whose marks are already in the Trademark Clearinghouse database at that time.



From: GNSO-RPM-WG <gnso-rpm-wg-bounces at icann.org<mailto:gnso-rpm-wg-bounces at icann.org>> on behalf of Julie Hedlund <julie.hedlund at icann.org<mailto:julie.hedlund at icann.org>>
Date: Wednesday, October 16, 2019 at 3:27 PM
To: "gnso-rpm-wg at icann.org<mailto:gnso-rpm-wg at icann.org>" <gnso-rpm-wg at icann.org<mailto:gnso-rpm-wg at icann.org>>
Subject: [GNSO-RPM-WG] Actions & Notes: RPM PDP WG Meeting 16 October 2019



Dear All,



Please see below the action items captured by staff from the RPM PDP Working Group call held on 16 October 2019 at 17:00 UTC.  Staff will post these to the wiki space.  Please note that these are high-level notes and are not meant as a substitute for the recording, chat room, or transcript. The recording, Zoom chat, transcript and attendance records are posted on the wiki at: https://community.icann.org/display/RARPMRIAGPWG/2019-10-16+Review+of+all+Rights+Protection+Mechanisms+%28RPMs%29+in+all+gTLDs+PDP+WG<https://urldefense.proofpoint.com/v2/url?u=https-3A__community.icann.org_display_RARPMRIAGPWG_2019-2D10-2D16-2BReview-2Bof-2Ball-2BRights-2BProtection-2BMechanisms-2B-2528RPMs-2529-2Bin-2Ball-2BgTLDs-2BPDP-2BWG&d=DwMGaQ&c=WO-RGvefibhHBZq3fL85hQ&r=E-M4OQvQBo8UWqE1LwEiDR3PcWlfM0I-0jiI1c4ous0&m=GU7oC_LaBo7KvH3LCTYNBb2Z62O2_gB7PePpFA2YNvE&s=Lebe-G6v-muk6fUa-l7fXJ95Vfc50wtSu3jY53kDW2k&e=>.



Best Regards,

Julie

Julie Hedlund, Policy Director



==



NOTES & ACTION ITEMS



Actions:



Open and Deferred TMCH Questions:



Q7 Design Marks: ACTION: WG agrees to publish Kleiman/Muscovitch and Shatan proposals in the Initial Report for Public Comment.

Q8 GIs: ACTION: WG agrees to publish Tushnet proposal in the Initial Report for Public Comment.

Q12: ACTION: Staff will work with Maxim to revise the proposal to include context and background, and make it more formal.  Make it clear that this is an implementation recommendation, not policy.  Publish to the WG email list for review.

Q15: ACTIONS: 1) WG agrees to publish Karanicolas proposal in the Initial Report for Public Comment. 2) ACTION: Staff to draft a new proposal based on suggestions and circulate it to interested WG members and the Co-Chairs.

Q2: Proposal from Martin Pablo Silva Valent: ACTIONS: 1) Martin to revise the proposal with assistance of other WG members and circulate it on the WG email list for review. 2) Staff will check to see if either party to the contract can seek modifications.



Discussion of whether individual URS proposals should be revisited by the WG, and methodology for doing so:  ACTION: WG members are requested to continue discussion on the email list. See the draft survey at:  survey [forms.gle]<https://urldefense.proofpoint.com/v2/url?u=https-3A__forms.gle_kak3MEWFTNeq69wN9&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=adDIs0WEx_lLwFfrsdovxTYY8GkRHo5ibc8SR3Npdh8&m=36glY4CKyg4JCvpnCKFaXpx9PW_r5RObgdpcO0mtVM8&s=pEK5aTpdV-IIoTgVC0PHNGEZ969HY26RoiVzAAphdcw&e=>.



Notes:



1.  Updates to Statements of Interest: No updates provided.



2. Status of Questions Q7, Q8, Q12, and Q15:



Q7 Design Marks: ACTION: WG agrees to publish Kleiman/Muscovitch and Shatan proposals in the Initial Report for Public Comment.



Q8 GIs: ACTION: WG agrees to publish Tushnet proposal in the Initial Report for Public Comment.



Q12: Proposal from Maxim Alzoba – TMCH Operational Considerations

-- Need to improve redundancy and availability of the TMCH.

