[Rt4-whois] The New Proxy Language

Thu Dec 1 19:42:33 UTC 2011

Sorry Susan, I was skimming new messages quickly and missed the lower 
part of this one. Are you suggesting new text for the report, and if so, 
where?
Tx,
Kathy:
> Not everyone on the team has chimed in yet on this issue today but according to my count the following are agreeing to Lynn's proposal agreeing # 2 in Emily's email this morning.
>
> Lynn
> Omar
> Michael
> James
> Kathy
> Susan
>
>
>
> Those who have not weighed in today
>
> Emily
> Lutz - although liked Seth's proposal last night
> Sarmad
> Wilfried
> Sharon
> Peter - but earlier this morning did sound like he was probably favoring Seth's language.
>
> (if I have characterized this incorrectly for anyone please accept my apologies and please weigh in)
>
>
> I would recommend that we leave both the Dakar recommendation in and the best practices recommendation in ( I do not feel they are mutually exclusive)
>
>
> We could lead into the two recommendations with the following:
>
>
>
> Review Team members are in unanimous agreement that the status quo regarding proxy registrations is not sustainable, is not fair to legitimate participants in the domain name marketplace, frustrates valuable social goals such as law enforcement [and the protection of intellectual property], and reflects poorly on ICANN's commitment to serve the public interest.
>
> We are also in agreement that the goal should be to give accredited registrars strong incentives not to foster this undesirable status quo, and that such incentives should arise both from the terms of the ICANN contracts with registrars, and from principles of legal responsibility under national law.  ICANN can control the first source of these incentives; its contractual provisions may influence, but cannot control, the second, since neither of the parties most directly involved -- the proxy service customers, and the law enforcement or other party seeking to identify them and hold them accountable -- is under contract to ICANN.
>
> We have not reached consensus on how best to advance this common goal.  Some believe that the best approach is to start with the proxy services that are made available in connection with domain name registration, and require these services to follow best practices for promptly disclosing the identity of the party actually in control of the domain name, with registrars facing consequences if they do business with services that do not fulfill best practices.  Others prefer the approach of denying any recognition of proxy services in ICANN contracts, and treating all such services simply as registrants, regardless of their practices.
>
> We set forth below  alternative recommendations reflecting these dual approaches, and solicit community comment on them.
>
> One other area of agreement is that neither approach will be successful without proactive ICANN compliance measures, either to police observance of best practices, in the first approach, or to press registrars to cancel registrations of proxy services that do not fulfill their contractual obligations as set forth in the RAA.  A well resourced and credible compliance program is essential to reforming the unacceptable status quo in this area.
>
> -----Original Message-----
> From: Seth M Reiss [mailto:seth.reiss at lex-ip.com]
> Sent: Thursday, December 01, 2011 10:52 AM
> To: Susan Kawaguchi; 'Smith, Bill'
> Cc: rt4-whois at icann.org
> Subject: RE: [Rt4-whois] The New Proxy Language
>
> OK, guys, I finally woke up.  But now I kind of wish I had not!
>
> I am not entirely comfortable with what I wrote (option 3). I continue to
> agree with Bill's analysis and thinking, but I am also concerned that the
> statements I wrote go well beyond what our Team was tasked to do.  It goes
> beyond WHOIS accuracy into the realm of security etc.  But so does James'
> and Susan's proposal (option 2).
>
> The Dakar statement (option 1 as most recently modified by Emily) comes
> closest to us staying within our purview.
>
> Note that Susan agrees that language should be removed from the RRA and
> proxy service provider should be responsible for the domain name.  So
> perhaps this could a bullet point under Dakar.
>
> Or better yet, how about this to make the group happy, or at least happier.
>
> How about the Dakar statement as most recently modified by Emily go into the
> recommendations. Everything else, some of proposal 2 and maybe a bit of
> proposal 3, or perhaps just the statement Susan made about language being
> removed from the RAA, go into the discussion.  I agree with Bill that a
> voluntary set of best practices cannot reach the goal of eliminating
> irresponsible proxy services. But the discussion section could indicate this
> was one of the ideas that was considered by our team as a possible solution
> and that is something that the community may wish to follow up on.
