Re: [gnso-irtpd] Example email string

["Mike O'Connor" <mike@xxxxxxxxxx>]

sorry to come in so late on this.  

i think there are two possible use-cases here, one of which is covered by 
existing policy and one by the new inter-registrant policy from IRTP-C

        existing policy - applies to a dispute between registrars - so if the 
problem with an FOA is fraud perpetrated by a registrar, i would think TDRP 
would apply

        inter-registrant policy - applies to a dispute involving the transfer 
of a domain between registrants (almost always the case in a hijacking)

my read of the email thread is that the root of this dispute is 
inter-registrant (the theft).  i think that the new IRTP-C process, which will 
require more notification and verification of inter-registrant transfers may 
nip a lot of these in the bud (i sure hope they do, anyway).  

the conversation then gets quite muddled and i think would benefit a lot from 
clearer information about the purpose and limits of the TDRP.  i’ve been at 
this a long time and it’s only recently that i’ve come to understand those 
things.  in the case of this email thread i probably would have written back 
saying something like this

“The you and your Registrar appear to disagree whether this situation is 
addressed by the TDRP — I would suggest forwarding this question to ICANN 
Compliance for review.”  *my* read of this is that the registrar just didn’t 
think that TDRP applied, nothing more.  

i think policy *will* have something to say about this case once IRTP-C gets 
implemented, but it doesn’t right now.

m

On Feb 6, 2014, at 9:33 AM, Dorrain, Kristine <kdorrain@xxxxxxxxxxxx> wrote:

> 
> I can appreciate the concern here.  I'm not a registrar, so I don't 
> understand the nuances of transfer, but I do understand an FOA is needed.  
> What if (and I don't know in this case, I'm talking generally), the FOA was 
> fraudulent and the registrar "didn't suspect" fraud. I use quotes because I 
> am asking (honestly, not rhetorically) what prevents a registrar from simply 
> "not noticing" fraud?  Does a registrar do any sort of validity check or 
> "well, the request came from an authorized email account so who am I to ask 
> questions"?
> 
> Is there anything currently being done to encourage or train Registrars to 
> spot fraudulent transfer requests?
> 
> Sorry if my questions are very  basic...
> 
> -----Original Message-----
> From: owner-gnso-irtpd@xxxxxxxxx [mailto:owner-gnso-irtpd@xxxxxxxxx] On 
> Behalf Of rob.golding@xxxxxxxxxxxx
> Sent: Thursday, February 06, 2014 9:23 AM
> To: gnso-irtpd@xxxxxxxxx
> Subject: RE: [gnso-irtpd] Example email string
> 
> 
>> But this type of issue is exactly the one Registrants are seeking a 
>> remedy for within ICANN.
> 
> The 'claim' is that the transfer (validly completed) was 'fraudulent' 
> because they allowed their details to be exploited/phished/socially 
> engineered or whatever - that's going to need someone to 
> investigate/prove/identify the details of the hack/exploit/scam.
> 
> Ideally that's a job for the courts and specialists, not ICANN, not a 
> Registrar etc (in many cases) - a *crime* has been committed - we're not 
> 'judges' or qualified to make decisions about that.
> 
> I hear the 'I've been hacked' story 100 times a week - usually after 
> terminating a spammers services.
> 
> One of the funniest was Monday someone claiming they never ordered something, 
> and that we're been 'illegally taking money' from their bank account - 
> obviously they must have been 'hacked' (and accused us of doing it)
> 
> This is after the order came from their IP, it was paid (and 3d-secured at 
> their bank) on their Debit card, they'd raised 3 support tickets/questions in 
> the preceding month, we'd spoken to them by phone at least once ...
> 
> 'I must have been hacked' translates into 'oh sh!t I forgot to cancel 
> something I dont think I want anymore and rather than being reasonable and 
> asking the company for a refund that they probably would have given without 
> issue, I tried to fvck them over with bullcrap claims'
> 
> As to the email-chain that started the thread, who is to determine they didnt 
> sell the domains and now have buyers-remorse ? Or had their assets seized by 
> the FBI ? or a million other possibilities ...
> 
>> I disagree with the position that a party using illegally obtained 
>> credentials
> 
> I'm merely saying the *correct* credentials were used - if there is a claim 
> that the obtaining of those is 'illegal' then go seek 'legal' 
> counsel.
> 
> Rob
> 


PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: OConnorStP 
(ID for Twitter, Facebook, LinkedIn, etc.)