ISSUE:    A.2

Designation and publication of technically competent point of contact on malicious conduct issues available 24/7 basis

 

Priority:
 

RAA Final Report (High Priority Item)


Issue/Request

Registrar will prominently publish abuse contact information on their website and WHOIS. The abuse contact will be prominently displayed on its webpage, and a uniform naming convention will be utilized to facilitate discovery of the webpage. The abuse contact information will provide the community with an individual’s point of contact information, including telephone and email address.  The abuse contact will be an individual who can promptly (within 24 hours) take action to remedy the situation in response to a well-founded report of illegal, criminal, or malicious activity involving a domain name registration.  

Source: 
LEA Code of Conduct

Notes

Additional information regarding requests:

1. The registrar identified in the sponsoring registrar field of a Whois entry should have an abuse contact listed prominently on its web page. To assist the community in locating this page, registrars should use uniform naming convention to facilitate (automated and rapid) discovery of this page, i.e., http://www .<registar>.<TLD>/abuse.html.
2. Registrars should provide ICANN with their abuse contact information and ICANN should publish this information at http://www.internic.net/regist.html.
2) The information a registrar publishes for the abuse point of contact should be consistent with contact details currently proposed as an amendment to Section 3.16 of the RAA. Each contact method (telephone, email, postal address) should reach an individual at the Registrar who will be able to promptly and competently attend to an abuse claim; for example, no contact should intentionally reject postal or email submissions.

RAA-DT
1) Registrars must be required to prominently post their abuse desk contact information.
2) Include a new RAA Section 3.12.7 requiring resellers to provide and maintain complete and accurate contact information for a point of contact for malicious conduct, including allegations of fraud and domain name abuse (e.g., recommended by SSAC 38).

GNSO RAA Motion:
1) ICANN-accredited registrars must provide to ICANN staff, and ICANN staff must keep on record, a valid physical address for the purpose of receiving legal service. This record must include a valid street address, city, appropriate region, telephone number and fax number.  Registrars must publish this information on their respective web sites, and must notify ICANN staff and update their published addresses within 30 days of a change of address
2) ICANN-accredited registrars must provide to ICANN staff, and ICANN staff must keep on record, the names of each registrar's respective corporate President, Vice President, and Secretary, or the appropriate equivalents of those positions. These data may be made available upon request to a verified representative of a law enforcement agency, in a manner agreed to by ICANN staff, ICANN-accredited registrars, and representatives of law enforcement agencies. Registrars will notify ICANN of any changes in this information within 30 days of a change.
3) ICANN-accredited registrars must publish on their respective web sites e-mail and postal mail addresses to which law enforcement actions may be directed. The e-mail address will use a uniform convention
(example: lawenforcement@example.tld <mailto:lawenforcement@example.tld>) to facilitate ease of use by law enforcement agencies. Registrars may, at their individual discretion, include language in this section of their web sites, directed to the general public, that makes clear the use and expected outcomes of these points of contact and identifies the appropriate points of contact for other forms of business. Requests submitted by verified law enforcement agencies to this discrete point of contact must receive an acknowledgement of receipt from the registrar within 24 hours.
4) Law enforcement agencies provide, within six months of the date of approval of this policy by the ICANN Board and via the general advice of the GAC to the Board, their recommendations for a database and identification system that allows for expedient identification to a registrar of a law enforcement agency, and verification of the contacting party as a law enforcement agency upon that agency's first contact with a registrar.

Source: 

LEA original request to RAA-DT












RAA-DT Final Report






GNSO Council Motion-
6 October 2011

Discussion Points

Description

Date Discussed

 

Registrars agree to publish abuse point of contact email address and/or web form.

Registrar’s request that the email address could be an alias, not a specific person’s name, to manage operational efficiency.

Recipient will be empowered to act on reports of abuse.

Agreed to discuss mechanisms to limit potential for misuse of published information.

Discussion of draft implementation language.

Registrars to draft implementing language.

Discussion of “response” vs. “mitigation”  when a complaint is submitted to a registrar’s abuse point of contact.

Discussion about who is an intervener,  authentication of law enforcement agencies, and whether governments could designate the agencies that benefit from these provisions.

Discussed telephone number accessibility and request for 24/7 availability.

Discussion on whether governments or GAC  could designate organizations within their jurisdiction vs. individual agents to benefit from provisions.

Discussion of whether registrars can task individuals with responsibility to respond within 24  hours.

Explanation that the changes in ICANN draft are to meet the request of LE;  Highlighted differences regarding  LE authentication request.

18 Nov 2011

18 Nov 2011


18 Nov 2011

18 Nov 2011

8 Dec 2011

20 Dec 2011

17 Jan 2012


17 Jan 2012


17 Jan 2012

23 Jan 2012


23 Jan 2012


15 Feb 2012

Proposed Text

Open


Status/Outcome

Under Discussion


Explanation

Open


COMMENTS:

Comments may be submitted using the “Add Comment” feature below.






To Leave a Comment on This Page:  Any user logged into Confluence will see an "Add Comment" button at the bottom of this page, which can be used to leave a comment.  To log in, click the "Log In" button on the gray control bar toward the top of the page, and enter your user name and password.  If you do not have a user name and password, please e-mail seth.greene@icann.org with "Log In" in the subject line. 

  • No labels