[At-Large] 9th Circuit Court ruling on ICANN Contract.

Carlton Samuels carlton.samuels at gmail.com
Sun Jan 9 18:37:45 UTC 2011 

Cogent.

I have one or two quibbles - the first one, how would one affirm the
registrant's identity? - but this, Karl, provides the substrate for a fairly
well-balanced regime between privacy and 'need to know' requirements.

Carlton

==============================
Carlton A Samuels
Mobile: 876-818-1799
Strategy, Planning, Governance, Assessment & Turnaround
=============================


On Sat, Jan 8, 2011 at 6:53 PM, Karl Auerbach <karl at cavebear.com> wrote:

> On 01/08/2011 02:37 PM, Roberto Gaetano wrote:
>
> > I believe that the registration of a domain requires the owner of the
> domain
> > to correctly identify oneself to the registering authority, but that this
> > information does not need necessarily to be public.
> > ...the example of car registration: a car owner is obliged
> > to provide complete and accurate information to the registration
> authority,
> > but this information is not necessarily public. Actually, I am not aware
> of
> > any national car registry in which you can access this information
> without
> > proving that you need it, and qualify yourself.
> > I have not yet heard a convincing argument on why the domain names have
> to
> > be treated differently.
>
> You've hit on an important point.  But first let me make a minor detour...
>
> <begin detour>
>
> If you check the registration of my primary automobile you won't find my
> name anywhere.  There are layers of corporate identities between my name
> and the name on my automobile registration.
>
> That is neither illicit nor does it oppose the social policies that
> justify automobile registration.
>
> "Ownership" is a distinct concept from that of "control".  There are
> quite legitimate reasons why ownership (or control) might be indirected
> through layers of intermediaries.  Moreover, there are cases, such as
> when a person has acquired an automobile on the basis of a loan there
> are separate and distinct legal and beneficial ownership rights.
>
> <end detour>
>
> The drum beat for privacy busting private regulation of domain name
> registrations is driven by the desire by various people, some driven by
> good intent (such as the anti-spam community), some driven by more
> selfish motives (such as the intellectual property protection [as
> distinguished from the intellectual property creation] industry).  Those
> groups would dispense with the nuisance of balanced due-process to the
> data subject.
>
> It is long past time to introduce some balance back into the equation:
>
> For years I have advocated that penetration of domain registrations
> should require the person making the request do several things:
>
>   1. They should announce their identity, personal and organizational
> (including contact information), and proofs of that identity, which
> would be recorded, permanently, into an access log.
>
>   2. A bond (small, perhaps $100) should be posted to indemnify the
> data subject should the access be ill founded, vexatious, or made with
> reckless disregard of facts known, or readily knowable to, the accessor.
>  (There are lots of ways that this requirement could be streamlined to
> accommodate the needs of consumers - for example the bond could be
> waived for the first 10 accesses during any 12 month period.)
>
>   3. They should make a concise and concrete accusation, into the
> permanent log, that states why they believe rights they process towards
> the domain name are being violated.  This accusation must be backed by
> evidence.  This accusation could act as an estoppel against the accessor
> making contrary assertions at a later date.
>
>   4. They should be required to enter into a legally binding agreement,
> with the data subject being granted explicit third party beneficiary
> rights of enforcement, that constrains the use of the data obtained so
> that it may not be further disseminated or used for any other purpose
> than to initiate a dialog with the data subject on the question whether
> the accusation is well founded or specious.
>
>   5. The data subject should be given notice of the access, including
> the identity of the accessor and the content of the accusation.  The
> data subject would have the right to make that accusation and the
> identity of the accessor public.
>
>   6. On a periodic basis the log of access should be processed so that
> the name of each accessor, and the number of accesses made, is published
> to the public.  This will help identify access trolls.
>
>        --karl--
> _______________________________________________
> At-Large mailing list
> At-Large at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>
> At-Large Official Site: http://atlarge.icann.org
>

More information about the At-Large mailing list