[At-Large] [ALAC] Fwd: A million domains taken down by email checks
Alan Greenberg
alan.greenberg at mcgill.ca
Fri Jul 4 03:14:39 UTC 2014
The registrars are asking for data from law enforcement, and rightfully so.
However, before I would charge off and recommend
that the ALAC takes a position, I would like to see some data from registrars.
800,000 is a large number. But it is also just
0.5% of all gTLD registrations. In the past when
the ALAC has raised issues related to similar
problems (such as loss of registrations after
accidental expiration), one of the replies from
registrars has been that the number is only a
tiny fraction of the registrations that are not
lost. In my mind, the issue was not the
percentage but the absolute number of people
suffering problems, and it still is in this case.
When we were looking at expiration issues, and
how to alert a registrant that a name had
expired, the PDP WG came to the conclusion that
the best way to wake up a registrant who is
either ignoring e-mails, or has e-mails directed
to an invalid or dead e-mail box, it to take down
the domain. Not working does catch people's
attention! Yes, it is a harsh way to do this, but
very effective. The first reports that we are
getting from Contractual Compliance is that with
these new measures in place, complaints are way
down, as much as 50% for some expiration-related complaints.
So I would want to understand something about
where this 800,000 number comes from, and how it
is broken down. Examples of questions that come
to mind and should be explored are:
- how many of those 800,000 result in the
registrant correcting the data and the domain goes live again
- how many are not due to bad registrant contact
information, but bad contact information for the
a privacy/proxy service or web hosting company
I'm sure a bit of discussion would raise other questions as well.
So I am all for the ALAC making a statement, But
the content of that statement should be based on
a better understanding of what is going on here.
Alan
Postscript: One of the issues that came up during
the expiration renewal PDP was that many
registrations use the domain in question for the
contact e-mail. For example, the domain
example.com might had a contact e-mail address of
webmaster at example.com. If the domain stops
working for any reason, the contact address is by
definition useless. Registrant need to be
educated to NOT use the domain being registered
for its own contact address. The PDP recommended
that registrars warn registrants about this.
Perhaps it is being done, but I have not seen it.
At 03/07/2014 06:36 AM, Rinalia Abdul Rahim wrote:
>Dear ALAC,
>
>In reference to Joly MacFie's mail to the At-Large (see forwarded), the
>topic was also raised by Registrars during their meeting with the ICANN
>Board in London.
>
>Fadi posed a question to the Registrars on whether they have engaged with
>the At-Large on the matter. Fadi then raised the issue to the At-Large
>during his ATLASII Fayre speech.
>
>It would be important that the At-Large articulates its position on the
>issue (possibly via an ALAC statement) as it is being presented as a
>problem for Internet users.
>
>Best regards,
>
>Rinalia
>---------- Forwarded message ----------
>From: "Joly MacFie"
><<https://atlarge-lists.icann.org/mailman/listinfo/alac>joly at punkcast.com>
>Date: Jun 26, 2014 1:00 AM
>Subject: [At-Large] A million domains taken down by email checks
>To: "At-Large Worldwide"
><<https://atlarge-lists.icann.org/mailman/listinfo/alac>at-large
>at atlarge-lists.icann.org>
>Cc:
>
>Fwd over from the NCSG list. I underdtand that this would have been
> > discussed in today's EWG and privacy sessions. Any comments?
> >
> >
> >
> <http://domainincite.com/16963-a-million-domains-taken-down-by-email-checks>http://domainincite.com/16963-a-million-domains-taken-down-by-email-checks
> >
> > A million domains taken down by email checks
> > <
> >
> <http://domainincite.com/16963-a-million-domains-taken-down-by-email-checks>http://domainincite.com/16963-a-million-domains-taken-down-by-email-checks
> > >
> > Kevin Murphy
> <<http://domainincite.com/about>http://domainincite.com/about>,
> June 24, 2014, 14:34:25
> > (UTC), Domain Registrars
> >
> <<http://domainincite.com/category/domain-registrars>http://domainincite.com/category/domain-registrars>
> >
> > *Over 800,000 domain names have been suspended since the beginning of the
> > year as a result of Whois email verification rules in the new ICANN
> > Registrar Accreditation Agreement.*
> >
> > Thats according to the Registrars Stakeholder Group, which collected
> > suspension data from registrars representing about 75% of all registered
> > gTLD domain names.
> >
> > The actual number of suspended domains could be closer to a million.
> >
> > The 2013 RAA requires registrars to verify the email addresses listed in
> > their customers Whois records. If they dont receive the verification,
> > they have to suspend the domain.
