Comments of Key-Systems GmbH

[Volker Greimann <vgreimann@xxxxxxxxxxxxxxx>]

Dear Mary,

Key-Systems GmbH is pleased to provide the comments below with on the 
initial report of the GNSO Privacy and Proxy Accreditation Issues WG for 
consideration of the group:
1) Arguments against accreditation:
The proposal to accredit providers of privacy and proxy services 
currently operating independantly from the realm of ICANN is not an 
adequate or necessary and will likely result in a substantial financial 
and administrative burdens on ICANN, provider and end customers alike. 
Independent providers would be forced into a direct relationship with 
ICANN and ICANN would be forced into the role of a supervisory and 
enforcement body, significantly increasing its scope.
The proposal to follow the path of accrediting these providers 
essentially proposes a direct contractual relationship between the 
provider as a registrant and ICANN, as most privacy and proxy service 
providers are the for many intents and purposes the public registrants 
of the domain names they provide their services for. The accreditation 
scheme therefore essentially proposes that a certain class of 
registrants would need an individual ICANN accreditation to be able to 
register and maintain domain names. This could be interpreted as a first 
step towards full registrant accreditation requirements, where anyone 
registering their domain would be required to sign an accreditation 
agreement with ICANN. The only contract binding the registrant and 
required by ICANN should remain that with his or her sponsoring registrar.
The proposal would essentially also introduce a new class of contracted 
parties and may therefore impact the GNSO structure in ways that cannot 
yet be foreseen. Privacy and proxy service providers would be forced to 
engage directly at ICANN, an undertaking which they currently have no 
interest or funds to do.
We therefore propose that alternate methods of achieving many of the 
same benefits should be explored by this group. Such methods could 
include certification of compliance with policy requirements, adherance 
to a set of best practices or other means. For example, a registrar 
could certify providers it actively works with with no need to involve 
ICANN at this level. Instead of maintaining an accreditation scheme, 
such methods would not require an accreditation process, accreditation 
fees and heavy compliance oversight but rather would require each 
provider to voluntarily accept the requirements of the policy developed 
by this group and subsequent versions thereof. Enforcement would be 
covered by modifying the requirements or registrars in the RAA and 
consensus policies when working knowingly with privacy or proxy service 
providers.
Accreditation and service fees, ICANN engagements and other newly added 
cost could significantly increase the cost of such services for the end 
customers, who currently can opt-into services offered by their direct 
providers at a nominal fee. Such cost increases would have to be taken 
into account when calculating the benefits such a new policy would bring.
2)
We request that any recommendation proposed by the group be based on an 
extensive cost-risk-benefit analysis. Any recommendation should be 
subject to a review of what it will cost, both socially and 
economically, as should each proposed benefits. No recommendation should 
be proposed where the benefits do not significantly outweigh the costs 
and/or risks.
3) With regard to the recommendation to avoid the need to disclose upon 
renewal, transfer or restoring, we propose a default contact be allowed 
under all policies that would not fall under whois accuracy requirements 
and which should only be used for the listed purposes for a limited 
duration.
4) We do not support creating a list of accreditated service providers, 
however a list of providers that have committed to the recommendations 
would be helpful.
5) Contactibility need not match exactly the requirements of 2.3 of the 
RAA as providers have in many cases no access to modify or change 
registration data or take other action regarding the domain name. There 
is no need to have an point of contact equivalent to the TEAC. Response 
times also need not be as quickly as those of the sponsoring registrar.
6) Regarding Relay:
-We favor Option 2 as it allows filtering of unwanted messages such as 
purchase enquiries even if those do not qualify as spam or abusive 
communications
-Instead of "All third party electronic requests alleging abuse by a P/P 
service customer will be promptly forwarded to the customer. ", we 
propose: "Provider will promptly upon receipt attempt to forward all 
substantiated third party electronic requests alleging abuse by a P/P 
service customer to the customer. "
7) Regarding disclosure/publication:
- Disclosure or publication should never be the automatic result of a 
process, but rather remain an option of the provider. Requests for 
disclosure by third parties should remain refusable by the provider 
unless the request is issued by a public law enforcement body of proper 
authority acting within its own jurisdiction. Private organizations 
designated by a public body for certain types of abuse should not 
qualify as such public law enforcement bodies. We do not support the 
proposed Disclosure Framework as it assumes disclosure if certain 
process steps are followed regardless of the merits of the complaint.
8) Escalation of Relay:
We do not support the  proposal that costs should be borne by the 
registrant. Any processing fee should be paid by the party requesting 
the forwarding of information. We also propose to strike "the number of" 
from the last paragraph. As a minimum mandatory requirement, we propose 
that the provider utilize alternate means to try to contact its customer 
without necessarily being required to disclose those avenues to the 
complainant.
9) Commercial use:
We do not support the notion that a certain type of use would prohibit 
the use of these services. Requirements for disclosure are better 
applied to the content of the websites and should be legislated 
nationally or agreed upon internationally. Providers should not have to 
evaluate eligibility based on use. We find this impractical. This author 
has personally used online financial services operated under domains 
utilizing privacy services with no issue. There may be a plethora of 
legitimate reasons for not wanting to disclose the identity of the 
domain registrant even when such services are provided.
10) Review of any policy:
We propose that any policy recommendation include a sunset term, with 
automated renewal of the policy recommendation to be dependent on an 
analysis of whether it has whether it has delivered on its intended 
benefits and whether it has led to additional costs or issues not 
forseen by the WG when it made the recommendations.












--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email:vgreimann@xxxxxxxxxxxxxxx

Web:www.key-systems.net  /www.RRPproxy.net
www.domaindiscount24.com  /www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu  

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.

--------------------------------------------

Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email:vgreimann@xxxxxxxxxxxxxxx

Web:www.key-systems.net  /www.RRPproxy.net
www.domaindiscount24.com  /www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu  

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.