AT-LARGE GATEWAY

At-Large Website

ALAC

RALOs

At-Large Regional Policy Engagement Program (ARPEP)

At-Large Governance

At-Large Reports

Policy Comments & Advice

Working Groups

ICANN Meetings

At-Large Summit (ATLAS III)

At-Large Review Implementation Plan Development

ALAC and RALO Elections, Selections, and Appointments

At-Large Priority Activities - 2021

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Comment Close
Date		Statement
Name 

Status

Assignee(s) and
RALO(s)

Call for
Comments		Call for
Comments
Close 		Vote
Announcement 		Vote OpenVote
Reminder		Vote CloseDate of SubmissionStaff Contact and EmailStatement Number
13.05.2013Proposed Final 2013 RAACommentingHolly Raiche (APRALO)23.04.201206.05.2013 00:00 UTC07.05.2013 00:00 UTC07.05.2013 00:00 UTCTBC

13.05.2013
00:00 UTC

13.05.2013Samantha Eisner
samantha.eisner@icann.org		TBC
Comment / Reply Periods (*)
Comment Open Date: 
22 April 2013
Comment Close Date: 
13 May 2013 - 23:59 UTC
Reply Open Date: 
14 May 2013
Reply Close Date: 
4 June 2013 - 23:59 UTC
Important Information Links
Public Comment Announcement
To Submit Your Comments (Forum)
View Comments Submitted
Brief Overview
Originating Organization: 
ICANN
Categories/Tags: 
  • Contracted Party Agreements
Purpose (Brief): 

ICANN is seeking public comments on the Proposed Final 2013 Registrar Accreditation Agreement (RAA). This is the culmination of 18 months of intensive negotiations.

Current Status: 

ICANN and the Registrar Negotiating Team commenced negotiation on amendments to the RAA in October 2011. Since the 7 March 2013 version was posted, ICANN and the Registrars (through the Registrar Negotiating Team) continued to reach agreement on the proposed text of the 2013 RAA, which is now posted for community comment.

Next Steps: 

After review of the comment received, the Proposed Final 2013 RAA will be reviewed to determine if further changes are warranted. Input on the areas that have changed since the 7 March 2013 posting will be of particular help.

Staff Contact: 
Samantha Eisner, Senior Counsel
Email Staff Contact
Detailed Information
Section I: Description, Explanation, and Purpose: 

After an extended period of negotiations, ICANN is posting a proposed 2013 Registrar Accreditation Agreement (RAA) for public comment.

On 7 March 2013, ICANN posted its version of the 2013 RAA for public comment, noting some areas of disagreement between ICANN and the Registrar Negotiating Team (NT). In addition, some of the specifications posted for comment were ICANN versions only. Since the 7 March posting, the Registrar NT has engaged in frequent negotiation sessions with ICANN in order to bring to closure to all of the open negotiation topics and to consider the community comments received from the 7 March posting. As a result, at ICANN's public meeting in Beijing, ICANNand the Registrar NT announced that they had reached agreement in principle on each of the outstanding items highlighted in the March posting version. The documents posted today reflect ICANN and the Registrar NT's agreements and are the Proposed Final 2013 RAA. This proposed 2013 RAA is a cornerstone of ICANN's efforts to work to improve the image of the domain industry and to protect registrants through a further updated contractual framework. It is ICANN's intention to have the 2013 RAA completed and approved in the near future for use in the NewgTLD Program.

To allow for transparency into the proposed final version of the 2013 RAA and community input on the changes from the 7 March posting,ICANN is opening a full comment forum.

ICANN thanks the Registrar Negotiating Team (NT) for its continued engagement in good faith negotiations on the RAA. The RAA posted today reflects hard-fought concessions on many of key issues raised throughout the negotiations.

A fuller discussion of the status of negotiations and areas of difference is available in ICANN's RAA Posting Memorandum [PDF, 65 KB].

Update on 8 May 2013: On 6 May 2013 ICANN hosted a webinar to provide further information on the 2013 RAA. The recording of the webinar can be accessed here and the presentation from the webinar can be accessed here.

Section II: Background: 

The current round of negotiations over the RAA began in October 2011. ICANN and the Registrar Negotiation Team have presented updates to the community at each of ICANN’s public meetings since that time. Information on the history of the negotiations, including previously released documentation, is available at the community wiki at https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Registrars+to+Amend+the+Registrar+Accreditation+Agreement. This includes the group of documents posted in June 2012, which demonstrated the progress to date in the negotiations.

Section III: Document and Resource Links: 

There are multiple documents for review as part of this posting. The new RAA is anticipated to be a base document with a series of specifications attached. Each specification is an integral, enforceable component of the RAA. This posting includes all documents that are currently anticipated to be part of the 2013 RAA. As noted above, a fuller discussion of the status of negotiations and areas of difference is available in ICANN's RAA Posting Memorandum [PDF, 65 KB]. A summary [PDF, 59 KB] of how the 12 law enforcement recommendations are incorporated into the RAA is also provided.