> >
> > The RrSG told the ICANN board in March that these checks were doing more
> > harm than good
> > <
> >
> <http://domainincite.com/16375-are-whois-email-checks-doing-more-harm-than-good>http://domainincite.com/16375-are-whois-email-checks-doing-more-harm-than-good
> > >
> > and today Tucows CEO Elliot Noss presented, as promised, data to back up
> > the claim.
> >
> > There have been over 800,000 domains suspended, Noss said. We have
> > stories of healthcare sites that have gone down, community groups whose
> > sites have gone down.
> >
> > I think we can safely say millions of internet users, he said. Those are
> > real people just trying to use the internet. They are our great
> > unrepresented core constituency.
> >
> > The RrSG wants to see contrasting data from law enforcement agencies and
> > governments which pushed hard for Whois verification showing that the
> > RAA requirement has had a demonstrable benefit.
> >
> > Registrars asked at the Singapore meeting in March that law enforcement
> > agencies (LEA) be put on notice that they cant ask for more Whois controls
> > until theyve provided such data and ICANN CEO Fadi Chehade said
> > <
> >
> <http://domainincite.com/16375-are-whois-email-checks-doing-more-harm-than-good>http://domainincite.com/16375-are-whois-email-checks-doing-more-harm-than-good
> > >
> > It shall be done by London.
> >
> > Noss implied that the majority of the 800,000 suspended names belong to
> > innocent registrants, such as those who had simply changed email addresses
> > since registering their names.
> >
> > What was a lovely political win that we said time and time again in
> > discussion after discussion was impractical and would provide no benefit,
> > has demonstrably has created harm, Noss said.
> >
> > He was received with cautious support by ICANN board members.
> >
> > Chair Steve Crocker wonder aloud how many of the 800,000 suspended domains
> > are owned by bad guys, and he noted that LEA dont appear to gather data in
> > the way that the registrars are demanding.
> >
> > We were subjected, all of us, to heavy-duty pressure from the law
> > enforcement community over a long period of time. We finally said, Okay,
> > we hear you and well help you get this stuff implemented,, he added.
> > That creates an obligation as far as Im concerned on their part.
> >
> > Were in a at least from a moral position in a strong position to say,
> > You must help us understand this. Otherwise, youre not doing your part of
> > the job, he said.
> >
> > Chehade also seemed to support the registrars position that LEA needs to
> > justify its demands and offered to take their data and concerns to the LEA
> > and the Governmental Advisory Committee.
> >
> > They put restrictions on us that are causing harm, according to these
> > numbers, he said. Lets take this back at them and say, hey, you ask for
> > all these things, this is what happened.
> >
> > If you cant tell me what good this has done, be aware not to come back
> > and ask for more, he said. Im with you on this 100%. Im saying lets
> > use the great findings you seem to have a found and well-package them in a
> > case and I will be your advocate.
> >
> > Director Mike Silber also spoke in support of the RrSGs position.
> >
> > My view is if what you are saying is correct, the LEAs have blown their
> > credibility, he said. Theyre going to have to do a lot of work before we
> > impose similar disproportional requirements on actors that are not proven
> > to be bad actors.
> >
> > So what does this all mean for registrants?
> >
> > I dont think theres any ongoing process right now to get the Whois
> > verification requirements overturned that would require a renegotiation
> > of the RAA but it does seem to mean demands from governments and police
> > are going to have to be much more substantiated in future.
> >
> > Noss attempted to link the problem to the recommendations of the Whois
> > Expert Working Group (EWG), which propose a completely revamped,
> > centralized Whois system with much more verification
> >
> <<http://domainincite.com/16855-whois-killer-is-a-recipe-for-a-clusterfuck>http://domainincite.com/16855-whois-killer-is-a-recipe-for-a-clusterfuck>
> > and not much to benefit registrants.
> >
> > To paraphrase: if email verification causes so much harm, what harms could
> > be caused by the EWG proposal?
> >
> > The EWG was not stuffed with LEA or governments, however, so it couldnt
> > really be characterized as another set of unreasonable demands from the
> > same entities.
> >
> >
> > --
> > ---------------------------------------------------------------
> > Joly MacFie 218 565 9365 Skype:punkcast
> > WWWhatsup NYC - <http://wwwhatsup.com>http://wwwhatsup.com
> > http://pinstand.com - <http://punkcast.com>http://punkcast.com
> > VP (Admin) - ISOC-NY - <http://isoc-ny.org>http://isoc-ny.org
> > --------------------------------------------------------------
> > -
> > _______________________________________________
> > At-Large mailing list
> >
> <https://atlarge-lists.icann.org/mailman/listinfo/alac>At-Large
> at atlarge-lists.icann.org
> > https://atlarge-lists.icann.org/mailman/listinfo/at-large
> >
> > At-Large Official Site: <http://atlarge.icann.org>http://atlarge.icann.org
More information about the At-Large
mailing list