[Rt4-whois] The New Proxy Language
Susan Kawaguchi
susank at fb.com
Thu Dec 1 19:24:53 UTC 2011
Not everyone on the team has chimed in yet on this issue today but according to my count the following are agreeing to Lynn's proposal agreeing # 2 in Emily's email this morning.
Lynn
Omar
Michael
James
Kathy
Susan
Those who have not weighed in today
Emily
Lutz - although liked Seth's proposal last night
Sarmad
Wilfried
Sharon
Peter - but earlier this morning did sound like he was probably favoring Seth's language.
(if I have characterized this incorrectly for anyone please accept my apologies and please weigh in)
I would recommend that we leave both the Dakar recommendation in and the best practices recommendation in ( I do not feel they are mutually exclusive)
We could lead into the two recommendations with the following:
Review Team members are in unanimous agreement that the status quo regarding proxy registrations is not sustainable, is not fair to legitimate participants in the domain name marketplace, frustrates valuable social goals such as law enforcement [and the protection of intellectual property], and reflects poorly on ICANN's commitment to serve the public interest.
We are also in agreement that the goal should be to give accredited registrars strong incentives not to foster this undesirable status quo, and that such incentives should arise both from the terms of the ICANN contracts with registrars, and from principles of legal responsibility under national law. ICANN can control the first source of these incentives; its contractual provisions may influence, but cannot control, the second, since neither of the parties most directly involved -- the proxy service customers, and the law enforcement or other party seeking to identify them and hold them accountable -- is under contract to ICANN.
We have not reached consensus on how best to advance this common goal. Some believe that the best approach is to start with the proxy services that are made available in connection with domain name registration, and require these services to follow best practices for promptly disclosing the identity of the party actually in control of the domain name, with registrars facing consequences if they do business with services that do not fulfill best practices. Others prefer the approach of denying any recognition of proxy services in ICANN contracts, and treating all such services simply as registrants, regardless of their practices.
We set forth below alternative recommendations reflecting these dual approaches, and solicit community comment on them.
One other area of agreement is that neither approach will be successful without proactive ICANN compliance measures, either to police observance of best practices, in the first approach, or to press registrars to cancel registrations of proxy services that do not fulfill their contractual obligations as set forth in the RAA. A well resourced and credible compliance program is essential to reforming the unacceptable status quo in this area.
-----Original Message-----
From: Seth M Reiss [mailto:seth.reiss at lex-ip.com]
Sent: Thursday, December 01, 2011 10:52 AM
To: Susan Kawaguchi; 'Smith, Bill'
Cc: rt4-whois at icann.org
Subject: RE: [Rt4-whois] The New Proxy Language
OK, guys, I finally woke up. But now I kind of wish I had not!
I am not entirely comfortable with what I wrote (option 3). I continue to
agree with Bill's analysis and thinking, but I am also concerned that the
statements I wrote go well beyond what our Team was tasked to do. It goes
beyond WHOIS accuracy into the realm of security etc. But so does James'
and Susan's proposal (option 2).
The Dakar statement (option 1 as most recently modified by Emily) comes
closest to us staying within our purview.
Note that Susan agrees that language should be removed from the RRA and
proxy service provider should be responsible for the domain name. So
perhaps this could a bullet point under Dakar.
Or better yet, how about this to make the group happy, or at least happier.
How about the Dakar statement as most recently modified by Emily go into the
recommendations. Everything else, some of proposal 2 and maybe a bit of
proposal 3, or perhaps just the statement Susan made about language being
removed from the RAA, go into the discussion. I agree with Bill that a
voluntary set of best practices cannot reach the goal of eliminating
irresponsible proxy services. But the discussion section could indicate this
was one of the ideas that was considered by our team as a possible solution
and that is something that the community may wish to follow up on.
Finally, regarding the DMCA, the United States Congress, in its wisdom,
decided that web hosts and neutral bill boards and the like should be given
a level of immunity to function and so adopted the DMCA and other measure to
provide safe havens from copyright infringement claims and other claims for
content posted by others if they registered as an agent and carefully
followed a number of specific take down/put up practices. The process is
mandatory, carefully detailed and all governed by a centralized law that is
consistent across the national territory. We, unfortunately, do not operate
in a landscape of consistent laws, plus we are not a legislature, plus (as
Bill has reiterated on several occasions) a voluntary practice will not get
us there.
Seth
-----Original Message-----
From: rt4-whois-bounces at icann.org [mailto:rt4-whois-bounces at icann.org] On
Behalf Of Susan Kawaguchi
Sent: Thursday, December 01, 2011 8:11 AM
To: Smith, Bill
Cc: rt4-whois at icann.org
Subject: Re: [Rt4-whois] The New Proxy Language
Yes I agree a registrant is a contracted party I guess I am use to seeing so
much bad behavior by registrants that I do not think of them that way.
I still do not see our two recommendations as polar opposites.
I agree the language in the RAA should be removed and the proxy service
provider should be responsible for the domain name.
But that does not exclude the need for best practices in this industry and
if we can get movement in the right direction along with calling for the
proxy service providers to be responsible it is a win win situation.
