[lac-discuss-en] Fwd: Discussions on ICANN's role in combating Internet Fraud

Carlton Samuels carlton.samuels at uwimona.edu.jm
Sat Apr 11 13:39:52 CDT 2009 

See continuing discussion on the RAA WG list.

If you wish, you can subscribe directly. See the subscription information
below.

Carlton Samuels

=================================================================================
Send RAA-WG mailing list submissions to
       raa-wg at atlarge-lists.icann.org

To subscribe or unsubscribe via the World Wide Web, visit

http://atlarge-lists.icann.org/mailman/listinfo/raa-wg_atlarge-lists.icann.org

or, via email, send a message with subject or body 'help' to
       raa-wg-request at atlarge-lists.icann.org

You can reach the person managing the list at
       raa-wg-owner at atlarge-lists.icann.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of RAA-WG digest..."


Today's Topics:

  1. Re: [At-Large] Open letter to ICANN (Hugh Dierker)
  2. Re: [At-Large] Open letter to ICANN (Vermont Linux)
  3. Re: [At-Large] Open letter to ICANN (Vermont Linux)
  4. Re: [At-Large] Open letter to ICANN (Hugh Dierker)


----------------------------------------------------------------------

Message: 1
Date: Thu, 9 Apr 2009 10:24:17 -0700 (PDT)
From: Hugh Dierker <hdierker2204 at yahoo.com>
Subject: Re: [RAA-WG] [At-Large] Open letter to ICANN
To: Patrick Vande Walle <patrick at vande-walle.eu>,       Vermont Linux

Gentle folks,
?
This is really a very helpful exchange from different perspectives. (I would
suggest however that because someone has different life experiences and
emphasizes different priorities that we not call them naive, simply because
they are not well versed in our experience)
?
Criminal Law Enforcement agencies enforce the law. Obviously the law depends
on the jurisdiction. Civil courts, tribunals and agencies enforce civil and
contractual obligations. Obviously the interpretations of contracts and
standards depends on the jurisdiction.
Sometimes spam is criminal, sometimes a breach of a civil obligation, and
even sometimes perfectly legal and appropriately contracted.
?
Providing false information in exchange for a benefit is almost always
fraud. Fraud is both criminal and a tort in every jurisdiction I am aware of
from Sierra Del Fuego to Inchon to Moscow to Jerusalem to Johannesburg.
?
But when this fraud is committed who and how much does it hurt? Negligible
at best to any given victim or plaintiff. Therefor not worth going after,
further than shutting down the cause of injury. What ICANN can do is to
establish standards for establishing?higher per se or "statutory damages".
Or in the strictly contractual arena liquidated damage clauses.
This would build in real penalties for abuse and give incentive to both
civil and criminal prosecutors to go after the bastards. Like a free
enterprise system for barristers and solicitors.
?
ICANN should not enforce, other than their contracts. But they should aid
enforcement.

--- On Thu, 4/9/09, Vermont Linux <vtlinux at coldrain.net> wrote:
========================================================================================
From: Vermont Linux <vtlinux at coldrain.net>

Hi,

I am a bit surprised at the naivete expressed in this discussion. ICANN does
not take down any registrants, that is left to the registrars. ICANN can
only
deaccredit a registrar for failing to meet its obligations as spelled in the
RAA. ICANN's role is to simply oversee the RAA and the registrars.

ICANN has recently made significant improvements to the WDPRS. There is an
improved one-at-a-time complaint part and the addition of a bulk complaint
interface for those who file large numbers of complaints. ICANN is doing
better
in general and I believe that they will continue to improve.

The RAA appears to be just fine as a contract (no, I am not a lawyer, this
is
not legal advice) that, in my opinion, would stand up in court. ICANN and
the
registrars have lawyers who have looked closely at the RAA. If either
believed
it was not enforcable, I am pretty sure someone would have taken action by
now.

We at KnujOn have used the whois data accuracy problem to shut down over a
100,000 sites. We target commercial, not individuals, sites that we are sure
that are involved in spam and other criminal behavior. We expect to see many
more suspension over time. The complaints we file are looked at by ICANN,
then
passed to the appropriate registrar who then looks at it again. The
registrant
is notified of the problem and given time to fix it. If is fixed, the site
stays
up,if not, it is suspended. There are four levels of checks that provide a
safety net for registrants, legitimate or not. If a registrant is unjustly
suspended, they can be restrored.

