Internet Commerce Association Opposes Approval of the Revised Proposed Agreement on .XXX and Urges Rejection with Finality
By E-Mail February 5, 2007 Board of Directors Internet Corporation for Assigned Names and Numbers (ICANN) 4676 Admiralty Way, Suite 330 Marina del Rey, CA 90292-6601 Re: Revised Proposed Agreement on .XXX Dear Members of the ICANN Board: This comment letter is submitted by the Internet Commerce Association (ICA) in regard to the ICANN notice of January 5, 2007, "ICANN Publishes Revised Proposed Agreement on .XXX". ICA is a not-for-profit trade association. Its membership is composed of individuals and companies that own, buy, sell, resell, host and manage Internet traffic emanating from search engines, domain names and Internet links. ICA's mission is to promote the values and benefits of Internet traffic, including the value of purchasing direct navigation traffic, to the press, advertisers, and governmental authorities on a global basis. ICA works to promote and protect Internet prosperity and entrepreneurship as well as fairness among regulators and in the dispute resolution process, taxation, and treatment under other relevant laws, regulations, and agreements in the U.S. and other nations. ICA provides a unified voice for a membership with common interests and a diverse collection of experience in the Internet traffic marketplace. The website ownership community represented by ICA has risked large amounts of capital in order to develop domain names as the first new form of property of the virtual age. These professional registrants are also a significant source of the fees that support registrars, registries, and ICANN itself. The ICA supports the concept of private sector governance of the Domain Name System (DNS) embodied in ICANN but also believes that ICANN must engage in limited Internet governance, focused on its narrow technical responsibilities, and must operate in a manner that is transparent and accountable to the broad Internet community. The ICA takes no position on the general question of whether it is appropriate to authorize any specialized top level domain (TLD), including .XXX, with the intent and expectation that it host explicit adult sexual content. However, we would oppose any requirement that content of a particular nature, including sexual content, be hosted and located solely at specifically designated TLD. The DNS should not be utilized as a means of zoning the Internet for the purpose of segregating content of any nature, as any fiat to that effect inevitably involves registries in the classification and possible censorship of content, and also requires ICANN to stray far from its narrow and proper mission in order to enforce the operative provisions of registry agreements and overarching ICANN policies. For the reasons stated below, the ICA is firmly opposed to ICANN Board approval of the Revised Proposed Agreement (RPA) on .XXX, and urges the Board to reject it promptly and with finality. Executive Summary The ICA opposes approval of the Revised Proposed Agreement on .XXX because--- 1. The RPA would inevitably involve ICANN, through its enforcement authority and responsibility, in matters that lie far outside its narrow technical mission and are the proper province of national government and multinational law enforcement and consumer protection authorities. 2. The RPA would set a number of extremely undesirable precedents, including-- * Establishing registry-specific content restrictions that will authorize the registry operator to establish proprietary extralegal standards and to review and prohibit otherwise legal content. * Requiring registrants to involuntarily contribute, through a designated "tax" built into their registry fee, to specified public interest organizations based upon the nature of the content hosted at their domain name; as well as support third party monitoring activities that presume that registrants will not abide by their contractual obligations. * Establishing a registry-specific forum, outside of ICANN's own internal structure for receiving input from interested parties, for the discussion and resolution of matters that are pervasive to most or all TLDs. 3. The sponsoring organization for .XXX appears to be presently controlled by the registry proposing this new TLD - an entity standing to gain very substantial revenues if the RPA is approved -- and there is no assurance that this sponsor will ever achieve sufficient independence, much less adequate participation from those parties who might utilize this new TLD. As a general matter, the approval of any sponsored TLD (sTLD) should be contingent upon a finding by ICANN that the sponsoring organization is a bona fide and independent entity at the time the TLD proposal is submitted for its consideration, and not merely a registry-controlled "shell" to be given substance at some later date; and that the proposed contract governing the relationship between the sponsor and registry operator be available to the community and Board prior to any Board vote on a proposed TLD. 4. The process by which this RPA was negotiated and presented to the broad ICANN community once again, unfortunately, provides evidence that ICANN is in need of profound internal culture reform as regards transparency and accountability. The very fact that ICANN staff and .XXX proponents were in continuing discussions and negotiations following the Board's 9 to 5 vote against the proposed .XXX agreement on May 10, 2006 was neither publicized by ICANN nor known by the interested Internet community - the existence of these ongoing proceedings was in fact opaque to and hidden from that community. At no time during these negotiations did ICANN seek any input from the community as regards the appropriateness of the significant precedents that the developing agreement would set, a failure in regard to both transparency and accountability. Additionally, the January 5th notice of the Revised Proposed Agreement fails to contain a single word of explanation as to why ICANN staff believe the provisions of the newly negotiated Appendix to the original agreement sufficiently address the concerns of the community that resulted in the Board's rejection of that agreement by a nearly 2 to 1 margin. Nor is there a single word of recognition or discussion in the January 5th notice that the proposed Appendix contains numerous provisions that establish new precedents that could well migrate to other TLD registry agreements and would inevitably involve ICANN in areas far outside the scope of its narrow technical mission if it takes its contract enforcement responsibilities seriously. The ICA finds it inexplicable that ICANN would operate in such an opaque and unaccountable manner in regard to a registry proposal that had generated widespread criticism and debate as well as input from an unusually broad and diverse range of commentators both within and outside the general ICANN community. This failure is particularly incomprehensible given that the decision as to whether ICANN should be completely privatized at the conclusion of its current Memorandum of Understanding (MOU) with the U.S. Department of Commerce (DOC) in 2009 is contingent, first and foremost, on its achievement of greater transparency and accountability in its operations. We would respectfully suggest that, particularly during a period when ICANN is seeking to achieve full privatization, it should adhere strictly to its narrow technical responsibilities and should not be clandestinely negotiating revised agreements for controversial TLDs that would