[Rt4-whois] Proxy provider recommendation 112311 susan draft(2).doc [SEC=UNCLASSIFIED]
Seth M Reiss
seth.reiss at lex-ip.com
Fri Nov 25 17:01:58 UTC 2011
I find myself closely aligned with Peter 's thoughts and analysis. I prefer
the simplicity of what I thought we had agreed to in Dakar as well as how
that model promoted the underlying interests that we were concerned with:
(1) protecting individual's privacy particularly in those countries that had
legal regimes that implicate WHOIS data appear to require such protection;
and (2) not permitting registrants or proxy services to avoid WHOIS
accountability without justification and without significant risk.
While I appreciate that there is a concern on the part of members of our
Team to acknowledge the proxy industry and regulate it, I am not persuaded
that the AOC mandate requires that we accommodate existing interests simply
because they exist.
My other concern is that what I will term the more "involved solution" does
not appear to be going in a direction that is likely to reach consensus. It
seems we are mixing privacy and proxy again or at least treating them too
much alike, and I think this is something that has plagued the privacy/proxy
debate from day one.
I have a rather large project this weekend that keeps my away from a
computer and means that I am not keeping up with the emails. Meanwhile, I
did want to let all you know my perspective. I will of course work with the
direction the group decides to go, and I will be checking my emails in the
late evening to determine what direction that is.
Good luck!
Seth
From: rt4-whois-bounces at icann.org [mailto:rt4-whois-bounces at icann.org] On
Behalf Of Kathy Kleiman
Sent: Friday, November 25, 2011 6:04 AM
To: rt4-whois at icann.org
Subject: Re: [Rt4-whois] Proxy provider recommendation 112311 susan
draft(2).doc [SEC=UNCLASSIFIED]
Peter,
You email below is eloquent, and I urge everyone to read it. We really have
to wrestle with these issues, and quickly. I truly wish we had more
information, and note there are two very complex studies now taking place in
the GNSO right now because the community, as a whole, felt it needed much
more information in this area. It is a confusing one!
I share the concerns that Peter is raising, but from a somewhat different
perspective. If we are "blessing" the existence of proxy and privacy
services, then I think we need to make it very clear *to registrants* what
is happening. E.g., From a registrant perspective:
- when is their name going to be disclosed (privacy service),
- when do they have legal liability (privacy service),
- when is someone else the "owner" of their domain name (proxy
service).
I submitted some changes consistent with this goal of the most basic
education and information.
I think we have to be very, very clear because, from the perspective of .ORG
political groups, for example, people's lives may be on the line.
Best,
Kathy
:
Thanks Emily, that's very useful, and I think I understand where its coming
from.
I have a few follow on questions, as I'm trying to understand the big
picture/strategy, and to try to work through the new proposal fully as this
is a key area of interest for me. To be honest, I'm a bit nervous about
reopening such a major issue so late in the piece, with only limited time to
think through and discuss all the implications. That said, I'm not opposed,
just cautious.
In terms of questions: is the intention to retain our 'privacy'
recommendations from Dakar? i.e. so that we would in effect have three
different arrangements: i.e. privacy, 'known' proxies, and 'unknown'
proxies? I ask this because if we are to recommend the establishment of
parallel 'known proxy' and 'privacy' regimes, we would need to clearly
explain and justify any differences between the two (I note that many of the
recommendations we agreed for privacy services have been adopted for the
proposed proxy recommendations). I expect that a key question we would face
is why we were advocating for two different types of privacy-related
services? In what circumstances are privacy services not sufficient?
Understanding the reason for this may address some of my concerns.
Separate to the question of privacy services, we also need to consider the
implications of endorsing proxy services. In Dakar, we discussed at length
the risks of ICANN explicitly acknowledging (and effectively endorsing) the
practice of completely limiting access to a registrant's identity. I had
thought that was one of the reasons why we agreed that ICANN should not
endorse this practice, and instead that we would argue that:
. the full rights and responsibilities of the registrant should
accrue to the registered name holder; and
. ICANN should endorse and regulate 'privacy' services which could
limit the availability of sensitive personal data, without completely
obfuscating the registrant's identity.
This approach seemed to address the privacy concerns expressed by a range of
stakeholders, and to clarify (perhaps for the first time) the chain of
contractual rights and responsibilities.
Much of this revolves around the question of whether tighter regulation of
proxies is needed, or whether simply removing the endorsement and clarifying
the chain of legal responsibilities would be more effective. In effect, the
new proposal is to advocate the replacement of one mechanism which attempts
to regulate proxies (i.e. the current RAA provisions) with another. The
intent is obviously to have a tighter set of regulations this time, to
reduce gaming/abuse etc. At one level this seems logical, but I am concerned
that by introducing doubt into the chain of rights and responsibilities,
anything we then do will be like trying to patch a leak that we in effect
created. Given that both previous versions of the RAA have tried the
endorsement/regulation route with very limited success, I think we would
need a strong case to propose a third attempt at this approach as the best
way to go. Do we think that this is something we can achieve in practice,
and why is it better than the simpler alternative?
I hope I'm not making this unnecessarily complicated - I just want to make
sure that we don't make a rushed change that has not been fully discussed.