The sites like McColo have been looked at closely, with all sorts of
evidence
to show that they were/are criminals. This is not an issue of whois, but
rather
one where someone says the site is a bad actor, requiring a well documented,
detail report showing that they are a bad actor. These reports are public,
so if
anyone wants to dispute the findings, they can. So far, no one has done so.
And
McColo was actually taken down by its ISP.

One of the problems in the current system is that there are many players,
ICANN
(and IANA), registries, registrars, resellers, ISPs, hosting companies and
some
players have more than one role. This provides the ability of any one player
to
say "It's not me, it's the other guy." The diffusion of
responsiblity means that no one is accountable. They only obvious way to
handle
it is to make sure that each player follows the rules within their own space
and
to shine a bright light on how they behave.

Let me lay to rest the issue of bad actor registrars. Most registarsr are
not
criminals, some are victims, some are lazy, some do not know what to do and
some
do not want to spend money on the problem. Many actually cooperate and do
their
bast to run a clean operation. On the other hand there is a small number
which
in fact are either criminals or make it easy for the criminals to operate.

The .com space in the US is with US jurisdiction as is ICANN (also under the
JPA). If you are in Europe, the EU rules apply. If your domain is within a
ccTLD, then that country will determine what happens. I believe the
crackdown
the other day in the US by the FTC and the FBI on mortgage scam websites are
just the beginning.

The takedowns are not indiscriminate. They are done within existing law,
rules,
contracts and regulations with documentaton that can be verfied. It has
nothing
to do with how much you paid for it. A domain name is not like buying fast
food.
It's more like owning a home or a car or setting up a bank account.

Opinions are fine (I have many), but doing one's homework first on a
complex and important issue is helpful.

              - bob
===========================================================================
On Tue, 7 Apr 2009, Patrick Vande Walle wrote:
> Neil Schwartzman wrote, On 7/4/09 15:15:
>> Your argument is a strawman, I too do not advocate ICANN's
>> indiscriminate involvement in take-downs because a site collects data
>> in an insecure manner, or due to an erroneous postal code, and I
don't
>> know anyone who advocates for such things.
>>
>> There is a role to be played in some particularly egregious
>> situations, and in fact, all roads lead to Rome. There are, in some
>> cases, no-where else to turn BUT ICANN.
>>
>> What we have seen in the one case of a shut-down last year was
>> particularly unsatisfying, when the assets of Registrar owned by a
>> criminal were sold to his business associate.
>>
>> I'm sure ICANN can do better, and certainly from those whom i met
in
>> Mexico, I got the impression that there is political will to do so.
>
> The main issue I see is that many of the terms in ICANN contracts, and in
this case the RAA terms which refer to whois data, would not stand a court
case.
>
> I have some difficulty thinking that a court would rule that a domain name
should be taken down because of invalid whois data, especially if it was
paid
for in a legimimate way. The remedy (take down) seems disproportionate to
the
sheer value of the registration (less than USD 10 in most cases). After all,
you
are not being asked for your address details when ordering at McDonalds,
which
is in the same price range as a gTLD domain name. There is the added issue
that
the RAA is between the registrar and ICANN. The customer is a third party.
Depending on the local legal context, the customer could validly argue that
he
is not bound by the terms of the RAA.
>
> This is yet another example of ICANN drafting rules out of the blue and
not testing their validity in the real world. Some would call it arrogance,
but
I would rather like to think this is idealism in its most naive form.
>
>
>
> Patrick Vande Walle
> Check my blog: http://patrick.vande-walle.eu
>
======================================================================================

Message: 2
Date: Thu, 9 Apr 2009 13:25:26 -0400 (EDT)
From: Vermont Linux <vtlinux at coldrain.net>
Subject: Re: [RAA-WG] [At-Large] Open letter to ICANN
To: Patrick Vande Walle <patrick at vande-walle.eu>

Hi Patrick,

My response was to the entire thread, not just you. I am sorry if I did
not make that clear enough. My thoughts were a mixture to all that I read
and there were references to indiscrimant takedowns by ICANN. The homework
reference was for everyone, because a number of statements seemed to be
knee jerk reactions and not well thought out.

