11 March 2014
- Mary Wong
- Aleksey Khapchenko
The next Privacy & Proxy Services Accreditation Issues PDP WG teleconference is scheduled for Tuesday 11 March 2014 at 1500 UTC (08:00 PDT, 11:00 EDT, 15:00 London, 16:00 CET)
Adobe Connect WITH AUDIO enabled: https://icann.adobeconnect.com/ppsai/
Agenda:
- Roll Call/Update to SOIs
- Review & Discussion of Sampling of P/P Providers' Terms of Service (see latest version, attached)
- Continue Discussion on Category B Question 2 (see latest version incorporating most recent responses, attached)
- Next Meeting/Planning for Singapore
Documents for Review:
Spreadsheet of Sampled P/P Provider Terms & Conditions
Template for Cat B Question 2 - updated 10 March 2014
MP3 Recording: http://audio.icann.org/gnso/gnso-ppsa-20140311-en.mp3
Meeting Transcript: http://gnso.icann.org/en/meetings/transcript-ppsa-11mar14-en.pdf
Attendees:
Luc Seufer - RrSG
Volker Greimann - RrSG
Graeme Bunton – RrSG
Tim Ruiz – RrSG
Sarah Wyld – RrSG
David Heasley - IPC
James Bladel - RrSG
Steve Metalitz - IPC
Kathy Kleiman – RySGgr
Darcy Southwell - RrSG
Don Blumenthal - RySG
Libby Baney - BC
Phil Marano – IPC
Jim Bikoff – IPC
Griffin Barnett - IPC
Valeriya Sherman – IPC
Marie-Laure Lemineur – NPOC
Jennifer Standiford – RrSG
Carlton Samuels – ALAC
Amr Elsadr – NCUC
Tatiana Khramtsova – RrSG
Osvalod Novoa – ISPCP
Don Moody -IPC
Todd Williams – IPC
Apologies:
Michele Neylon – RrSG
Roy Balleste – NCUC
Holly Raiche – ALAC
Susan Prosser – RrSG
Kristina Rosette – IPC
Stephanie Perrin- NCSG
Joe Catapano - staff
ICANN staff:
Mary Wong
Margie Milam
Amy Bivins
Mike Zupke
Marika Konings
Nathalie Peregrine
Adobe Connect chat transcript for Tuesday 11 March 2014:
Marika Konings:Welcome to the PPSAI WG Meeting of 11 March 2014
Valeriya Sherman:Jim Bikoff and Griffin Barnett are also on the call
Nathalie Peregrine:Thanks , noted!
Osvaldo Novoa:Hello all
Nathalie Peregrine:Marie-Laure Lemineur has joined the cal
Marika Konings:For further details about the meeting in Singapore, please see http://singapore49.icann.org/en/schedule/thu-ppsa
Luc Seufer:Ladies, Gentlemen
Nathalie Peregrine:Graeme Bunton is also on the call
Nathalie Peregrine:Libby Baney is on the audio bridge
Nathalie Peregrine:Tim Ruiz has joined the call
Nathalie Peregrine:Jennifer Standiford ha sjust joined
Tim Ruiz:What time?
Nathalie Peregrine:15;00 UTC
Nathalie Peregrine:Carlton Samuels has joined the call
Carlton Samuels:Good morning all
Mary Wong:For North America, it means we stay on the same time as this week.
Volker Greimann:Turn on magnification of 1000%
Don Blumenthal:And connect to a 60 inch TV
Kathy Kleiman:Can someone please post the link to the file?
Kathy Kleiman:Tx Mary!
Nathalie Peregrine:Amr Elsadr has joined the call
Kathy Kleiman:Alas, we can't see anything :-(
Kathy Kleiman:But it looks like a good sheet to study - and tx for pulling together this data!
Valeriya Sherman:Does anybody know how many P/P providers are there currently? And how many of those are affiliated with registrars, in the sense of being subsidiaries?
Valeriya Sherman:Val;)
Tim Ruiz:Do lawyers count?
Mary Wong:We don't have any comprehensive survey or means of objectively ascertaining the number out there.
Don Blumenthal:Tim - count for what? :)
Tim Ruiz:Count as privacy services. A lot of them register names for clients in their or their firms name.