(I am not comparing the DMCA to this situation but I think this is a good
example)
When the DMCA was put into US law it required interpretation and best
practices were developed over a period of time. In my opinion eBay took the
lead and put in place the VeRO program which went beyond some of the
requirements. Many other companies followed their lead and you will see
pieces of the VeRO program in many companies processes.
I think several registrars have taken a similar path with their affiliate
proxy services and established procedures that are good.
Why can't we advocate for both positions?
I think we are in agreement that neither approach will be successful without
proactive ICANN compliance measures, either to police observance of best
practices, in the first approach, or to press registrars to cancel
registrations of proxy services that do not fulfill their contractual
obligations as set forth in the RAA. A well resourced and credible
compliance program is essential to reforming the unacceptable status quo in
this area.
-----Original Message-----
From: Smith, Bill [mailto:bill.smith at paypal-inc.com]
Sent: Thursday, December 01, 2011 9:46 AM
To: Susan Kawaguchi
Cc: James M. Bladel; rt4-whois at icann.org
Subject: Re: [Rt4-whois] The New Proxy Language
Susan,
Isn't everyone a contracted party in this ecosystem? Registrars and
Registries with ICANN and Registrants with Registrants (with required terms
from ICANN).
I believe we need SLAs in each of the agreements that put some teeth into
the compliance provisions. For example, the current RAA language says that
failure to correct WHOIS data *may* result in revocation of the Domain Name
(or something similar to that).
Action is voluntary on the part of the Registrant and Registrar with the
public paying the cost, much like with toxic waste. This isn't a direct cost
but indirect, and getting larger all the time. I sincerely doubt that a
voluntary code, though admirable, will mitigate these costs.
If we have SLAs in each of the agreements, then failure by any party to
abide by them results in action and/or penalties up to and including loss of
name. The current system doesn't, while threatening such an eventuality
rarely reaches that point as we've heard.
If ICANN wants to honor the AoC with respect to WHOIS, it firmly believe it
needs to shift from the voluntary mechanisms that don't work to a simple
though comprehensive set of mandatory mechanisms that will work. These
mechanisms should exist outside of any "at law"remedies but should be in
concert with them.
I'll think about adding the VC to 4. My gut reaction is that it will still
allow too much legal room if/when the legal system is required.
Bill
On Dec 1, 2011, at 9:04 AM, "Susan Kawaguchi" <susank at fb.com> wrote:
> Hi Bill,
>
> I agree with most of what is in your and Seth's recommendation but do not
understand how an SLA will work with non-contracted parties.
>
> What if we added the voluntary best practices to #4?
>
> Susan
>
> -----Original Message-----
> From: Smith, Bill [mailto:bill.smith at paypal-inc.com]
> Sent: Thursday, December 01, 2011 7:44 AM
> To: James M. Bladel
> Cc: Susan Kawaguchi; rt4-whois at icann.org
> Subject: Re: [Rt4-whois] The New Proxy Language
>
> I have no problem with folks not being "on board". However, we did agree
to language in Dakar in essence saying that ICANN should avoid mentioning
proxies in the RAA. I realize that some may not have been fully on board
with that, and there have been suggestion to change our position.
>
> From my perspective, the changes are from the Dakar position to the
Voluntary Code proposal.
>
> I've pointed out how the VC can and likely will be circumvented,
especially by "bad actors". If someone can demonstrate a way that the VC
deals with this issue and avoids a return to the current state, I'm all
ears.
>
> One way for the VC to work is to have a set of SLAs that mandate action in
response to non-compliance to the SLAs. I don't see a mention of that in the
VC and I'd want to understand exactly what we're talking about regarding
times for roundtrip reveal/relay and the consequences for failure to respond
in a timely fashion.
>
> On Dec 1, 2011, at 7:23 AM, James M. Bladel wrote:
>
> Agree with Susan. These are very significant changes coming very late in
the game.
>
> J.
>
> -------- Original Message --------
> Subject: Re: [Rt4-whois] The New Proxy Language
> From: Susan Kawaguchi <susank at fb.com<mailto:susank at fb.com>>
> Date: Thu, December 01, 2011 8:58 am
> To: Kathy Kleiman <kathy at kathykleiman.com<mailto:kathy at kathykleiman.com>>
> Cc: "rt4-whois at icann.org<mailto:rt4-whois at icann.org>"
<rt4-whois at icann.org<mailto:rt4-whois at icann.org>>
>
> Hi Kathy
>
> I am not onboard with Bill and Seth's recommendation but I am willing to
explore this direction.
>
> Susan
>
> Sent from my iPhone
>
> On Dec 1, 2011, at 6:18 AM, "Kathy Kleiman"
<kathy at kathykleiman.com<mailto:kathy at kathykleiman.com>> wrote:
>
>> But what James and Susan did so brilliantly, and for the first time in
>> history, was to begin to bring the proxy services into the ICANN tent
>> and into sight. The idea of disclosing relationships, sharing ownership
>> and contractual relationships, is an enormous step forward. I think we
>> are losing something now...
