[Rt4-whois] streamlined proxy recommendation language
Seth M Reiss
seth.reiss at lex-ip.com
Thu Dec 1 02:09:25 UTC 2011
The way manufacturer/retailer liability works under American law is the
individual harmed by a product sues the retailer, the retails impleads and
sues the distributor for indemnity and defense, and the distributor impleads
and sues the manufacturer for indemnity and defense. This relationship is a
result of both provisions in the contracts between the manufacturer,
distributor and retailer, but also from a law called the UCC and warranties
that the law implies. The rules are so clear in this area that these things
happen almost automatically, since there is no point in disputing them. But
the court never says that the retailer is not liable simply because there
are the contractual provisions that require middle men and manufacturers to
indemnity and defend the retailer. Rather, the court maintains the lawsuit
against the retailer and if manufacturer and/or distributor goes belly up,
the retainer must make good on the claim. So retailers learn not to sell
product from flaky distributors or manufactures.
It might take a lawsuit or two to clarify the situation, but if a clear
policy/statement is made by ICANN, and there is no other language or
structure to make the waters murky, hopefully one or two lawsuits with clear
and sensible results will be all it takes.
Seth
-----Original Message-----
From: Smith, Bill [mailto:bill.smith at paypal-inc.com]
Sent: Wednesday, November 30, 2011 3:19 PM
To: Susan Kawaguchi
Cc: Seth M Reiss; Kathy Kleiman; rt4-whois at icann.org
Subject: Re: [Rt4-whois] streamlined proxy recommendation language
Susan,
It may not seem like it but I am supportive, very supportive of your
position of to not rely on litigation to solve these types of problems.
Where we disagree is the best approach to avoid the litigation.
I am not suggesting that cigarette-style litigation is the way forward.
Rather, I am concerned that proposal for retail proxy indemnification (if
I've read it right) will result in exactly that situation, some time far in
the future when society and the courts finally realize that allowing
unfettered criminal activity on the Internet is a bad idea. Retail proxies
will happily sell a service to people they don't know as long as they have
no liability.
If instead of no liability, we insist that they have the liability of the
Registrant, since that's what they are, I strongly suspect that counsel for
these services will understand that they now carry at least some risk in
these transactions. Consequently, they will either recommend against them or
insist on some mechanism to mitigate the risk, through insurance or other
mechanisms - perhaps even actually knowing something about their customers.
Any or all of these would involve higher costs hence higher prices making
these services less attractive to criminals, etc.
By the addition of SLAs into contracts, and mandatory consequences, we
provide a means for ICANN to ensure that valid queries, information
requests, corrections, etc. are made in a timely manner. A registrant could
ignore a request knowing that the specific penalty for failing to comply
with such request. With mandatory revocation the consequence of last resort,
we give the community and ICANN the ability to revoke a name (the only thing
of value under our control).
If a proxy is a party to any of these transactions, they act as the
Registrant and must respond either directly or with guidance from the
licensee per the agreement SLAs. Failure to do so results in the same
consequences.
By setting SLAs and consequences appropriately, ICANN can influence the
behavior of Registrants and those that act as proxies for them.
Even if we go with language you an James worked on, and I realize that you
put in a great deal of effort on that, we'll still need something like what
I have outlined because as we discussed in Dakar, anyone can act as a proxy
for a Registrant no matter what ICANN tries to do to prevent it. If the
"best practices" ICANN develops for the retail trade prove too onerous,
proxy providers will simply step outside of the ICANN tent and provide their
services likely failing to adhere to the best practices.
I hope this makes sense.
Bill
On Nov 30, 2011, at 4:38 PM, Susan Kawaguchi wrote:
HI Bill,
Thank you for your thoughts I think your statement below is my biggest pain
point.
"I think they are inherently contradictory. How a service is *sold* should
not determine liability. If this were the case and we applied the proposed
definitions to consumer products, untold numbers of tort cases would be
summarily thrown out. Cigarette, toy, and asbestos manufacturers could
properly claim, "I don't know the buyer therefor I have no liability"."
All of the cases you mention above relied on litigation to clarify the
existence of liability and impose that liability on the manufacturer. It
would be overwhelming and burdensome to rely on litigation to fix this
problem especially when it involves global entities as proxy service
providers. I think we have the opportunity to incentivize the registrars to
help with the problem.
If I or LE are forced to rely on litigation of any sort of court order to
get information on the licensee of a domain name to pursue a provider of
counterfeit drugs, for example, this would take years for each domain name
involved.
If we take a very extreme step and recommend that proxy services are not
allowed in the gTlds (as .US has done) how would that ever be enforced?
Proxy registrations provide a vital service for many in the domain name
space.
