Re: [gnso-raa-b] RAA: topics in category #6: proxy/privacy registration services

[Holly Raiche <h.raiche@xxxxxxxxxxxxxxxx>]

Hi Steven (and Everyone)

First, a recommendation that we start with ICANN's study on 'the  
prevalence of Domain Names Registered using a privacy or proxy server  
among the top 5 gTLDs'.  This document really just outlines the work  
they will do in future on the study, but sets out definitions we  
should use for this topic:
A privacy service provider offers the registrant an opportunity to  
register a domain name while concealing some personal identifying  
information listed in a WHOIS directory, such as his or her address,  
telephone number, or email address, by providing alternate contact  
information, often that of the privacy service provider.
A proxy service provider registers the domain name on the  
registrant’s behalf and then licenses the use of the domain name to  
the registrant. The contact information in a WHOIS directory for a  
domain name registered with a proxy service is that of the proxy  
service provider.

Next, the preliminary findings are that around 25% of domain names  
use a privacy or proxy service provider.
My other comments are interspersed:

Kind regards

Holly Raiche
Executive Director,
Internet Society of Australia (ISOC-AU)
ed@xxxxxxxxxxxxxx
Mob: 0412 688 544
Ph: (02) 9436 2149

The Internet is For Everyone

> RAA subteam B participants:
>
> As discussed on our most recent call, in order to move our work  
> forward, it was recommended that we launch discussion of some of  
> the remaining categories in the compiled list of RAA amendment  
> topics.  (I am using the revised chart, posted earlier today and  
> dated today, December 30.)
> According to my notes, we have discussed topics 1-4 in our previous  
> call. On topic 5 -- compliance -- I have, by a message posted  
> earlier today, asked staff to provide their views on our next call  
> on Tuesday, Jan. 5.  So this phase will begin with topic #6.
> Here are some views put forward to get the discussion started,  
> recognizing that our role at this stage is primarily to organize  
> and prioritize the topics proposed, rather than to delve too deeply  
> into the details of the proposals made.  (This does not preclude us  
> from deciding, if we can, that one or another topic is simply out  
> of scope or not appropriate for consideration with regard to RAA  
> amendments.)
> RE:  Topics in category #6
> This category includes many topics related to proxy/privacy  
> registration services.  I suggest that another item belongs here as  
> well:  item 8.4, re such services provided by resellers.
Do we want to distinguish between privacy and proxy services, as set  
out above? There may be a number of legitimate reasons why a  
registrant may not want personal details made public - which may not  
be the case with proxy services.  Or, alternatively, should we not  
distinguish between the two?
> A number of these items can be grouped in subcategories as follows:
> A.  Escrow and data collection/preservation: items 6.1 and 6.7.
>
> B.  Obligations/disclosures of registrars regarding services they  
> (or resellers) operate or make available in connection with  
> registration: items 6.2, 6.4, 6.8(B), 8.4.
I would support the mandatory escrow of registrant data, with  
discussion to follow on circumstances under which such data is  
revealed. 3.7.7.3  notes the discussion needed on what is meant by  
actionable harm and malicious conduct - so I agree this will take  
longer to deal with .  Note the amended RAA gives the option of  
registrar's simply displaying a notice to customers that their data  
is not being escrowed -which we are now considering changing before  
it is even fully implemented.
> C.  RELAY function of services:  item 6.3.
> D.  REVEAL function of services:  item 6.5, 6.6, 6.10.
> All these subcategories should be considered as relatively high- 
> priority items.
> Topics in the following subcategories will take longer to deal  
> with, either because of the volume involved, or because of they  
> represent more fundamental changes in the approach to these services:
> E.  Accreditation of services generally: 6.8 and 6.8(A).
> F.  Discourage or ban such services: 6.9.
Again, should this refer to both privacy and proxy services, or only  
privacy services
> G.  Allow such registrations only for non-commercial purposes:  6.11.
This would fit with the notion that privacy services to protect an  
individual's privacy are legitimate.  Are there legitimate reasons  
why a corporate entity may not want their details available?
> Please provide your reactions/comments on the list.
> Steve Metalitz