>
> Finally, regarding the DMCA, the United States Congress, in its wisdom,
> decided that web hosts and neutral bill boards and the like should be given
> a level of immunity to function and so adopted the DMCA and other measure to
> provide safe havens from copyright infringement claims and other claims for
> content posted by others if they registered as an agent and carefully
> followed a number of specific take down/put up practices.  The process is
> mandatory, carefully detailed and all governed by a centralized law that is
> consistent across the national territory. We, unfortunately, do not operate
> in a landscape of consistent laws, plus we are not a legislature, plus (as
> Bill has reiterated on several occasions) a voluntary practice will not get
> us there.
>
> Seth
>
> -----Original Message-----
> From: rt4-whois-bounces at icann.org [mailto:rt4-whois-bounces at icann.org] On
> Behalf Of Susan Kawaguchi
> Sent: Thursday, December 01, 2011 8:11 AM
> To: Smith, Bill
> Cc: rt4-whois at icann.org
> Subject: Re: [Rt4-whois] The New Proxy Language
>
> Yes I agree a registrant is a contracted party I guess I am use to seeing so
> much bad behavior by registrants that I do not think of them that way.
>
> I still do not see our two recommendations as polar opposites.
>
> I agree the language in the RAA should be removed and the proxy service
> provider should be responsible for the domain name.
>
> But that does not exclude the need for best practices in this industry and
> if we can get movement in the right direction along with calling for the
> proxy service providers to be responsible it is a win win situation.
>
> (I am not comparing the DMCA to this situation but I think this is a good
> example)
> When the DMCA was put into US law it required interpretation and best
> practices were developed over a period of time.  In my opinion eBay took the
> lead and put in place the VeRO program which went beyond some of the
> requirements.  Many other companies followed their lead and you will see
> pieces of the VeRO program in many companies processes.
>
> I think several registrars have taken a similar path with their affiliate
> proxy services and established procedures that are good.
>
> Why can't we advocate for both positions?
>
> I think we are in agreement that neither approach will be successful without
> proactive ICANN compliance measures, either to police observance of best
> practices, in the first approach, or to press registrars to cancel
> registrations of proxy services that do not fulfill their contractual
> obligations as set forth in the RAA.  A well resourced and credible
> compliance program is essential to reforming the unacceptable status quo in
> this area.
>
>
> -----Original Message-----
> From: Smith, Bill [mailto:bill.smith at paypal-inc.com]
> Sent: Thursday, December 01, 2011 9:46 AM
> To: Susan Kawaguchi
> Cc: James M. Bladel; rt4-whois at icann.org
> Subject: Re: [Rt4-whois] The New Proxy Language
>
> Susan,
>
> Isn't everyone a contracted party in this ecosystem? Registrars and
> Registries with ICANN and Registrants with Registrants (with required terms
> from ICANN).
>
> I believe we need SLAs in each of the agreements that put some teeth into
> the compliance provisions. For example, the current RAA language says that
> failure to correct WHOIS data *may* result in revocation of the Domain Name
> (or something similar to that).
>
> Action is voluntary on the part of the Registrant and Registrar with the
> public paying the cost, much like with toxic waste. This isn't a direct cost
> but indirect, and getting larger all the time. I sincerely doubt that a
> voluntary code, though admirable, will mitigate these costs.
>
> If we have SLAs in each of the agreements, then failure by any party to
> abide by them results in action and/or penalties up to and including loss of
> name. The current system doesn't, while threatening such an eventuality
> rarely reaches that point as we've heard.
>
> If ICANN wants to honor the AoC with respect to WHOIS, it firmly believe it
> needs to shift from the voluntary mechanisms that don't work to a simple
> though comprehensive set of mandatory mechanisms that will work. These
> mechanisms should exist outside of any "at law"remedies but should be in
> concert with them.
>
> I'll think about adding the VC to 4. My gut reaction is that it will still
> allow too much legal room if/when the legal system is required.
