[Rt4-whois] streamlined proxy recommendation language

Susan Kawaguchi susank at fb.com
Thu Dec 1 00:05:55 UTC 2011 

I guess the key to me in clarifying the role of a proxy provider and liability as a registrant is where and what contract would we clarify and what mechanism do we have to hold them liable?

From: Seth M Reiss [mailto:seth.reiss at lex-ip.com]
Sent: Wednesday, November 30, 2011 4:03 PM
To: Susan Kawaguchi; 'Kathy Kleiman'
Cc: rt4-whois at icann.org
Subject: RE: [Rt4-whois] streamlined proxy recommendation language

I am not advocating ignoring proxy services simply clarifying their role and liability as registrant.  I suspect we are very closely aligned regarding outcome, just not how to reach there.

I think we disagree regarding whether we need to tolerate an industry simply because it exists and has for a time.  ICANN did not tolerate domain name tasting, although it acted relatively quickly there and has not here.

I believe it to be a dangerous proposition to say that we need to accommodate existing practices simply because ICANN has allowed them to exist for a period of time, although I think it's an unfortunately circumstance.  If you apply this line of reasoning broadly, you effectively allow the industry to restrict what ICANN can and cannot do.

I would like to find a middle ground.  I am not one for asking people to think differently.  I just don't see how holding stating a proxy should be held fully responsible, and then at the same time having retail proxy services definitions and a voluntary best practices policy, will not be viewed as inherently contradictory.

Seth


From: Susan Kawaguchi [mailto:susank at fb.com]
Sent: Wednesday, November 30, 2011 1:29 PM
To: Kathy Kleiman; Seth M Reiss
Cc: rt4-whois at icann.org
Subject: RE: [Rt4-whois] streamlined proxy recommendation language

HI Seth,

I am going to respond to you out of order
In all our discussions, I have still not heard a persuasive argument why a proxy service industry that can shield itself from liability is necessary or good or appropriate.    I agree with you but it is what is.   The situation arose over 10 years ago and I do not think that advocating to do away with proxy services is going to be well received by  the ICANN community.   Also to date, there has been very few examples of a proxy service being held liable.

We need proxy services but we need responsive proxy services many of the providers are acting responsibly it is the bad actors that I would like to change their behavior.

Once you introduce definitions concerning affiliates, retail services and different flavors of proxy services, the cheap ones with flimsy relationships, and the expensive ones with fiduciary type relationships, it will appear to the court that you do not really mean what you saying in bullet number 6.  This will confuse the courts (and the public) and the registrant proxy services is more likely to be able to weasel out of being held liable.

I am not sure that these definitions would be accepted outside of ICANN and at least we would have a clearer picture of who we are dealing with.

I am not convinced at all that just removing the language from the RAA would impact the practices of the current proxy services.  If you have another argument let me know I am open to rethinking this but I am not open to ignoring proxy service providers.

Susan

From: rt4-whois-bounces at icann.org [mailto:rt4-whois-bounces at icann.org] On Behalf Of Kathy Kleiman
Sent: Wednesday, November 30, 2011 3:15 PM
To: Seth M Reiss
Cc: rt4-whois at icann.org
Subject: Re: [Rt4-whois] streamlined proxy recommendation language

Great comments, Seth. I defer to Susan and James, as the experts on this material.
Best,
Kathy

:
Thank you Kathy for breaking this out.  I have not been good about reviewing the entire document.

To respond to Peter's question about what would be legally enforceable, I think if you look at bullet number 6, if this bullet was implemented in a very clear and unambiguous way, by itself and without some of the other material being proposal, then I think there would be reasonable expectation that national courts would hold the registrant proxy service fully responsible for harm caused by a website hosted at the domain name at issue.  In other words, the Ninth Circuit decision that Susan highlighted would have been decided differently.

Once you introduce definitions concerning affiliates, retail services and different flavors of proxy services, the cheap ones with flimsy relationships, and the expensive ones with fiduciary type relationships, it will appear to the court that you do not really mean what you saying in bullet number 6.  This will confuse the courts (and the public) and the registrant proxy services is more likely to be able to weasel out of being held liable.