inevitably require substantial expansion of its staff (and substantial additional financial support from domain name registrants) for contract oversight and enforcement responsibilities regarding matters that fall far outside its intended mission and implicate powers and duties that properly belong to national governments and multilateral organizations. General Discussion ICANN Must Adhere To Its Narrow Technical Mission During the debate leading up to the 2005 WSIS meeting regarding whether ICANN should be absorbed into the International Telecommunications Union (ITU) or another United Nations (UN)-affiliated entity, defenders of ICANN's private sector model noted repeatedly that adherents of such action misunderstood the limited and technical nature of the "Internet governance" functions assigned to ICANN. Fortunately, their arguments that these circumscribed responsibilities should not be politicized prevailed. That limited assignment was again reiterated in recent ICANN testimony before the U.S. Congress: The limited and distinct mission of The Internet Corporation for Assigned Names and Numbers is clearly set out in Article I of ICANN's Bylaws. ICANN: 1. Coordinates the allocation and assignment of the three sets of unique identifiers for the Internet, which are a. Domain names (forming a system referred to as "DNS"); b. Internet protocol ("IP") addresses and autonomous system ("AS") numbers; and c. Protocol port and parameter numbers. 2. Coordinates the operation and evolution of the DNS root name server system. 3. Coordinates policy development reasonably and appropriately as they relate to these technical functions.(Emphasis added)[1] In judging precedent-setting policy developments contained in proposed TLD registry contracts, as well as evaluating the roles and duties that ICANN would have to perform to credibly enforce the provisions of such proposals, ICA evaluates whether they relate directly to the narrow technical functions assigned to ICANN and its overarching responsibility to assure a stable and secure DNS. Where a proposed agreement would unreasonably and inappropriately expand ICANN's responsibilities into areas that are unrelated to its limited and distinct technical mission we will oppose it for two primary reasons: 1. If ICANN is allowed to expand its scope of authority and supporting bureaucracy at will, the costs of adding additional staff and implementing procedures to enforce inappropriate registry duties will ultimately be passed on to the registrant community as it is the source of all the DNS income that flows upward to registrars, registries, and ultimately ICANN itself. A domain name registration fee should only reflect costs reasonably related to the maintenance of secure and accurate registry databases and ICANN's associated oversight and enforcement responsibilities. Any charges beyond that will be viewed as an unjustified tax on registrants to support functions that are not reasonably related to ICANN's mission statement. 2. If ICANN is permitted to assume oversight responsibilities and enforcement roles that are outside its narrow technical mission and thereby engage in "Internet governance" activities that lie properly in national governments and multinational organizations it will be in a considerably weaker position to resist any future attempt to politicize DNS governance through its placement within a multinational organization. That is, short term expansion of ICANN activities into areas properly reserved to governments sets the stage for the loss of ICANN's independence in the long run. As the proposed Addendum to the .XXX proposal would require ICANN, through its contract enforcement responsibilities, to become involved in areas that are far removed from its "limited and distinct mission", and that are already being addressed by national governments on an individual and collective basis, the ICA must firmly oppose the proposed agreement as an unwarranted and insupportable expansion of ICANN's authority. Precedents Established Through Registry Agreements The ICA believes that each proposed TLD registry agreement considered by ICANN must be carefully scrutinized for language that establishes new precedents, as it appears to be ICANN's tendency to incorporate such provisions in subsequently considered agreements. For example, at its Sao Paulo meeting the comments of several ICANN Directors indicated that they were voting for the proposed .Biz, .Info, and .Org TLD agreements, despite their inclusion of presumptive renewal and price increase provisions that had elicited "outrage" from the community in the context of the .Com settlement, because it would be unfair to deprive other TLD registry operators of such benefits. While we certainly hope that ICANN does not feel that it is inextricably bound by bad precedents in all future contract negotiations, we proceed on the assumption that any new provision in a TLD registry agreement will likely find its way into future contract negotiations for both existing and new TLDs. It is inarguable that there are no technical distinctions between the three sets of unique identifiers or the protocol port and parameter numbers applicable to .XXX as opposed to any other current or proposed TLD. Therefore, any differences between the RPA and existing TLD agreements must be based upon the type of content - explicit adult sexual content -- intended to be hosted at .XXX DNs. As similar content is broadly available at many other if not all TLDs it is quite probable that the adoption of content-related precedents established in a .XXX agreement will inevitably lead to calls for the addition of similar provisions relating to such content as existing TLD agreements are renegotiated and proposed agreements are evaluated. Going down that path will inevitably involve TLD registries in content classification as they (and ICANN, through its contract oversight and enforcement responsibilities) are called upon to draw the line that divides DNs hosting content subject to such additional provisions and those that are not. The ICA believes that content classification and restriction regimes are not reasonably and appropriately related to ICANN's narrow technical functions. Therefore, contractual provisions that establish or set a precedent for such regimes have no place in any TLD registry agreement. The DNS was not intended to be and should not be allowed to become the basis for zoning the Internet so as to segregate various types of content or establishing content-based restrictions and responsibilities. While we fully recognize that there are very legitimate concerns about the proliferation and distribution of explicit sexual content on the Internet, particularly in regard to its availability to minors, we do not believe that addressing these concerns lies within ICANN's mandate - if ICANN differs on that judgment, it should propose uniform adult sexual content-related provisions applicable to all TLDs for the community's consideration and comment. This subject of explicit sexual content is already being addressed by a multitude of governments, both individually and on a collective basis, as well as by numerous private and civil sector entities. This subject also raises a host of free speech and law enforcement issues that have elicited differing national standards and approaches and that lie far outside ICANN's narrow technical mandate. ICANN should exercise extreme caution about involving registries and itself in these content-based matters. Aside from concerns about content-based provisions in registry agreements, the ICA also