Reply to Comments on PAB Model

["Ron Andruff" <randruff@xxxxxxxxxxxxxxx>]

Dear ICANN:

As one of the individuals who helped create the Policy Advisory Board (PAB)
concept and has joined others to perfect its evolving model, I thank the
At-Large Advisory Committee (ALAC) for ensuring that this important issue
came before the full ICANN community and that the ICANN Board is full aware
of the concerns underlying this proposal.  

One of ICANN’s first priorities is its responsibility to avoid or minimize
the creation of potential public harms in the operations of the new gTLD
program. That is precisely what the PAB model proposes to do in regard to
new gTLDs that implicate regulated professions and industry sectors.

One group representing only applicants -- the New gTLD Applicant Group
(NTAG) –posted comments expressing concern in regard to the PAB proposal,
contending that the New gTLD Program Committee (NGPC) has already addressed
the underlying consumer protection concerns through the adoption of
mandatory Public Interest Commitments (PICs) for all strings listed in the
Governmental Advisory Committee’s (GAC’s) Beijing Communique of April 2013.
However, Section 2 of Annex I of the GAC’s Singapore Communique issued as
recently as April 22, 2014
<https://gacweb.icann.org/download/attachments/27132037/BA%20MEETING%20MINUT
ES%20.pdf?version=1&modificationDate=1398244785000&api=v2>
https://gacweb.icann.org/download/attachments/27132037/BA%20MEETING%20MINUTE
S%20.pdf?version=1&modificationDate=1398244785000&api=v2, less than three
weeks ago, makes clear that the GAC continues to have multiple questions
regarding the operation and effectiveness of PICs, including “the greater
risks of fraud and deception” that will occur as a result of the NGPC’s
failure to implement various requirements requested by the GAC. 

Therefore, it must be concluded that the implementation of effective
consumer safeguards for Category 1 strings remains unfinished business. 

It is the lack of effective registrant eligibility standards for regulated
gTLDs to prevent fraud and deception that the PAB model is meant to address.
The NTAG’s contention that it is too late to consider the PAB model fails to
note that the vast majority of new gTLDs have yet to be delegated (regulated
industry strings cannot move forward without resolution of the PICs issue)
and that the adoption and implementation of consumer safeguards sufficient
to meet the GAC’s concerns remains unaddressed.  

Finally, the NTAG’s contention that implementation of the proposal “would
create unacceptable inequities… across subsets of applicants” would elevate
applicant interests above the public interest and legitimate concerns about
consumer protection. 

Another respondent, Donuts (the largest applicant for multiple gTLDs,
including several in the regulated industry space with public interest
implications) contends that the PAB concept has already been considered and
rejected, and that the NGPC’s acceptance of the GAC’s Category 1 advice is
complete. That contention is also incorrect. 

While the NGPC chose to prevent the ICANN community from having an
opportunity to comment on the PAB model, the process established by ICANN
bylaws enables an Advisory Committee to call for public comment, which has
resulted in this consultation with the broader community.   ALAC clearly
supports exploring the PAB as a viable mechanism to fulfill implementation
of the GAC’s requested safeguards demonstrating that through the bottom-up,
consensus-building process of ICANN, the PAB model has not been rejected. 

This extraordinary action of the ALAC (only the third time invoked in
ICANN’s history) to bring this matter before the public for comment is
validation of the multi-stakeholder process; hardly an affront to it. 

Certain respondents may seek to avoid any vetting of registrant bona fides
in relation to strings that the general public may well assume are only
available to legitimate profession or industry participants. This should be
of concern to the NGPC, the larger ICANN Board and community. ICANN must
fulfill its responsibility to protect against misuse of domains to an
unsuspecting public, regardless of the pressure or interests of applicants
for such strings if it is to be deemed worthy of operating free of U.S. or
other such oversight.

It is important to refer again to the GAC Communique, as noted above, where
it is made very clear that the GAC is not yet satisfied that its consumer
protection concerns have been adequately addressed in certain strings.
Donuts also contends that adoption of the PAB model would be creation of a
new policy. This, too, is not an accurate portrayal of the purpose of the
PAB model; this model seeks to adequately address public interest concerns
that have substantial foundation in the same principles that justify the
implementation of the GAC safeguards and PICs. 

 From the perspective of those entities that support the PAB concept, I am
pleased to make note of fTLD Registry Services, applicant for the .BANK and
.INSURANCE gTLDs – which has already formed an Advisory Council to serve as
an accountability mechanisms for those two regulated industry strings. Its
letter’s comments on certain mandatory elements of the PAB model fulfill the
purpose of this public comment period, which is to seek broad feedback to
help perfect the model. 

Likewise, Byron Holland’s comment that he believes “the idea of Policy
Advisory Boards to implement safeguard advice for "sensitive string" gTLDs
associated with regulated industries and professions to address the concerns
expressed by the Governmental Advisory Committee (GAC) to be conceptually
sound”, similar to the comment of DOTZON, identify concerns that can be
addressed as the model goes through further refinements. Indeed, public
consultation has already led to the modification that regulated industry
string registries would also have a seat on every PAB and be an equal to all
impacted parties. 

I further note support for the PAB concept expressed by the American
Insurance Association “because without it there are limited, if any,
controls in place to address the concerns that the GAC has identified in the
Beijing Communiqué and reiterated in the Singapore Communiqué”. The PAB has
also garnered support from RxRights, PharmacyChecker.com and the Canadian
International Pharmacy Association, three organizations dedicated to
protecting consumers against “rogue” online pharmacies.

Summing up, the primary opposition to implementation of the PAB model comes
from new gTLD applicants who wish to maximize their ability to sell Category
1 gTLD domains to registrants absent any screening criteria. This fails to
effectively implement the GAC’s requested Category 1 safeguards, and further
fails to protect consumers against the bad actors who will inevitably
register domains at relevant gTLDs to engage in consumer fraud and deception
in the absence of registry policies established by an advisory board made up
of impacted parties that sets effectively high registrant eligibility
criteria. 

It should also be well-noted that any discussion about unknown costs and
burdens to ICANN and regulated industry TLD applicants is a red herring.
Based upon my own experience as a new gTLD CEO in a prior round, the cost of
establishing a policy advisory group is modest and limited, particularly
when compared to the benefit to the integrity of the strings associated with
regulated industries, and the implications for consumer fraud and abuse. It
should be clearly understood that new gTLD policy creation is – for the most
part – a one time, short-term activity that once completed transforms the
Policy Advisory Board into a pseudo-auxiliary ‘watch group’ focused on
integrity in that registry string, that can ably assist ICANN Compliance
Department with zero cost to ICANN.

In conclusion, the PAB model has been proposed to address a glaring
shortcoming in consumer protection and should be enacted immediately as an
implementation matter for new gTLDs to enable regulated string applicants to
move forward in their application process.

Sincerely,

Ron Andruff