[Rt4-whois] The New Proxy Language [SEC=UNCLASSIFIED]
Emily Taylor
emily at emilytaylor.eu
Thu Dec 1 21:40:23 UTC 2011
Hi all
For the record, I support option #2.
Thank you for continuing this discussion. We are now nearly at our cut off
point.
Weighing in with a heavy cold, so may not make the best sense.
I am trying to catch up with where we are, and think I have it. We're
thinking about laying out two alternatives (is this option 1 and option 2,
or a different combo?), and introducing some text, right?
This could work, and my sense is that the approach is finding favour with
the team.
Can I suggest a slight twist of emphasis - obviously, shout me down if
you've all already agreed - on the introductory text?
Rather than say we can't reach consensus and throwing it over the fence to
the community to sort out, perhaps we could say:
"We have reached consensus on the following (Dakar stuff - actually, when
you step back from it there is a strong statement on proxy liability, which
should not be underestimated), and a majority (I think that's true) are in
favour of exploring best practices as set out below. However, there is
also a strong sentiment within the team that voluntary measures such as
those proposed do not go far enough, as they have little confidence that
the minority of 'bad actors' will adopt such measures.
"Therefore, we set out our proposals on best practices [see recommendation
xx below], with the proviso that a significant body within the WHOIS Review
Team has little confidence that such measures will prove a satisfactory
solution over time. We request that the next WHOIS Review Team reviews the
proxy industry's progress in this regard, and in the event that it finds
the WHOIS policy and its implementation unsatisfactory at that point, we
trust that it will make recommendations for more concrete measures."
Or something like that.
I have no author's pride. Just dig out what works. So, that means keeping
paragraphs 1, 2, 3 and 5 of Susan's text, and substituting those sentences
for her single sentence para 4.
Kind regards
Emily
On 1 December 2011 21:05, Nettlefold, Peter
<Peter.Nettlefold at dbcde.gov.au>wrote:
> Classification: UNCLASSIFIED
>
> Hi all
> I am just up, and have to get moving to get ready for my meetings today.
> Once sorted, I will catch up on overnight emails and get back to the group
> - this should be within an hour or so.
> Cheers
> Peter
>
> ----- Original Message -----
> From: Smith, Bill [mailto:bill.smith at paypal-inc.com]
> Sent: Friday, December 02, 2011 07:14 AM
> To: Susan Kawaguchi <susank at fb.com>
> Cc: rt4-whois at icann.org <rt4-whois at icann.org>
> Subject: Re: [Rt4-whois] The New Proxy Language
>
> This seems like a reasonable compromise position for the time being. I too
> may not be able to respond in a timely manner starting real soon now.
>
> I trust the group to make the right decision here.
>
> On Dec 1, 2011, at 11:24 AM, Susan Kawaguchi wrote:
>
> > Not everyone on the team has chimed in yet on this issue today but
> according to my count the following are agreeing to Lynn's proposal
> agreeing # 2 in Emily's email this morning.
> >
> > Lynn
> > Omar
> > Michael
> > James
> > Kathy
> > Susan
> >
> >
> >
> > Those who have not weighed in today
> >
> > Emily
> > Lutz - although liked Seth's proposal last night
> > Sarmad
> > Wilfried
> > Sharon
> > Peter - but earlier this morning did sound like he was probably favoring
> Seth's language.
> >
> > (if I have characterized this incorrectly for anyone please accept my
> apologies and please weigh in)
> >
> >
> > I would recommend that we leave both the Dakar recommendation in and the
> best practices recommendation in ( I do not feel they are mutually
> exclusive)
> >
> >
> > We could lead into the two recommendations with the following:
> >
> >
> >
> > Review Team members are in unanimous agreement that the status quo
> regarding proxy registrations is not sustainable, is not fair to legitimate
> participants in the domain name marketplace, frustrates valuable social
> goals such as law enforcement [and the protection of intellectual
> property], and reflects poorly on ICANN's commitment to serve the public
> interest.
> >
> > We are also in agreement that the goal should be to give accredited
> registrars strong incentives not to foster this undesirable status quo, and
> that such incentives should arise both from the terms of the ICANN
> contracts with registrars, and from principles of legal responsibility
> under national law. ICANN can control the first source of these
> incentives; its contractual provisions may influence, but cannot control,
> the second, since neither of the parties most directly involved -- the
> proxy service customers, and the law enforcement or other party seeking to
> identify them and hold them accountable -- is under contract to ICANN.