believes that proposed contractual provisions must be carefully scrutinized to determine if they reasonably and appropriately relate to ICANN's narrow technical functions. The best means for making such a determination is to ask whether a proposed contractual provision could be proposed by and adopted for the DNS as a whole. The ICA's position is that a subject that lies outside ICANN's mandate for the DNS system as a whole cannot be established as a matter requiring ICANN's oversight and enforcement in a single TLD registry agreement, and that ICANN lacks any authority to delegate to registry operators the exercise of authority that could not be directly undertaken by ICANN itself. For example, the RPA at hand contains provisions for the imposition and enforcement of "best practices obligations" relating to such subjects as misuse of personal information, clear and accurate consumer disclosures, protection of intellectual property rights, commercial spam, and transaction instrument fraud. Were ICANN to initiate or entertain a Policy Development Process (PDP) addressing any one of these issues we believe that the community would immediately question how ICANN involvement is reasonably and appropriately related to its narrow technical mission. ICANN should refrain from backdoor registry contract expansion of its authority as it will inevitably lead to a need for expanded staff and funding as well as conversion of the DNS system from a technical management regime to a legal and public policy regime. There is an additional reason for the exercise of restraint in contractual negotiations for TLDs. Each of the subjects addressed by the proposed "best practices obligations" is an important and serious issue. But each of them is also an extremely complex issue that is already the subject of varying national laws, multinational conventions, and private and civil sector remedial efforts. For example, the subject of the protection of personally identifying information generally and on the Internet specifically has been addressed comprehensively within the European Union but remains the province of disparate federal and state statutes within the United States, with the U.S. Congress expected to debate and perhaps enact new data privacy law over the next two years. To what legal regime would ICM Registry look when establishing its own "best practices obligations" relating to alleged misuse of personal information by registrants? By what right does any registry operator establish and enforce standards that relate to a matter that bears no reasonable and appropriate relationship to the operation of the DNS system and its own primary responsibility to maintain a secure and accurate DN database? By what means, if any, will registrants be assured that the personal information protection regime established by ICM is consistent with the relevant laws of those nations whose jurisdiction they are subject to? What administrative and procedural protections will registrants receive in ICM's adoption and enforcement of that regime? The answers to these questions and others are extremely important, as the lucrative revenues that ICM will derive from operation of .XXX as well as the controversial nature of the content it is intended to host will almost surely result in ICM taking a lowest common denominator approach to establishing standards as well as a severe enforcement posture to further its own proprietary interests. The ICA does not believe that the subjects to be addressed by ICM's "best practices obligations", as well as those addressed by other provisions of the RPA, fall within ICANN's "limited and distinct" technical mandate and therefore have no place in a TLD agreement. If ICANN feels otherwise it should establish a PDP for the general application of these provisions to all TLD agreements, as the matters they address are pervasive to the Internet as a whole and not solely to the proposed .XXX TLD. For example, we can think of no reason why consumers of sexually explicit services obtained from a .XXX website should be entitled to some higher or additional level of consumer protection than is provided to consumers of a wide variety of other goods and services obtained from websites hosted on other TLDs. In the interim, ICANN should merely consider adoption of a requirement that all TLD registries take steps to ensure that registrars and registrants are in compliance with all applicable laws and regulations regarding illegal content as well as abusive, deceptive, and fraudulent practices, and have procedures in place to deal with known violations under applicable law. That simple requirement would legitimately address all of these concerns without straying from ICANN's limited and distinct mission or risking the setting of undesirable precedents. Of course, such a reasonable course would not serve the purpose of the proponent of this RPA, which appears to be the generation of a dense smokescreen of questionable pledges and commitments in a last-ditch attempt to reverse the prior rejection of the .XXX proposal by ICANN's Board and reap the considerable financial rewards of a registry launch.. For registrants concerned about the wanton expansion of ICANN's authority and the establishment for worrisome and damaging precedent, the absolute worst course of action is to allow a single registry operator with a substantial profit motive in retention of the registry contract to establish, without procedural safeguards regarding adoption and enforcement and within the context of a TLD meant to host controversial content, registrant obligations regarding complex matters that are already subject to differing legal regimes. Yet that is the course this RPA proposes to take and that ICANN has been asked to approve. It should not do so. Prohibition of Child Pornography and Related Practices and Associated Third Party Monitoring The ICA is firmly opposed to the possession and distribution of child pornography and believes that those who engage in and encourage the sexual exploitation of children, particularly for commercial gain, should be prosecuted to the maximum degree under applicable law. This scourge is best addressed by law enforcement agencies, which possess the expertise to penetrate the online tactics employed by pedophiles to hide their tracks and identities, as well as the authority to fully investigate this pernicious and despicable form of child abuse. At the same time, this is an area far removed from DNS management and one in which ICANN and TLD registries lack expertise and authority. The prudent and appropriate course of action would be for ICANN to ensure that TLD registries and other participants in the DN system abide with applicable law and fully cooperate with lawful requests related to police investigations, while sharing technical expertise with the authorities to better help them apprehend perpetrators of this crime. While ICM Registry has made the prohibition of child pornography a featured aspect of its RPA, there is no reason to believe that there is a registry-specific solution to this problem that is known to be pervasive to the entire Internet. Indeed, as .XXX is designed to host legal adult sexual content it may not be frequented to the same extent as other TLDs by pedophiles seeking illegal child pornography. ICM's pledge to "prohibit child pornography, including practices that appeal to pedophiles" does raise some critical questions. The first is what definition of child pornography will be utilized? While there can be no question that still and video images of young children engaged in sexual acts with adults fall squarely in this category, the outer dimensions of legality can vary by national law. For one thing, child pornography is generally defined as an illegal image of a minor, but the age range covered differs among nations. For another, otherwise prohibited content can be legal in certain contexts; for example, in the U.S. an image may pass muster if presented in a manner that imbues it with serious literary, artistic, political or scientific value.