>>
>> Kathy:
>>> My preference is to replace the Voluntary Best Practices Guidelines. I
think there is useful information in that language to guide development of
SLAs regarding Registrant responsibilities and response times so would hate
to see that work "tossed".
>>>
>>> Seth's language is an attempt to "flesh out" the simple text we had in
Dakar, that said ICANN should remove reference to proxy services from the
RAA. I think he's done a good job, albeit perhaps a first cut, at doing that
and getting a conversation going on the practical implications of, let's
call it the Dakar proxy compact.
>>>
>>> As I recall, one of the reasons we decided to recommend removing proxies
from the RAA is that no matter how hard we, or ICANN tries to control or
regulate the proxy business, anyone can operate such a service outside of
the control of ICANN or the community. They simply register names and act on
behalf of someone else.
>>>
>>> What we, asa community, can do is develop some policies that set out
what is expected of all parties, including Registrants and have
consequences, mandatory in some cases, for failure to comply with the
policies. The consequence of last resort is revocation of the name.
>>>
>>> These policies wouldn't take the place of legal action, but they would
fill the void where Registrants, or their proxies, are non-responsive.
>>>
>>> The alternative is the voluntary code, but we know that can be avoided,
and letting the courts handle the situation... but that's basically where we
are today so I don't see how a code, voluntary or not helps in the end.
>>>
>>> On Dec 1, 2011, at 5:32 AM, Kathy Kleiman wrote:
>>>
>>>> Hi All,
>>>> What a night! I can see the 24*7 party of the WRT continued. Thanks so
very much!
>>>>
>>>> Regarding the language below, could someone be an expert guide? Is it a
replacement of the whole of the Proxy Recommendations, or in addition to the
Voluntary Best Practices Guidelines (which I really liked)
>>>>
>>>> Otherwise, I am thinking and researching. I think this is a big change
below, and I am not keen on #3 at all. Many, many people use proxy services
for many, many things, and the Recommendations section seems an odd place to
put a value judgement on that.
>>>>
>>>> Otherwise, there are some fascinating legal concepts, and my brain
already hurts!
>>>> Thinking hard first thing in the AM and still reviewing.
>>>> I would like to know what James thinks,
>>>> Kathy
>>>>
>>>>> Data Access- Proxy Service
>>>>>
>>>>> 1. The Review Team considers a Proxy Service as a relationship in
which
>>>>> the registrant is acting on behalf of another. The WHOIS data is that
of the
>>>>> agent/proxy service and the agent/proxy service alone obtains all
rights and
>>>>> assumes all responsibility for the domain name and its manner of use.
>>>>> 2. ICANN should clarify that any registrant that may be acting as a
>>>>> proxy service for another is in all respects still the registrant and,
in
>>>>> ICANN's view, should be held fully responsible for the use of the
domain
>>>>> name including for any and all harm that results from the use of the
domain
>>>>> name.
>>>>> 2. Because of ICANN's position on proxy services to date, which
>>>>> tolerates the proxy service industry that has arisen and which through
RAA
>>>>> provisions gives recognition and attempts to regulate that industry,
has
>>>>> been used by courts and others to allow proxy services to escape
liability
>>>>> for bad acts of the proxy service customers, ICANN should either
delete or
>>>>> amend those provisions of the RAA that can or have been used to allow
proxy
>>>>> services to escape liability.
>>>>> 3. The Review Team acknowledges that there may be legitimate reasons
>>>>> for the occasional use of a proxy service, as for example to protect a
>>>>> valuable trade secret at product launch. At the same time proxy
services
>>>>> should not be viewed or used as a substitute for privacy services that
are
>>>>> designed to shield an individual's personal contact information. The
>>>>> legitimate use a proxy service would be the exception and not
widespread.
>>>>> 4. A proxy service industry willing to accept full risks and
liabilities
>>>>> for the manner in which domain names through its service will be used
will
>>>>> take the necessary precautionary measures, in its relationship with
its
>>>>> customers, such that domain names so registered are unlikely to be
misused
>>>>> and, if misused, a remedy for those victimized will more likely be
>>>>> available.
>>>>>
>>>> _______________________________________________
>>>> Rt4-whois mailing list
>>>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
>>>> https://mm.icann.org/mailman/listinfo/rt4-whois
>>>
>>> _______________________________________________
>>> Rt4-whois mailing list
>>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
>>> https://mm.icann.org/mailman/listinfo/rt4-whois
>>
>>
>> --
>>
>>
>>
>> _______________________________________________
>> Rt4-whois mailing list
>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
>> https://mm.icann.org/mailman/listinfo/rt4-whois
>
> _______________________________________________
> Rt4-whois mailing list
> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
> https://mm.icann.org/mailman/listinfo/rt4-whois
> _______________________________________________
> Rt4-whois mailing list
> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
> https://mm.icann.org/mailman/listinfo/rt4-whois
>
_______________________________________________
Rt4-whois mailing list
Rt4-whois at icann.org
https://mm.icann.org/mailman/listinfo/rt4-whois
More information about the Rt4-whois
mailing list