[Rt4-whois] Proxy provider recommendation 112311 susan draft(2).doc [SEC=UNCLASSIFIED]

Smith, Bill bill.smith at paypal-inc.com
Mon Nov 28 20:39:02 UTC 2011 

Eminently reasonable.

I really don't know how to "resolve" this issue, but I am strongly drawn to the simpler text we had agreed to in Dakar, as Emily recently suggested. This may be the best we can hope for given the complexity and messiness of the issue. In my opinion, it also happens to address the issues, as we understand them, from those wishing to "protect" themselves. It may not be perfect but it handles most of the cases we identified.

Moving from the current (complex) state to a (simpler) state we might recommend will likely take time and may be difficult.

On Nov 25, 2011, at 9:01 AM, Seth M Reiss wrote:

I find myself closely aligned with Peter ‘s thoughts and analysis.  I prefer the simplicity of what I thought we had agreed to in Dakar as well as how that model promoted the underlying interests that we were concerned with:  (1) protecting individual’s privacy particularly in those countries that had legal regimes that implicate WHOIS data appear to require such protection; and (2) not permitting registrants or proxy services to avoid WHOIS accountability without justification and without significant risk.

While I appreciate that there is a concern  on the part of members of our Team to acknowledge the proxy industry and regulate it, I am not persuaded that the AOC mandate requires that we accommodate existing interests simply because they exist.

My other concern is that what I will term the more “involved solution” does not appear to be going in a direction that is likely to reach consensus.  It seems we are mixing privacy and proxy again or at least treating them too much alike, and I think this is something that has plagued the privacy/proxy debate from day one.

I have a rather large project this weekend that keeps my away from a computer and means that I am not keeping up with the emails.  Meanwhile, I did want to let all you know my perspective.  I will of course work with the direction the group decides to go, and I will be checking my emails in the late evening to determine what direction that is.

Good luck!

Seth

From: rt4-whois-bounces at icann.org<mailto:rt4-whois-bounces at icann.org> [mailto:rt4-whois-bounces at icann.org] On Behalf Of Kathy Kleiman
Sent: Friday, November 25, 2011 6:04 AM
To: rt4-whois at icann.org<mailto:rt4-whois at icann.org>
Subject: Re: [Rt4-whois] Proxy provider recommendation 112311 susan draft(2).doc [SEC=UNCLASSIFIED]

Peter,
You email below is eloquent, and I urge everyone to read it. We really have to wrestle with these issues, and quickly. I truly wish we had more information, and note there are two very complex studies now taking place in the GNSO right now because the community, as a whole, felt it needed much more information in this area. It is a confusing one!

I share the concerns that Peter is raising, but from a somewhat different perspective. If we are "blessing" the existence of proxy and privacy services, then I think we need to make it very clear *to registrants* what is happening. E.g., From a registrant perspective:
    -    when is their name going to be disclosed (privacy service),
    -    when do they have legal liability (privacy service),
    -    when is someone else the "owner" of their domain name (proxy service).
I submitted some changes consistent with this goal of the most basic education and information.

I think we have to be very, very clear because, from the perspective of .ORG political groups, for example, people's lives may be on the line.

Best,
Kathy
:
Thanks Emily, that’s very useful, and I think I understand where its coming from.

I have a few follow on questions, as I’m trying to understand the big picture/strategy, and to try to work through the new proposal fully as this is a key area of interest for me. To be honest, I’m a bit nervous about reopening such a major issue so late in the piece, with only limited time to think through and discuss all the implications. That said, I’m not opposed, just cautious.

In terms of questions: is the intention to retain our ‘privacy’ recommendations from Dakar? i.e. so that we would in effect have three different arrangements: i.e. privacy, ‘known’ proxies, and ‘unknown’ proxies? I ask this because if we are to recommend the establishment of parallel ‘known proxy’ and ‘privacy’ regimes, we would need to clearly explain and justify any differences between the two (I note that many of the recommendations we agreed for privacy services have been adopted for the proposed proxy recommendations). I expect that a key question we would face is why we were advocating for two different types of privacy-related services? In what circumstances are privacy services not sufficient? Understanding the reason for this may address some of my concerns.

Separate to the question of privacy services, we also need to consider the implications of endorsing proxy services. In Dakar, we discussed at length the risks of ICANN explicitly acknowledging (and effectively endorsing) the practice of completely limiting access to a registrant’s identity. I had thought that was one of the reasons why we agreed that ICANN should not endorse this practice, and instead that we would argue that:
•         the full rights and responsibilities of the registrant should accrue to the registered name holder; and
•         ICANN should endorse and regulate ‘privacy’ services which could limit the availability of sensitive personal data, without completely obfuscating the registrant’s identity.

This approach seemed to address the privacy concerns expressed by a range of stakeholders, and to clarify (perhaps for the first time) the chain of contractual rights and responsibilities.

Much of this revolves around the question of whether tighter regulation of proxies is needed, or whether simply removing the endorsement and clarifying the chain of legal responsibilities would be more effective. In effect, the new proposal is to advocate the replacement of one mechanism which attempts to regulate proxies (i.e. the current RAA provisions) with another. The intent is obviously to have a tighter set of regulations this time, to reduce gaming/abuse etc. At one level this seems logical, but I am concerned that by introducing doubt into the chain of rights and responsibilities, anything we then do will be like trying to patch a leak that we in effect created. Given that both previous versions of the RAA have tried the endorsement/regulation route with very limited success, I think we would need a strong case to propose a third attempt at this approach as the best way to go. Do we think that this is something we can achieve in practice, and why is it better than the simpler alternative?

