Uniregistry Comments on GAC Safeguard Advice

[Bret Fausett <bret@xxxxxxxxxxxx>]

Thank you for the opportunity to respond to issues raised in the Governmental 
Advisory Committees' Beijing Communique. This response is submitted by 
Uniregistry, Corp., an applicant for fifty-four new generic top-level domains 
("gTLDs").

This response supplements the response submitted by Uniregistry on April 25, 
2013 on the distinction between singular and plural top-level domains. 
Specifically, this response addresses the "Safeguards on New gTLDs," attached 
as Appendix I to the Communique.

At the outset, Uniregistry wants to underscore its belief in certain enhanced 
safeguard protections for registrants and Internet users. Uniregistry is 
developing a registrant-centric registry service that it believes will be a 
better mechanism for managing registrations and serving registrants. In its 
applications, Uniregistry voluntarily proposed measures for abuse mitigation 
and rights protection that were above the minimums specified in the Applicant 
Guidebook, and, for its first reviewed application (.TECH, Application No. 
1-855-90632), Uniregistry scored bonus points on Questions 26 (Whois), 28 
(Abuse Prevention and Mitigation) and 29 (Rights Protection Mechanisms), which 
reflects the fact that these enhanced protections exist.

After reviewing the GAC advice, however, and comparing it to the strings 
Uniregistry carefully selected based on the rules in the Guidebook and previous 
GAC advice, and evaluating the advice in light of the applications Uniregistry 
carefully prepared over years of planning, we do not believe that the GAC 
advice on "Consumer Protection, Sensitive Strings, and Regulated Markets" is 
well-considered. Any advice in the GAC's Beijing Communique on "Consumer 
Protection, Sensitive Strings, and Regulated Markets" is vague, overboard, and 
not capable of implementation in its current form. Specific implementation of 
enhanced safeguards must come from the registries themselves and/or the 
bottom-up stakeholder policy development process.

Specifically, the GAC advice suffers from the following defects:

- The list of strings to which the advice purports to apply is 
"non-exhaustive," leaving in question which TLDs not specifically named might 
be subject to the advice.

- The list of strings in each category is internally inconsistent, many times 
placing generic words in the same categories as highly regulated industries. 
For example, Uniregistry's "DIET" was placed in the same health-related 
category as "PHARMACY" and its discount-oriented "SAVE" was placed in the same 
financial services category as "BANK" and "INSURANCE."

- On Safeguards 1 and 2: Registrants of domain names already are required to 
comply with "all applicable laws" -- this is a hallmark of being resident in 
any country in the world -- and the requirement that registries bind 
registrants to "all applicable laws" adds nothing to a registrant's existing 
legal obligations. At the same time, advising registrants that they may have an 
obligation under laws relating to "organic farming" or "financial disclosures" 
is too vague a warning to provide meaningful advice to prospective registrants 
about what they should or should not do with a domain name. Uniregistry already 
has proposed Abusive Use policies related to certain kinds of technical abuse 
and unlawful acts (specified in response to Applicant Question 28) but believes 
that the GAC's very vague suggested advice risks diminishing the importance of, 
and indeed undermining, the specific items in the Uniregistry abuse policy.

- On Safeguard 3: The primary customer relationship with registrants is through 
ICANN-accredited registrars, so any requirement that registries require certain 
conduct from registrants will be difficult for the registry to enforce. Here, 
the GAC asks that registries require registrants to maintain "reasonable and 
appropriate" information security practices, based on some undefined 
combination of law and industry practices. Again, even if this exact wording 
were passed to registrants by contract, the wording is too vague to provide any 
meaningful advice or warning to registrants, or to place meaningful 
restrictions on the way that a registrant operates. "Reasonable and 
appropriate" is an unenforceable, subjective standard that will be difficult 
for any registry, or registrar, to enforce.

- On Safeguard 4: The GAC asks registries to establish a working relationship 
with "the" relevant regulatory or industry-specific regulatory bodies, as 
though a single worldwide regulatory body exists for each industry on the GAC 
list. The Uniregistry TLDs on the GAC list include DIET, HIPHOP, SAVE, GAMES, 
JUEGOS, AUDIO, VIDEO, FASHION, DESIGN and ART. Looking at the GAC advice in 
Safeguard 4 and comparing it to the actual Uniregistry TLDs on the GAC list 
should make obvious the fact that the GAC advice is impossible to apply in any 
meaningful way.

- On Safeguard 5, the GAC again makes the mistake of believing that registries 
have a customer relationship with registrants, asking registries to require 
registrants to provide a single point of contact for abuse. Even assuming this 
were appropriate, however, a registrant's points of contact already are 
specified in the whois data requirements, including its technical contacts. We 
believe that any required uses of registrant-provided data fields that are 
different than those in the current whois specifications should proceed through 
the policy development process.

While Uniregistry appreciates that the GAC advice was created in just a few 
days at the ICANN Beijing meeting, the GAC had months to prepare something that 
would have been more specific and capable of implementation. It also had the 
opportunity to provide input into many of these issues as the ICANN Applicant 
Guidebook was being prepared. We ask the ICANN Board to reject the GAC advice 
on "Consumer Protection, Sensitive Strings, and Regulated Markets" because it 
is untimely, ill-conceived, overbroad, and too vague to implement.

Respectfully submitted,

Bret Fausett
Counsel to Uniregistry,
on behalf of Uniregistry, Corp.
4640 Admiralty Way, 5th Floor
Marina del Rey, California 90292