Re: From Christian -- Re: [gnso-ff-pdp-may08] Meta: Strawman - Process vs. Policy

[Marc Perkel <marc@xxxxxxxxxx>]

Wendy Seltzer wrote:
> Mike Rodenbaugh wrote:
>   
> > For the record, talk of "due process" is a US Constitutional notion that is
> > entirely misplaced when we are talking about private parties contracting
> > with one another, whether in the US or elsewhere. 
> >     
> I disagree.  We may not be talking about Due Process with caps, but I
> think we should clearly be asking what procedural safeguards are due any
> time we take action that might reduce some parties' rights.  In this
> case, we're talking about actions that might deprive domain registrants
> of the ability to use the names they've registered. That shouldn't be
> done without giving them notice and opportunity to respond, or recourse
> if they're wrongly terminated.
>   
I think a speedy process for registrants to protest and get their 
domains reinstated after they are taken down would be in their due 
process rights. But as to doing that before they are taken down - I have 
to disagree. If we had to wait for a registrant to be notified first 
while that are in the process of ripping off thousands of people then 
that would be unreasonable. I think the victims of these criminal have 
rights too and when choosing between who's rights to favor I would side 
with the victims.
If an innocent domain is taken down however then they should have the 
right to be able to petition to have their domain reinstated. Generally 
most people in business, upon seeing that they had made an honest 
mistake, would not only correct the mistake but also correct the process 
that led to the mistake. So I'm on the side of registrars to take action 
to stop domains who they reasonably believe are engaging in fraudulent 
activity.
> I'm not saying, of course, that fraudulent purchasers have rights to
> domain names, but that lawful purchasers should have the opportunity to
> respond when they're accused of fraudulent or criminal activity.
> Otherwise, malicious or mistaken reports can deprive legitimate
> registrants of their contractual expectations.
>   
Do you let the fraud continue while waiting for the domain owner to respond?

On a separate note. If a domain is in the "tasting" period where they 
haven't even paid for the domain yet - would they also have rights? I 
would think that someone with a domain that isn't even 5 days old would 
have limited rights as compared to one that is an established domain.
>  ICANN exists to manage
>   
> > the DNS, that necessarily must include policy to mitigate criminal use of
> > the DNS, in order to avoid both harm to end users and potential liability to
> > contracting parties.
> >     
> While private parties in contractual relationships must ensure that they
> are not engaging in or actively soliciting criminal activity, they are
> under no obligation -- and I would say should be under no obligation --
> to monitor the activities of others.  I do not believe that ICANN's
> mandate or mission includes becoming a branch of the law enforcements of
> the multitude of jurisdictions into which the Internet's DNS resolution
> extends.
>
>
>   
While I agree that ICANN needs to avoid becoming law enforcement there 
is also a duty of a business to take reasonable steps to ensure that 
their product isn't abuse in a criminal way or causes a public hazard. 
For example, a bar has some duty to ensure that it doesn't create a 
crime problem in the neighborhood by turning a blind eye to criminal 
activity that they know is happening and choose to do nothing about. 
Sometime you have to take the knife our of the criminals hands before 
you give them the chance to argue they have a right to use the knife. 
Especially if the knife has blood on it.
Similarly - I'm paid to block spam and fraud. So if I see someone 
impersonating a bank I block the email. I don't continue to allow it 
while I write the domain owner to give them due process as to why I 
shouldn't allow them to try to defraud my customers.
I believe registrars are business people of good will and that no 
registrar want to shut down legitimate web sites. But when they see 
fraud happening then it is reasonable for them to choose to stop it. 
After the site is stopped then the registrant should have a quick 
procedure to point out mistakes and I would thing the registrar would 
quickly fix the mistake or face liability if they were negligent.