I have not searched for court cases related to this topic because I do not
believe that are any. I am aware of a few incidents where a registrar
mistakenly took down a legitimate site. The lawyers gathered in a room to
determine monetary damage and remedies, no court involvement. This is due
to established business practices. Generally these things are settled out
of court.

If someone wishes to challenge the RAA as registrant, it would be
interesting, but I believe futile. The RAA does spell out the registrar's
responsibilities involving registrants and the registrar does have the
right and obligation (under certain circumstances) to suspend a domain
name. Keep in mind, the registrant does not own the domain name, but
merely rents/leases/licenses (pick one) it for a specific time period.

When it is paid for, you know the registrar checks the credit/debit card
and if you pay for your McDonald's meal with one, they will check too,
unless they are willing to risk non-payment for that meal.

I am not sure how it would matter what country you are in terms of
challenging the RAA, unless you mean that no one dares challenge anything
in some dictatorship countries. I meant that the registrars as a group
push back whenever they can if someone tries to make them do something
they do not want to do. They also have some very good lawyers who have
read the RAA very closely looking for loopholes. For example, in the RAA,
registrars are given the choice of verifying the whois data when someone
registers a domain name OR sending out a periodic email telling the
registrant to verify their data and fix it, if it is incorrect. Can you
guess which choice they all make?

This is why I believe that the RAA would withstand a court case, because I
expect that if were possible to invalidate it (or parts of it) one of them
would have already done so.

        cheers, bob

On Thu, 9 Apr 2009, Patrick Vande Walle wrote:

>
>
> Vermont Linux wrote, On 9/4/09 16:25:
>> I am a bit surprised at the naivete expressed in this discussion.
>> ICANN does not take down any registrants, that is left to the registrars.
> Hi Bob,
>
> I never said ICANN was taking down registrants.
>> The RAA appears to be just fine as a contract (no, I am not a lawyer,
>> this is not legal advice) that, in my opinion, would stand up in
>> court. ICANN and the registrars have lawyers who have looked closely
>> at the RAA. If either believed it was not enforcable, I am pretty sure
>> someone would have taken action by now.
> I guess it very much depends in which country you are located.
>> Opinions are fine (I have many), but doing one's homework first on a
>> complex and important issue is helpful.
> My homework did not allow me to identify relevant case courts outside
> the USA. I would be most interested if you could share some references.
>
> Thanks a lot
>
=======================================================================================

Message: 3
Date: Thu, 9 Apr 2009 13:46:23 -0400 (EDT)
From: Vermont Linux <vtlinux at coldrain.net>
Subject: Re: [RAA-WG] [At-Large] Open letter to ICANN
To: Hugh Dierker <hdierker2204 at yahoo.com>

Hi Hugh,

I hope this is a helpful discussion. I want everyone to see the wisdom of
my perspective :)

I did not say that the discussion wa naive because of different life
experience, I said t because there were too many statements that apperared
to me that lacked an understanding of the RAA and the way all of the
players interact. How many of the authors of the emails in this thread
have actually read the RAA?

The Criminal Law Enforcement statements are generally correct, but can be
misleading when applied to specific circumstances. Contract law is pretty
much separate from criminal law - it is a separate course from criminal
law in most law schools. Registrars often tell complainers to get a court
order to shutdown a site because they know it takes a long time to get
such an order. It is just a technique to blow off the complainer.

Spam is not the only issue here. Spam is generally a gateway in far more
nefarious criminal activity. Stopping spam makes it more difficult for
criminals to prosper, but that would not stop criminals from trying other
means.

The fraud statement below is something I would call naive. As I mentioned
earlier, the US FBI arrested a bunch of people for mortage fraud the other
day (web sites and spam were involved). There were large sums of money
stolen, home ownerships were lost, neighborhoods ruined, and so forth.

If you step into the world of fake pharmacies, people have died from items
purchased from the unlicensed web sites. I think this rises to the level
of more than "Negligible at best."

The problem that I care about is much bigger than an occasional annoying,
unwanted email.