[2] Third, the type of materials considered to be child pornography can vary by jurisdiction; for example, written depictions of real or imagined sex acts with minors, including such literary works as Vladimir Nabokov's "Lolita", are generally protected by the First Amendment in the U.S. but may be illegal in other jurisdictions (indeed, Lolita was initially banned in Great Britain but became a best seller upon release in the U.S.). We do not raise these questions in defense of any or all such content but merely to illustrate the difficulties of allowing a registry operator to prohibit DN registrants from engaging in conduct defined by its own enforceable standard rather than the law of the appropriate legal jurisdiction. The Statement made by ICM's Stuart Lawley in his January 5, 2007 letter to ICANN Board Chairman Vint Cerf, that "ICM is committed to prohibit child pornography, as that term is defined in International law, and to enforce that prohibition." (Emphasis added.), sheds little light on the subject, since the legally enforceable definition is very much one that varies by nation. Other issues arise in regard to ICM's enforcement pledge. ICM intends to outsource this responsibility to a third party, subject to ICANN approval. However, at least in the U.S., entities outside of the established law enforcement community are extremely constrained in their ability to investigate child pornography as their viewing or documentary storage of any illegal image is in and of itself a separate criminal offense. Here is how a Justice Department witness recently described the relevant provisions of the Adam Walsh Child Protection and Safety Act of 2006: ...the new law provides that in child pornography prosecutions, the child pornography must remain in the control of the government or the court. In passing this law, and by enacting findings explaining that child pornography constitutes prima facie contraband, and that each instance of viewing an image of child pornography is a renewed violation of the victim's privacy and a repetition of the victim's abuse, Congress has taken a great leap forward in protecting the children depicted in these images.[3] (Emphasis added.) That is, if the third party retained by ICM operated in regard to DNs subject to U.S. jurisdiction its viewing of illegal images would constitute a separate criminal act and any documentary retention of those images to a hard drive would also constitute criminal possession. While U.S. law does provide procedures by which providers of Internet access can report incident and suspect information related to child pornography, it has been insufficient to quell concerns about their own potential criminal liability. The head of a leading U.S, organization fighting child exploitation recently testified: Another obstacle to overcome is the reporting of child pornography found on customers' accounts by electronic service providers ("ESP") to NCMEC. Though apparently mandated by federal statute, 42 U.S.C. §13032, not all ESPs are reporting and those that do report are not sending uniform types of information, rendering some reports useless. Some ESPs take the position that the statute is not a clear mandate and that it exposes them to possible criminal prosecution for distributing child pornography themselves. (Emphasis added.)[4] While we are not familiar with the laws of other jurisdictions, it is clear under U.S. law that the investigation and prosecution of those who possess and distribute child pornography is a job best done by law enforcement and that the proper course for a registry operator is to ensure that both it and the its certified registrars have procedures in place to facilitate the reporting of suspected illegal content to the police authorities. One additional factor weighing against the employment of private sector monitors is that individuals who engage in the active investigation of this form of illegal content must be chosen after careful psychological screening and receive continuing counseling to deal with the effects of frequent viewings of such disturbing and detestable content as images and videos of children undergoing rape and torture. We also question the proposed employment of third party entities to monitor registry and registrant compliance with their pledges and obligations. ICM contends that the RPA obligates it to "Engage independent associations, acceptable to ICANN, to monitor and oversee compliance with its [ICM's] obligation to prohibit child pornography and require labeling." In a separate letter to ICANN, ICM states that it intends to outsource the monitoring of "registrant compliance with the registry prohibition on child pornography". It appears that this aspect of the proposal is premised on the depressing presumption that no one involved with .XXX is to be trusted. We believe it would be an unfortunate precedent to approve a registry agreement so infused with mistrust that it requires independent third party monitoring of both registry and registrant compliance. A fundamental basis of any contract approved by ICANN is that the parties to and subject to it should be presumed willing to abide by its provisions, particularly where they prohibit engagement in criminal activities. We also question why such unprecedented third party monitoring is required given ICM's assertion that the RPA provides ICANN with substantially enhanced leverage over ICM throughout the agreement's term. We believe this is a terrible precedent and that registrants should not be presumed liable to breach their contractual obligations and thereby saddled with the duty to fund third party monitors to watch over them. Finally, difficult as it may be for any private entity to define child pornography for Internet purposes and to effectively police against it, at least there is some general consensus that images of young children engaged in sexual acts with adults are illegal "child pornography". We know of no similar consensus in regard to the bounds of the "practices that appeal to pedophiles" which ICM has pledged to prohibit. This indistinct category could well encompass a wide variety of legal content, including videos of child beauty pageants and reproductions of the Victorian child nude studies of Lewis Carroll. No TLD registry should be authorized to censor any content that is legal under applicable law simply because it might have perverted appeal to criminal deviants. Industry Best Practices Provisions Appendix S of the RPA obligates the registry operator and sponsor of .XXX to "impose and enforce best practices obligations, including standards" to address a wide range of issues, including the misuse of personal information, clear and accurate consumer disclosures, the protection of intellectual property rights, commercial spam, and credit card fraud. As discussed above, the ICA does not believe that any of these matters relates reasonably and appropriately to ICANN's limited and distinct technical functions and that ICANN therefore has no authority to delegate authority over these matters to any registry operator. We therefore oppose the approval