[Rt4-whois] GETTING TO CLOSURE: A ROADMAP

[Emily Taylor]

Hi

I went to bed last night thinking that we were nearly in agreement on the
proxy recommendations that James, Susan and Kathy have been working on over
the past weeks.

In the middle of the night, I awoke to find new text on the table.

You all know that our cut off date was yesterday, and we are now on
negative time.  However, I do want to go through the time zones so that we
all have a chance to consider the options.

Broadly, we have three alternatives.

1. Adopt the very brief text agreed in Dakar and no more
2. Adopt the relatively stable text drafted by that small group which
includes good practices
3. Adopt the new text, drafted last night by Seth on behalf of another
small team.

We act by consensus.  But we also have a deadline.  I'm therefore going to
call it before I go to sleep tonight, and in default of an alternative
agreement we will have to go back to what we agreed in Dakar.  I know that
some people are not happy with it, but it has a simplicity, and avoids
confusion about whether or not the good practices conflicts with the idea
of liability.

Alternatively, we can adopt different text, but it has to be by consensus.
Remember, folks, that's difficult to achieve, and leaves everyone feeling a
little bit frustrated, and like they could have got more if they pushed
harder.

Please try to bear in mind that we have a very, very strong full report.
This is one part of the whole puzzle, which has to be seen within its own
context.  There will be further studies on proxies/privacy.  There will be
another review team on WHOIS which will kick off in less than 2 years.  To
speak for a moment in support of voluntary good practices, this is a well
known regulatory step.  It's what you do when you're not happy with the
current situation (check), but you're not quite sure what will be an
effective regulatory intervention (check).  So, you explore the landscape -
as I think the draft recommendations (alternative 2 below) very eloquently
do.  I should emphasise that good practices are not the final word.  They
are an interim plug, a step in the right direction.  If, having gone
through that, Bill and others are right and it's all still a mess, that's
when you go for the next incremental step - but the important bit is,
industry has been given a chance to clean out the stables after being told
in no uncertain terms that there's a problem . That's where we are now.

The third choice is that we adopt the new text, maybe with tweaks or
changes.  If that's what we're doing, I would be failing in my duties as
your Chair if I did not set some deadline for this.  We have known the
issues for a long time, we have been wrestling with them, and reaching
consensus is hard.  I don't think that this is a case of "just a bit more
time", but I'm very willing to be proved wrong.

So, my challenge to you is - tell me what you have *all* agreed on proxies
by 10pm UTC.  If the answer is "nothing" we go with what we agreed in Dakar.

Whatever the outcome, we have done a wonderful job on this report.  Take it
in its entirety, it represents a lot of work, and a lot of willpower and
cooperation, plus - importantly - a willingness to step outside of one's
individual, commercial interests and think about the public interest.  I
have been marvelling at the sheer energy that has been focused on this
mailing list and the incredible progress we have made since the weekend
(remember, I'm a Brit, not American, so I don't say these sort of things
easily!).

Keep up this discussion.  But please focus your thoughts and exchanges on
the give and take that's necessary for consensus.

To assist those who may not be fully up to speed, the text for the three
alternatives are below.  Whatever happens, we are closing this discussion
in just under 7 hours.  Good luck!

Kind regards

Emily

---------

Alternative 1
the text we agreed in Dakar on proxy definition and proxy liability

For the avoidance of doubt, the WHOIS Policy[, referred to in
Recommendation 1 above], should include an affirmative statement that
clarifies that a proxy means a relationship in which the Registrant is
acting on behalf of another. The WHOIS data is that of the agent, and the
agent alone obtains all rights and assumes all responsibility for the
domain name and its manner of use
Alternative 2
The text on best practices worked on by Susan, James and Kathy last night
(latest version)

*Data Access- Proxy Service*

1.      ICANN should facilitate the review of existing practices by
reaching out to proxy providers to create a discussion which sets out
current processes followed by proxy service providers.

2.      Registrars should be required to disclosure their relationship with
any Affiliated Retail proxy service provider to ICANN.