However, I am in full agreement with your last statement. ICANN only needs
to enforce the RAA and aid lew enforcement under specific circumstances.

               cheers, bob

On Thu, 9 Apr 2009, Hugh Dierker wrote:
>
> Gentle folks,
>

> This is really a very helpful exchange from different perspectives. (I
> would suggest however that because someone has different life
> experiences and emphasizes different priorities that we not call them
> naive, simply because they are not well versed in our experience)

> Criminal Law Enforcement agencies enforce the law. Obviously the law
> depends on the jurisdiction. Civil courts, tribunals and agencies
> enforce civil and contractual obligations. Obviously the interpretations
> of contracts and standards depends on the jurisdiction. Sometimes spam
> is criminal, sometimes a breach of a civil obligation, and even
> sometimes perfectly legal and appropriately contracted.

> Providing false information in exchange for a benefit is almost always
> fraud. Fraud is both criminal and a tort in every jurisdiction I am
> aware of from Sierra Del Fuego to Inchon to Moscow to Jerusalem to
> Johannesburg.

> But when this fraud is committed who and how much does it hurt?
> Negligible at best to any given victim or plaintiff. Therefor not worth
> going after, further than shutting down the cause of injury. What ICANN
> can do is to establish standards for establishing higher per se or
> "statutory damages". Or in the strictly contractual arena liquidated
> damage clauses. This would build in real penalties for abuse and give
> incentive to both civil and criminal prosecutors to go after the
> bastards. Like a free enterprise system for barristers and solicitors. ?

> ICANN should not enforce, other than their contracts. But they should aid
enforcement.
>
> --- On Thu, 4/9/09, Vermont Linux <vtlinux at coldrain.net> wrote:
>
> From: Vermont Linux <vtlinux at coldrain.net>
> Subject: Re: [RAA-WG] [At-Large] Open letter to ICANN
> To: "Patrick Vande Walle" <patrick at vande-walle.eu>
> Cc: raa-wg at atlarge-lists.icann.org, "At-Large Worldwide" <
at-large at atlarge-lists.icann.org>
> Date: Thursday, April 9, 2009, 7:25 AM
>
> Hi,
>
> I am a bit surprised at the naivete expressed in this discussion. ICANN
does
> not take down any registrants, that is left to the registrars. ICANN can
only
> deaccredit a registrar for failing to meet its obligations as spelled in
the
> RAA. ICANN's role is to simply oversee the RAA and the registrars.
>
> ICANN has recently made significant improvements to the WDPRS. There is an
> improved one-at-a-time complaint part and the addition of a bulk complaint
> interface for those who file large numbers of complaints. ICANN is doing
better
> in general and I believe that they will continue to improve.
>
> The RAA appears to be just fine as a contract (no, I am not a lawyer, this
is
> not legal advice) that, in my opinion, would stand up in court. ICANN and
the
> registrars have lawyers who have looked closely at the RAA. If either
believed
> it was not enforcable, I am pretty sure someone would have taken action by
now.
>
> We at KnujOn have used the whois data accuracy problem to shut down over a
> 100,000 sites. We target commercial, not individuals, sites that we are
sure
> that are involved in spam and other criminal behavior. We expect to see
many
> more suspension over time. The complaints we file are looked at by ICANN,
then
> passed to the appropriate registrar who then looks at it again. The
registrant
> is notified of the problem and given time to fix it. If is fixed, the site
stays
> up,if not, it is suspended. There are four levels of checks that provide a
> safety net for registrants, legitimate or not. If a registrant is unjustly
> suspended, they can be restrored.
>
> The sites like McColo have been looked at closely, with all sorts of
evidence
> to show that they were/are criminals. This is not an issue of whois, but
rather
> one where someone says the site is a bad actor, requiring a well
documented,
> detail report showing that they are a bad actor. These reports are public,
so if
> anyone wants to dispute the findings, they can. So far, no one has done
so. And
> McColo was actually taken down by its ISP.
>
> One of the problems in the current system is that there are many players,
ICANN
> (and IANA), registries, registrars, resellers, ISPs, hosting companies and
some
> players have more than one role. This provides the ability of any one
player to
> say "It's not me, it's the other guy." The diffusion of
> responsiblity means that no one is accountable. They only obvious way to
handle
> it is to make sure that each player follows the rules within their own
space and
> to shine a bright light on how they behave.
>
> Let me lay to rest the issue of bad actor registrars. Most registarsr are
not
> criminals, some are victims, some are lazy, some do not know what to do
and some
> do not want to spend money on the problem. Many actually cooperate and do
their
> bast to run a clean operation. On the other hand there is a small number
which
> in fact are either criminals or make it easy for the criminals to operate.
>
> The .com space in the US is with US jurisdiction as is ICANN (also under
the
> JPA). If you are in Europe, the EU rules apply. If your domain is within a
> ccTLD, then that country will determine what happens. I believe the
crackdown
> the other day in the US by the FTC and the FBI on mortgage scam websites
are
> just the beginning.
>
> The takedowns are not indiscriminate. They are done within existing law,
rules,
> contracts and regulations with documentaton that can be verfied. It has
nothing
> to do with how much you paid for it. A domain name is not like buying fast
food.
> It's more like owning a home or a car or setting up a bank account.
>
> Opinions are fine (I have many), but doing one's homework first on a
> complex and important issue is helpful.
>
>               - bob
>
> On Tue, 7 Apr 2009, Patrick Vande Walle wrote:
>> Neil Schwartzman wrote, On 7/4/09 15:15:
>>> Your argument is a strawman, I too do not advocate ICANN's
>>> indiscriminate involvement in take-downs because a site collects data
>>> in an insecure manner, or due to an erroneous postal code, and I
> don't
>>> know anyone who advocates for such things.
>>>
>>> There is a role to be played in some particularly egregious
>>> situations, and in fact, all roads lead to Rome. There are, in some
>>> cases, no-where else to turn BUT ICANN.
>>>
>>> What we have seen in the one case of a shut-down last year was
>>> particularly unsatisfying, when the assets of Registrar owned by a
>>> criminal were sold to his business associate.
>>>
>>> I'm sure ICANN can do better, and certainly from those whom i met
> in
>>> Mexico, I got the impression that there is political will to do so.
>>
>> The main issue I see is that many of the terms in ICANN contracts, and in
> this case the RAA terms which refer to whois data, would not stand a court
case.
>>
>> I have some difficulty thinking that a court would rule that a domain
name
> should be taken down because of invalid whois data, especially if it was
paid
> for in a legimimate way. The remedy (take down) seems disproportionate to
the
> sheer value of the registration (less than USD 10 in most cases). After
all, you
> are not being asked for your address details when ordering at McDonalds,
which
> is in the same price range as a gTLD domain name. There is the added issue
that
> the RAA is between the registrar and ICANN. The customer is a third party.
> Depending on the local legal context, the customer could validly argue
that he
> is not bound by the terms of the RAA.
>>
>> This is yet another example of ICANN drafting rules out of the blue and
> not testing their validity in the real world. Some would call it
arrogance, but
> I would rather like to think this is idealism in its most naive form.
>>
>>
>>
>> Patrick Vande Walle