of this RPA or any other proposed registry agreement containing similar provisions. Each of these matters for which ICANN proposes to authorize the registry operator to promulgate enforceable standards raises serious consumer protection issues, but none is unique to DNs hosting adult content and each of them is a matter already subject to enforceable national laws and multilateral conventions. DN registrants are already subject to enforcement of the relevant laws of the jurisdictions in which they operate by law enforcement and consumer protection agencies as well as financial services regulators, and are also subject to civil suit. DN registrants may be further subject to the contractual policies of their chosen registrar, which routinely delete DNs found to be used for child pornography, spam, and other illicit purposes. There is no need for any addition of registry-specific standards on such matters. Of course, there are instances where ICANN, rather than individual registry operators, can properly consider policy aspects of such issues. For example, ICANN remains within the bounds of its limited authority when it reviews illicit practices that may threaten the stability of the DNS through the creation of "botnets" utilized to distribute spam, or when it considers the views of its IP constituency on an issue such as "domain tasting" that is facilitated by the five day grace period currently applicable to DN registrations. In those instances the consideration of the matter arises in relationship to ICANN's technical administration of the DNS, rather than as a separate policy matter that intrudes on the jurisdiction of national governments. Creation of a New Forum for Adult Content Discussions ICM Registry, in support of the RPA, has stated that IFFOR, the purported sponsor, "will serve as a credible forum for representation and self-regulation where all stakeholders are able to discuss and actively respond to concerns about child pornography". (Emphasis added.) While ICM and IFFOR are both entitled to establish or participate in any discussion forum they choose, we have serious concerns about letting any single registry operator and related sponsoring organization establish any purportedly representative forum with regulatory suasion, whether compulsory or "voluntary". It is not at all clear which "stakeholders" would be represented within this forum - just the "responsible adult webmasters" that ICM envisions .XXX serving and other purchasers of .XXX DNs (in which event registration of a .XXX domain would be a prerequisite to forum admission) or the broad community with concerns about child pornography? In any event, the scourge of child pornography is pervasive across multiple TLDs. As stated above, we believe this is a matter best addressed by law enforcement agencies and that bears no reasonable and appropriate relationship to ICANN's limited and distinct technical functions; and that ICANN's authority in this area is limited to assuring that all participants in the DNS are in compliance with applicable criminal laws. In any event, no forum on an issue that is pervasive throughout the entire DNS should be held within an entity other than ICANN, as only an ICANN-based forum can assure that it is addressed in a uniform and consistent manner. ICM pledges that IFFOR will seek out and support informed participation that reflects the community's functional, geographic and cultural diversity and Internet stakeholders - this sounds remarkably like a description of parties already participating in ICANN's overall policy process, who would now be asked to engage in a separate registry-specific forum. As conscientious participation in ICANN's internal processes already imposes significant costs on interested parties, including registrants, placing the additional burden on these parties to participate in quasi-regulatory forums conducted by individual TLDs would be a most undesirable precedent. Mandatory Support for Child Safety Organizations The first point listed on the ICM-prepared document "The .XXX Registry and Children" is the pledge that: ICM will donate $10 per year to fund IFFOR's policy development activities and to provide financial support for the work of online safety organizations, child pornography hotlines, and to sponsor the development of tools and technology to promote child safety and child pornography. Elsewhere, ICM's summary of the Appendix to the rejected agreement states that: Registry operator will contribute $10 per domain name registration per year to support IFFOR, guarantee its operational independence, and support programs approved by the grants committee. This pledge raises some serious questions and would establish several undesirable precedents. First, as explained above, we believe it would be a mistake to establish a forum within any single registry to develop policies in regard to Internet-wide issues. If such a forum falls within ICANN's narrow technical mandate it should be established within ICANN so as to assure uniform policy across the DNS while lessening the burden on members of the community wishing to participate. Second, at least for now, ICM's pledge to allocate $10 per year to IFFOR is little more than a pledge to take this money out of one of its pockets and place it in another. A check of the current WHOIS information for the International Foundation for Online Responsibility (www.iffor.org <http://www.iffor.org/> ) shows that it is registered to none other than Stuart Lawley, the President and CEO of ICM registry. While the IFFOR website features a rather complicated and impressive organizational chart (which furthers the impression that it is intended to be a mini-ICANN devoted to sexual content issues, a new bureaucracy whose costs will be imposed on registrants) it lists not a single member. The website also promises that its By Laws are "To Be Released Shortly", an inexplicable absence given the time that the .XXX application has been pending. The suspicion that IFFOR remains an empty shell constructed and supported solely by the registry operator seeking approval of the RPA is further buttressed by ICM's noting that the RPA obligates it to: Ensure that IFFOR remains free and independent and free of inappropriate influence by addressing, prior to launch, ICANN's concerns about the contract between IFFOR and Registry Operator to ICANN. Elsewhere, ICM notes that the Appendix obligates it to: [P]rovide a draft contract between IFFOR and Registry Operator to ICANN, and to negotiate in good faith prior to launch to address any reasonable concern that the contract creates compliance issues and/or a risk that policy obligations will not be fulfilled. These statements appear to be a clear admission that seven months of secret negotiations between ICM and ICANN staff have failed to ameliorate ICANN's concerns about IFFOR's independence, that any Board approval of the RPA will be followed by yet another round of negotiations regarding the contract between IFFOR and ICM, and that the staff is asking the community and the Board to make a renewed judgment on .XXX without critical information - namely, that contract. The significant concerns regarding IFFOR's community support and independent status and the glaring absence of the contract details raise the question of why this suspect and still incomplete RPA has been resurrected for Board review? We hope that ICANN learns a lesson from the .XXX saga and establishes as policy the requirement, going forward, that future applications for sponsored TLDs will not be entertained by the Board until the