RE: [gnso-ff-pdp-may08] Rasmussen/Piscitello action 4.a

["Mike Rodenbaugh" <icann@xxxxxxxxxxxxxx>]

Yes, that would make me more comfortable.  ICANN ought to be more of a 
regulator than it is, but it clearly 'is' a regulator, i.e. "one who regulates" 
-- verb (used with object), -lat⋅ed, -lat⋅ing.
1.      to control or direct by a rule, principle, method, etc.: to regulate 
household expenses.
2.      to adjust to some standard or requirement, as amount, degree, etc.: to 
regulate the temperature.
3.      to adjust so as to ensure accuracy of operation: to regulate a watch.
4.      to put in good order: to regulate the digestion.


Mike Rodenbaugh
Rodenbaugh Law
548 Market Street
San Francisco, CA  94104
+1.415.738.8087
www.rodenbaugh.com


-----Original Message-----
From: owner-gnso-ff-pdp-may08@xxxxxxxxx 
[mailto:owner-gnso-ff-pdp-may08@xxxxxxxxx] On Behalf Of Dave Piscitello
Sent: Wednesday, May 06, 2009 12:02 PM
To: icann@xxxxxxxxxxxxxx; Fast Flux Workgroup
Subject: Re: [gnso-ff-pdp-may08] Rasmussen/Piscitello action 4.a


Mike, I think ICANN might be perceived to be an administrator or coordinator 
(see the ICANN.org "about" and "mission" pages), but not a regulator. If we use 
the word "regulator", we suggest that ICANN like the FCC.

Would you be more comfortable with " ICANN's mission is to coordinate the 
global Internet's systems of names and numbers. In particular, ICANN  is not a 
legislative organization."?

> and numbers.


On 5/6/09 12:46 PM  May 6, 2009, "Mike Rodenbaugh" <icann@xxxxxxxxxxxxxx>
wrote:

> I am fine with this proposed answer, except that this clause should be 
> deleted from the first sentence:  "nor regulator of assigned names and 
> numbers".  Of course, ICANN is a regulator of assigned names and 
> numbers, it has no other purpose.
> 
> 
> Mike Rodenbaugh
> Rodenbaugh Law
> 548 Market Street
> San Francisco, CA  94104
> +1.415.738.8087
> www.rodenbaugh.com
> 
> 
> -----Original Message-----
> From: owner-gnso-ff-pdp-may08@xxxxxxxxx 
> [mailto:owner-gnso-ff-pdp-may08@xxxxxxxxx] On Behalf Of Dave 
> Piscitello
> Sent: Wednesday, May 06, 2009 5:15 AM
> To: Fast Flux Workgroup
> Subject: [gnso-ff-pdp-may08] Rasmussen/Piscitello action 4.a
> 
> 
> I'm posting this on behalf of Rod and myself. I had the "final pen" 
> because I'm on the East Coast and have a morning window to edit.
> 
> (4.a) There need to be strict laws in place to allow registrars and 
> hosting companies to terminate fast flux hosting
> 
> Proposed answer: ICANN is not a legislator nor regulator of assigned 
> names and numbers. Any legislation that might be created would fall 
> outside the scope of ICANN. The challenge in defining and adopting 
> either law or policy to terminate fast flux hosting was a major theme of the 
> interim report:
> briefly stated, attackers use many of the same volatile networking 
> techniques used in legitimate, production applications. This makes 
> distinguishing them in a sufficiently clear manner for a legal or 
> policy definition very hard. Moreover, attackers constantly alter their "flux"
> techniques - sometimes it's fast, sometimes it's slow - and a law or 
> policy might actually have the opposite effect from the desired 
> effect: it could define a space within which attackers and other 
> "entrepreneurs" could operate their networks with impunity. An 
> alternative is to define and adopt a best practice or policy that 
> gives registrars the ability to perform accelerated takedown. (Suggestion: 
> Cite current APWG and GNSO activities).
> 
> The comment does introduce the idea of "allowing" registrars and 
> hosting companies to take specific actions regarding domain names and 
> activities.
> To our knowledge, there are no restrictions placed on registrars by 
> ICANN or contracted gTLD registries that would prevent them from 
> taking action against any particular domain name they believe is being used 
> maliciously.
> There has been a certain amount of confusion on this issue in the 
> past, and certainly individual country's laws may or may not apply, 
> but in general, there are few if any outright prohibitions from taking 
> action.  What the commenter here may be referring to though are "safe 
> harbor" laws where actions taken by a provider are protected from 
> liability claims under certain circumstances.  Again, that is out of 
> the scope of ICANN, but is an interesting concept that has recent 
> precedence in the domain name world in the U.S. with the recent 
> enactment of the "Ryan Haight Online Pharmacy Consumer Protection 
> Act".  This law gives particular safe harbor protections to domain 
> registrars, and even requires action in some cases when a domain name 
> is being used to sell prescription drugs to US citiziens by a non-FDA 
> approved pharmacy or on-line stores.  Since many so called "fake pharma"
> websites use malicious fast flux configurations, it would seem that in 
> at least some applications, there already is such a law in place.
> 
> 
>