<<<
Chronological Index
>>> <<<
Thread Index
>>>
Verisign comments on Proposed Implementation of GNSO Thick RDDS (Whois) Transition Policy for .COM, .NET and .JOBS
- To: "comments-whois-transition-26oct16@xxxxxxxxx" <comments-whois-transition-26oct16@xxxxxxxxx>
- Subject: Verisign comments on Proposed Implementation of GNSO Thick RDDS (Whois) Transition Policy for .COM, .NET and .JOBS
- From: "Anderson, Marc" <mcanderson@xxxxxxxxxxxx>
- Date: Thu, 15 Dec 2016 21:03:05 +0000
RE: Proposed Implementation of GNSO Thick RDDS (Whois) Transition Policy for
.COM, .NET and .JOBS
https://www.icann.org/public-comments/proposed-implementation-gnso-thick-rdds-whois-transition-2016-10-26-en
15 December 2016
Verisign appreciates the opportunity to comment on the proposed Thick Whois
Transition Policy for .COM, .NET and .JOBS ("Thick Whois Transition Policy").
We would like to thank ICANN staff and the Implementation Review Team ("IRT")
members for the time and effort that was expended in the creation of the
proposed Thick Whois Transition Policy.
Verisign is generally supportive of the proposed Thick Whois Transition Policy;
however we do offer the following feedback for consideration by ICANN staff and
the IRT.
Procedure for Handling Whois Conflicts with Privacy Law:
Both the Thick Whois PDP Final Report and ICANN's Legal Review Memorandum
conducted pursuant to Recommendation #3 of the GNSO Council Consensus Policy
Recommendations acknowledged that "potentially conflicting data protection
requirements" may exist in certain jurisdictions, and ICANN's Legal Review
Memorandum advised that "registrars and registries must determine how best to
manage their operations as they work to ensure they do not violate principles
of local laws". The proposed Thick Whois Transition Policy notes that
"[w]here a conflict exists between local privacy laws and requirements included
in this Policy, ICANN's Procedure for Handling Whois Conflicts with Privacy
Laws is available for Registry Operators and Registrars". Currently, ICANN's
Whois Conflicts Procedure recognizes only one "trigger" for the purposes of
seeking to resolve a conflict between a Whois obligation and local privacy
laws: the Registry Operator or Registrar must have received "notification of an
investigation, litigation, regulatory proceeding or other government or civil
action". In order to avail itself of the Whois Conflicts Procedure, a
Registry Operator or Registrar facing a local law conflict would therefore
seemingly need to implement the Thick Whois Transition Policy requirements in
violation of local law and wait until it is the subject of imminent legal
action before requesting a waiver to resolve the conflict.
Given the recognized need for Registry Operators and Registrars to ensure they
do not violate principles of local laws when implementing the Thick Whois
Transition Policy, Verisign recommends that the Thick Whois Transition Policy
expressly include specific provisions that define the requirements and
procedures for Registry Operators and Registrars to seek a waiver of the
requirements of the Thick Whois Transition Policy in the event of a conflict
with local laws, and that such provisions include one or more "Alternative
Triggers" similar to those contained in the Data Retention Specification of the
2013 Registrar Accreditation Agreement.
RDAP Profile Reference:
Section 2.10 of the Thick Whois Transition Policy refers to requirements found
in the "RDAP Operational Profile for gTLD Registries and Registrars", a
document which is neither a policy nor a standard. Verisign recommends that
instead of unnecessarily referencing requirements found in the RDAP Operational
Profile, the necessary requirements be explicitly stated in the Thick Whois
Transition Policy.
Additional Clarifications:
Section 2.1 of the Thick Whois Transition Policy requires the Registry Operator
to implement an EPP mechanism and alternative bulk transfer mechanism "by" 1
August 2017. Section 2.4 states, however, that the Registry Operator must
support certain EPP contact commands "starting" on 1 August 2017. This appears
to create a discrepancy between Sections 2.1 and 2.4. In order to clarify the
requirements associated with EPP implementation, Verisign recommends that
section 2.4 be updated to state that Registry Operators must support the
contact commands as described in the provision "by" 1 August 2017.
Section 2.4 of the Thick Whois Transition Policy limits the EPP contact fields
that the Registry Operator must require to <contact:id>, <contact:postalInfo>
and <contact:authInfo>. The EPP contact field <contact:postalInfo> has a
number of sub-elements, but the only element the IRT discussed requiring is
"type". For clarification, Verisign recommends replacing <contact:postalInfo>
with <contact:postalInfo type> in Section 2.4.
Section 2.8 requires registries to implement the Consistent Labeling and
Display Policy ("CL&D") by 1 August 2017. This would appear to make Section
2.9 redundant, as Section 2.9 requires registries to implement CL&D for "other
than Existing Doman Names" starting 1 May 2018. Similarly Section 2.10 appears
to create an "optional" period between 1 August 2017 and 1 February 2019 for
certain RDDS Output fields for "Existing Domain Names", but does not address
full CL&D implementation following 1 February 2019. Accordingly, Verisign
recommends that ICANN staff and the IRT revisit sections 2.8, 2.9 and 2.10 to
ensure the CL&D implementation requirements contained within the Thick Whois
Transition Policy are consistent and clear.
We thank ICANN staff and the IRT for their consideration of these
recommendations.
Marc Anderson
Verisign
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|