independent status of and adequate third party support for the sponsoring organization is validated and the detailed contract governing the relationship between the sponsor and the registry operator has been provided. Third, Stuart Lawley's January 5th letter to Vint Cerf indicates that ICM intends to outsource the function of monitoring registrant compliance with the prohibition on child pornography, and that the likely designee for this function will be the Family Online Safety Institute (FOSI), the successor organization to the Internet Content Rating Association (ICRA) . We have elsewhere detailed our belief that active monitoring and enforcement efforts against illegal content are best carried out by law enforcement agencies and that we object to setting the precedent that registrants should be asked to fund third party investigators on the presumption that they will not take their contractual obligations seriously. While we are familiar with ICRA and believe it is a serious and legitimate organization that has pursued beneficial activities in the promulgation of voluntary website self-rating standards and the provision of child online safety information and filtering technology to parents, it appears to have no expertise or authority to actively monitor and enforce a prohibition against illegal content. (While it does have a track record with voluntary self-rating standards, it remains to be seen how effectively it can monitor full compliance with the mandatory content rating that will accompany .XXX registrations). Finally, we object strenuously to establishing the precedent that DN registrants can be required to provide financial support to any third party organization as a component of their DN registry fee, regardless of how laudable the organization's activities. Registrant fees should be properly restricted solely to supporting the registry operator's costs of maintaining a secure and accurate database. If .XXX registrants intending to engage in legal activities can be required to fund hotlines, technology developments, and educational efforts directed against illegal activities they neither promote nor engage in, what logical argument can there be against requiring the same of all other registrants who provide adult content at other TLDs? Similarly, if the good cause of child online safety can be used to extract mandatory financial support, what other promoters of good causes will petition ICANN to mandate similar involuntary contributions to their efforts in future TLD agreements? Will the websites of corporations that manufacture tobacco products as well as websites that feature ads for those products be required to support anti-smoking and cancer research organizations? How about automakers and auto ads and global warming? Fast food restaurant chains and good nutrition and anti-obesity campaigns? Video games and youth violence? The meat and fur industries and animal rights? The list of potential supplicants is as long as the organizations which pursue "good causes". Once ICANN establishes the precedent that registrant fees can include mandatory contributions to organizations who have claimed, however tenuously, that the registrant bears some responsibility for the ill it seeks to cure it will have opened the floodgates to being looked to as a funding source for them. The ICA is more than willing to encourage our members to contribute to the good works of FOSI and other organizations that address problems associated with the Internet. But such contributions should be entirely voluntary and separate from the fee that registrants pay to acquire a DN. The administration of the DNS system does not confer upon ICANN any right to engage in or authorize quasi-taxation activities that require registrants to fund activities that bear no direct relationship to the technical costs of maintaining a particular TLD. Culturally Significant Names ICM has committed to provide a mechanism whereby the GAC as well as the government of any country or distinct economy participating in the GAC may reserve, without cost, any registration name claimed to match words of cultural or religious significance. While we can certainly understand that these entities would prefer that such names not be associated with a TLD meant to host adult sexual content, they might just as readily object at a word of cultural or religious significance being utilized for a website engaged in other types of commercial activities, as well as websites being utilized for the dissemination of political, religious or cultural views with which they disagree. Up to now the name reservation process associated with the launch of a new TLD has been limited to trademark holders; for example, prior to .Mobi's launch last fall it conducted a Premium Name Application Process for Trademark Holders that was administered by the World Intellectual Property Organization (WIPO). The establishment of a broad new category of potential DN names that can be reserved on an apparently unrestricted basis sets a precedent that should not be established within the context of negotiating a single TLD agreement. Granting such new rights to names claimed to have cultural or religious significance could well affect the conduct and outcome of future Uniform Dispute Resolution Process (UDRP) arbitration proceedings. This concern seems particularly well justified given that ICM has pledged to "publish a modified UDRP applicable to abusive registrations of third party names". It seems axiomatic that any unilateral modification of the UDRP by a TLD registry operator renders it non-uniform. This is not acceptable to DN registrants, who rely upon the protections conferred by the application of uniform criteria in DN disputes to protect their legitimate economic interests. It is ICM's position that any expansion of the name reservation process associated with the launch of a new TLD should be thoroughly discussed within ICANN and, if adopted, applied on a uniform going-forward basis. We also oppose permitting the unilateral modification of UDRP standards by any registry operator. Absence Of Transparency and Accountability In our October 31, 2006 comment letter to ICANN "Regarding Transparency and Accountability Management Operating Principles", we noted the two paramount reasons for ICANN to get the matter of transparency and accountability right: 1. First, there remains strong concern throughout the Internet community that ICANN has been operating in an opaque and cavalier manner -- that it fails to explain or even recognize the policy assumptions that underlie key decisions; that it announces critical policy changes as fait accompli after agreeing to them in private contract negotiations; that it makes primarily cosmetic changes in response to strong and negative consensus feedback from the affected Internet community; and that it lacks an adequate administrative proposal and review process to permit meaningful community participation in policy development. 