RE: [gnso-igo-ingo] Thoughts on fact-based policy development

["Shatan, Gregory S." <GShatan@xxxxxxxxxxxxx>]

I don't think the issue of "exceptions" is a huge challenge.  In part this 
depends on what protection is adopted (if any) and how it is managed.  A 
reserved names/"block" approach is only one alternative.
In the DT that preceded this WG, we worked out a mechanism that dealt with 
"exceptions".

I also think we should distinguish between (a) the "exceptions" that would 
grant an organization the ability to register its own name (e.g., 
redcross.charity) and (b) the situations where a non-NGO/IGO wants to register 
and the NGO/IGO that might have a claim doesn't, and (c) situations where both 
a non-NGO/IGO and an NGO/IGO want the same domain name and both have a 
legitimate claim (The Who vs. WHO?).  The first at least, doesn't seem terribly 
complex.

Greg



-----Original Message-----
From: owner-gnso-igo-ingo@xxxxxxxxx [mailto:owner-gnso-igo-ingo@xxxxxxxxx] On 
Behalf Of Alan Greenberg
Sent: Wednesday, January 23, 2013 10:46 AM
To: Christopher Lamb; GNSO IGO INGO
Subject: Re: [gnso-igo-ingo] Thoughts on fact-based policy development


Thanks Chris.

A couple of thoughts after reading your note.

- There are certainly many potential abuses to try to attract disaster-related 
money that are completely beyond out control. Even if we came up with a way to 
prevent Redcross-tsunami.tld, we certainly cannot stop Haiti-earthquake.tld 
which might use you symbols and name in e-mail and web sites. And that is part 
of what I am trying to understand in my suggestion. To what extent is exact 
match prevention likely to SIGNIFICANTLY help you.

- Regarding domains registered under ccTLDs, we need to recognize that many of 
those are not defensive registrations but real working domains for the 
country/regional organizations, as is the case with the ca, eu and ch examples.

- Exceptions are going to be a challenge. If a .charity comies into being with 
good controls over who can register, do you really want to be prevented from 
registering redcross.charity?

Lastly, and not related to the work of this WG, if you know the story behind 
redcross.us, I would really like to understand it (presuming it is legitimate, 
which it seems to be). Is it just a cute play on the English word US?