I hope I’m not making this unnecessarily complicated – I just want to make sure that we don’t make a rushed change that has not been fully discussed.

I look forward to the views of other team members on this issue.

Cheers,

Peter


From: Emily Taylor [mailto:emily at emilytaylor.eu]
Sent: Thursday, 24 November 2011 8:30 PM
To: Nettlefold, Peter
Cc: Susan Kawaguchi; rt4-whois at icann.org<mailto:rt4-whois at icann.org>
Subject: Re: [Rt4-whois] Proxy provider recommendation 112311 susan draft(2).doc [SEC=UNCLASSIFIED]

Hi Peter

As it's Thanksgiving, our US colleagues will (should) be offline for a couple of days.

My understanding from last night's call is that our proposal is to combine these proxy recommendations with the ones from Dakar.  In other words, instead of saying "we never acknowledge proxies" we say this.  Susan explained that they are currently working on defining what is meant by a proxy, and as you rightly point out there are different flavours of proxy.  There is the "deep" arrangement based on an ongoing trusting relationship (eg solicitor, client) where a proxy might not be obvious. My understanding is that we're not attempting to lift the veil on these.  They are not viewed as problematic.

What is viewed as within the ambit of these new draft recommendations are the higher volume, commercialised proxy services, where there is not really a pre-existing relationship between registrant and proxy provider, but this is a low cost add on at the point of registration.  The two parties don't really know each other that well.  These are the ones we're hoping to describe in our definitions, and they are the target of these recommendations.

I hope that this makes it clear, but obviously I do recommend you listen to Susan's description of their thinking from the audio when it's up.

Thanks

Emily
On 24 November 2011 02:32, Nettlefold, Peter <Peter.Nettlefold at dbcde.gov.au<mailto:Peter.Nettlefold at dbcde.gov.au>> wrote:
Hi Susan and all,

Thanks very much to all who worked on this new series of recommendations.

I’m sorry I missed the teleconference this morning, but just wanted to see if I understand this proposal correctly.

In short, is this a supplement to the position we agreed in Dakar? i.e. will the situation generally be that the registered name holder assumes all rights and responsibilities (as we discussed in Dakar), but in a special subset of cases (i.e. where the registrar clearly knows that a ‘proxy’ is being used) then some special rules apply?

Or to put it another way, will we be recommending that there should be special new rules for ‘known’ proxies (however defined), and in all other cases we do not acknowledge proxies?

I’m sorry if this was discussed this morning, but I’m just trying to understand the position.

As there isn’t a recording up yet that I’ve seen, any advice on whether other team members have already commented on this would be appreciated.

Cheers,

Peter


From: rt4-whois-bounces at icann.org<mailto:rt4-whois-bounces at icann.org> [mailto:rt4-whois-bounces at icann.org<mailto:rt4-whois-bounces at icann.org>] On Behalf Of Susan Kawaguchi
Sent: Thursday, 24 November 2011 6:18 AM
To: rt4-whois at icann.org<mailto:rt4-whois at icann.org>
Subject: [Rt4-whois] Proxy provider recommendation 112311 susan draft(2).doc

Hello All,

I apologize for the delay in sending this and that it is still in rough draft.  The attached document contains Kathy’s revisions and comments to my original proposed recommendation.   I have added proposed definitions for the terms we are struggling with.  These came out of discussions between James and I.

I feel that we must provide a clear recommendation on the proxy issue but I personally seem to keep moving towards drafting policy.  I am hoping we will have time to discuss on the call today as I have several questions for the team.

Susan

-------------------------------------------------------------------------------
NOTICE: This email message is for the sole use of the intended recipient(s)
and may contain confidential and privileged information. Any unauthorized
review, use, disclosure or distribution is prohibited. If you are not the
intended recipient, please contact the sender by reply email and destroy all
copies of the original message.

This message has been content scanned by the Axway MailGate.
MailGate uses policy enforcement to scan for known viruses, spam, undesirable content and malicious code. For more information on Axway products please visit www.axway.com<http://www.axway.com>.

-------------------------------------------------------------------------------

_______________________________________________
Rt4-whois mailing list
Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
https://mm.icann.org/mailman/listinfo/rt4-whois



--


   <image001.jpg>


76 Temple Road, Oxford OX4 2EZ UK
t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322
emily at emilytaylor.eu<mailto:emily at emilytaylor.eu>

www.etlaw.co.uk<http://www.etlaw.co.uk>

Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713.


-------------------------------------------------------------------------------
NOTICE: This email message is for the sole use of the intended recipient(s)
and may contain confidential and privileged information. Any unauthorized
review, use, disclosure or distribution is prohibited. If you are not the
intended recipient, please contact the sender by reply email and destroy all
copies of the original message.

This message has been content scanned by the Axway MailGate.
MailGate uses policy enforcement to scan for known viruses, spam, undesirable content and malicious code. For more information on Axway products please visit www.axway.com<http://www.axway.com>.

-------------------------------------------------------------------------------




_______________________________________________

Rt4-whois mailing list

Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>

https://mm.icann.org/mailman/listinfo/rt4-whois




--





_______________________________________________
Rt4-whois mailing list
Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
https://mm.icann.org/mailman/listinfo/rt4-whois

More information about the Rt4-whois mailing list