[gnso-vi-feb10] Fw: Contractual Compliance Newsletter - Issue 10 (October 2010)
- To: "Ron Andruff" <randruff@xxxxxxxxxxxxxxx>
- Subject: [gnso-vi-feb10] Fw: Contractual Compliance Newsletter - Issue 10 (October 2010)
- From: "Phil Buckingham" <pjbuckingham@xxxxxxxxxxxxx>
- Date: Mon, 25 Oct 2010 21:01:58 +0100
Ron, Mikey, & Roberto :
Further to my comment on the chat
Here is the latest compliance newsletter.
Check out 6. recent staff changes.
So there are only four staff remaining , temporarily reporting to Kurt Pritz
Apart from a replacement for David Giza , there would need to be a
substantial increase in staffing levels - to plan for, implement a new
compliance strategy, to be ready for 500 potential / budgeted new
Very productive call tonight.
My concluding point would be: ( following email acknowledgement from the
Board to my email on VI / VS issues & suggestions moving forward , sent pre
Would the Board ( as promised) give the VI WG ( via the GNSO)
1. indications as to a timeframe for our future work
2. any "topics " that the Board wishes the VI WG to immediately continue to
pursue further ( in the hope that we can reach a consensus , for inclusion
( at a later date) in the Final Applicant Guidebook ,(which I understand
will be published by mid November ))
----- Original Message -----
From: "ICANN Contractual Compliance Newsletter" <compliance@xxxxxxxxx>
Sent: Saturday, October 23, 2010 1:09 AM
Subject: Contractual Compliance Newsletter - Issue 10 (October 2010)
Contractual Compliance Newsletter
Internet Corporation for Assigned Names and Numbers
Issue 10 - October 2010
In This Issue
1. UDRP Compliance Update
2. Registrar Compliance with Inter-Registrar Transfer Policy (IRTP)
3. Contractual Compliance Advisories
4. Outreach Efforts
5. Consumer Complaint Update
6. Recent Staff Changes
Image of Cartagena, Colombia:
Caption: Cartagena, Colombia: Location of ICANN’s upcoming 39th
This Newsletter is to inform readers and encourage community dialogue
regarding ICANN’s contractual compliance program. For more information
please see link to past newsletter archive:
The ICANN Registrant Protection Performance tracker has been updated. Go
to https://charts.icann.org/public/ and click on Registrant Protection to
see how ICANN’s Contractual Compliance department has been working for
We are soliciting questions/topic ideas that you would like to see
reported in future newsletters. Please forward all questions/topic ideas
The Contractual Compliance Newsletter moved from a monthly to a quarterly
publication schedule to provide readers with more information about
contractual compliance matters. We are taking the additional time to
gather more facts and publish more concentrated issues on a quarterly
1. UDRP Compliance Update
Image of Complaints for Failure to Implement UDRP Decisions:
ICANN is pleased to report an upward trend in registrar compliance with
the UDRP. Throughout the latter part of 2009 and continuing through July
2010, ICANN observed fewer complaints concerning registrars failing to
implement UDRP decisions. At the same time, the number of UDRP decisions
increased or remained steady. ICANN tracks cases in which prevailing
complainants accuse registrars of failure to implement Provider decisions.
During the first seven months of calendar year 2010, ICANN received two to
four of these complaints per month. This is down from data from January
2009 through July 2009, when ICANN received on average seven to twelve of
such complaints per month.
ICANN attributes the decrease in complaints to several factors. Some
factors include registrar outreach and education, enhanced compliance
tools such as the UDRP Intake Response System, and stricter monitoring and
enforcement of UDRP compliance.
When ICANN is made aware of UDRP noncompliance, ICANN immediately contacts
the concerned registrar. During this initial contact, ICANN requests the
registrar provide data to justify not implementing the decision. In cases
in which the registrar cannot justify its position, usually this contact
is sufficient to bring the registrar into compliance. If not, ICANN sends
a formal escalated compliance notice. In rare instances when registrars
still fail to comply, ICANN issues a breach notice to the registrar.
Failing to remedy a breach notice for failure to comply with the UDRP is a
strong factor in favor of terminating a Registrar Accreditation Agreement
between ICANN and the registrar.
ICANN also receives complaints alleging a registrar failed to implement a
decision, when the registrar has in fact transferred the name to the
prevailing complainant. Often the complainant is seeking to transfer the
name to another registrar, but has not communicated that to the registrar.
If a prevailing complainant seeks to transfer a name, then the complainant
should notify the registrar and follow the Policy on Transfer of
Registrations between Registrars (also known as the Inter-Registrar
Transfer Policy) available at:
ICANN looks forward to continuous improvement in registrar compliance with
2. Registrar Compliance with Inter-Registrar Transfer Policy
Transfer problems most consistently top all consumer complaints received
by ICANN. Usually, they represent 20-30 percent of complaints that ICANN
processes. To address this issue, an IRTP Audit Plan was designed and
developed by Contractual Compliance with input and feedback from a number
of key registrar representatives and various ICANN departments and a beta
test on the IRTP Audit Plan was conducted in May 2010.