Susan
-----Original Message-----
From: Smith, Bill [mailto:bill.smith at paypal-inc.com]
Sent: Wednesday, November 30, 2011 4:20 PM
To: Seth M Reiss
Cc: Susan Kawaguchi; Kathy Kleiman;
rt4-whois at icann.org<mailto:rt4-whois at icann.org>
Subject: Re: [Rt4-whois] streamlined proxy recommendation language
See below:
On Nov 30, 2011, at 4:03 PM, "Seth M Reiss"
<seth.reiss at lex-ip.com<mailto:seth.reiss at lex-ip.com><mailto:seth.reiss at lex-i
p.com>> wrote:
I am not advocating ignoring proxy services simply clarifying their role and
liability as registrant. I suspect we are very closely aligned regarding
outcome, just not how to reach there.
I guess I'm advocating that we get as close to ignoring them as we can.
Recognizing them, even in the limited way the current RAA does gave the
Ninth Circuit everything it need to make its liability absolving decision.
While the community may not be inclined to receive a proposal to "ignore
proxy services" with open arms, I hope they would consider it if we present
it as in the public interest.
I think we disagree regarding whether we need to tolerate an industry simply
because it exists and has for a time. ICANN did not tolerate domain name
tasting, although it acted relatively quickly there and has not here.
I believe it to be a dangerous proposition to say that we need to
accommodate existing practices simply because ICANN has allowed them to
exist for a period of time, although I think it's an unfortunately
circumstance. If you apply this line of reasoning broadly, you effectively
allow the industry to restrict what ICANN can and cannot do.
If we make this assumption generally, our report would be very short. Yes
there are problems with WHOIS. However, it has existed in this manner for
too long and therefor it cannot be changed.
I would like to find a middle ground. I am not one for asking people to
think differently. I just don't see how holding stating a proxy should be
held fully responsible, and then at the same time having retail proxy
services definitions and a voluntary best practices policy, will not be
viewed as inherently contradictory.
I think they are inherently contradictory. How a service is *sold* should
not determine liability. If this were the case and we applied the proposed
definitions to consumer products, untold numbers of tort cases would be
summarily thrown out. Cigarette, toy, and asbestos manufacturers could
properly claim, "I don't know the buyer therefor I have no liability".
Other than to satisfy, the current purveyors of these fine services, I can't
see any reason to develop a complex set of definitions and liability flows.
Together these give attorneys and courts ample room to for truck driving.
Seth
From: Susan Kawaguchi [mailto:susank at fb.com]
Sent: Wednesday, November 30, 2011 1:29 PM
To: Kathy Kleiman; Seth M Reiss
Cc:
rt4-whois at icann.org<mailto:rt4-whois at icann.org><mailto:rt4-whois at icann.org>
Subject: RE: [Rt4-whois] streamlined proxy recommendation language
HI Seth,
I am going to respond to you out of order
In all our discussions, I have still not heard a persuasive argument why a
proxy service industry that can shield itself from liability is necessary or
good or appropriate. I agree with you but it is what is. The situation
arose over 10 years ago and I do not think that advocating to do away with
proxy services is going to be well received by the ICANN community. Also
to date, there has been very few examples of a proxy service being held
liable.
We need proxy services but we need responsive proxy services many of the
providers are acting responsibly it is the bad actors that I would like to
change their behavior.
Once you introduce definitions concerning affiliates, retail services and
different flavors of proxy services, the cheap ones with flimsy
relationships, and the expensive ones with fiduciary type relationships, it
will appear to the court that you do not really mean what you saying in
bullet number 6. This will confuse the courts (and the public) and the
registrant proxy services is more likely to be able to weasel out of being
held liable.
I am not sure that these definitions would be accepted outside of ICANN and
at least we would have a clearer picture of who we are dealing with.
I am not convinced at all that just removing the language from the RAA would
impact the practices of the current proxy services. If you have another
argument let me know I am open to rethinking this but I am not open to
ignoring proxy service providers.
Susan
From:
rt4-whois-bounces at icann.org<mailto:rt4-whois-bounces at icann.org><mailto:rt4-w
hois-bounces at icann.org> [mailto:rt4-whois-bounces at icann.org] On Behalf Of
Kathy Kleiman
Sent: Wednesday, November 30, 2011 3:15 PM
To: Seth M Reiss
Cc:
rt4-whois at icann.org<mailto:rt4-whois at icann.org><mailto:rt4-whois at icann.org>
Subject: Re: [Rt4-whois] streamlined proxy recommendation language
Great comments, Seth. I defer to Susan and James, as the experts on this
material.
Best,
Kathy
:
Thank you Kathy for breaking this out. I have not been good about reviewing
the entire document.
To respond to Peter's question about what would be legally enforceable, I
think if you look at bullet number 6, if this bullet was implemented in a
very clear and unambiguous way, by itself and without some of the other
material being proposal, then I think there would be reasonable expectation
that national courts would hold the registrant proxy service fully
responsible for harm caused by a website hosted at the domain name at issue.
