Re: [gnso-rap-dt] next RAPWG meeting: April 12

[Rod Rasmussen <rod.rasmussen@xxxxxxxxxxxxxxxxxxxx>]

Hello fellow team members.

I too will likely not be on the call, as I'm traveling to Hong Kong this week.  
However, I wanted to chime in on Berry's e-mail here - good stuff Berry!  
Comments in-line below.

Cheers!

Rod

Rod Rasmussen
President and CTO
Internet Identity

On Apr 11, 2010, at 9:35 AM, berrycobb@xxxxxxxxxxxxxxxxxxx wrote:

> 
> 
> RAP Team,
> 
> Welcome back!
> 
> For tomorrow’s session, I will be mobile and not likely to participate, but 
> only listen on the call.  I suspect my mobility may be a disruption.  I want 
> to ensure that we discuss the following topics if not in this meeting, at 
> least the next one, as we will probably first review the public comments.
> 
> 1.    Fake Renewal Notices / Slamming – prior to Nairobi, I was reminded of a 
> new potential abuse that I think is worthy of our discussion before we go to 
> print with our final draft.  At the time, I was categorizing this as 
> “Slamming.”  In review of our initial report, slamming is listed within the 
> Fake Renewal Notice section.  After review, perhaps we will require a new 
> category of abuse.  In brief and Chris & Mikey can help to expand on this, is 
> a notice sent by a reseller/registrar/or posers stating that they received a 
> request to register a domain in usually .CN that may interfere with a 
> registered name in a more common TLD like .com, .net, .org.  They basically 
> state that their client intends to register these domains but they have a 
> temporary hold to verify with the registrant that this will not infringe on 
> trademark, etc…  The intent here is to trick the registrant to register the 
> like domains in the other TLDs before the supposed client does.  Just in the 
> last few months, I personally have seen a spike among my portfolio as well as 
> friends of mine asking me what to do about this.  Lastly, I think I may have 
> evidence that through this chain that it actually may lead back to an 
> accredited registrar.  I feel we have a responsibility to review this abuse 
> and include in the our report.  I await the discussion.
> 

We've seen this same scam being run for many years now.  "Back in the day", I 
believe it included gTLD registrations - at least when those first few TLDs 
rolled out.  We'll undoubtedly see them in the new gTLD space when those start 
to come out, but for now, they seem to all be concentrated in specific Asian 
countries.  Hmm, maybe .asia has seen some of these as well - would be worth 
asking.  Anyway, we invariably find that the domains in question are NOT 
registered to anyone, and if you ignore the come-on, they'll go away and those 
domains are never registered by anyone.  Anecdotally, I've heard that you do 
get the domains they are reporting to you if you order through them, just at 
vastly inflated prices.  In my opinion this is more of a shady advertising 
practice, but not really criminally fraudulent.  Very annoying, and adds to the 
general "seedy" impression many have of the domain registration industry in 
general.  I don't know that we can really declare this a registration "abuse" 
per se, but it would certainly be worth documenting for future reference, and 
of course, education of the unsuspecting public.  I get a frantic call about 
twice a month from a friend or client wanting us to "investigate" these or "get 
those names back" or the like, so a reference we could point people to on this 
practice would be nice.

> 2.    Reverse Domain Name Hijacking & UDRP – Joe Alonya in Nairobi mentioned 
> this issue, and I feel it will be important for us to review this issue in 
> promoting public feedback.  I personally have not experienced any of this, 
> but only have read a few cases.
>     a.        How will any rules from a resulting PDP affect new gTLDs?
> 

I think this is an important area to have definition formally in-place around.  
This term gets thrown around alot by both legitimate victims of corporate 
heavy-handedness, and in my opinion, just plain old cybersquatters trying to 
get the harsh spotlight away from their activities - "we're just innocent 
entrepreneurs and the big nasty corporations are trying to put us out of 
business."  However, this is all part of the current UDRP process, and it is my 
understanding that there are consequences now that brand holders often face in 
pursuing such tactics.  Again, ICANN sponsored resources clearly explaining the 
issue, what's involved, criteria for bad-faith UDRP claims and the like would 
be useful, especially in educating some brand holders who may just not 
understand the process/intent fully.  Such resources may well already exist - 
this is not my daily bailiwick.

> 3.    Chuck Gomes Comments on RAP – listen to replay 51:00 minutes.  I feel 
> we should review Chuck’s comments and address accordingly.  I am especially 
> interested in the discussion around Best Practices.
>     a.        Whois study
>     b.        Uniformity of Contracts
>     c.        Uniformity of Reporting
>     d.        Best Practices
> 
> 4.    Registration Abuse vs. Use Abuse – It is my desire that we discuss this 
> once more and provide clarity around this topic.  Nairobi was the first I 
> heard of the “picket fence” and since then I have heard it hundreds of times. 
>  Instead of “picket fence”, I see this as more a very muddy & deep moat that 
> is very ill defined around the purview of Icann.  Scope of our WG is one 
> thing vs. the scope of ICANN.  Either way, this issue was mentioned 
> extensively in the public comments and has direct bearing on many of our 
> recommendations.
> 

The opinions of the ICANN "community" are highly varied and in many cases very 
strong in different directions on this topic.  I would say there are divisions 
within all the various ICANN subgroups on how active ICANN can be in various 
"use abuse" areas, and this is not going to change any time soon.  Stereotyping 
vastly, my observation is that "contracted parties" are largely for keeping 
ICANN out of the "use" arena, and everyone else varies greatly depending on the 
affect abuse has on them directly.  As much as people will want this to get 
resolved, I don't think we'll ever be able to settle this debate permanently.  
My concern on this is that if the vacuum of dealing with "use abuse" isn't 
addressed adequately by ICANN and its contracted parties (and it is NOT today), 
then the choice will likely be taken away and terms will be dictated.  We're 
seeing those kind of sentiments affecting some of the largest ccTLDs (UK, CN) 
already, and the US government is looking at overall cybersecurity - especially 
infrastructure exposures - like they never have before.  I think that the "best 
practices" proposals are helpful here.  I also think this group could make a 
strong statement that ICANN needs to look at the use abuse issues directly and 
make some calls one way or the other.  That would be a different task than that 
put before the RAP group, but given that we have dealt with almost all of these 
in some form or other over the past year, we certainly have the standing to 
make that recommendation.

> I think that is all for now.....Is it enough?
> 
> Thanks all, and I look forward to us meeting again.
> 
> 
> Berry Cobb
> Infinity Portals LLC
> berrycobb@xxxxxxxxxxxxxxxxxxx
> http://www.infinityportals.com
> 866.921.8891
>