2. Second, the new Joint Project Announcement ratified by ICANN and the U.S. Department of Commerce (DOC) on September 29th identifies "greater transparency, accountability, and openness in the consideration and adoption of policies related to the technical coordination of the Internet DNS" as the leading priority for which the DOC will assess progress in the continuing transition of ICANN to the private sector. Similarly, the Affirmation of Responsibilities approved by ICANN's Board on September 25th commits ICANN to continuing improvements in transparency, accountability, and an improved policy development process. While ICA commends these priorities and commitments, they must move from the realm of mere rhetoric by being translated into genuine and indisputable progress in the manner in which ICANN conducts its operations and develops fundamental policy. We believe that substantial progress in these areas must be the precondition for any future termination of the MOU between ICANN and the DOC and completion of ICANN's transition to full privatization. Unfortunately, in its handling of this revised .XXX proposal, ICANN has once again operated in an opaque and unaccountable manner and has failed to provide the Internet community with any meaningful rationale as to why it believes the new components of the agreement's Appendix cure the proposal's prior deficiencies that led to its rejection. The current version of the .XXX proposal was unveiled by ICANN on March 19, 2004, and the initial comment period opened on April 30, 2004 (an earlier iteration of .XXX was proposed in 2000 and subsequently rejected by ICANN). The proposal generated great controversy, to say the least. Remarkably, it managed to unite anti-pornography activists and most commercial purveyors of pornography in opposition to its realization. The former opposed .XXX out of concern that it would significantly expand the quantity of online explicit adult content as well as legitimize its acceptability. The latter opposed .XXX due to fears that it would inevitably lead to calls for all adult content to be located at .XXX, converting the DNS into an Internet zoning and content control regime. Additionally, the 2005 request of the DOC that ICANN provide additional time for commentary, to which ICANN complied, led to charges that this constituted evidence of inordinate U.S. control over ICANN, notwithstanding similar requests from GAC members. Finally, a revised .XXX registry agreement was posted on April 18, 2006. In a Special Meeting held on May 10, 2006 the ICANN Board defeated a motion to approve the revised .XXX registry agreement by a 9-5 vote. There was no reason for the Internet community and other interested parties to believe anything other than that the May 10th Board vote constituted final and conclusive action on this matter. At the time of the vote the current .XXX proposal had been pending for more than two years (and the overall concept for six years), had generated substantial debate and comment, and had been substantially revised in an attempt to satisfy some of the many criticisms raised against it. Most Board members who explained their vote against the agreement based their position upon profound skepticism that the proposal's sponsor could ever effectively implement its various enforcement commitments. There was no public directive from the Board to ICANN staff to reenter negotiations with ICM Registry for the purpose of yet again revising the proposal to again attempt to satisfy the objections of the dissenting majority of the Board. Such authorization of entry into new negotiations was also never made an agenda item at subsequent 2006 meetings of the Board. Therefore, it was with great surprise that we and others learned, from a January 4, 2007 notice "ICANN Announces Plans for Conclusion of sTLD Application Process", that: "The ICANN Board considered the agreement at its meeting on 10 May 2006 and voted not to approve the agreement as proposed, but did not reject the application. The applicant has continued to work to modify the agreement in order to address public policy issues raised by the GAC. ICM and ICANN Staff have been renegotiating a revised agreement in preparation for community review and board consideration. ICANN will post that agreement upon completion of the present round of discussions for public comment." (Emphasis added.) The fine semantic distinction between rejection of the agreement, as opposed to the application, was certainly not well understood by the community, which had every reason to believe that ICANN had settled this matter with finality. This wording of this explanation was also disingenuous in that ICANN's commitment to post the revised agreement "upon completion of the present round of discussions" (implying that they were yet ongoing) was posted on a date on which those negotiations had clearly been concluded -- as the Revised Proposed Agreement on .XXX was posted on the very next day -- January 5, 2007. In short, following the ICANN Board's rejection of the .XXX Proposal on May 10, 2006 ICANN staff entered into yet another round of negotiations with ICM Registry, from which a new proposal emerged last month. During that seven month period of undisclosed negotiations the interested community had every reason to believe that ICANN had taken final action on this matter. While we can understand why ICANN wished to avoid the renewed firestorm of controversy that would have been generated by conspicuous public notice that its staff had entered into yet another negotiating round on .XXX preparatory to Board consideration of a RPA, and while we certainly do not believe that the community need be kept apprised on a real-time basis of the minute details of ICANN's contract negotiation process, it seems apparent that ICANN meant this process to be opaque and hidden, rather than transparent and publicly known. That this apparently deliberate obfuscation occurred during the very period when ICANN was committing to greater transparency and accountability in negotiations for its own revised MOU with the DOC is extremely discouraging, and substantially undercuts ICANN's credibility on the key precondition for its ultimate full privatization. In order to prevent a recurrence of such opaque conduct, we would urge that in all future votes on proposed TLDs, where the outcome is rejection of the proposed agreement, the ICANN Board should immediately entertain a motion to declare that vote to be final and conclusive action or, in the alternative, to authorize staff to reenter negotiations in an attempt to cure the proposal's deficiencies. This simple procedural safeguard would provide clear notice to the Internet community as to whether a matter has been settled once and for all or has simply entered a new phase of negotiation. The process by which .XXX has been resurrected for further consideration and comment also fails to meet acceptable standards of transparency and accountability in other ways. ICANN's January 5, 2007 publication of the Revised Proposed Agreement fails to: * Explain why ICANN staff believes that the negotiated Appendix to the proposal rejected by the Board on May 10, 2006 adequately addresses the issues that caused the Board to reject it. * Discuss or provide a rationale for any of the unprecedented provisions contained in it. * Explain how the multiple new contract oversight and enforcement duties to be assumed by ICANN fall within the bounds of ICANN's narrow technical mission or are reasonably and appropriately related to that mission. ICANN's failure to address these critical areas results in interested and concerned members of the Internet community playing a guessing game as regards ICANN's internal policy development process. Such failure is not only evidence of a continued lack of operational transparency but also makes it far more difficult for the community to knowledgably comment and thereby hold ICANN accountable for its decision-making process. If ICANN staff believes it can make a good argument that the results of their secret negotiating process make the current .XXX proposal deserving of Board approval they should state it openly for community evaluation and