-- Question: Are you referring to the TM database, run by IBM?  Deloitte is the validator and IBM is the maintainer of the database.  Answer: Relates to the provision of the database.  Or could be a issue with the design, it’s hard to say.  Need to review how it works.  Might not be limited to software functions.  Could be dataflow design.

-- Need to get background on the cases reported to GDD colleagues.  The validation function is kept separate from the database function.  If the WG wishes to investigate this further this is probably an issue with implementation as to SLA (there are applicable SLAs).  Need also to go back and look at the deliberations concerning the original design of the TMCH and database.

-- Information about the SOW with IBM (and for that matter the SLAs with Deloitte) on this Working Group wiki page, under TMCH Contracting: https://community.icann.org/pages/viewpage.action?pageId=61606864<https://urldefense.proofpoint.com/v2/url?u=https-3A__community.icann.org_pages_viewpage.action-3FpageId-3D61606864&d=DwMDaQ&c=qmi9WrYRGQEDDOxOwKrAjW7mWovpzN_EKyRbeK_zbP0&r=Kepk-9GEB6JgOj0vUGl8c0hdrRM7FW-8Is-VAQU1VAk&m=6PdODCxx0pFS_O8Ct151GXBvBolgy6QESpwRhpAInzE&s=AaHHM_PFma3YOKVp3Fa79Iw_DMDLVZUNFVKWJgOPee8&e=>


ACTION: Staff will work with Maxim to revise the proposal to include context and background, and make it more formal.  Make it clear that this is an implementation recommendation, not policy.  Publish to the WG email list for review.



Q15: ACTION: WG agrees to publish Karanicolas proposal in the Initial Report for Public Comment.

-- Hoped that we could get consensus.

-- Could allow a limited group to access the data, perhaps a future review team?  Can’t just open up now when those who participate have been assured of confidentiality.

-- Question - is there a way for the WG to reach agreement on how to ensure there is some kind of specific, limited access to the data in the TMDB for oversight purposes only (including future reviews)?

ACTION: Staff to draft a new proposal based on suggestions and circulate it to interested WG members and the Co-Chairs.



3. Remaining Deferred Charter Questions (see the attached Status of WG Discussions on Agreed TMCH Charter Questions):



a. Close Discussion: TMCH Category 6: Balance: Charter Question 16: Close discussion.



b. Discussion: TMCH Category 1: Education: Charter Questions 1, 2, and 3 – Proposal submitted by Martin P Valent for Q2 (1 Oct 2019<https://urldefense.proofpoint.com/v2/url?u=https-3A__community.icann.org_download_attachments_109482780_Martin-2520Pablo-2520Silva-2520Valent-2520-2D-2520Q2.pdf-3Fversion-3D1-26modificationDate-3D1569963225000-26api-3Dv2&d=DwMGaQ&c=WO-RGvefibhHBZq3fL85hQ&r=E-M4OQvQBo8UWqE1LwEiDR3PcWlfM0I-0jiI1c4ous0&m=GU7oC_LaBo7KvH3LCTYNBb2Z62O2_gB7PePpFA2YNvE&s=PKnCPcJaP-hGDv7k41qSJp4G-vUa7kFbgWNfm3FAImo&e=>)



Q1: Close discussion.



Q2: Proposal from Martin Pablo Silva Valent:

-- TMCH should educate rights holders; it is already doing outreach and should do more.

-- Needs to be revised to be in the form of a recommendation.

-- Amendment: this effort would work in conjunction with whatever marketing ICANN is doing to support knowledge around new gTLD program in general and the TMCH.

-- Not clear as drafting what is the remit of Deloitte and what falls elsewhere.  Some of this should be done at an ICANN level.

-- Not sure involving ICANN at this level is required.

-- ICANN is not involved in marketing gTLDs.

-- Needs to be some definition/scope.  Don’t see TMCH providing education on RPMs.  We also need to clarify what is meant by “education.” Is this essentially “awareness” or is something more contemplated?

-- In the end we need much more in terms of education.  If it’s not in the current contract then it’s worth considering in future discussion.

-- Need to be careful how to express this.