> >
> > We have not reached consensus on how best to advance this common goal.
> Some believe that the best approach is to start with the proxy services
> that are made available in connection with domain name registration, and
> require these services to follow best practices for promptly disclosing the
> identity of the party actually in control of the domain name, with
> registrars facing consequences if they do business with services that do
> not fulfill best practices. Others prefer the approach of denying any
> recognition of proxy services in ICANN contracts, and treating all such
> services simply as registrants, regardless of their practices.
> >
> > We set forth below alternative recommendations reflecting these dual
> approaches, and solicit community comment on them.
> >
> > One other area of agreement is that neither approach will be successful
> without proactive ICANN compliance measures, either to police observance of
> best practices, in the first approach, or to press registrars to cancel
> registrations of proxy services that do not fulfill their contractual
> obligations as set forth in the RAA. A well resourced and credible
> compliance program is essential to reforming the unacceptable status quo in
> this area.
> >
> > -----Original Message-----
> > From: Seth M Reiss [mailto:seth.reiss at lex-ip.com]
> > Sent: Thursday, December 01, 2011 10:52 AM
> > To: Susan Kawaguchi; 'Smith, Bill'
> > Cc: rt4-whois at icann.org
> > Subject: RE: [Rt4-whois] The New Proxy Language
> >
> > OK, guys, I finally woke up. But now I kind of wish I had not!
> >
> > I am not entirely comfortable with what I wrote (option 3). I continue to
> > agree with Bill's analysis and thinking, but I am also concerned that the
> > statements I wrote go well beyond what our Team was tasked to do. It
> goes
> > beyond WHOIS accuracy into the realm of security etc. But so does James'
> > and Susan's proposal (option 2).
> >
> > The Dakar statement (option 1 as most recently modified by Emily) comes
> > closest to us staying within our purview.
> >
> > Note that Susan agrees that language should be removed from the RRA and
> > proxy service provider should be responsible for the domain name. So
> > perhaps this could a bullet point under Dakar.
> >
> > Or better yet, how about this to make the group happy, or at least
> happier.
> >
> > How about the Dakar statement as most recently modified by Emily go into
> the
> > recommendations. Everything else, some of proposal 2 and maybe a bit of
> > proposal 3, or perhaps just the statement Susan made about language being
> > removed from the RAA, go into the discussion. I agree with Bill that a
> > voluntary set of best practices cannot reach the goal of eliminating
> > irresponsible proxy services. But the discussion section could indicate
> this
> > was one of the ideas that was considered by our team as a possible
> solution
> > and that is something that the community may wish to follow up on.
> >
> > Finally, regarding the DMCA, the United States Congress, in its wisdom,
> > decided that web hosts and neutral bill boards and the like should be
> given
> > a level of immunity to function and so adopted the DMCA and other
> measure to
> > provide safe havens from copyright infringement claims and other claims
> for
> > content posted by others if they registered as an agent and carefully
> > followed a number of specific take down/put up practices. The process is
> > mandatory, carefully detailed and all governed by a centralized law that
> is
> > consistent across the national territory. We, unfortunately, do not
> operate
> > in a landscape of consistent laws, plus we are not a legislature, plus
> (as
> > Bill has reiterated on several occasions) a voluntary practice will not
> get
> > us there.
> >
> > Seth
> >
> > -----Original Message-----
> > From: rt4-whois-bounces at icann.org [mailto:rt4-whois-bounces at icann.org]
> On
> > Behalf Of Susan Kawaguchi
> > Sent: Thursday, December 01, 2011 8:11 AM
> > To: Smith, Bill
> > Cc: rt4-whois at icann.org
> > Subject: Re: [Rt4-whois] The New Proxy Language
> >
> > Yes I agree a registrant is a contracted party I guess I am use to
> seeing so
> > much bad behavior by registrants that I do not think of them that way.
> >
> > I still do not see our two recommendations as polar opposites.
> >
> > I agree the language in the RAA should be removed and the proxy service
> > provider should be responsible for the domain name.
> >
> > But that does not exclude the need for best practices in this industry
> and
> > if we can get movement in the right direction along with calling for the
> > proxy service providers to be responsible it is a win win situation.