>
> Bill
>
> On Dec 1, 2011, at 9:04 AM, "Susan Kawaguchi"<susank at fb.com>  wrote:
>
>> Hi Bill,
>>
>> I agree with most of what is in your and Seth's recommendation but do not
> understand how an SLA will work with non-contracted parties.
>> What if we added the voluntary best practices to #4?
>>
>> Susan
>>
>> -----Original Message-----
>> From: Smith, Bill [mailto:bill.smith at paypal-inc.com]
>> Sent: Thursday, December 01, 2011 7:44 AM
>> To: James M. Bladel
>> Cc: Susan Kawaguchi; rt4-whois at icann.org
>> Subject: Re: [Rt4-whois] The New Proxy Language
>>
>> I have no problem with folks not being "on board". However, we did agree
> to language in Dakar in essence saying that ICANN should avoid mentioning
> proxies in the RAA. I realize that some may not have been fully on board
> with that, and there have been suggestion to change our position.
>>  From my perspective, the changes are from the Dakar position to the
> Voluntary Code proposal.
>> I've pointed out how the VC can and likely will be circumvented,
> especially by "bad actors". If someone can demonstrate a way that the VC
> deals with this issue and avoids a return to the current state, I'm all
> ears.
>> One way for the VC to work is to have a set of SLAs that mandate action in
> response to non-compliance to the SLAs. I don't see a mention of that in the
> VC and I'd want to understand exactly what we're talking about regarding
> times for roundtrip reveal/relay and the consequences for failure to respond
> in a timely fashion.
>> On Dec 1, 2011, at 7:23 AM, James M. Bladel wrote:
>>
>> Agree with Susan.  These are very significant changes coming very late in
> the game.
>> J.
>>
>> -------- Original Message --------
>> Subject: Re: [Rt4-whois] The New Proxy Language
>> From: Susan Kawaguchi<susank at fb.com<mailto:susank at fb.com>>
>> Date: Thu, December 01, 2011 8:58 am
>> To: Kathy Kleiman<kathy at kathykleiman.com<mailto:kathy at kathykleiman.com>>
>> Cc: "rt4-whois at icann.org<mailto:rt4-whois at icann.org>"
> <rt4-whois at icann.org<mailto:rt4-whois at icann.org>>
>> Hi Kathy
>>
>> I am not onboard with Bill and Seth's recommendation but I am willing to
> explore this direction.
>> Susan
>>
>> Sent from my iPhone
>>
>> On Dec 1, 2011, at 6:18 AM, "Kathy Kleiman"
> <kathy at kathykleiman.com<mailto:kathy at kathykleiman.com>>  wrote:
>>> But what James and Susan did so brilliantly, and for the first time in
>>> history, was to begin to bring the proxy services into the ICANN tent
>>> and into sight. The idea of disclosing relationships, sharing ownership
>>> and contractual relationships, is an enormous step forward. I think we
>>> are losing something now...
>>>
>>> Kathy:
>>>> My preference is to replace the Voluntary Best Practices Guidelines. I
> think there is useful information in that language to guide development of
> SLAs regarding Registrant responsibilities and response times so would hate
> to see that work "tossed".
>>>> Seth's language is an attempt to "flesh out" the simple text we had in
> Dakar, that said ICANN should remove reference to proxy services from the
> RAA. I think he's done a good job, albeit perhaps a first cut, at doing that
> and getting a conversation going on the practical implications of, let's
> call it the Dakar proxy compact.
>>>> As I recall, one of the reasons we decided to recommend removing proxies
> from the RAA is that no matter how hard we, or ICANN tries to control or
> regulate the proxy business, anyone can operate such a service outside of
> the control of ICANN or the community. They simply register names and act on
> behalf of someone else.
>>>> What we, asa community, can do is develop some policies that set out
> what is expected of all parties, including Registrants and have
> consequences, mandatory in some cases, for failure to comply with the
> policies. The consequence of last resort is revocation of the name.
>>>> These policies wouldn't take the place of legal action, but they would
> fill the void where Registrants, or their proxies, are non-responsive.
>>>> The alternative is the voluntary code, but we know that can be avoided,
> and letting the courts handle the situation... but that's basically where we
> are today so I don't see how a code, voluntary or not helps in the end.