The current proposal on the table suggests to me a somewhat more complicated model whereby the registrant proxy service is fully liable for the use of the domain name but can shield that liability by adopted and fully complying the a specific set of reveal and relay processes etc.  I voluntary set of best practices would not do this, but a mandatory set of provisions to qualify a proxy service for a "safe harbor" would.  Such a safe hard model would in my view be more difficult to implement and is likely to give rise to a certain amount of uncertainty and inconsistent outcomes even if prudently implemented.  But this also assumes that we need to have a proxy service in which proxies may shield themselves from liability.  In all our discussions, I have still not heard a persuasive argument why a proxy service industry that can shield itself from liability is necessary or good or appropriate.

Seth


From: rt4-whois-bounces at icann.org<mailto:rt4-whois-bounces at icann.org> [mailto:rt4-whois-bounces at icann.org] On Behalf Of Kathy Kleiman
Sent: Wednesday, November 30, 2011 12:24 PM
To: rt4-whois at icann.org<mailto:rt4-whois at icann.org>
Subject: [Rt4-whois] streamlined proxy recommendation language

Hi All,
I feel like I am sending altogether too many emails today. Sorry :-)! Anyway, here's one more.  I worked with James, a little, and Susan, more, on streamlining the Proxy recommendations to look, sound and flow like the Privacy recommendations. Of course, proxy is voluntary, and privacy is a requirement, but the rest is fairly close.

They are below and attached. If you like them, we'll send them on to Alice for inclusion. Note: the definitions went into a footnote which should be easy to see as it will be quite extensive.

here's the text:

Data Access- Proxy Service

1.      ICANN should facilitate the review of existing practices by reaching out to proxy providers to create a discussion which sets out current processes followed by proxy service providers.

2.      Registrars should be required to disclosure their relationship with any Affiliated Retail proxy service provider to ICANN.

3.      ICANN should develop and manage a set of voluntary best practice guidelines for appropriate proxy services [footnote 1] consistent with national laws. These voluntary guidelines should strike an appropriate balance between stakeholders with competing but legitimate interests. At a minimum this would include privacy, law enforcement and the industry around law enforcement.

Such voluntary guidelines may include:

+ Proxy services provide full contact details as required by the Whois

+ Publication by the proxy service of its process for revealing and relaying information

+ Standardization of reveal and relay processes and timeframes, consistent with national laws

+ Maintenance of a dedicated abuse point of contact for the proxy service provider

+ Due diligence checks on licensee contact information.

5. ICANN should encourage and incentivize registrars to interact with the retail service providers that adopt the best practices.

6. For the avoidance of doubt, the WHOIS Policy, referred to in Recommendation 1 above, should include an affirmative statement that clarifies that a proxy means a relationship in which the Registrant is acting on behalf of another. The WHOIS data is that of the agent, and the agent alone obtains all rights and assumes all responsibility for the domain name and its manner of use.

Footnote 1 (all the remaining text)
As guidance to the Community and as useful background for the Proxy Service Recommendations, the Review Team provides its working definitions of proxy service and different types of proxy service providers:

- Proxy Service - a relationship in which the registrant is acting on behalf of another The WHOIS data is that of the agent and the agent alone obtains all rights and assumes all responsibility for the domain name and its manner of use. [KK: is this the definition we are using in other places in the Report?]

- Affiliated Registrar - another ICANN accredited registrar that operates under a common controlling interest (2009 Registrar Accreditation Agreement, Section 1.20)

- Affiliate retail proxy service provider - entity operating under a common controlling interest of a registrar.

- Retail proxy service provider - proxy service with little or no knowledge of the entity or individual requesting the service  beyond their ability to pay and their agreement to the  general terms and conditions.

- Limited proxy service provider - proxy service for an entity or individual in which there is an ongoing business relationship bound by a contract that is specific to the relationship.


--- end
same text attached
Kathy

--






--




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mm.icann.org/pipermail/rt4-whois/attachments/20111201/38e8595b/attachment.html

More information about the Rt4-whois mailing list