Alan

At 23/01/2013 06:52 AM, Christopher Lamb wrote:
>Dear Alan,
>
>Thanks for this.  I'd just add that there are a very large number of
>domains which use redcross or redcrescent in association with a country
>code.  You mention redcross.ca and I won't list all the others of which
>I'm aware unless you wish me to do so, but Switzerland is an example
>worth noting - the main website is redcross.ch but croixrouge.ch,
>crocerossa.ch and roteskreuz.ch all lead to it.  The website
>redcrescent.org was owned by someone in the US a couple of years ago
>and dormant, but now appears to hold a lot of information related to
>disasters - but it doesn't appear to be owned by any organisation in
>the Red Cross Red Crescent Movement.  Another which worries me is
>http://www.croix-rougecamerounaise.org/, an example of what should not
>be possible and which is probably entirely beyond the control resources
>of the Cameroon Red Cross Society.
>
>There are many examples of people trying to make money out of the
>redcross brand in domain sales.  Have a look at laoredcross.org, which
>has nothing to do with the Red Cross Society of Laos.  Redcross.me is
>for sale.  Quite a lot of country code domains are a source of concern,
>and although they're not part of the current study they offer examples
>of the way fraudsters and money-makers work.  The RCRC Movement spends
>a lot of time and resources getting the relevant authorities to remove
>these sites, usually successfully, but it is very resource-intensive
>and a special problem when domains appear from nowhere after virtually
>every newsworthy disaster with worldwide coverage.  As you would
>expect, these people expect to make all their money in the first 48
>hours while media coverage of the suffering is at its most intense, and
>lengthy procedures are completely ineffective - in all cases which I've
>tracked the looters disappear with their money long before any
>procedure could get started.
>
>There are also cases of abuse with the intention of denigrating the
>National Society concerned.  One, a few years ago, concerned the abuse
>of the name of the Hungarian Red Cross in the US.  There have been
>others aimed at National Societies which chose to use acronyms or
>initials for their domain name and exposed themselves to danger - one
>was the Palestine Red Crescent Society whose domain palestinercs.org
>was mirrored and then abused in palestinercs.net.  This isn't a subject
>covered by our current work, and it's my hope that when we resolve the
>future TLD system the RCRC Movement should ask National Societies to
>regularise their naming protocols in accordance with that system.
>
>I did a survey of the misuse or abuse of the names of National RCRC
>Societies in February 2011 and without difficulty found and reported
>19 egregious cases.  Following that most were able to be removed, but
>some, like the Lao and Cameroon cases, are still there.  Time
>permitting, I would look into this again if it were necessary, but the
>hard fact is that the redcross and redcrescent names are abused as a
>matter of course after significant newsworthy natural disasters or
>conflicts.  A spectacular one in 2005 enticed the unsuspecting public
>to donate to a bogus thing called the Santa Maria Red Cross Tsunami
>Survivors Fund.  You won't find it any more, but what we did to put it
>down is a great story worthy of a movie script. Not what we should be
>aiming for through this process, of course.
>
>I recognise that this will look like an anecdotal commentary, but it's
>also reality.
>
>Best wishes
>
>Chris
>
>
>
>-----Original Message----- From: Alan Greenberg
>Sent: Wednesday, January 23, 2013 4:44 PM
>To: GNSO IGO INGO
>Subject: [gnso-igo-ingo] Thoughts on fact-based policy development
>
>Both I and the ALAC in its recent statement have stated that if we are
>going to take the large and unusual step and provide special protection
>to IGO/INGO names, we should do so understanding what
>problem(s) we are trying to solve and have a high level of comfort that
>the proposed solution actually will address these problems.
>
>To take a large number of character strings out of circulation, or at
>least put in place significant (no doubt both costly and
>time-consuming) hurdles to using these strings without a substantive
>benefit is counter to the culture that has allowed the Internet to
>thrive. Moreover, it sets the stage for even more similar requests in
>the future, both on the basis of TMs and "public money".
>
>To date, we have seen virtually no data related to IGOs and little
>related to INGOs on the problems they currently suffer that would be
>relieved with the reservation or blocking of their requested
>exact-match names and acronyms.
>
>To try to get a feel for whether this is just an obstreperous objection
>or really has merit, I undertook a small and not necessarily
>representative study of the names of a number of organizations.
>Specifically NATO, ITU, UPU, CERN, WHO, ILO, UNICEF and RedCross. All
>except the last two were signatories of the letter requesting
>protection for IGO names (recently resent to this group along with the
>UPU statement appended to the RySG input, but which also can be found
>at
>http://www.icann.org/en/news/correspondence/igo-counsels-to-beckstrom-et-al-13dec11-en.pdf).
>
>I checked to see whether their names were registered in a number of
>TLDs, specifically int, com, net, org, info, biz, us, ca and eu, who
>they were registered to, and what use was being made of the domain name
>(from a web point of view). The results are attached.
>
>- Lines highlighted in Dark blue are used by the organization in
>question (or an affiliate). Light blue are sort of used by them, but is
>not actually an active web site, or is used in a rather curious way, or
>is seemingly owned by a private individual who redirects the site as a
>matter of courtesy.
>
>- Lines highlighted in dark green seem to be legitimate uses of the
>name but not by the organization in question. There is a pale green
>entry that would be reasonable except it is largely a monetization site.
>
>There are large number of monetized pages, and a fair number of uses of
>names for which I can see no rationale at all. In no cases has any of
>the organizations in question taken control of all of the names.
>
>For the first few, I also did a reviews search on the e-mail admin
>contact address listed in the Whois, as some measure of how many other
>domain names are managed by that organization. The short answer is "not
>many" for those that I looked at. I stopped when my free access to the
>reviews whois engine was cut off.
>
>This was an interesting exercise, but as stated earlier, there is no
>pretense of this being a definitive analysis. But it does bring into
>question just how important the requested reservations are, what uses
>would such reservations rule out if implemented as complete blocking,
>and what harms will be prevented by their implementation.
>
>I strongly suggest that at the least, we request specific information
>from the organizations that have explicitly requested protection (at
>the very least RCRC, IOC, and the organizations identified in the
>13Dec11 letter). This should include:
>
>- A list of TLDs in which they have registered their requested names,
>or otherwise taken action to prevent them being registered by others.
>- Identification of any disputes over identical names, names that would
>have been disallowed if the requested policy had been in place for all
>gTLDs, and the outcomes of these disputes.
>- Identification/elaboration of the harms caused by the above cases.
>- An estimate of the magnitude of these cases compared to other domain
>name conflicts which will not be prevented by the requested gTLD
>protections.
>
>Lastly, I would suggest that we ask whether they would:
>- Expect exceptions to the reservation of their names to allow their
>own registration of the names
>- How they contemplate allowing exceptions for the legitimate use by
>others of the names.
>
>Alan



                                                                * * *

This E-mail, along with any attachments, is considered
confidential and may well be legally privileged. If you have received it in
error, you are on notice of its status. Please notify us immediately by reply
e-mail and then delete this message from your system. Please do not copy it or
use it for any purposes, or disclose its contents to any other
person. Thank you for your cooperation.

                                                                * * *

To ensure compliance with Treasury Department regulations, we
inform you that, unless otherwise indicated in writing, any U.S. Federal tax
advice contained in this communication  (including any attachments) is not
intended or written to be used, and cannot be used, for the purpose of (1)
avoiding penalties under the Internal Revenue Code or applicable state
and local provisions or (2) promoting, marketing or recommending to another
party any tax-related matters addressed herein.
                                                                        
Disclaimer Version RS.US.20.10.00