In other words, the Ninth Circuit decision that Susan highlighted would have
been decided differently.
Once you introduce definitions concerning affiliates, retail services and
different flavors of proxy services, the cheap ones with flimsy
relationships, and the expensive ones with fiduciary type relationships, it
will appear to the court that you do not really mean what you saying in
bullet number 6. This will confuse the courts (and the public) and the
registrant proxy services is more likely to be able to weasel out of being
held liable.
The current proposal on the table suggests to me a somewhat more complicated
model whereby the registrant proxy service is fully liable for the use of
the domain name but can shield that liability by adopted and fully complying
the a specific set of reveal and relay processes etc. I voluntary set of
best practices would not do this, but a mandatory set of provisions to
qualify a proxy service for a "safe harbor" would. Such a safe hard model
would in my view be more difficult to implement and is likely to give rise
to a certain amount of uncertainty and inconsistent outcomes even if
prudently implemented. But this also assumes that we need to have a proxy
service in which proxies may shield themselves from liability. In all our
discussions, I have still not heard a persuasive argument why a proxy
service industry that can shield itself from liability is necessary or good
or appropriate.
Seth
From:
rt4-whois-bounces at icann.org<mailto:rt4-whois-bounces at icann.org><mailto:rt4-w
hois-bounces at icann.org> [mailto:rt4-whois-bounces at icann.org] On Behalf Of
Kathy Kleiman
Sent: Wednesday, November 30, 2011 12:24 PM
To:
rt4-whois at icann.org<mailto:rt4-whois at icann.org><mailto:rt4-whois at icann.org>
Subject: [Rt4-whois] streamlined proxy recommendation language
Hi All,
I feel like I am sending altogether too many emails today. Sorry :-)!
Anyway, here's one more. I worked with James, a little, and Susan, more, on
streamlining the Proxy recommendations to look, sound and flow like the
Privacy recommendations. Of course, proxy is voluntary, and privacy is a
requirement, but the rest is fairly close.
They are below and attached. If you like them, we'll send them on to Alice
for inclusion. Note: the definitions went into a footnote which should be
easy to see as it will be quite extensive.
here's the text:
Data Access- Proxy Service
1. ICANN should facilitate the review of existing practices by reaching
out to proxy providers to create a discussion which sets out current
processes followed by proxy service providers.
2. Registrars should be required to disclosure their relationship with
any Affiliated Retail proxy service provider to ICANN.
3. ICANN should develop and manage a set of voluntary best practice
guidelines for appropriate proxy services [footnote 1] consistent with
national laws. These voluntary guidelines should strike an appropriate
balance between stakeholders with competing but legitimate interests. At a
minimum this would include privacy, law enforcement and the industry around
law enforcement.
Such voluntary guidelines may include:
+ Proxy services provide full contact details as required by the Whois
+ Publication by the proxy service of its process for revealing and relaying
information
+ Standardization of reveal and relay processes and timeframes, consistent
with national laws
+ Maintenance of a dedicated abuse point of contact for the proxy service
provider
+ Due diligence checks on licensee contact information.
5. ICANN should encourage and incentivize registrars to interact with the
retail service providers that adopt the best practices.
6. For the avoidance of doubt, the WHOIS Policy, referred to in
Recommendation 1 above, should include an affirmative statement that
clarifies that a proxy means a relationship in which the Registrant is
acting on behalf of another. The WHOIS data is that of the agent, and the
agent alone obtains all rights and assumes all responsibility for the domain
name and its manner of use.
Footnote 1 (all the remaining text)
As guidance to the Community and as useful background for the Proxy Service
Recommendations, the Review Team provides its working definitions of proxy
service and different types of proxy service providers:
- Proxy Service - a relationship in which the registrant is acting on behalf
of another The WHOIS data is that of the agent and the agent alone obtains
all rights and assumes all responsibility for the domain name and its manner
of use. [KK: is this the definition we are using in other places in the
Report?]
- Affiliated Registrar - another ICANN accredited registrar that operates
under a common controlling interest (2009 Registrar Accreditation Agreement,
Section 1.20)
- Affiliate retail proxy service provider - entity operating under a common
controlling interest of a registrar.
- Retail proxy service provider - proxy service with little or no knowledge
of the entity or individual requesting the service beyond their ability to
pay and their agreement to the general terms and conditions.
- Limited proxy service provider - proxy service for an entity or individual
in which there is an ongoing business relationship bound by a contract that
is specific to the relationship.
--- end
same text attached
Kathy
--
--
_______________________________________________
Rt4-whois mailing list
Rt4-whois at icann.org<mailto:Rt4-whois at icann.org><mailto:Rt4-whois at icann.org>
https://mm.icann.org/mailman/listinfo/rt4-whois
More information about the Rt4-whois
mailing list