> >
> > (I am not comparing the DMCA to this situation but I think this is a good
> > example)
> > When the DMCA was put into US law it required interpretation and best
> > practices were developed over a period of time. In my opinion eBay took
> the
> > lead and put in place the VeRO program which went beyond some of the
> > requirements. Many other companies followed their lead and you will see
> > pieces of the VeRO program in many companies processes.
> >
> > I think several registrars have taken a similar path with their affiliate
> > proxy services and established procedures that are good.
> >
> > Why can't we advocate for both positions?
> >
> > I think we are in agreement that neither approach will be successful
> without
> > proactive ICANN compliance measures, either to police observance of best
> > practices, in the first approach, or to press registrars to cancel
> > registrations of proxy services that do not fulfill their contractual
> > obligations as set forth in the RAA. A well resourced and credible
> > compliance program is essential to reforming the unacceptable status quo
> in
> > this area.
> >
> >
> > -----Original Message-----
> > From: Smith, Bill [mailto:bill.smith at paypal-inc.com]
> > Sent: Thursday, December 01, 2011 9:46 AM
> > To: Susan Kawaguchi
> > Cc: James M. Bladel; rt4-whois at icann.org
> > Subject: Re: [Rt4-whois] The New Proxy Language
> >
> > Susan,
> >
> > Isn't everyone a contracted party in this ecosystem? Registrars and
> > Registries with ICANN and Registrants with Registrants (with required
> terms
> > from ICANN).
> >
> > I believe we need SLAs in each of the agreements that put some teeth into
> > the compliance provisions. For example, the current RAA language says
> that
> > failure to correct WHOIS data *may* result in revocation of the Domain
> Name
> > (or something similar to that).
> >
> > Action is voluntary on the part of the Registrant and Registrar with the
> > public paying the cost, much like with toxic waste. This isn't a direct
> cost
> > but indirect, and getting larger all the time. I sincerely doubt that a
> > voluntary code, though admirable, will mitigate these costs.
> >
> > If we have SLAs in each of the agreements, then failure by any party to
> > abide by them results in action and/or penalties up to and including
> loss of
> > name. The current system doesn't, while threatening such an eventuality
> > rarely reaches that point as we've heard.
> >
> > If ICANN wants to honor the AoC with respect to WHOIS, it firmly believe
> it
> > needs to shift from the voluntary mechanisms that don't work to a simple
> > though comprehensive set of mandatory mechanisms that will work. These
> > mechanisms should exist outside of any "at law"remedies but should be in
> > concert with them.
> >
> > I'll think about adding the VC to 4. My gut reaction is that it will
> still
> > allow too much legal room if/when the legal system is required.
> >
> > Bill
> >
> > On Dec 1, 2011, at 9:04 AM, "Susan Kawaguchi" <susank at fb.com> wrote:
> >
> >> Hi Bill,
> >>
> >> I agree with most of what is in your and Seth's recommendation but do
> not
> > understand how an SLA will work with non-contracted parties.
> >>
> >> What if we added the voluntary best practices to #4?
> >>
> >> Susan
> >>
> >> -----Original Message-----
> >> From: Smith, Bill [mailto:bill.smith at paypal-inc.com]
> >> Sent: Thursday, December 01, 2011 7:44 AM
> >> To: James M. Bladel
> >> Cc: Susan Kawaguchi; rt4-whois at icann.org
> >> Subject: Re: [Rt4-whois] The New Proxy Language
> >>
> >> I have no problem with folks not being "on board". However, we did agree
> > to language in Dakar in essence saying that ICANN should avoid mentioning
> > proxies in the RAA. I realize that some may not have been fully on board
> > with that, and there have been suggestion to change our position.
> >>
> >> From my perspective, the changes are from the Dakar position to the
> > Voluntary Code proposal.
> >>
> >> I've pointed out how the VC can and likely will be circumvented,
> > especially by "bad actors". If someone can demonstrate a way that the VC
> > deals with this issue and avoids a return to the current state, I'm all
> > ears.
> >>
> >> One way for the VC to work is to have a set of SLAs that mandate action
> in
> > response to non-compliance to the SLAs. I don't see a mention of that in
> the
> > VC and I'd want to understand exactly what we're talking about regarding
> > times for roundtrip reveal/relay and the consequences for failure to
> respond
> > in a timely fashion.
