Re: [gnso-acc-sgb] Additional Proposal

[Jeff Williams <jwkckid1@xxxxxxxxxxxxx>]

Margie and all sgb members,

  Registrars may or may not have the information/data to always
identify the correct culprit, i.e. the RegistryFly debacle.  Ergo
relying on ICANN's "Accredited" registrars is a dubious
consideration.  And because of these significant inconsistencies,
a need for ensuring that "self certification" never ever is considered
reasonable or viable again.  "Self certification" is akin to self
regulation in the private sector, it rarely works and often creates
significant damage and severe harm to consumer and business
alike.

Margie Milam wrote:

> The value of these services is evident from the marketplace that has
> arisen to fill the need and the numerous financial institutions that
> have subscribed to these services.  Security Companies (both public and
> private) have devoted significant resources in monitoring, detecting and
> responding to phishing, and taking down fraudulent web-sites, and use
> WHOIS for this purpose.  Banks don't generally desire to spend the
> research and development resources necessary to keep up with the
> sophisticated phishers and often turn to security companies to assist
> them.
>
> Consumers benefit when a fraudulent site is taken down in hours instead
> of days because of services like these.
>
> Relying on IP addresses alone does not provide all of the information
> necessary to identify domain name phishes because if you shut down one
> IP address, they just set up additional ip addresses to host the
> fraudulent sites.   The only way to effectively shut down domain based
> phishes is to deal with it at the registrar level because the registrar
> has the information that can identify the culprit.
>
> Please note that the problem is not just phishing, although phishing is
> significant. The problem extends to all kinds of intellectual property
> abuse, including the sale of counterfeits, such as counterfeit drugs.
> Because law enforcement is ill-equiped and under-resourced, much of the
> work falls to the brand holders, many of whom use service providers, to
> protect their consumers from illegal online-activities.
>
> Margie
>
> -----Original Message-----
> From: Ross Rader [mailto:ross@xxxxxxxxxx]
> Sent: Tuesday, May 15, 2007 2:50 PM
> To: Margie Milam
> Cc: gnso-acc-sgb@xxxxxxxxx
> Subject: Re: [gnso-acc-sgb] Additional Proposal
>
> Margie Milam wrote:
> > We can certainly come up with parameters to identify who is a
> legitimate
> > service provider for the context of the access -- but the fact remains
> > that service providers provide an important function in the
> anti-fraud,
> > brand protection arena that merits discussion and access.  The bulk
> > access agreement can address abuse and termination rights by those
> that
> > don't comply with the terms of the agreement.
>
> Yet no one is able convincingly demonstrate the connection between the
> value of the services that these parties (and others) provide, and
> continued unfettered access to whois.
>
> It is a bit of a logical jump to state that successfully fighting the
> brand protection fight is predicated on unlimited access to my customer
> data when in fact, most forms of IP protection, network abuse, phishing
> investigation, etc. are all differing means to investigate the internet
> resources that an individual or individual is using. 100% of this use
> requires an IP address and some form of access to network resources (via
>
> an ISP, hosting company etc.). Having ready access to domain
> registration customer information isn't wholly useful - although it may
> be partially useful. If it is only partially useful, then perhaps its
> reasonable to expect that its only partially available?
>
> In the real world, the existence of private investigators doesn't
> warrant the publication of Just because we have private investigators
> doesn't warrant the publication of unlisted telephone numbers.
>
> -r

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402
E-Mail jwkckid1@xxxxxxxxxxxxx
 Registered Email addr with the USPS
Contact Number: 214-244-4827