Mary Wong:Note also that when we use the word "Affiliated" in the context of the 2013 RAA, it's a specifically defined term. That's not always the case in other contexts, when using "affiliated" without the capital A.
Tim Ruiz:Yeah, missed the smiley face. :-)
Bladel:Mary: What is the distinction?
Mary Wong:@James, I believe that "Affiliated" in this instance refers to entities that have a controlling relationship one to the other. That's more specific and narrow than "affiliated" which can be far broader and does not have a specific legal or technical meaning.
Bladel:Ok, thanks.
Marie-laure Lemineur -NPOC:apologies, my internet connection failed.
Mary Wong:The Nominet input to the Whois Review Team was posted to the WG wiki, under the documents for 4 March.
Luc Seufer:@Marie-Laure, I have heard ICANN is not willing to pay Comcast an extra fee for all the bandwidth we are using ;-)
Marie-laure Lemineur -NPOC::)
Tim Ruiz:We could require something similar passed through to the p/p provider.
Volker Greimann:@Steve: For non-affiliated services, we send it to the registrant of record, i.e. the service provider
Carlton Samuels:@Steve: In your scenario that verification is 2 layers down.
Volker Greimann:sorry, there is another telco in the room, so I cannot talk :-(
Bladel:But Volker, if you become aware that they are a privacy service (and not accredited) you'll have to take action against those names.
Mary Wong:@Volker, @Steve - that would be the case for proxy registrations (as defined by ICANN), true?
Volker Greimann:@james: not currently
Volker Greimann:as there is no such program
Carlton Samuels:I think it is burdensome. If the liability rests with the provider then verification is the responsibility of the provider.
steve metalitz:apologies, I will have to drop off the call momentarily since another call time was changed due to daylight savings time
Bladel:Once the program launches, the "hooks" are already in the RAA.
Volker Greimann:I was referring to the current status
Bladel:ok
Volker Greimann:the new accreditation would have to oblige non-affiliated providers to perform identical verfication and validation
Volker Greimann:if you need that for the underlying data
Nathalie Peregrine:Todd Williams has joined the call
Graeme Bunton:i think it's old
Carlton Samuels:@Volker: Yes. And that is the case that should be considered. As I've said before make the requirement one for '[re]verified contact information' and be done. This applies regardless of the provenance of the service; Affiliated or non-Affiliated provider. No need to be more prescriptive as policy.
Amr Elsadr:Verification and validation by non-affiliated service providers doesn't seem unreasonable. I suppose some registrants may choose to have different email addresses associated with their registrar and P/P provider (for example). I'm still not sure why any of this may be grounds for reverification. That isn't a requirement in the 2013 RAA, is it?
Carlton Samuels:Implementation design and the details associated must remain with the implementation team
Marika Konings:It is the registrar, not ICANN that sends the reminder, I believe
Volker Greimann:@Kathy: We send out the data we have on file. So for our own privacy service, it is the underlying data, for unaffiliated services, it is the services data
Luc Seufer:@Marika fortunately!
Marika Konings::-)
Graeme Bunton:Our approach matches what Volker is saying
Volker Greimann:whether or not that is forwarded or not depends on how the service is set up
Marika Konings:Would it be an option to require the P/P service to forward the Whois data reminder to the P/P customer and if that bounces, reverification is required?
Mary Wong:@Amr, what is the "this" you're referring to?
Amr Elsadr:I thought we were talking about the need for reverification of contact data in the whois. It seems we've moved on.
Darcy Southwell:I suggest that any re-verification requirement be consistent with the Whois Accuracy Program Specification. Otherwise, registrars who also provide privacy/proxy services will have two different standards for re-verification.
Graeme Bunton:That's an interesting point James
Volker Greimann:Marika: I think that is not helpful, as we can only include data we have in our reminders
Kathy Kleiman:Good point, James
Carlton Samuels:@Volker: Precisely. This is why verification requirement rests with the p/p provider!
Darcy Southwell:@Marika – If this is requirement, are you suggesting that if a P/P service doesn't already collect and follow up on bounces that it would have to build that functionality to continue as a P/P service?
Kathy Kleiman:Do the customers have a way to check their data in a p/p service -- the ones I have seen do...