>>>> On Dec 1, 2011, at 5:32 AM, Kathy Kleiman wrote:
>>>>
>>>>> Hi All,
>>>>> What a night! I can see the 24*7 party of the WRT continued. Thanks so
> very much!
>>>>> Regarding the language below, could someone be an expert guide? Is it a
> replacement of the whole of the Proxy Recommendations, or in addition to the
> Voluntary Best Practices Guidelines (which I really liked)
>>>>> Otherwise, I am thinking and researching. I think this is a big change
> below, and I am not keen on #3 at all. Many, many people use proxy services
> for many, many things, and the Recommendations section seems an odd place to
> put a value judgement on that.
>>>>> Otherwise, there are some fascinating legal concepts, and my brain
> already hurts!
>>>>> Thinking hard first thing in the AM and still reviewing.
>>>>> I would like to know what James thinks,
>>>>> Kathy
>>>>>
>>>>>> Data Access- Proxy Service
>>>>>>
>>>>>> 1. The Review Team considers a Proxy Service as a relationship in
> which
>>>>>> the registrant is acting on behalf of another. The WHOIS data is that
> of the
>>>>>> agent/proxy service and the agent/proxy service alone obtains all
> rights and
>>>>>> assumes all responsibility for the domain name and its manner of use.
>>>>>> 2. ICANN should clarify that any registrant that may be acting as a
>>>>>> proxy service for another is in all respects still the registrant and,
> in
>>>>>> ICANN's view, should be held fully responsible for the use of the
> domain
>>>>>> name including for any and all harm that results from the use of the
> domain
>>>>>> name.
>>>>>> 2. Because of ICANN's position on proxy services to date, which
>>>>>> tolerates the proxy service industry that has arisen and which through
> RAA
>>>>>> provisions gives recognition and attempts to regulate that industry,
> has
>>>>>> been used by courts and others to allow proxy services to escape
> liability
>>>>>> for bad acts of the proxy service customers, ICANN should either
> delete or
>>>>>> amend those provisions of the RAA that can or have been used to allow
> proxy
>>>>>> services to escape liability.
>>>>>> 3. The Review Team acknowledges that there may be legitimate reasons
>>>>>> for the occasional use of a proxy service, as for example to protect a
>>>>>> valuable trade secret at product launch. At the same time proxy
> services
>>>>>> should not be viewed or used as a substitute for privacy services that
> are
>>>>>> designed to shield an individual's personal contact information. The
>>>>>> legitimate use a proxy service would be the exception and not
> widespread.
>>>>>> 4. A proxy service industry willing to accept full risks and
> liabilities
>>>>>> for the manner in which domain names through its service will be used
> will
>>>>>> take the necessary precautionary measures, in its relationship with
> its
>>>>>> customers, such that domain names so registered are unlikely to be
> misused
>>>>>> and, if misused, a remedy for those victimized will more likely be
>>>>>> available.
>>>>>>
>>>>> _______________________________________________
>>>>> Rt4-whois mailing list
>>>>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
>>>>> https://mm.icann.org/mailman/listinfo/rt4-whois
>>>> _______________________________________________
>>>> Rt4-whois mailing list
>>>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
>>>> https://mm.icann.org/mailman/listinfo/rt4-whois
>>>
>>> --
>>>
>>>
>>>
>>> _______________________________________________
>>> Rt4-whois mailing list
>>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
>>> https://mm.icann.org/mailman/listinfo/rt4-whois
>> _______________________________________________
>> Rt4-whois mailing list
>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
>> https://mm.icann.org/mailman/listinfo/rt4-whois
>> _______________________________________________
>> Rt4-whois mailing list
>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
>> https://mm.icann.org/mailman/listinfo/rt4-whois
>>
> _______________________________________________
> Rt4-whois mailing list
> Rt4-whois at icann.org
> https://mm.icann.org/mailman/listinfo/rt4-whois
>
>
> _______________________________________________
> Rt4-whois mailing list
> Rt4-whois at icann.org
> https://mm.icann.org/mailman/listinfo/rt4-whois


--