[bc-gnso] Request for input: GNSO's Working Group on Privacy & Proxy Services Accreditation

[Steve DelBianco <sdelbianco@xxxxxxxxxxxxx>]

On our last two BC calls, we asked for volunteers to respond to questions from 
a PDP working group on issues for the Accreditation of Privacy & Proxy services 
under the new RAA. 
(wiki<https://community.icann.org/pages/viewpage.action?pageId=43983094>)

No volunteers came forward, and the deadline was today.  So I responded for the 
BC, using previously approved BC statements and several questions (not 
positions) for consideration.

See my response below, and please think about volunteering for this working 
group.  If nothing else, please attend their session in Singapore on this issue 
that’s always been vital to BC member interests.

—Steve


From: Steve DelBianco 
<sdelbianco@xxxxxxxxxxxxx<mailto:sdelbianco@xxxxxxxxxxxxx>>
Date: Friday, February 28, 2014 at 7:01 PM
To: Mary Wong <mary.wong@xxxxxxxxx<mailto:mary.wong@xxxxxxxxx>>
Cc: Glen de Saint Géry <Glen@xxxxxxxxx<mailto:Glen@xxxxxxxxx>>, BC Executive 
Committee <bc-excomm@xxxxxxxxx<mailto:bc-excomm@xxxxxxxxx>>
Subject: Request for input: GNSO's Working Group on Privacy & Proxy Services 
Accreditation

Mary,

Thanks for talking today about BC input on privacy/proxy accreditation.  Here’s 
a follow-up for your notes:

First, we hope you can find a place for these 4 points the BC adopted regarding 
the 2013 RAA last May 
(link<http://www.bizconst.org/Positions-Statements/BC%20Comment%20on%20final%202013%20RAA%20[FINAL].pdf>):

The BC notes that the specification only requires that registrars require P/P 
Providers to post their privacy-proxy terms and conditions on their websites 
and does not require specific content of what those terms and conditions must 
entail. The BC would like to see specific content requirements of the terms and 
conditions as to the following issues:

  *   Specify under what circumstances, pursuant to section 2.4.3, the P/P 
Provider will relay communications from third parties to the P/P Customer. The 
BC recommends that the P/P Provider be required at a minimum to relay any 
communications alleging illegal conduct or consumer fraud (e.g., infringement 
of intellectual property rights).

  *   Specify under what circumstances and which time frame, pursuant to 
section 2.4.5, the P/P Provider will be required to reveal the Whois 
information of the P/P Customer. The BC recommends that if illegal activity is 
alleged, that the P/P Provider be required to reveal the Whois information and 
that this revelation occurs within seven (7) business days to conform to 
section.

  *
The BC recommends that the P/P Provider be required to relay any covered 
communication within three (3) business days to the P/P Customer. In addition, 
the BC requests that the specification require that the P/P Provider confirm 
such relay within 24 hours to the person submitting the report of abuse.

  *
The BC is concerned that there is no means by which to amend the P/P 
specification. It could be several years before this specification is replaced 
by a Privacy and Proxy Accreditation Program. Therefore, the BC recommends 
there be a mechanism to amend the P/P specification as may be considered 
necessary by the parties and stakeholders.

Second, here are some high-level questions (not official positions) the BC 
offers the WG:

ICANN enforcement:  Can we create an Accreditation system where ICANN 
compliance has legal power and leverage to enforce against accredited P/P 
providers who don’t follow the required RELAY and REVEAL procedures?    It’s 
far better for ICANN Compliance to have direct relationship with P/P Providers, 
than to rely only upon implied liability for failures to RELAY/REVEAL.

Must both Resellers and Registrars use accredited P/P providers?   As we 
discussed tonight, the 2013 RAA 
(link<https://community.icann.org/download/attachments/43984221/2013%20RAA.pdf?version=1&modificationDate=1384877800000&api=v2>)
 has strong requirements for Resellers to use Accredited P/P providers, but 
where’s the requirement for Registrars?  (see comparison below)

3.12.4 …  the Proxy Accreditation Program may require that: (i) proxy and 
privacy registration services may only be provided in respect of domain name 
registrations by individuals or entities Accredited by ICANN pursuant to such 
Proxy Accreditation Program; and (ii) Registrar shall prohibit Resellers from 
knowingly accepting registrations from any provider of proxy and privacy 
registration services that is not Accredited by ICANN pursuant the Proxy 
Accreditation Program.

3.14 Obligations Related to Proxy and Privacy Services. Registrar agrees to 
comply with any ICANN-adopted Specification or Policy that establishes a Proxy 
Accreditation Program. Registrar also agrees to reasonably cooperate with ICANN 
in the development of such program.

Lets plan now for the transition to Accredited P/P providers:  Can we have a 
communications plan to alert registrants, registrars, and P/P providers in 
advance of the date the Accreditation System becomes effective, such that all 
parties have time and incentive to convert to use only Accredited services?

What about Registrars who don’t use the 2013 RAA?  Seems that a registrant 
could avoid the requirement to use only Accredited P/P providers, by sticking 
with a registrar who has not adopted the 2013 RAA.   Any registrar who serves 
only legacy TLDs could avoid signing the 2013 RAA, right?  Must all registrars 
must convert to 2013 RAA at their next renewal?   What is the schedule for 
expiration of legacy RAA contracts?

Thanks again for handling this via phone.   We look forward to participating in 
your WG session in Singapore.

Best,
Steve

Steve DelBianco
Vice Chair for Policy Coordination
Business Constituency


From: Mary Wong <mary.wong@xxxxxxxxx<mailto:mary.wong@xxxxxxxxx>>
Date: Thursday, February 27, 2014 at 5:06 PM
To: Glen de Saint Géry <Glen@xxxxxxxxx<mailto:Glen@xxxxxxxxx>>, Elisa Cooper 
<Elisa.Cooper@xxxxxxxxxxxxxxx<mailto:Elisa.Cooper@xxxxxxxxxxxxxxx>>
Cc: Benedetta Rossi 
<bc-secretariat@xxxxxxxxx<mailto:bc-secretariat@xxxxxxxxx>>, Steve DelBianco 
<sdelbianco@xxxxxxxxxxxxx<mailto:sdelbianco@xxxxxxxxxxxxx>>, 
"gnso-secs@xxxxxxxxx<mailto:gnso-secs@xxxxxxxxx>" 
<gnso-secs@xxxxxxxxx<mailto:gnso-secs@xxxxxxxxx>>
Subject: Re: Reminder: Request for input: GNSO's Working Group on Privacy & 
Proxy Services Accreditation

Yes, thanks very much, Elisa and Steve! If you are still planning to provide 
feedback, I am sure the WG will be happy to receive it even after tomorrow. 
Perhaps the Singapore meeting could be a date to aim for, since the WG will be 
having a face to face meeting there and community members are of course welcome 
to attend it, so having community feedback sent in by then might be helpful.

I hope this helps, and thank you!

Cheers
Mary


Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)