[RAA-WG] [At-Large] Open letter to ICANN
Hugh Dierker
hdierker2204 at yahoo.com
Thu Apr 9 12:24:17 CDT 2009
Gentle folks,
This is really a very helpful exchange from different perspectives. (I would suggest however that because someone has different life experiences and emphasizes different priorities that we not call them naive, simply because they are not well versed in our experience)
Criminal Law Enforcement agencies enforce the law. Obviously the law depends on the jurisdiction. Civil courts, tribunals and agencies enforce civil and contractual obligations. Obviously the interpretations of contracts and standards depends on the jurisdiction.
Sometimes spam is criminal, sometimes a breach of a civil obligation, and even sometimes perfectly legal and appropriately contracted.
Providing false information in exchange for a benefit is almost always fraud. Fraud is both criminal and a tort in every jurisdiction I am aware of from Sierra Del Fuego to Inchon to Moscow to Jerusalem to Johannesburg.
But when this fraud is committed who and how much does it hurt? Negligible at best to any given victim or plaintiff. Therefor not worth going after, further than shutting down the cause of injury. What ICANN can do is to establish standards for establishing higher per se or "statutory damages". Or in the strictly contractual arena liquidated damage clauses.
This would build in real penalties for abuse and give incentive to both civil and criminal prosecutors to go after the bastards. Like a free enterprise system for barristers and solicitors.
ICANN should not enforce, other than their contracts. But they should aid enforcement.
--- On Thu, 4/9/09, Vermont Linux <vtlinux at coldrain.net> wrote:
From: Vermont Linux <vtlinux at coldrain.net>
Subject: Re: [RAA-WG] [At-Large] Open letter to ICANN
To: "Patrick Vande Walle" <patrick at vande-walle.eu>
Cc: raa-wg at atlarge-lists.icann.org, "At-Large Worldwide" <at-large at atlarge-lists.icann.org>
Date: Thursday, April 9, 2009, 7:25 AM
Hi,
I am a bit surprised at the naivete expressed in this discussion. ICANN does
not take down any registrants, that is left to the registrars. ICANN can only
deaccredit a registrar for failing to meet its obligations as spelled in the
RAA. ICANN's role is to simply oversee the RAA and the registrars.
ICANN has recently made significant improvements to the WDPRS. There is an
improved one-at-a-time complaint part and the addition of a bulk complaint
interface for those who file large numbers of complaints. ICANN is doing better
in general and I believe that they will continue to improve.
The RAA appears to be just fine as a contract (no, I am not a lawyer, this is
not legal advice) that, in my opinion, would stand up in court. ICANN and the
registrars have lawyers who have looked closely at the RAA. If either believed
it was not enforcable, I am pretty sure someone would have taken action by now.
We at KnujOn have used the whois data accuracy problem to shut down over a
100,000 sites. We target commercial, not individuals, sites that we are sure
that are involved in spam and other criminal behavior. We expect to see many
more suspension over time. The complaints we file are looked at by ICANN, then
passed to the appropriate registrar who then looks at it again. The registrant
is notified of the problem and given time to fix it. If is fixed, the site stays
up,if not, it is suspended. There are four levels of checks that provide a
safety net for registrants, legitimate or not. If a registrant is unjustly
suspended, they can be restrored.
The sites like McColo have been looked at closely, with all sorts of evidence
to show that they were/are criminals. This is not an issue of whois, but rather
one where someone says the site is a bad actor, requiring a well documented,
detail report showing that they are a bad actor. These reports are public, so if
anyone wants to dispute the findings, they can. So far, no one has done so. And
McColo was actually taken down by its ISP.
One of the problems in the current system is that there are many players, ICANN
(and IANA), registries, registrars, resellers, ISPs, hosting companies and some
players have more than one role. This provides the ability of any one player to
say "It's not me, it's the other guy." The diffusion of
responsiblity means that no one is accountable. They only obvious way to handle
it is to make sure that each player follows the rules within their own space and
to shine a bright light on how they behave.
Let me lay to rest the issue of bad actor registrars. Most registarsr are not
criminals, some are victims, some are lazy, some do not know what to do and some
do not want to spend money on the problem. Many actually cooperate and do their
bast to run a clean operation. On the other hand there is a small number which
in fact are either criminals or make it easy for the criminals to operate.
The .com space in the US is with US jurisdiction as is ICANN (also under the
JPA). If you are in Europe, the EU rules apply. If your domain is within a
ccTLD, then that country will determine what happens. I believe the crackdown
the other day in the US by the FTC and the FBI on mortgage scam websites are
just the beginning.
The takedowns are not indiscriminate. They are done within existing law, rules,
contracts and regulations with documentaton that can be verfied. It has nothing
to do with how much you paid for it. A domain name is not like buying fast food.
It's more like owning a home or a car or setting up a bank account.
Opinions are fine (I have many), but doing one's homework first on a
complex and important issue is helpful.
- bob
On Tue, 7 Apr 2009, Patrick Vande Walle wrote:
> Neil Schwartzman wrote, On 7/4/09 15:15:
>> Your argument is a strawman, I too do not advocate ICANN's
>> indiscriminate involvement in take-downs because a site collects data
>> in an insecure manner, or due to an erroneous postal code, and I
don't
>> know anyone who advocates for such things.
>>
>> There is a role to be played in some particularly egregious
>> situations, and in fact, all roads lead to Rome. There are, in some
>> cases, no-where else to turn BUT ICANN.
>>
>> What we have seen in the one case of a shut-down last year was
>> particularly unsatisfying, when the assets of Registrar owned by a
>> criminal were sold to his business associate.
>>
>> I'm sure ICANN can do better, and certainly from those whom i met
in
>> Mexico, I got the impression that there is political will to do so.
>
> The main issue I see is that many of the terms in ICANN contracts, and in
this case the RAA terms which refer to whois data, would not stand a court case.
>
> I have some difficulty thinking that a court would rule that a domain name
should be taken down because of invalid whois data, especially if it was paid
for in a legimimate way. The remedy (take down) seems disproportionate to the
sheer value of the registration (less than USD 10 in most cases). After all, you
are not being asked for your address details when ordering at McDonalds, which
is in the same price range as a gTLD domain name. There is the added issue that
the RAA is between the registrar and ICANN. The customer is a third party.
Depending on the local legal context, the customer could validly argue that he
is not bound by the terms of the RAA.
>
> This is yet another example of ICANN drafting rules out of the blue and
not testing their validity in the real world. Some would call it arrogance, but
I would rather like to think this is idealism in its most naive form.
>
>
>
> Patrick Vande Walle
> Check my blog: http://patrick.vande-walle.eu
>
> _______________________________________________
> RAA-WG mailing list
> RAA-WG at atlarge-lists.icann.org
>
http://atlarge-lists.icann.org/mailman/listinfo/raa-wg_atlarge-lists.icann.org
>
> RAA WG Online: https://st.icann.org/RAA-Policy
>
_______________________________________________
RAA-WG mailing list
RAA-WG at atlarge-lists.icann.org
http://atlarge-lists.icann.org/mailman/listinfo/raa-wg_atlarge-lists.icann.org
RAA WG Online: https://st.icann.org/RAA-Policy
More information about the Registrants-rights
mailing list