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Message: 4
Date: Thu, 9 Apr 2009 23:08:28 -0700 (PDT)
From: Hugh Dierker <hdierker2204 at yahoo.com>
Subject: Re: [RAA-WG] [At-Large] Open letter to ICANN


I have to vehemently disagree with you here. Only on about 2% though.
Your knowledge of general principals of law is quite adept.
Something I have found only trial lawyers who have danced in both criminal
and civil arenas truly grasp is that: All fraud is founded in contract. No
tit for tat, no reasonable reliance, no fraud. The fact that I am king of
the world is by no means fraud. It is silly. You gave me nothing for that
statement and you may not rely upon it. (if you claimed that was legal
advice you would likewise fail for generally the same reasons. hihihi)
?
Your examples of the horrible losses that ocurr through fraud are very
accurate. But measured by occurence they are far less than a percentage. And
addressing these issues with those tragedies as a marker?is a Katie bar the
door, after the swine did the damage method. We need to stop the massive
small in order to prevent the horrendous big. If we prescribe to a butterfly
flapping his wings in China effecting Sarkozy's mood in Marseilles theory,
even the smallest fraud needs a reckoning.
?
Your point about reading, or not, the RAA is correct -- but we should look
at it as fact not as a passing judgment thing. It is a "thrust upon us"
contract,?with neither options nor negotiations. This allows us to apply
adhesion type principals to the beast, which broadens consumer remedies and
protection.
?
Teeth and 3rd party beneficiary rights are what are most needed here.
?
Otherwise we are in complete agreement. Just coming at it a bit differently.
?