The primary purpose of the beta audit is to determine if the IRTP Audit
Plan is methodologically and operationally sound. It was also designed to:
* Gain a better understanding of the actual transfer problems encountered
* Gauge the level of registrar compliance with the IRTP; and
* Raise registrar awareness of their obligations under the transfer policy
and encourage future compliance.
Audit notices were sent to registrars who were subject to the beta-audit
by both email and fax. A copy of the IRPT Audit Plan was attached to the
Due to the vast number of transfers occurring each month and the large
number of registrars involved, it was not feasible to examine each
transfer transaction or each registrar’s transfer practices. Instead,
random selection mechanisms were used to select four groups of registrars
to be audited:
1. Transfer-losing-registrars with NACK rates exceeding 20% (maximum of 10
2. Transfer-gaining-registrars with NACK rates exceeding 40% (maximum of 5
3. Five registrars who received the most complaints by number
4. Five registrars who received the most complaints by ratio ( see the
calculation set out in the IRTP Audit Plan)
Selection of groups 1 & 2 registrars was based on VeriSign’s transactional
report for the month of December 2009, while selection of groups 3 & 4
registrars was based on data from ICANN’s C-ticket system for the month of
March 2010. Using these two sets of data and the selection mechanisms, a
total of 17 registrars were subject to the beta audit.
The total number of domain names sponsored by these 17 registrars was
71,491,626 (this represents 63% of total gTLD registrations of
113,802,218, as of 31 May 2010).
Eight registrars provided the information on or before the deadline of 24
May 2010, while others required one or two reminders. By 4 June 2010 all
provided the information requested. All but one registrar were requested
to provide ICANN with additional clarifications or information.
The table here is a summary of the findings based on the 4 registrar
A registrar is deemed compliant if each of its transfer transactions that
were subject to the audit was considered in compliance with the IRTP.
Of 119 transfer transactions reviewed, 27 were deemed non-compliant with
the IRTP. This translates to 77% of transactions being compliant.
Most transfer-related complaints that were subject to the beta audit
concerned either delays/inabilities to obtain the AuthInfo Code, or
domains still locked by the registrar of record. The problems seem more
prevalent when resellers are involved.
Based on the response provided by groups 3 & 4 registrars, ICANN noted
that some of the delays were caused by authentication or validation
processes employed by registrars. ICANN recognizes the need for
authentication of the Registered Name Holder who requested the AutoInfo
Code, but registrars must also be mindful of their obligation to provide
the Code within five calendar days of the initial request.
They must also ensure that they do “not employ any mechanism for complying
with a Registered Name Holder's request to obtain the applicable “AuthInfo
Code” that is more restrictive than the mechanisms used for changing any
aspect of the Registered Name Holder's contact or name server information”
(see paragraph 5 of the IRTP).
ICANN has stated in its beta audit notice to registrars that “the findings
of these beta-test audits are for information only and will not be used as
the basis for enforcement action.”
Accordingly, ICANN does not intend to take “formal” compliance or
enforcement action against those registrars that are deemed non-compliant
with the IRTP or the RAA but Contractual Compliance staff has informed
them of their non-compliance and worked with them to help bringing them
into compliance with their IRTP obligations.
In addition, the beta audit has alerted a number of registrars about the
deficiencies in their business practices and processes. Additional
investigations may occur. The beta-audit has prompted a number of
registrars to take the initiative of reviewing and/or improving their
Below are some of the comments received from registrars:
Comment from a group 1 registrar:
“Your beta testing request alerted us to the high rate of Nack in December
2009 …our use of Nacking was not compliant with ICANN IRTP in December
2009. We have now reviewed our current procedures in order to correct this
Comments from two group 2 registrars:
“..., this process has highlighted to me some weaknesses in how we
maintain this information.”
“The audit exercise has highlighted a couple of issues for us:
* The way that our data records are labeled (we gave you invalid details
as a result)
* The way that our system automatically re-attempts to transfer a domain
that has been NACKed. (We shouldn’t be doing this).
I am actively addressing both of these issues within our organization to
rectify immediately. ”
Comments from two group 3 registrars:
“We have paid close attention to this matter and discussed the measures to
let our transfer policy to comply with the ICANN Inter-Registrar Transfer
Policy. There may be a period for us to make a new transfer policy and
adjust our system.”
“If our transfer process as described above needs change or improvement,
please let us know and we will do our upmost to become compliant as soon
Comment from a group 4 registrar:
“We will introduce a “3 strikes, you are out reseller policy” to make sure
our resellers respond to customers’ requests for EPP codes in time, as
required by the IRTP.”
