RE: [gnso-ff-pdp-may08] Rasmussen/Piscitello action 4.a

["Mike Rodenbaugh" <icann@xxxxxxxxxxxxxx>]

I am fine with this proposed answer, except that this clause should be
deleted from the first sentence:  "nor regulator of assigned names and
numbers".  Of course, ICANN is a regulator of assigned names and numbers, it
has no other purpose. 


Mike Rodenbaugh
Rodenbaugh Law
548 Market Street
San Francisco, CA  94104
+1.415.738.8087
www.rodenbaugh.com


-----Original Message-----
From: owner-gnso-ff-pdp-may08@xxxxxxxxx
[mailto:owner-gnso-ff-pdp-may08@xxxxxxxxx] On Behalf Of Dave Piscitello
Sent: Wednesday, May 06, 2009 5:15 AM
To: Fast Flux Workgroup
Subject: [gnso-ff-pdp-may08] Rasmussen/Piscitello action 4.a


I'm posting this on behalf of Rod and myself. I had the "final pen" because
I'm on the East Coast and have a morning window to edit.

(4.a) There need to be strict laws in place to allow registrars and hosting
companies to terminate fast flux hosting

Proposed answer: ICANN is not a legislator nor regulator of assigned names
and numbers. Any legislation that might be created would fall outside the
scope of ICANN. The challenge in defining and adopting either law or policy
to terminate fast flux hosting was a major theme of the interim report:
briefly stated, attackers use many of the same volatile networking
techniques used in legitimate, production applications. This makes
distinguishing them in a sufficiently clear manner for a legal or policy
definition very hard. Moreover, attackers constantly alter their "flux"
techniques - sometimes it's fast, sometimes it's slow - and a law or policy
might actually have the opposite effect from the desired effect: it could
define a space within which attackers and other "entrepreneurs" could
operate their networks with impunity. An alternative is to define and adopt
a best practice or policy that gives registrars the ability to perform
accelerated takedown. (Suggestion: Cite current APWG and GNSO activities).

The comment does introduce the idea of "allowing" registrars and hosting
companies to take specific actions regarding domain names and activities.
To our knowledge, there are no restrictions placed on registrars by ICANN or
contracted gTLD registries that would prevent them from taking action
against any particular domain name they believe is being used maliciously.
There has been a certain amount of confusion on this issue in the past, and
certainly individual country's laws may or may not apply, but in general,
there are few if any outright prohibitions from taking action.  What the
commenter here may be referring to though are "safe harbor" laws where
actions taken by a provider are protected from liability claims under
certain circumstances.  Again, that is out of the scope of ICANN, but is an
interesting concept that has recent precedence in the domain name world in
the U.S. with the recent enactment of the "Ryan Haight Online Pharmacy
Consumer Protection Act".  This law gives particular safe harbor protections
to domain registrars, and even requires action in some cases when a domain
name is being used to sell prescription drugs to US citiziens by a non-FDA
approved pharmacy or on-line stores.  Since many so called "fake pharma"
websites use malicious fast flux configurations, it would seem that in at
least some applications, there already is such a law in place.