Volker Greimann:Marika: I would not tie it to the registrar reminders, sinde some may be passed through automatically, while with other services it may not, depending how the provider handles the mail address in the contact deposited with the registrar
Kathy Kleiman:but I don't know across the board?
Luc Seufer:Silly question, but when the program will be established, how does a registrar know that a domain holder is using the services of a proxy service from a third party? (if the details are not Domain Proxy Inc. or something obvious)As registrar we will be bound to only allow registrants to use accredited p/p/ providers services, but what qualifies the service of an entity as a p/p/ service?
Volker Greimann:Luc: Pragmatically. Positive knowledge only
Luc Seufer:so in other words, never.
Tim Ruiz:Luc, that's an implementation detail ;-)
Volker Greimann:My take: They would be obliged to agree to verify and validate in their accreditation agreement with ICANN. Compliance and Noncompliance is a job for ICANN compliance then
Luc Seufer:Okay so unless a Compliance rep. tells you that company XYZ is providing p/p services, you can't tell.
Mary Wong:@Volker, is it your assumption that the P/P accreditation will be based on a binding contract between ICANN and the P/P service (similar to registrar accreditation)?
Bladel:But if a Registrar becomes aware that an unaccredited P/P is registering domains through them, then the registrar (per the RAA) should take action against htose names.
Libby Baney:@Don - before moving on, could we summarize the "closure" / concensus on where we landed on the prior issue? Thanks!
Tim Ruiz:Another question will be what are registrars required to do if they discover registrations that are by non-accredited p/p service or is otherwise proxied?
Tim Ruiz:@James, on the same wave length :-)
Luc Seufer:but what's a non-accredited P/P? Any registrant without an ICANN P/P accreditation?
Tim Ruiz:@James, or as I like to say, great minds think like I do.
Libby Baney:Yeah, thanks
Libby Baney:Just wanted to make sure I knew where we "were"
Libby Baney::)
Volker Greimann:of course, if we find out anyone operates any form of privacy services for third parties, such as lawyers, etc, we may be required to deactivate those domains if the firms are not accredited...
Graeme Bunton:That's my understanding too, Volker
Volker Greimann:Mary: In my book, that is what Accreditation means,, so yes!
Luc Seufer:For example a law firm registering itself as registrant of a domain name they have recovered via UDRP for example, do they need to be accredited by ICANN to do so? Wouldn't we as registrar be in breach of the 2013 RAA by allowing such law firm to do so?
Mary Wong:Thanks, Volker - I thought so but thought also it would be useful to clarify. Possibly other WG memebrs share the same view but I'm not sure this is a question the WG has discussed.
Kathy Kleiman:I'm disconnected
Volker Greimann:I am certainly not assuming that each registrar becomes an accreditation body, accrediting privacy services. This has to be centralized and at the centre, there is ICANN
Kathy Kleiman:But yes, I thnk we need to look at the rights of registrants and these documents Marika mentioned
Tim Ruiz:@Luc & Volker, laws regarding client/attorney privalege may come into play?
Darcy Southwell:Luc's question is a good one - is the law firm acting as a P/P service or instead licenscing the domain to its clients?
Volker Greimann:well, too bad, Tim ;-) Privacy service is privacy service
Volker Greimann:Darcy: if it looks like a duck...
Kathy Kleiman:I'll raise the points next meeting...
Tim Ruiz:@Luc, I don't disagree in theory, but we do need policy that's enforceable.
Volker Greimann:the nature of the internal contractual relationship between the parties cannot matter
Darcy Southwell:Duck, yes. But I suspect some law firms would disagree.
Volker Greimann:either the registrant of record is the beneficial owner, or he is not. In the latter case, the registrant of record is providing some form of privacy or proxy service and has to undergo the accreditation program
Luc Seufer:@Tim, another conflict between ICANN policies and local laws: this time count me out!
Volker Greimann:with all the obligations that entails
Tim Ruiz:@Luc, the proble of course if there is an exception is that most p/p services will ultimately set up to fall into that exception.
Kathy Kleiman:Tx All !
Graeme Bunton:thanks all
Marie-laure Lemineur -NPOC:thanks. Bye bye
Libby Baney:Thanks!
Tim Ruiz:Thanks Don and all!
Osvaldo Novoa:By and thank you
Luc Seufer:Bye