critique; assumedly, they have or will prepare such background materials for the Board, and we see no confidentiality concerns that would prevent their dissemination to the community. In the absence of such explanatory materials many members of the community might well fail to comprehend the full scope and implications of this RPA and the many precedents it would establish. The need for far greater dedication to transparency and accountability is particularly important in any matter that has significant financial implications for both the applicant and ICANN. ICM President Stewart Lawley has been reported to speculate that, if approved, he expects at least 500,000 .XXX DNs to be registered (he may well be correct, given the large number of defensive registrations that will likely be made by trademark holders and others). That level of registrations would generate a minimum of $25 million annually for ICM, but quite possibly far more as it sells premium names (e.g., porn.xxx, or sex.xxx) to the highest bidder at auction. ICANN also stands to reap substantial fiscal benefit, being assured of multiple fees, including a $1 annual Registry Level Transaction Fee per registered .XXX DN.[5] Overall, given the lengthy prior consideration of the prior proposed .XXX agreement in advance of the Board's May 2006 vote to reject it, and the hidden nature of the subsequent renegotiation, we believe there should be a strong presumption against approval of the RPA unless the Board can fully articulate substantive reasons why the provisions of the Appendix are sufficient to overcome its prior vote of disapproval. Such a presumption is justified not only by the considerable time and effort already expended by ICANN and the community in the consideration of this matter, but because the very integrity of ICANN's decision-making process has been called into question by the remarks of the President and CEO of the ICM Registry. In that same news article Mr. Lawley was reported to state: "This is not a referendum on 'Do we do .xxx or don't we?', that decision was made back in June 2005. Are we doing .xxx is not up for discussion. It's 'What are the terms of the contract?" (Emphasis added.) Mr. Lawley's interpretation of events makes a mockery of ICANN's consensus process and of the time and effort expended by numerous commentators with a serious interest in this controversial matter. In fact, regardless of the Board's ultimate decision, we would think it would wish to initiate its own inquiry to determine whether any member of ICANN staff provided encouragement for Mr. Lawley's apparent view that the ultimate adoption of some .XXX registry contract has been a certainty since mid-2005. Surely, it cannot be the case that ICANN's initial decision to enter into negotiations with the applicant for a proposed sponsored TLD constitutes a guarantee that such negotiation will inevitably result in the approval and signing of a final agreement. If that is ICANN's negotiating posture it is volunteering to be at a disadvantage at every bargaining table, and is also telling the community that it only has power to influence the terms of such proposals but has no power to successfully oppose their approval. Finally, we must note that Mr. Lawley has also stated for the record as regards the RPA that, "Everything in the contract was originally in the proposal as submitted in March 2004 so nothing has changed."[6] (Emphasis added.) If, indeed, "nothing has changed", and the new Appendix to the rejected agreement of May 2006 is nothing more than a detailed recitation of its unaltered substance, we must question on what basis this RPA has been resurrected for Board consideration? Conclusion ICANN's Board previously found the proposed .XXX agreement to be so deficient in merit that is was rejected by a nearly 2-1 vote. In our view the proposed "cure" of the RPA under consideration is substantially worse than the original proposal and deserves unanimous rejection. It would implicate ICANN in areas far outside its technical mandate and would set s series of terrible precedents that would disfigure the fundamental purpose of the DNS. For all of the reasons stated in this letter, the ICA strongly opposes adoption of the Revised Proposed Agreement for .XXX and urges the Board to promptly reject it and to do so with finality. The ICA appreciates your consideration of our comments in this matter. Sincerely, Philip S. Corwin Partner, Butera & Andrews; Washington, DC Counsel, Internet Commerce Association Philip S. Corwin Partner Butera & Andrews 1301 Pennsylvania Ave., NW Suite 500 Washington, DC 20004 202-347-6875 (voice)/-6876 (fax) "Luck is the residue of design." -- Branch Rickey ________________________________ [1] Testimony of Dr. Paul Twomey, President and CEO, ICANN, regarding "Internet Governance and the Future of ICANN", before the Subcommittee on Trade. Tourism and Economic Development of the U.S. Senate Committee on Commerce, Science and Transportation, September 20, 2006. [2] What Is Child Pornography? Under federal law, child pornography is defined as a visual depiction of any kind, including a drawing, cartoon, sculpture, or painting, photograph, film, video, or computer-generated image or picture, whether made or produced by electronic, mechanical, or other means, of sexually explicit conduct, where it * depicts a minor engaging in sexually explicit conduct and is obscene, or * depicts an image that is, or appears to be, of a minor engaging in graphic bestiality, sadistic or masochistic abuse, or sexual intercourse, including genital-genital, oral-genital, anal-genital, or oral-anal, whether between persons of the same or opposite sex, and such depiction lacks serious literary, artistic, political, or scientific value. Sexually explicit conduct includes various forms of sexual activity such as intercourse, bestiality, masturbation, sadistic or masochistic abuse, and lascivious exhibition of the genitals. It is illegal to possess, distribute, or manufacture these images. These illegal images can be presented in various forms including print media; videotape; film; compact disc, read-only memory (CD-ROM); or digital versatile technology (DVD) and can be transmitted through computer bulletin-board systems (BBS), USENET Newsgroups, Internet Relay Chat, web-based groups, peer-to-peer technology, and an array of constantly changing world wide web sites. All states and the District of Columbia have laws concerning child pornography. As a result a person who violates federal laws concerning these images may also face additional state charges. Who Is a Minor? Federal statute defines "minor" as any person younger than 18.6 "While a majority of states follow the federal statute, some state laws define 'minor' or 'child' as a youth younger than 14, 16, or 17. Delaware law includes any person 18 years of age and younger in its definition of a 'child.'" Source: National Center for Missing and Exploited Children, http://www.missingkids.com/missingkids/servlet/PageServlet?LanguageCountry=en_US&PageId=2451 [3] Testimony of Alice S. Fisher, Assistant Attorney General, U.S. Department of Justice before the Committee on Commerce, Science and Transportation, United States Senate, Concerning "Online Child Pornography", September 19, 2006. [4] Testimony of Ernie Allen, President and CEO, The National Center for Missing and Exploited Children; hearing cited in footnote III. [5] "Comeback for Internet Porn Domain", by Kevin Murphy, ComputerWire, January 8, 2007. [6] Kierenmccarthy.co.uk, January 7, 2007. Attachment:
ICA-XXXcommentltr020507-Final.doc |