--- On Thu, 4/9/09, Vermont Linux <vtlinux at coldrain.net> wrote:

From: Vermont Linux <vtlinux at coldrain.net>
Subject: Re: [RAA-WG] [At-Large] Open letter to ICANN

Hi Hugh,

I hope this is a helpful discussion. I want everyone to see the wisdom of my
perspective :)

I did not say that the discussion wa naive because of different life
experience, I said t because there were too many statements that apperared
to me
that lacked an understanding of the RAA and the way all of the players
interact.
How many of the authors of the emails in this thread
have actually read the RAA?

The Criminal Law Enforcement statements are generally correct, but can be
misleading when applied to specific circumstances. Contract law is pretty
much
separate from criminal law - it is a separate course from criminal law in
most
law schools. Registrars often tell complainers to get a court order to
shutdown
a site because they know it takes a long time to get such an order. It is
just a
technique to blow off the complainer.

Spam is not the only issue here. Spam is generally a gateway in far more
nefarious criminal activity. Stopping spam makes it more difficult for
criminals
to prosper, but that would not stop criminals from trying other means.

The fraud statement below is something I would call naive. As I mentioned
earlier, the US FBI arrested a bunch of people for mortage fraud the other
day
(web sites and spam were involved). There were large sums of money stolen,
home
ownerships were lost, neighborhoods ruined, and so forth.

If you step into the world of fake pharmacies, people have died from items
purchased from the unlicensed web sites. I think this rises to the level of
more
than "Negligible at best."

The problem that I care about is much bigger than an occasional annoying,
unwanted email.

However, I am in full agreement with your last statement. ICANN only needs
to
enforce the RAA and aid lew enforcement under specific circumstances.

              cheers, bob

On Thu, 9 Apr 2009, Hugh Dierker wrote:
>
> Gentle folks,
>

> This is really a very helpful exchange from different perspectives. (I
would suggest however that because someone has different life experiences
and
emphasizes different priorities that we not call them naive, simply because
they
are not well versed in our experience)

> Criminal Law Enforcement agencies enforce the law. Obviously the law
depends on the jurisdiction. Civil courts, tribunals and agencies enforce
civil
and contractual obligations. Obviously the interpretations of contracts and
standards depends on the jurisdiction. Sometimes spam is criminal, sometimes
a
breach of a civil obligation, and even sometimes perfectly legal and
appropriately contracted.

> Providing false information in exchange for a benefit is almost always
fraud. Fraud is both criminal and a tort in every jurisdiction I am aware of
from Sierra Del Fuego to Inchon to Moscow to Jerusalem to Johannesburg.

> But when this fraud is committed who and how much does it hurt? Negligible
at best to any given victim or plaintiff. Therefor not worth going after,
further than shutting down the cause of injury. What ICANN can do is to
establish standards for establishing higher per se or "statutory
damages". Or in the strictly contractual arena liquidated damage clauses.
This would build in real penalties for abuse and give incentive to both
civil
and criminal prosecutors to go after the bastards. Like a free enterprise
system
for barristers and solicitors. ?

> ICANN should not enforce, other than their contracts. But they should aid
enforcement.
>
> --- On Thu, 4/9/09, Vermont Linux <vtlinux at coldrain.net> wrote:
>