> >>
> >> On Dec 1, 2011, at 7:23 AM, James M. Bladel wrote:
> >>
> >> Agree with Susan. These are very significant changes coming very late
> in
> > the game.
> >>
> >> J.
> >>
> >> -------- Original Message --------
> >> Subject: Re: [Rt4-whois] The New Proxy Language
> >> From: Susan Kawaguchi <susank at fb.com<mailto:susank at fb.com>>
> >> Date: Thu, December 01, 2011 8:58 am
> >> To: Kathy Kleiman <kathy at kathykleiman.com<mailto:kathy at kathykleiman.com
> >>
> >> Cc: "rt4-whois at icann.org<mailto:rt4-whois at icann.org>"
> > <rt4-whois at icann.org<mailto:rt4-whois at icann.org>>
> >>
> >> Hi Kathy
> >>
> >> I am not onboard with Bill and Seth's recommendation but I am willing to
> > explore this direction.
> >>
> >> Susan
> >>
> >> Sent from my iPhone
> >>
> >> On Dec 1, 2011, at 6:18 AM, "Kathy Kleiman"
> > <kathy at kathykleiman.com<mailto:kathy at kathykleiman.com>> wrote:
> >>
> >>> But what James and Susan did so brilliantly, and for the first time in
> >>> history, was to begin to bring the proxy services into the ICANN tent
> >>> and into sight. The idea of disclosing relationships, sharing ownership
> >>> and contractual relationships, is an enormous step forward. I think we
> >>> are losing something now...
> >>>
> >>> Kathy:
> >>>> My preference is to replace the Voluntary Best Practices Guidelines. I
> > think there is useful information in that language to guide development
> of
> > SLAs regarding Registrant responsibilities and response times so would
> hate
> > to see that work "tossed".
> >>>>
> >>>> Seth's language is an attempt to "flesh out" the simple text we had in
> > Dakar, that said ICANN should remove reference to proxy services from the
> > RAA. I think he's done a good job, albeit perhaps a first cut, at doing
> that
> > and getting a conversation going on the practical implications of, let's
> > call it the Dakar proxy compact.
> >>>>
> >>>> As I recall, one of the reasons we decided to recommend removing
> proxies
> > from the RAA is that no matter how hard we, or ICANN tries to control or
> > regulate the proxy business, anyone can operate such a service outside of
> > the control of ICANN or the community. They simply register names and
> act on
> > behalf of someone else.
> >>>>
> >>>> What we, asa community, can do is develop some policies that set out
> > what is expected of all parties, including Registrants and have
> > consequences, mandatory in some cases, for failure to comply with the
> > policies. The consequence of last resort is revocation of the name.
> >>>>
> >>>> These policies wouldn't take the place of legal action, but they would
> > fill the void where Registrants, or their proxies, are non-responsive.
> >>>>
> >>>> The alternative is the voluntary code, but we know that can be
> avoided,
> > and letting the courts handle the situation... but that's basically
> where we
> > are today so I don't see how a code, voluntary or not helps in the end.
> >>>>
> >>>> On Dec 1, 2011, at 5:32 AM, Kathy Kleiman wrote:
> >>>>
> >>>>> Hi All,
> >>>>> What a night! I can see the 24*7 party of the WRT continued. Thanks
> so
> > very much!
> >>>>>
> >>>>> Regarding the language below, could someone be an expert guide? Is
> it a
> > replacement of the whole of the Proxy Recommendations, or in addition to
> the
> > Voluntary Best Practices Guidelines (which I really liked)
> >>>>>
> >>>>> Otherwise, I am thinking and researching. I think this is a big
> change
> > below, and I am not keen on #3 at all. Many, many people use proxy
> services
> > for many, many things, and the Recommendations section seems an odd
> place to
> > put a value judgement on that.
> >>>>>
> >>>>> Otherwise, there are some fascinating legal concepts, and my brain
> > already hurts!
> >>>>> Thinking hard first thing in the AM and still reviewing.
> >>>>> I would like to know what James thinks,
> >>>>> Kathy
> >>>>>
> >>>>>> Data Access- Proxy Service
> >>>>>>
> >>>>>> 1. The Review Team considers a Proxy Service as a relationship in
> > which
> >>>>>> the registrant is acting on behalf of another. The WHOIS data is
> that
> > of the
> >>>>>> agent/proxy service and the agent/proxy service alone obtains all
> > rights and
> >>>>>> assumes all responsibility for the domain name and its manner of
> use.