The base RAA documents:

The Proposed Specifications and Addendums:

Consensus and Temporary Policy Specification [PDF, 90 KB]Redline Showing Changes from June 2012 Posting [PDF, 145 KB]
Redline Showing Changes from March 2013 Posting [PDF, 161 KB]
Data Retention Specification [PDF, 77 KB]Redline Showing Changes from June 2012 Posting [PDF, 113 KB]
Redline Showing Changes from March 2013 Posting [PDF, 120 KB]
Whois Accuracy Program Specification [PDF, 86 KB]Redline Showing Changes from June 2012 Posting [PDF, 121 KB]
Redline Showing Changes from March 2013 Posting [PDF, 115 KB]
Whois SLA [PDF, 93 KB]Redline Showing Changes from March 2013 Posting [PDF, 169 KB]

Specification on Proxy/Privacy Services [PDF, 43 KB]

Corrected version posted on 24 April 2013

Redline Showing Changes from March 2013 Posting [PDF, 127 KB]

Corrected version posted on 24 April 2013

Registrant Rights and Responsibilities Specification [PDF, 50 KB]No changes since March 2013 posting
Additional Registrar Operation Specification [PDF, 73 KB]No changes since March 2013 posting
Registrar Information Specification [PDF, 64 KB]Redline Showing Changes from March 2013 Posting [PDF, 128 KB]
Compliance Certificate [PDF, 55 KB]Redline Showing Changes from March 2013 Posting [PDF, 92 KB]
Transition Addendum [PDF, 61 KB]Redline Showing Changes from March 2013 Posting [PDF, 105 KB]

 

Section IV: Additional Information: 

A Report of the Public Comments submitted in response to the 7 March 2013 posting of the RAA is available here [PDF, 178 KB].

(*) Comments submitted after the posted Close Date/Time are not guaranteed to be considered in any final summary, analysis, reporting, or decision-making that takes place once this period lapses.

FINAL VERSION TO BE SUBMITTED IF RATIFIED

The final version to be submitted, if the draft is ratified, will be placed here by upon completion of the vote. 

FINAL DRAFT VERSION TO BE VOTED UPON BY THE ALAC

The final draft version to be voted upon by the ALAC will be placed here before the vote is to begin.

FIRST DRAFT SUBMITTED

The completeness, accuracy and accessibility of Whois data is critical for Internet users: for consumers dealing with online providers of products and services, for trademark holders, for corporate and communications regulators and for law enforcement agencies. The ALAC position is that all ‘Whois’ information for the actual holder of the domain name - the beneficial user (a term in the proposed privacy and proxy specification) should be complete and verified. If verification is not possible, the registration should be suspended.

One of the major concerns of the ALAC has been the looseness of RAA requirements for Whois data.  It was not clear that Whois data requirements covered the beneficial user of the Registered Name if they used resellers or privacy/proxy services. It was also not clear whether or how their Whois data would be verified. The wording of Whois requirements also made ICANN enforcement of the Whois requirements difficult if not impossible.

The ALAC therefore supports changes to the RAA and its accompanying documents.  Together, they significantly tighten information requirements, particularly on resellers, and include a new requirement that contact information be verified. We particularly support the new requirement on the Registrars to suspend the registration of the Registered Name Holder in circumstances where the Whois contact information cannot be verified.

There are, however, still significant gaps that have not been addressed. 

Revised RAA:

Both the data that a registrar must provide to a registry (3.2.1) and the Whois information that a registrar must collect and make publicly available (3.3.1.8) can be changed merely by agreement between the registrar and registry, and with ICANN approval.  With the movement towards universally ‘thick’ Whois registries, the data a registrar provides to a registry should include all of the Whois data, not simply what is now required.  And given the importance of Whois data, the Whois information collected and published by registrars should not be changed without public discussion and input.

Proposed Whois Accuracy Program Specification

The Specification uses the term ‘account holder’ or ‘account holder who pays’.  We assume what is meant is the beneficial user of the domain name, regardless of payment method.  Therefore, the term ‘account holder’ should be defined in the RAA as the individual or organisation that is the beneficial user of the domain name. 

The Specification has lesser requirements on verification of Whois data for the beneficial users than for Registered Name Holders.  Specifically, while registrars are required to suspend registration when Whois information for a Registered Name Holder cannot be verified, there is no suspension requirement for beneficial user information. Because of the importance of complete and accurate Whois information for the actual user of the domain name, any registration where the beneficial user Whois information cannot be verified should be suspended.

The verification of Whois data for the beneficial user may be done by one of three organizations. Clearly the actual registrar is responsible under the RAA for compliance with Specification requirements for verification and suspension. (RAA 3.7.8 now requires registrar compliance with the Specification). Registrars are also responsible for their reseller compliance with all RAA requirements. (RAA 3.12)

The difficulty is with the privacy/proxy servers. Under the RAA, any Registered Name Holder that licenses the use of a domain name to a third party is nevertheless deemed to be the Registered Name Holder (RAA 3.7.7.3), rather than the actual beneficial user of the name. Therefore, it is critical that there are similar requirements for Whois data collection, verification and, when necessary, suspension for Whois information of users of privacy and proxy services.

Specification on Privacy and Proxy Registrations

Under the RAA, any Registered Name Holder that licenses the use of a domain name to a third party is, nevertheless, the registered name holder of that name.  However, because they are distributing the use of a domain name, they should be caught by the same requirements for the collection and accuracy of Whois data as for all beneficial users of the domain name.  Therefore, the Specification should contain specific requirements on all privacy and proxy servers to collect and verify Whois information for any beneficial user of a domain name they licence.  And they should be required to suspend the registration of that name if contact details cannot be verified.

There are, nevetheless, legitimate reasons why beneficial users of a domain name may not want their contact details publicly available.  Therefore, while requirements for Whois data for privacy and proxy services should be for complete, verified Whois data, the circumstances in which that data will be made available will be limited.

Indeed, the Specification lacks significan detail on what such services should offer.  It does not include any requirement for accurate contact details of the beneficial user, discussed above.  Significantly, it also gives no guidance as to what privacy protection a privacy server should offer.  Nor does it provide any guidance on circumstances where it may be legitimate to access those details.

In the interests of both Whois data accuracy and genuine privacy protection, the Specification should be developed as soon as possible.

  • No labels