> Hi,
>
  I am a bit surprised at the naivete expressed in this discussion. ICANN
does
> not take down any registrants, that is left to the registrars. ICANN can
only
> deaccredit a registrar for failing to meet its obligations as spelled in
the
> RAA. ICANN's role is to simply oversee the RAA and the registrars.
>
> ICANN has recently made significant improvements to the WDPRS. There is an
> improved one-at-a-time complaint part and the addition of a bulk complaint
> interface for those who file large numbers of complaints. ICANN is doing
better
> in general and I believe that they will continue to improve.
>
> The RAA appears to be just fine as a contract (no, I am not a lawyer, this
is
> not legal advice) that, in my opinion, would stand up in court. ICANN and
the
> registrars have lawyers who have looked closely at the RAA. If either
believed
> it was not enforcable, I am pretty sure someone would have taken action by
now.
>
> We at KnujOn have used the whois data accuracy problem to shut down over a
> 100,000 sites. We target commercial, not individuals, sites that we are
sure
> that are involved in spam and other criminal behavior. We expect to see
many
> more suspension over time. The complaints we file are looked at by ICANN,
then
> passed to the appropriate registrar who then looks at it again. The
registrant
> is notified of the problem and given time to fix it. If is fixed, the site
stays
> up,if not, it is suspended. There are four levels of checks that provide a
> safety net for registrants, legitimate or not. If a registrant is unjustly
> suspended, they can be restrored.
>
> The sites like McColo have been looked at closely, with all sorts of
evidence
> to show that they were/are criminals. This is not an issue of whois, but
rather
> one where someone says the site is a bad actor, requiring a well
documented,
> detail report showing that they are a bad actor. These reports are public,
so if
> anyone wants to dispute the findings, they can. So far, no one has done
so. And
> McColo was actually taken down by its ISP.
>
> One of the problems in the current system is that there are many players,
ICANN
> (and IANA), registries, registrars, resellers, ISPs, hosting companies and
some
> players have more than one role. This provides the ability of any one
player to
> say "It's not me, it's the other guy." The diffusion of
> responsiblity means that no one is accountable. They only obvious way to
handle
> it is to make sure that each player follows the rules within their own
space and
> to shine a bright light on how they behave.
>
> Let me lay to rest the issue of bad actor registrars. Most registarsr are
not
> criminals, some are victims, some are lazy, some do not know what to do
and some
> do not want to spend money on the problem. Many actually cooperate and do
their
> bast to run a clean operation. On the other hand there is a small number
which
> in fact are either criminals or make it easy for the criminals to operate.
>
> The .com space in the US is with US jurisdiction as is ICANN (also under
the
> JPA). If you are in Europe, the EU rules apply. If your domain is within a
> ccTLD, then that country will determine what happens. I believe the
crackdown
> the other day in the US by the FTC and the FBI on mortgage scam websites
are
> just the beginning.
>
> The takedowns are not indiscriminate. They are done within existing law,
rules,
> contracts and regulations with documentaton that can be verfied. It has
nothing
> to do with how much you paid for it. A domain name is not like buying fast
food.
> It's more like owning a home or a car or setting up a bank account.
>
> Opinions are fine (I have many), but doing one's homework first on a
> complex and important issue is helpful.
>
>               - bob
>
> On Tue, 7 Apr 2009, Patrick Vande Walle wrote:
>> Neil Schwartzman wrote, On 7/4/09 15:15:
>>> Your argument is a strawman, I too do not advocate ICANN's
>>> indiscriminate involvement in take-downs because a site collects
data
>>> in an insecure manner, or due to an erroneous postal code, and I
> don't
>>> know anyone who advocates for such things.
>>>
>>> There is a role to be played in some particularly egregious
>>> situations, and in fact, all roads lead to Rome. There are, in
some
>>> cases, no-where else to turn BUT ICANN.
>>>
>>> What we have seen in the one case of a shut-down last year was
>>> particularly unsatisfying, when the assets of Registrar owned by a
>>> criminal were sold to his business associate.
>>>
>>> I'm sure ICANN can do better, and certainly from those whom i
met
> in
>>> Mexico, I got the impression that there is political will to do
so.
>>
>> The main issue I see is that many of the terms in ICANN contracts, and
in
> this case the RAA terms which refer to whois data, would not stand a court
case.
>>
>> I have some difficulty thinking that a court would rule that a domain
name
> should be taken down because of invalid whois data, especially if it was
paid
> for in a legimimate way. The remedy (take down) seems disproportionate to
the
> sheer value of the registration (less than USD 10 in most cases). After
all, you
> are not being asked for your address details when ordering at McDonalds,
which
> is in the same price range as a gTLD domain name. There is the added issue
that
> the RAA is between the registrar and ICANN. The customer is a third party.
> Depending on the local legal context, the customer could validly argue
that he
> is not bound by the terms of the RAA.
>>
>> This is yet another example of ICANN drafting rules out of the blue
and
> not testing their validity in the real world. Some would call it
arrogance, but
> I would rather like to think this is idealism in its most naive form.
>>
>>
>>
>> Patrick Vande Walle
>> Check my blog: http://patrick.vande-walle.eu
>

More information about the lac-discuss-en mailing list