> >>>>>> 2. ICANN should clarify that any registrant that may be acting as a
> >>>>>> proxy service for another is in all respects still the registrant
> and,
> > in
> >>>>>> ICANN's view, should be held fully responsible for the use of the
> > domain
> >>>>>> name including for any and all harm that results from the use of the
> > domain
> >>>>>> name.
> >>>>>> 2. Because of ICANN's position on proxy services to date, which
> >>>>>> tolerates the proxy service industry that has arisen and which
> through
> > RAA
> >>>>>> provisions gives recognition and attempts to regulate that industry,
> > has
> >>>>>> been used by courts and others to allow proxy services to escape
> > liability
> >>>>>> for bad acts of the proxy service customers, ICANN should either
> > delete or
> >>>>>> amend those provisions of the RAA that can or have been used to
> allow
> > proxy
> >>>>>> services to escape liability.
> >>>>>> 3. The Review Team acknowledges that there may be legitimate reasons
> >>>>>> for the occasional use of a proxy service, as for example to
> protect a
> >>>>>> valuable trade secret at product launch. At the same time proxy
> > services
> >>>>>> should not be viewed or used as a substitute for privacy services
> that
> > are
> >>>>>> designed to shield an individual's personal contact information. The
> >>>>>> legitimate use a proxy service would be the exception and not
> > widespread.
> >>>>>> 4. A proxy service industry willing to accept full risks and
> > liabilities
> >>>>>> for the manner in which domain names through its service will be
> used
> > will
> >>>>>> take the necessary precautionary measures, in its relationship with
> > its
> >>>>>> customers, such that domain names so registered are unlikely to be
> > misused
> >>>>>> and, if misused, a remedy for those victimized will more likely be
> >>>>>> available.
> >>>>>>
> >>>>> _______________________________________________
> >>>>> Rt4-whois mailing list
> >>>>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
> >>>>> https://mm.icann.org/mailman/listinfo/rt4-whois
> >>>>
> >>>> _______________________________________________
> >>>> Rt4-whois mailing list
> >>>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
> >>>> https://mm.icann.org/mailman/listinfo/rt4-whois
> >>>
> >>>
> >>> --
> >>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Rt4-whois mailing list
> >>> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
> >>> https://mm.icann.org/mailman/listinfo/rt4-whois
> >>
> >> _______________________________________________
> >> Rt4-whois mailing list
> >> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
> >> https://mm.icann.org/mailman/listinfo/rt4-whois
> >> _______________________________________________
> >> Rt4-whois mailing list
> >> Rt4-whois at icann.org<mailto:Rt4-whois at icann.org>
> >> https://mm.icann.org/mailman/listinfo/rt4-whois
> >>
> >
> > _______________________________________________
> > Rt4-whois mailing list
> > Rt4-whois at icann.org
> > https://mm.icann.org/mailman/listinfo/rt4-whois
> >
>
>
> _______________________________________________
> Rt4-whois mailing list
> Rt4-whois at icann.org
> https://mm.icann.org/mailman/listinfo/rt4-whois
>
>
>
> -------------------------------------------------------------------------------
>
> NOTICE: This email message is for the sole use of the intended recipient(s)
> and may contain confidential and privileged information. Any unauthorized
> review, use, disclosure or distribution is prohibited. If you are not the
> intended recipient, please contact the sender by reply email and destroy
> all
> copies of the original message.
>
> This message has been content scanned by the Axway MailGate.
> MailGate uses policy enforcement to scan for known viruses, spam,
> undesirable content and malicious code. For more information on Axway
> products please visit www.axway.com.
>
>
>
> -------------------------------------------------------------------------------
>
>
> _______________________________________________
> Rt4-whois mailing list
> Rt4-whois at icann.org
> https://mm.icann.org/mailman/listinfo/rt4-whois
>
--
*
*
76 Temple Road, Oxford OX4 2EZ UK
t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322
emily at emilytaylor.eu
*www.etlaw.co.uk*
Emily Taylor Consultancy Limited is a company registered in England and
Wales No. 730471. VAT No. 114487713.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mm.icann.org/pipermail/rt4-whois/attachments/20111201/82bb5162/attachment.html
More information about the Rt4-whois
mailing list