3.      ICANN should develop and manage a set of voluntary best practice
guidelines for appropriate proxy services [footnote 1] consistent with
national laws. These voluntary guidelines should strike an appropriate
balance between stakeholders with competing but legitimate interests. At a
minimum this would include privacy, law enforcement and the industry around
law enforcement.

Such voluntary guidelines may include:

+ Proxy services provide full contact details as required by the Whois

+ Publication by the proxy service of its process for revealing and
relaying information

+ Standardization of reveal and relay processes and timeframes, consistent
with national laws

+ Maintenance of a dedicated abuse point of contact for the proxy service
provider

+ Due diligence checks on licensee contact information.

5. ICANN should encourage and incentivize registrars to interact with the
retail service providers that adopt the best practices.

6. For the avoidance of doubt, the WHOIS Policy, referred to in
Recommendation 1 above, should include an affirmative statement that
clarifies that a proxy means a relationship in which the Registrant is
acting on behalf of another. The WHOIS data is that of the agent, and the
agent alone obtains all rights and assumes all responsibility for the
domain name and its manner of use.

Footnote 1 (all the remaining text)
As guidance to the Community and as useful background for the Proxy Service
Recommendations, the Review Team provides its working definitions of proxy
service and different types of proxy service providers:

- *Proxy Service *– a relationship in which the registrant is acting on
behalf of another The WHOIS data is that of the agent and the agent alone
obtains all rights and assumes all responsibility for the domain name and
its manner of use. *[KK: is this the definition we are using in other
places in the Report?]*

*- **Affiliated Registrar **- *another ICANN accredited registrar that
operates under a common controlling interest (2009 Registrar Accreditation
Agreement, Section 1.20)

- *Affiliate retail proxy service provider *– entity operating under a
common controlling interest of a registrar.

- *Retail proxy service provider *- proxy service with little or no
knowledge of the entity or individual requesting the service  beyond their
ability to pay and their agreement to the  general terms and conditions.

- *Limited proxy service provider *- proxy service for an entity or
individual in which there is an ongoing business relationship bound by a
contract that is specific to the relationship.


Alternative 3
Seth's proposal.
Data Access- Proxy Service

1.      The Review Team considers a Proxy Service as a relationship in which
the registrant is acting on behalf of another. The WHOIS data is that of the
agent/proxy service and the agent/proxy service alone obtains all rights and
assumes all responsibility for the domain name and its manner of use.
2.      ICANN should clarify that any registrant that may be acting as a
proxy service for another is in all respects still the registrant and, in
ICANN's view, should be held fully responsible for the use of the domain
name including for any and all harm that results from the use of the domain
name.
2.      Because of ICANN's position on proxy services to date, which
tolerates the proxy service industry that has arisen and which through RAA
provisions gives recognition and attempts to regulate that industry, has
been used by courts and others to allow proxy services to escape liability
for bad acts of the proxy service customers, ICANN should either delete or
amend those provisions of the RAA that can or have been used to allow proxy
services to escape liability.
3.      The Review Team acknowledges that there may be legitimate reasons
for the occasional use of a proxy service, as for example to protect a
valuable trade secret at product launch. At the same time proxy services
should not be viewed or used as a substitute for privacy services that are
designed to shield an individual's personal contact information.  The
legitimate use a proxy service would be the exception and not widespread.
4.    A proxy service industry willing to accept full risks and liabilities
for the manner in which domain names through its service will be used will
take the necessary precautionary measures, in its relationship with its
customers, such that domain names so registered are unlikely to be misused
and, if misused, a remedy for those victimized will more likely be
available.


-- 




*
*

76 Temple Road, Oxford OX4 2EZ UK
t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322
emily at emilytaylor.eu

*www.etlaw.co.uk*

Emily Taylor Consultancy Limited is a company registered in England and
Wales No. 730471. VAT No. 114487713.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mm.icann.org/pipermail/rt4-whois/attachments/20111201/a9813700/attachment.html