I look forward to the views of other team members on this issue.
Cheers,
Peter
From: Emily Taylor [mailto:emily at emilytaylor.eu]
Sent: Thursday, 24 November 2011 8:30 PM
To: Nettlefold, Peter
Cc: Susan Kawaguchi; rt4-whois at icann.org
Subject: Re: [Rt4-whois] Proxy provider recommendation 112311 susan
draft(2).doc [SEC=UNCLASSIFIED]
Hi Peter
As it's Thanksgiving, our US colleagues will (should) be offline for a
couple of days.
My understanding from last night's call is that our proposal is to combine
these proxy recommendations with the ones from Dakar. In other words,
instead of saying "we never acknowledge proxies" we say this. Susan
explained that they are currently working on defining what is meant by a
proxy, and as you rightly point out there are different flavours of proxy.
There is the "deep" arrangement based on an ongoing trusting relationship
(eg solicitor, client) where a proxy might not be obvious. My understanding
is that we're not attempting to lift the veil on these. They are not viewed
as problematic.
What is viewed as within the ambit of these new draft recommendations are
the higher volume, commercialised proxy services, where there is not really
a pre-existing relationship between registrant and proxy provider, but this
is a low cost add on at the point of registration. The two parties don't
really know each other that well. These are the ones we're hoping to
describe in our definitions, and they are the target of these
recommendations.
I hope that this makes it clear, but obviously I do recommend you listen to
Susan's description of their thinking from the audio when it's up.
Thanks
Emily
On 24 November 2011 02:32, Nettlefold, Peter <Peter.Nettlefold at dbcde.gov.au>
wrote:
Hi Susan and all,
Thanks very much to all who worked on this new series of recommendations.
I'm sorry I missed the teleconference this morning, but just wanted to see
if I understand this proposal correctly.
In short, is this a supplement to the position we agreed in Dakar? i.e. will
the situation generally be that the registered name holder assumes all
rights and responsibilities (as we discussed in Dakar), but in a special
subset of cases (i.e. where the registrar clearly knows that a 'proxy' is
being used) then some special rules apply?
Or to put it another way, will we be recommending that there should be
special new rules for 'known' proxies (however defined), and in all other
cases we do not acknowledge proxies?
I'm sorry if this was discussed this morning, but I'm just trying to
understand the position.
As there isn't a recording up yet that I've seen, any advice on whether
other team members have already commented on this would be appreciated.
Cheers,
Peter
From: rt4-whois-bounces at icann.org [mailto:rt4-whois-bounces at icann.org] On
Behalf Of Susan Kawaguchi
Sent: Thursday, 24 November 2011 6:18 AM
To: rt4-whois at icann.org
Subject: [Rt4-whois] Proxy provider recommendation 112311 susan draft(2).doc
Hello All,
I apologize for the delay in sending this and that it is still in rough
draft. The attached document contains Kathy's revisions and comments to my
original proposed recommendation. I have added proposed definitions for
the terms we are struggling with. These came out of discussions between
James and I.
I feel that we must provide a clear recommendation on the proxy issue but I
personally seem to keep moving towards drafting policy. I am hoping we will
have time to discuss on the call today as I have several questions for the
team.
Susan
----------------------------------------------------------------------------
---
NOTICE: This email message is for the sole use of the intended recipient(s)
and may contain confidential and privileged information. Any unauthorized
review, use, disclosure or distribution is prohibited. If you are not the
intended recipient, please contact the sender by reply email and destroy all
copies of the original message.
This message has been content scanned by the Axway MailGate.
MailGate uses policy enforcement to scan for known viruses, spam,
undesirable content and malicious code. For more information on Axway
products please visit www.axway.com.
----------------------------------------------------------------------------
---
_______________________________________________
Rt4-whois mailing list
Rt4-whois at icann.org
https://mm.icann.org/mailman/listinfo/rt4-whois
--
Image removed by sender.
76 Temple Road, Oxford OX4 2EZ UK
t: +44 (0)1865 582 811 . m: +44 (0)7540 049 322
emily at emilytaylor.eu
www.etlaw.co.uk
Emily Taylor Consultancy Limited is a company registered in England and
Wales No. 730471. VAT No. 114487713.
----------------------------------------------------------------------------
---
NOTICE: This email message is for the sole use of the intended recipient(s)
and may contain confidential and privileged information. Any unauthorized
review, use, disclosure or distribution is prohibited. If you are not the
intended recipient, please contact the sender by reply email and destroy all
copies of the original message.
This message has been content scanned by the Axway MailGate.
MailGate uses policy enforcement to scan for known viruses, spam,
undesirable content and malicious code. For more information on Axway
products please visit www.axway.com.
----------------------------------------------------------------------------
---
_______________________________________________
Rt4-whois mailing list
Rt4-whois at icann.org
https://mm.icann.org/mailman/listinfo/rt4-whois
--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mm.icann.org/pipermail/rt4-whois/attachments/20111125/1ab1dd3c/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 823 bytes
Desc: not available
Url : http://mm.icann.org/pipermail/rt4-whois/attachments/20111125/1ab1dd3c/attachment.jpe
More information about the Rt4-whois
mailing list