-- From staff: ICANN Org does not have control over the TMCH provider’s website and information.  The contract was an initial 5-year term that expired on the first anniversary of the entering into force of the new gTLD program, and followed by consecutive 1-year renewal terms unless there’s a 180 day notice of termination. See: https://community.icann.org/pages/viewpage.action?pageId=61606864<https://urldefense.proofpoint.com/v2/url?u=https-3A__community.icann.org_pages_viewpage.action-3FpageId-3D61606864&d=DwMGaQ&c=WO-RGvefibhHBZq3fL85hQ&r=E-M4OQvQBo8UWqE1LwEiDR3PcWlfM0I-0jiI1c4ous0&m=GU7oC_LaBo7KvH3LCTYNBb2Z62O2_gB7PePpFA2YNvE&s=9vB4Yvqqu-gSbuPEj2gY7ATdZdok63vjBBtw77AvqOA&e=> .  We are in the 1-year renewal term.

-- Should look at what Deloitte already provides on their website.

-- There's a lot of talk about what should be done - but no-one identifying anything actually glaringly missing.

-- Maybe it’s more of an outreach question, if the education already exists.

-- We should be identifying what’s not being done.  Otherwise, we’re just endorsing education conceptually, or providing a generic roadmap for what could be done that will include many things that are already being done.

ACTION: Martin to revise the proposal with assistance of other WG members and circulate it on the WG email list for review.

ACTION: Staff will check to see if either party to the contract can seek modifications.



4. Discussion of whether individual URS proposals should be revisited by the WG, and methodology for doing so.  See the draft survey at:  survey [forms.gle]<https://urldefense.proofpoint.com/v2/url?u=https-3A__forms.gle_kak3MEWFTNeq69wN9&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=adDIs0WEx_lLwFfrsdovxTYY8GkRHo5ibc8SR3Npdh8&m=36glY4CKyg4JCvpnCKFaXpx9PW_r5RObgdpcO0mtVM8&s=pEK5aTpdV-IIoTgVC0PHNGEZ969HY26RoiVzAAphdcw&e=>:



-- Survey does not designate which proposals go into the Initial Report – that will be decided via WG discussion.

-- WG members should consider whether or not names and affiliations should be included, although the survey is not a poll.

-- WG members will decide what to do with the data.

-- Co-Chairs suggest allowing WG members to take the survey as a way to inform, but not direct, WG discussions.

ACTION: WG members are requested to continue discussion on the email list.





_______________________________________________



GNSO-RPM-WG mailing list



GNSO-RPM-WG at icann.org<mailto:GNSO-RPM-WG at icann.org>



https://mm.icann.org/mailman/listinfo/gnso-rpm-wg<https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Drpm-2Dwg&d=DwMDaQ&c=qmi9WrYRGQEDDOxOwKrAjW7mWovpzN_EKyRbeK_zbP0&r=Kepk-9GEB6JgOj0vUGl8c0hdrRM7FW-8Is-VAQU1VAk&m=6PdODCxx0pFS_O8Ct151GXBvBolgy6QESpwRhpAInzE&s=8FH-5Lm9_iyYjpspSNzAt2dOVuvjvZ2kyCIQh2x7n9Y&e=>



_______________________________________________



By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMDaQ&c=qmi9WrYRGQEDDOxOwKrAjW7mWovpzN_EKyRbeK_zbP0&r=Kepk-9GEB6JgOj0vUGl8c0hdrRM7FW-8Is-VAQU1VAk&m=6PdODCxx0pFS_O8Ct151GXBvBolgy6QESpwRhpAInzE&s=j15WQS8Bnm8KeBCSUJPlw5Hdbmvws-gnr_af0NTo1s4&e=>) and the website Terms of Service (https://www.icann.org/privacy/tos<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMDaQ&c=qmi9WrYRGQEDDOxOwKrAjW7mWovpzN_EKyRbeK_zbP0&r=Kepk-9GEB6JgOj0vUGl8c0hdrRM7FW-8Is-VAQU1VAk&m=6PdODCxx0pFS_O8Ct151GXBvBolgy6QESpwRhpAInzE&s=nykW72AfYIBMd5943mKpT4hvlgo8SdVQo0ChyyJJz_w&e=>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.


Confidentiality Notice

This message is intended exclusively for the individual or entity to which it is addressed. This communication may contain information that is proprietary, privileged, confidential or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately either by phone (800-237-2000) or reply to this e-mail and delete all copies of this message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rpm-wg/attachments/20191023/e85a7be7/attachment-0001.html>

More information about the GNSO-RPM-WG mailing list