Further changes to IRTP Audit Plan after the beta audit and formal audits:
A registrar in group 1 suggested some changes to the requested
documents/information (as set out in the IRTP Audit Plan). ICANN will
incorporate those suggestions, in addition to some changes for clarity in
light of registrars’ responses to the beta audit. ICANN plans to conduct
two rounds of formal audit in accordance with the updated IRTP Audit Plan,
with one during the remainder of 2010 and one in the first half of 2011.
3. Contractual Compliance Advisories
In order to help registries and registrars understand their contractual
obligations, this newsletter will occasionally include advisory
information intended to clarify RAA and Registry Agreement provisions.
For more information please see link to the RAA:
Updating Public and Primary Contact Information
* Section 3.16 of the RAA requires registrars to provide on their web
sites accurate contact details, including a valid email and mailing
* Section 5.11 of the RAA states that all primary contact information
updates must be made in writing and faxed, delivered in person, or sent
via an internationally recognized courier service to ICANN.
It is important for registrars to keep their primary and public contact
information up-to-date. Registrars can update their public contact
information online by logging into the ICANN registrar database at:
Primary contact information cannot be updated online and must be done in
writing, using a form available when registrars log into the registrar
4. Outreach Efforts
Image of World Map:
Pam Little, Senior Director, Asia Pacific attended the INET Asia Regional
Conference held in Hong Kong on 13-14 April 2010. The theme of the
conference was “the opportunities and challenges in the next generation
Internet.” After attending the conference, Pam travelled to Xiamen, China
and held meetings with three registrars: OnlineNIC Inc., Xiamen eName
Network Technology Co. Ltd. and HooYoo Information Technology Co. Ltd.
The Asia Pacific Event of ICANN-Accredited Registrars and gTLD Registries
was held in Tokyo, Japan on 26-27 August 2010. Further details of the
event and the presentations by Contractual Compliance and others are
The Beijing Office of Asian Domain Name Dispute Resolution Centre hosted a
conference on Domain Name Dispute Resolution in Beijing on 15 October
2010. Pam Little gave a presentation on “the role of registrars in the
domain name dispute resolution process.” Pam also took the opportunity to
meet and discuss transfer issues with two ICANN-accredited registrars in
Contractual Compliance staff also conducted a workshop on the Whois Data
Accuracy Study conducted by NORC and made presentations to the following
stakeholder groups’ meetings during ICANN’s 38 th International Meeting in
Brussels in June 2010:
* ALAC Policy Issues Discussion Part 1 Meeting
* Registrar Stakeholder Group
* CBUC Meeting
* IPC Meeting
Information regarding ICANN’s Contractual Compliance Program, such as
compliance statistics, updated audit schedules and audit results, will be
shared with meeting attendees at ICANN’s 39 th International Public
meeting in Cartagena, Colombia, 5-10 December 2010.
5. Consumer Complaint Update
Image of Consumer Complaint Analysis: January-September 2010; Total
Complaints - 8,468:
ICANN has a C-Ticket System (see
captures and tracks complaints filed by the general public. The chart
above provides details concerning the categories and number of complaints
processed during the first nine months of 2010.
ICANN follows up on all complaints received regarding suspected RAA
violations and Registry Agreement violations.
ICANN does not, however, have contract authority to address complaints
regarding content, SPAM, data protection, web hosting, data privacy, and
Instead, ICANN forwards complaints to the appropriate parties for
handling. ICANN encourages each party to investigate the complaint and
report its findings to the complainant and ICANN.
ICANN is working with law enforcement authorities to assist, when
possible, in their investigations and prosecution of domain name abuse.
6. Recent Staff Changes
There have been some staff changes within ICANN’s Contractual Compliance
William McKelligott, Senior Auditor, resigned from his position in May
2010. Senior Director David Giza also left the company in July 2010.
A comprehensive search for their replacements has begun, and in the
interim, Pam Little, the Senior Director, Asia Pacific, is acting as head
of the department.
In addition, ICANN is also searching for a Contractual Compliance Manager
who will be primarily responsible for a WHOIS compliance program. This is
a newly created position reporting to the Senior Director of Contractual
Compliance and the position will be based in Marina del Rey, CA.
Below are the current members of ICANN’s Contractual Compliance
* Pam Little, Senior Director, Asia Pacific, Sydney
* Stacy Burnette, Director,
Marina del Rey
* Khalil Rasheed, Compliance Audit Manager, Marina del Rey
* Connie Brown, Compliance Program Specialist, Marina del Rey
* The Senior Vice President, Services, is also available as a resource for
Contractual Compliance matters:
Kurt Pritz, Marina del Rey
This message was sent by: ICANN, 4676 Admiralty Way, Suite 330
, Marina del Rey, CA 90292-6601
Manage your subscription: