[gnso-dow123] [Fwd: FYI: Compliance update from Mike Zupke]

["GNSO.SECRETARIAT@xxxxxxxxxxxxxx" <gnso.secretariat@xxxxxxxxxxxxxx>]

Just noticed this was not sent to the task force.
Glen

Sujet:  FYI: Compliance update from Mike Zupke
Date:   Mon, 30 Oct 2006 13:53:07 +0100
De:     Maria Farrell <maria.farrell@xxxxxxxxx>
Pour:   'GNSO.SECRETARIAT@xxxxxxxxxxxxxx'


Dear all,

Ahead of Mike Zupke's participation in today's Whois task force call, I
am re-sending you the information on ICANN's website regarding the
compliance programme.

The main source of information on compliance is here;
http://www.icann.org/compliance/

Mike will be giving an update on registrar compliance. The most recent
(6th October 2006) report on that topic is copied below for your
information.

all the best, Maria


Registrar Compliance Update

ICANN's Compliance Department continues to monitor registrar compliance
with the Registrar Accreditation Agreement (RAA
<http://icann.org/registrars/ra-agreement-17may01.htm>) through the
accreditation renewal process and through handling of complaints filed
by internet users. As compliance resources are augmented, ICANN plans to
implement a registrar audit program, similar to the registry audit
program already in place.

Since the beginning of 2006, twenty registrars' accreditation agreements
expired. Of these registrars, eighteen applied for renewal. As a part of
the process, renewal applicants were required to undergo a compliance
review related to specific provisions of the RAA (including applicable
consensus policies <http://icann.org/general/consensus-policies.htm>).
Sixteen registrar-applicants successfully completed the compliance
review and one registrar was denied a renewal accreditation agreement.
One registrar received an extension of its RAA to complete the
compliance review.

Through the renewal process, ICANN required renewal applicants to
provide extensive information about their operations and compliance with
contractual requirements. From the applications submitted, staff
identified ten general areas requiring further review: Uniform Domain
Name Dispute Resolution Policy <http://icann.org/udrp/#udrp>, Expired
Domain Deletion Policy <http://icann.org/registrars/eddp.htm>, Whois
data accuracy
<http://icann.org/registrars/ra-agreement-17may01.htm#3.7.8>, venue
provisions
<http://icann.org/registrars/ra-agreement-17may01.htm#3.7.7.10>,
Inter-Registrar Transfer Policy <http://icann.org/transfers/>, Restored
Names Accuracy Policy <http://icann.org/registrars/rnap.htm>, Whois Data
Reminder Policy <http://icann.org/registrars/wdrp.htm>, Whois
accessibility
<http://icann.org/registrars/ra-agreement-17may01.htm#3.3>, record
retention <http://icann.org/registrars/ra-agreement-17may01.htm#3.4.2>,
and reseller registration agreements. Most issues identified were
addressed through a clarification by the registrar of its policies or
practices. In eighteen instances, registrars were required to alter
their policies, procedures, or business practices.

The following is an overview showing the various types of issues ICANN
encountered during the compliance review associated with accreditation
renewals between January and September 2006:

    * Seven registrars updated their contact information; five
      registrars notified ICANN of changes to their business name or
      corporate structure.
    * Six registrars modified their terms and conditions for query-based
      public access to registration data through Whois to include the
      required provision from RAA Section 3.3.5
      <http://icann.org/registrars/ra-agreement-17may01.htm#3.3.5>.
      ("Registrar shall permit use of data it provides in response to
      queries for any lawful purposes except to: (a) allow, enable, or
      otherwise support the transmission by e-mail, telephone, or
      facsimile of mass, unsolicited, commercial advertising or
      solicitations to entities other than the data recipient's own
      existing customers; or (b) enable high volume, automated,
      electronic processes that send queries or data to the systems of
      any Registry Operator or ICANN-Accredited registrar, except as
      reasonably necessary to register domain names or modify existing
      registrations.")
    * Five registrars modified or clarified their practices related to
      investigation and correction of Whois data inaccuracies pursuant
      to RAA Section 3.7.8
      <http://icann.org/registrars/ra-agreement-17may01.htm#3.7.8>.
      ("Registrar shall, upon notification by any person of an
      inaccuracy in the contact information associated with a Registered
      Name sponsored by Registrar, take reasonable steps to investigate
      that claimed inaccuracy. In the event Registrar learns of
      inaccurate contact information associated with a Registered Name
      it sponsors, it shall take reasonable steps to correct that
      inaccuracy.")
    * Five registrars clarified or modified their data retention
      policies to comply with RAA Section 3.4.2
      <http://icann.org/registrars/ra-agreement-17may01.htm#3.4.2>,
      which requires data to be kept for at least three years beyond the
      term of the RAA.
    * Three registrars modified their registration agreement or
      communication practices to come into compliance with the Expired
      Domain Deletion Policy <http://icann.org/registrars/eddp.htm> by
      providing additional notice to registrants of the registrars'
      domain deletion and auto-renewal policies.
    * Three registrars modified their registration agreements to include
      the required jurisdiction language of RAA Section 3.7.7.10
      <http://icann.org/registrars/ra-agreement-17may01.htm#3.7.7.10>.
      ("For the adjudication of disputes concerning or arising from use
      of the Registered Name, the Registered Name Holder shall submit,
      without prejudice to other potentially applicable jurisdictions,
      to the jurisdiction of the courts (1) of the Registered Name
      Holder's domicile and (2) where Registrar is located.")
    * Two registrars added the provision to their registration
      agreements requiring the registrant to agree that "its
      registration of the Registered Name shall be subject to
      suspension, cancellation, or transfer pursuant to any ICANN
      adopted specification or policy . . ." pursuant to RAA Section
      3.7.7.11
      <http://icann.org/registrars/ra-agreement-17may01.htm#3.7.7.11>.
    * Eleven registrars modified or clarified their procedures for
      implementing Uniform Domain Name Dispute Resolution Policy (UDRP
      <http://icann.org/udrp/#udrp>) decisions and ensuring that
      registrants agree to the terms of the UDRP.
    * One registrar modified its Form of Authorization
      <http://icann.org/transfers/foa-auth-12jul04.htm> used to obtain
      authorization for transfer requests, to comply with the
      Inter-Registrar Transfer Policy <http://icann.org/transfers/>'s
      requirements.
    * Two registrars modified or clarified their practices for
      compliance with the Restored Names Accuracy Policy
      <http://icann.org/registrars/rnap.htm>. ("When a registrar
      restores a name (from the redemption grace period) that had been
      deleted on the basis of submission of false contact data or
      non-response to registrar inquiries, the name must be placed on
      Registrar Hold status until the registrant has provided updated
      and accurate Whois information.")
    * One registrar came into compliance with the Whois Data Reminder
      Policy <http://icann.org/registrars/wdrp.htm> by modifying its
      procedures to distribute Whois data accuracy reminders to all gTLD
      registrants at least annually.
    * All of the renewing registrars provided proof of commercial
      general liability insurance with policy limits of at least
      $500,000 USD, as required by RAA Section 3.10
      <http://icann.org/registrars/ra-agreement-17may01.htm#3.10>.
    * A total of $56,860 was collected from four registrars who had
      overdue invoices for ICANN fees due under RAA Section 3.9
      <http://icann.org/registrars/ra-agreement-17may01.htm#3.9>.
      ("Registrar shall pay accreditation fees to ICANN . . .
      consist[ing] of yearly and variable fees.")

As noted, ICANN also reviews registrar compliance through the handling
of complaints brought to ICANN by internet users. In mid-August, ICANN
staff began tracking registrar handling of complaints alleging
non-compliance with ICANN policies or agreements. Between 7 August and
30 September 2006, thirty-three complaints were determined to involve
potential issues of registrar compliance. Of these, thirty-one are
considered closed and two are still pending. Of the closed complaints,
seven resulted in a change to the registrar's practices or policies,
eighteen were resolved without formal compliance action, three
complaints (which had been made by other registrars in relation to the
Inter-Registrar Transfer Policy) were referred to the Transfer Policy's
dispute mechanisms
<http://icann.org/transfers/dispute-policy-12jul04.htm>, and three were
resolved, pending continued oversight by ICANN for future compliance. On
average, compliance tickets were closed within four days of receipt of
the complaint.


--
Glen de Saint Géry
GNSO Secretariat - ICANN
gnso.secretariat[at]gnso.icann.org
http://gnso.icann.org