FW: [gnso-dow123] [Fwd: FYI: Compliance update from Mike Zupke]

["Maria Farrell" <maria.farrell@xxxxxxxxx>]

Sujet:  FYI: Compliance update from Mike Zupke
Date:   Mon, 30 Oct 2006 13:53:07 +0100
De:     Maria Farrell <maria.farrell@xxxxxxxxx>
Pour:   'GNSO.SECRETARIAT@xxxxxxxxxxxxxx'


Dear all,

Ahead of Mike Zupke's participation in today's Whois task force call, I am
re-sending you the information on ICANN's website regarding the compliance
programme.

The main source of information on compliance is here;
http://www.icann.org/compliance/

Mike will be giving an update on registrar compliance. The most recent (6th
October 2006) report on that topic is copied below for your information.

all the best, Maria


Registrar Compliance Update

ICANN's Compliance Department continues to monitor registrar compliance with
the Registrar Accreditation Agreement (RAA
<http://icann.org/registrars/ra-agreement-17may01.htm>) through the
accreditation renewal process and through handling of complaints filed by
internet users. As compliance resources are augmented, ICANN plans to
implement a registrar audit program, similar to the registry audit program
already in place.

Since the beginning of 2006, twenty registrars' accreditation agreements
expired. Of these registrars, eighteen applied for renewal. As a part of the
process, renewal applicants were required to undergo a compliance review
related to specific provisions of the RAA (including applicable consensus
policies <http://icann.org/general/consensus-policies.htm>).
Sixteen registrar-applicants successfully completed the compliance review
and one registrar was denied a renewal accreditation agreement.
One registrar received an extension of its RAA to complete the compliance
review.

Through the renewal process, ICANN required renewal applicants to provide
extensive information about their operations and compliance with contractual
requirements. From the applications submitted, staff identified ten general
areas requiring further review: Uniform Domain Name Dispute Resolution
Policy <http://icann.org/udrp/#udrp>, Expired Domain Deletion Policy
<http://icann.org/registrars/eddp.htm>, Whois data accuracy
<http://icann.org/registrars/ra-agreement-17may01.htm#3.7.8>, venue
provisions <http://icann.org/registrars/ra-agreement-17may01.htm#3.7.7.10>,
Inter-Registrar Transfer Policy <http://icann.org/transfers/>, Restored
Names Accuracy Policy <http://icann.org/registrars/rnap.htm>, Whois Data
Reminder Policy <http://icann.org/registrars/wdrp.htm>, Whois accessibility
<http://icann.org/registrars/ra-agreement-17may01.htm#3.3>, record retention
<http://icann.org/registrars/ra-agreement-17may01.htm#3.4.2>,
and reseller registration agreements. Most issues identified were addressed
through a clarification by the registrar of its policies or practices. In
eighteen instances, registrars were required to alter their policies,
procedures, or business practices.

The following is an overview showing the various types of issues ICANN
encountered during the compliance review associated with accreditation
renewals between January and September 2006:

     * Seven registrars updated their contact information; five
       registrars notified ICANN of changes to their business name or
       corporate structure.
     * Six registrars modified their terms and conditions for query-based
       public access to registration data through Whois to include the
       required provision from RAA Section 3.3.5
       <http://icann.org/registrars/ra-agreement-17may01.htm#3.3.5>.
       ("Registrar shall permit use of data it provides in response to
       queries for any lawful purposes except to: (a) allow, enable, or
       otherwise support the transmission by e-mail, telephone, or
       facsimile of mass, unsolicited, commercial advertising or
       solicitations to entities other than the data recipient's own
       existing customers; or (b) enable high volume, automated,
       electronic processes that send queries or data to the systems of
       any Registry Operator or ICANN-Accredited registrar, except as
       reasonably necessary to register domain names or modify existing
       registrations.")
     * Five registrars modified or clarified their practices related to
       investigation and correction of Whois data inaccuracies pursuant
       to RAA Section 3.7.8
       <http://icann.org/registrars/ra-agreement-17may01.htm#3.7.8>.
       ("Registrar shall, upon notification by any person of an
       inaccuracy in the contact information associated with a Registered
       Name sponsored by Registrar, take reasonable steps to investigate
       that claimed inaccuracy. In the event Registrar learns of
       inaccurate contact information associated with a Registered Name
       it sponsors, it shall take reasonable steps to correct that
       inaccuracy.")
     * Five registrars clarified or modified their data retention
       policies to comply with RAA Section 3.4.2
       <http://icann.org/registrars/ra-agreement-17may01.htm#3.4.2>,
       which requires data to be kept for at least three years beyond the
       term of the RAA.
     * Three registrars modified their registration agreement or
       communication practices to come into compliance with the Expired
       Domain Deletion Policy <http://icann.org/registrars/eddp.htm> by
       providing additional notice to registrants of the registrars'
       domain deletion and auto-renewal policies.
     * Three registrars modified their registration agreements to include
       the required jurisdiction language of RAA Section 3.7.7.10
       <http://icann.org/registrars/ra-agreement-17may01.htm#3.7.7.10>.
       ("For the adjudication of disputes concerning or arising from use
       of the Registered Name, the Registered Name Holder shall submit,
       without prejudice to other potentially applicable jurisdictions,
       to the jurisdiction of the courts (1) of the Registered Name
       Holder's domicile and (2) where Registrar is located.")
     * Two registrars added the provision to their registration
       agreements requiring the registrant to agree that "its
       registration of the Registered Name shall be subject to
       suspension, cancellation, or transfer pursuant to any ICANN
       adopted specification or policy . . ." pursuant to RAA Section
       3.7.7.11
       <http://icann.org/registrars/ra-agreement-17may01.htm#3.7.7.11>.
     * Eleven registrars modified or clarified their procedures for
       implementing Uniform Domain Name Dispute Resolution Policy (UDRP
       <http://icann.org/udrp/#udrp>) decisions and ensuring that
       registrants agree to the terms of the UDRP.
     * One registrar modified its Form of Authorization
       <http://icann.org/transfers/foa-auth-12jul04.htm> used to obtain
       authorization for transfer requests, to comply with the
       Inter-Registrar Transfer Policy <http://icann.org/transfers/>'s
       requirements.
     * Two registrars modified or clarified their practices for
       compliance with the Restored Names Accuracy Policy
       <http://icann.org/registrars/rnap.htm>. ("When a registrar
       restores a name (from the redemption grace period) that had been
       deleted on the basis of submission of false contact data or
       non-response to registrar inquiries, the name must be placed on
       Registrar Hold status until the registrant has provided updated
       and accurate Whois information.")
     * One registrar came into compliance with the Whois Data Reminder
       Policy <http://icann.org/registrars/wdrp.htm> by modifying its
       procedures to distribute Whois data accuracy reminders to all gTLD
       registrants at least annually.
     * All of the renewing registrars provided proof of commercial
       general liability insurance with policy limits of at least
       $500,000 USD, as required by RAA Section 3.10
       <http://icann.org/registrars/ra-agreement-17may01.htm#3.10>.
     * A total of $56,860 was collected from four registrars who had
       overdue invoices for ICANN fees due under RAA Section 3.9
       <http://icann.org/registrars/ra-agreement-17may01.htm#3.9>.
       ("Registrar shall pay accreditation fees to ICANN . . .
       consist[ing] of yearly and variable fees.")

As noted, ICANN also reviews registrar compliance through the handling of
complaints brought to ICANN by internet users. In mid-August, ICANN staff
began tracking registrar handling of complaints alleging non-compliance with
ICANN policies or agreements. Between 7 August and 30 September 2006,
thirty-three complaints were determined to involve potential issues of
registrar compliance. Of these, thirty-one are considered closed and two are
still pending. Of the closed complaints, seven resulted in a change to the
registrar's practices or policies, eighteen were resolved without formal
compliance action, three complaints (which had been made by other registrars
in relation to the Inter-Registrar Transfer Policy) were referred to the
Transfer Policy's dispute mechanisms
<http://icann.org/transfers/dispute-policy-12jul04.htm>, and three were
resolved, pending continued oversight by ICANN for future compliance. On
average, compliance tickets were closed within four days of receipt of the
complaint.


--
Glen de Saint Géry
GNSO Secretariat - ICANN
gnso.secretariat[at]gnso.icann.org
http://gnso.icann.org