Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

ISSUE:    A.1

Malicious conduct – registrar duty to investigate



RAA Final Report (High Priority Item)


Registrars to take reasonable steps to investigate and respond to any reports (including reports from law enforcement and governmental and quasi-governmental agencies) of illegal, criminal or malicious conduct in connection with the use of domain names.

LEA Code of Conduct


Additional information regarding requests:

Registrars should provide complainants with a well-defined, auditable way to track abuse complaints (e.g. a ticketing or similar tracking system)

1) Incorporate a provision in the RAA establishing a duty of registrars to investigate and report to ICANN on actions the registrar has taken in response to reports received from a credible third-party demonstrating illegal malicious conduct involving domain names
2) Adopt a Registrar Code of Conduct (RAA 3.7.1) that incorporates provisions to achieve similar results


Original request from LEA to the RAA-DT

RAA-DT Final Report

Discussion Points


Date Discussed


New GTLD Registry Agreement language (See Section 2.8) generally acceptable; continued discussion needed re: authentication, definitions (“quasi-governmental,” “credible third-party”), tracking.

Continued discussion on definition of “quasi-governmental.”

Continued discussion of scope of LE request for tracking, auditing and responding to complaints from LE and from the public;  discussion regarding standardization; discussion of publication of registrar’s process regarding complaints submitted.

Discussion of Registrar proposals related to definitions of illegal activity, applicable law, and identifying the types of law enforcement agencies that would be eligible to submit complaints of malicious conduct.

Review issues re: applicable law and court of competent jurisdiction; definition of affiliates

Discussion of language proposed by Registrars

Review of proposals re: abuse point of contact and discussion of appropriate level of “response” for interveners

Registrars to provide online abuse contact and offer 24x7 monitoring for LEA. No significant concerns by registrars about publishing registrar’s abuse contact in Whois, but in thick registries, the registry agreement should also require registries to publish registrar’s abuse contact in order to be useful

18 Nov 2011

2 Dec 2011

8 Dec 2011

20 Dec 2011

17 Jan 2012

17 Jan 2012

23 Jan 2012

27 Jan 2012

Proposed Text



Under Discussion




Comments may be submitted using the “Add Comment” feature below.

To Leave a Comment on This Page:  Any user logged into Confluence will see an "Add Comment" button at the bottom of this page, which can be used to leave a comment.  To log in, click the "Log In" button on the gray control bar toward the top of the page, and enter your user name and password.  If you do not have a user name and password, please e-mail with "Log In" in the subject line.