[At-Large] ICANN Complaint System Circumvented

Legal legal at nixi.in
Mon Mar 13 21:40:32 UTC 2017

Dear Mr. Garth BruenAll domain registration agreements contain provisions for taking action on domains if it contains incomplete whois details or does any illegal activities.I read the WHOIS DATA PROBLEM REPORTING SYSTEM (WDPRS). The WHOIS INACCURACY COMPLAINT FORM provides below:-This form allows Internet users to submit a complaint to ICANN regarding incomplete or incorrect Whois data, including privacy or proxy contact information. The complaint is then forwarded to the sponsoring registrar, who must take reasonable steps to investigate and correct inaccurate data.On receipt of a complaint ICANN forwards the complaint to the registrar to investigate the matter.  The complaint may be incorrect or invalid whois details or involved in any cyber crime activity.  On receipt of the complaint the registrar:-
	may not allow any change to the domain or allow transfer of domain to another registrar by  placing the domain on (registrar) locks (4 locks - update, transfer, renew and delete) so that change or transfer does not take place (this is a preliminary step). 	After this the registrar may seek commence investigation on the issue by seeking the registrant to clarify the whois details and call upon the registrant why the domain should not be suspended for incorrect whois details or for involvement in criminal activities which is contrary to the domain registration policy. 	the registrar may perform (a) and (b) with notice to the registry (registry will be kept in of the email) so that registry is aware of the incidents and take necessary action when required.  (Kind Note:  Once locks are placed the registrant himself may come up and ask the registrar why the domain is placed on locks; this may help LEA (law enforcement agencies) to identify the  registrant and his loca
 tion to investigate the crime).Selling of Opioids may be crime or illegal in certain jurisdictions.   In matters where cyber crime is also involved along with incorrect details the requester may also include the law enforcement agencies in cc of his complaint filed before ICANN.   Or else ICANN may forward the complaint to relevant cyber crime unit (national or international).  Example:  CERT, FDA or INTERPOL.On the whole when a complaint is filed the complaint (which has cyber crime element in it) may also be marked to the registry, law enforcement agencies so that parallel investigations can be done by the law enforcement agencies simultaneously to ensure that complaint is resolved at the earliest.  Coming again to the core issue of incorrect details – the registrar will be the first person to take action on the domain by placing the domain on suspension.  Registry will take action if the registrar does not take action.  The regis
 trar and the registry have powers to put the domain on HOLD (the domain will not be deleted or transferred and will be completely controlled i.,e the domain will not resolve).  By placing the domain on locks as an initial step the transfer of domain from one registrar to another registrar can be avoided.   In the INDRP process (.IN domain dispute resolution process) which is similar to UDRP process – all 4 server locks are placed by the .IN Registry and all the 4 locks are placed by the .IN Registrar to ensure that the domain is not transferred or changed till the dispute resolution process is completed.  I humbly submit that at the outset ICANN may not take cognizance of this matter.  It is a matter which has to be resolved by the registrar and the registry.  (Kind note: If criminal activities are involved the requester can involve the LEAs also as stated supra).  The points highlighted by the Mr. Garth are noteworthy (in respect of WDPRS).I
  feel that the main reason WDPRS could not keep track of the complaint is because the domain is not placed on locks (hence the domain changes from registrar to registrar).   But if the locks are placed (as suggested above) such things can be prevented.  In this case ICANN could not actually follow up the ticket and had to close the ticket (because the domain can be transferred or changed any moment from one registrar to another).  To circumvent this issue the above method of placing the domain on locks is suggested.In my humble opinion the jurisdiction to handle issue relating to incorrect whois details lies with the registrar and the registry in ccTLDs; I hope the same theory applies for gTLDs also.  As such filing complaints before ICANN under WDPRS only overlaps the rights of registrar and registry.Suggestion:   The WHOIS INACCURACY COMPLAINT FORM ICANN can also mention that if the complaint involves issues relating to any cyber crime (drugs, po
 rnography, terrorism or any other cyber crime) in addition to incorrect whois details, the relevant law enforcement agencies of the requester’s jurisdiction or the international law enforcement agnecies may be kept in cc of the email.Looking forward to hear from others.RegardsR.R. KRISHNAALegal OfficerNational Internet Exchange of IndiaRegd. Office: Flat No. 6B, 6th Floor,Uppals M6 Plaza, Jasola District Centre, New Delhi -110025Tel: +91-11-48202010 (Direct) +91-11-48202000Email: legal at nixi.inWebsite:  www.nixi.inFrom: <gbruen at knujon.com>Sent: Mon, 13 Mar 2017 18:49:22 GMT+0530To: Rinalia Abdul Rahim <rinalia.abdulrahim at gmail.com>, Len Felipe Snchez Amba <leonfelipe at sanchez.mx>, Alan Greenberg <alan.greenberg at mcgill.ca>, "at-large at atlarge-lists.icann.org" <at-large at atlarge-lists.icann.org>, "na-discuss at atlarge-lists.icann.org" <na-discuss at atlarge-lists.icann.org>, ALAC Internal List <alac-inter
 nal at atlarge-lists.icann.org>Subject: [At-Large] ICANN Complaint System CircumventedDear ALAC Leadership and the greater community,I am submitting the following memorandum for your consideration:http://knujon.com/DONT_analysisoficannwdprs.pdfWhat you will find in this document is an analysis of the ICANNcomplaint system (WDPRS). The analysis uses one criminally-used domainwith false WHOIS as an example to better understand the issues withICANN policy and procedure. In short, the ICANN WDPRS has beeneffectively circumvented by the owners of this criminal domain. Thedomain has had 3 different sets of false WHOIS and simply transferredtheir domain each time a complaint was filed. The domain had beentransferred to 4 different registrars and is currently operating sellingnarcotics.In short, the current system has failed in its intent and the criminalsnow know how to get around enforcement. The problem is in the contractand in the compliance procedures.This is related to the earlier stu
 dies I have released to the list. Iwill be presenting at the joint session of the Public Safety WorkingGroup (PSWG) and the Verified TLD (vTLD) constituency on Tuesday 14March from 18:30 to 19:30 in Hall B4.1. I invite all comments and willbe talking about this in meetings.Apologies for any cross-posting.-Garth--Garth Bruengbruen at knujon.com617-947-3805http://www.knujon.comICANN At-Large Advisory CouncilAuthor: WHOIS Running the Internethttp://www.wiley.com/WileyCDA/WileyTitle/productCd-1118679555.html_______________________________________________At-Large mailing listAt-Large at atlarge-lists.icann.orghttps://atlarge-lists.icann.org/mailman/listinfo/at-largeAt-Large Official Site: http://atlarge.icann.org

[NIXI is on Social-Media too. Kindly follow us at:
Facebook: https://www.facebook.com/nixiindia & Twitter: @inregistry ]
This e-mail is for the sole use of the intended recipient(s) and may
contain confidential and privileged information. If you are not the
intended recipient, please contact the sender by reply e-mail and destroy
all copies and the original message. Any unauthorized review, use,
disclosure, dissemination, forwarding, printing or copying of this email
is strictly prohibited and appropriate legal action will be taken.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/at-large/attachments/20170313/28deb97b/attachment-0001.html>

More information about the At-Large mailing list