RE: [gnso-res-sga] Whois working group -- subgroup A (reponsibilities)

["Metalitz, Steven" <met@xxxxxxx>]

Subgroup A participants, 
 
Since the last meeting we have received only the submissions from Hugh
and Steve D.  I suggest that we focus on those for our call today.  I
hope there will be more proposals for discussion on our next call. I
also call your attention to the "must/may" document tracking OPOC that
Paul Stahura posted to the main list the other day.  This is helpful for
orienting our discussion in the overall framework of the OPOC proposal.

 
Steve Metalitz
 
Hugh's submission:
http://forum.icann.org/lists/gnso-res-sga/msg00004.html
 
Steve's submission:  see below
 
Paul's submission:
http://forum.icann.org/lists/gnso-whois-wg/msg00198.html 

________________________________

From: owner-gnso-res-sga@xxxxxxxxx [mailto:owner-gnso-res-sga@xxxxxxxxx]
On Behalf Of Hugh Dierker
Sent: Tuesday, May 08, 2007 1:22 PM
To: gnso-res-sga@xxxxxxxxx
Subject: Re: [gnso-res-sga] Whois working group -- subgroup A
(reponsibilities)


Steve, 
 
I think we have a real sticky wicket holding the OPoC liable for content
on a website.
The insurance cost would be huge and it would require each OPoC to be a
publisher/editor
Liability issues on matters like libel prevent this from being cost
effective.
 
Eric

Steve DelBianco <sdelbianco@xxxxxxxxxxxxx> wrote:


        as discussed on our first call last week, here are my personal
suggestions for the OPoC responsibilities, arranged according to Steve
Metalitz' 4 questions. Looking forward to our discussion tomorrow.
        
        --Steve DelBianco
        
        
        1. WHO is the OPOC:  qualifications, identification to/
verification by registrar, need for consent before listing, etc:  
        
        OPoC must have the technical capability, or have immediate
access to someone who has the technical capability, to address technical
or operational issues regarding activity related to the Registrant's
domain.
        
        The OPoC must have the technical capability and permissions to
take down a registrant's site. 
        
        The OPoC should be a legal agent of the registrant, and must
acknowledge in advance that they could be liable for registrant's
illegal activities
        
        -----------------------------------------------------
        2. WHAT issues is the OPOC required to handle - or not: 
        
        OPoC must provide accurate and complete details for 24/7 contact
information.
        
        At time of registration or upon any change in OPoC designation,
the Registrar must validate the completeness and accuracy of contact
information provided. 
        
        At time of registration or upon any change in OPoC designation,
the Registrar should roll proxy contacts to the OPoC.
        
        OPoC must maintain accurate published data. 
        
        OPoC must not knowingly allow bad faith or illegal activity at
the domain.  
        
        OPoC must accept contacts of any nature, ranging from technical,

        administrative, IP conflict, legal notices, contact from law
enforcement, on behalf of the registered name holder. The OPoC must
receive and forward any communications to the registrant. 
        
        Upon communicating with the registrant, the OPoC must ensure
that the Registrant communicates a response or resolution of the
applicable issue.
        
        If the OPoC is properly informed that their registrant is
phishing, the OPoC has the responsibility to take the site down
immediately upon proper notice. If the OPoC then fails to take the site
down, the OPoC would be contributorily liable.  
        
        -----------------------------------------------------
        3. WHEN must the OPoC act - time frames for response, etc:  
        
        OPoC must be responsible for forwarding, within 12 hours of
receipt, any correspondence and requests to contact the registrant
and/or a technical resource for the registrant. 
        
        OPoC must investigate and take appropriate action (without
unreasonable delay, or, as soon as reasonably possible) in response to
notice of illegal activity at the domain.
        
        -----------------------------------------------------
        4. HOW would these responsibilities be enforced - what happens
if they are not fulfilled?
        
        If an OPoC fails to meet their defined responsibilities in the
required response period, resolution of the domain name should be
immediately suspended in these steps:
        
        1. Registrar shall immediately suspend name records for the
affected domain and suspend webhost services. 
        
        2. Registrar shall immediately convey full owner Whois details
to the complainant.
        
        3. Registry shall suspend website DNS, although TTL means that
resolutions would still occur for 24-48 hours.
        
        4. Registry shall lock the domain so that it cannot be
transferred. The name should be available for resale after __ days
unless the registrant has initiated an approved disputer resolution
mechanism.
        
        Steps taken to suspend resolution should not prejudice any
party's ability to pursue appeals or alternate dispute resolution
mechanisms. 
        
        
        


________________________________

Food fight?
<http://answers.yahoo.com/dir/index;_ylc=X3oDMTFvbGNhMGE3BF9TAzM5NjU0NTE
wOARfcwMzOTY1NDUxMDMEc2VjA21haWxfdGFnbGluZQRzbGsDbWFpbF90YWcx?link=ask&s
id=396545367>  Enjoy some healthy debate
in the Yahoo! Answers Food & Drink Q&A.
<http://answers.yahoo.com/dir/index;_ylc=X3oDMTFvbGNhMGE3BF9TAzM5NjU0NTE
wOARfcwMzOTY1NDUxMDMEc2VjA21haWxfdGFnbGluZQRzbGsDbWFpbF90YWcx?link=ask&s
id=396545367>