STATUS OF THIS DOCUMENT: Final text, being voted on by the ALAC
COMMENTS DUE BY: 7th September 2008 Midnight UTC
Thank you for the opportunity to comment on the recent proposed amendments to the Registrar Accreditation Agreement.
This statement comprises four parts: “Background,” “Current Amendments and Issues,” “Remaining proposals from ‘Section F,’ ” and “Conclusion.”
Part I – Background
Late last fall, a working group of the following participants was created:
This collection of individuals set forth policy recommendations for the RAA, which were then endorsed by the At-Large Advisory Committee and sent to the Board of Directors of ICANN as an Advisory on 8th August 2008. That statement may be found at: http://www.atlarge.icann.org/en/correspondence/community-views-raa-negotiation.htm.
However, of 27 separate recommendations tendered, the ICANN Staff selected one – specifically, the inclusion of a standardized description of registrant rights within the RAA.
Those in that working group and other members of the user community believe the proposed amendments to the RAA do not reflect the most important aspects of that group’s work. Further, throughout the agreement review process, public comments have been tendered in good faith that were later put aside by the ICANN Staff. Many of them, we believe, were specific implementable recommendations from the general public. These also have been put aside. The resulting set of amendments, therefore, is weak overall.
Part II – Current Amendments and Issues
In reference to item 2 b, “Requiring registrars to include on their websites a link to a ‘Registrant Rights and Responsibilities’ document to be created in consultation with the ICANN community,” we would like to make clear the ALAC has begun work on this document and hopes to circulate it to the community in September 2008.
We have the following concerns and comments about the other amendments:
Generally speaking, Inin the “Enforcement Tools” section, we believe the language does not go far enough to create deterrence, nor is it specific enough about the terms of graduated sanctions against non-compliant registrars.
Specifically, in 1 a: We recommend deleting “at least.” 15 days is more than enough advance notice of an audit.
In 1 b: What are the proposed graduated monetary sanctions, in US dollars, and to what violations do they correspond?
In reference to 1c: “Group Liability – Preventing ‘serial misconduct’ by registrars when another affiliated (by common control) registrar's RAA is terminated,” we ask – not just for this specific item and event but for the spirit of the RAA as a whole – why should ICANN and the user community tolerate “serial misconduct” at all? A single willful fundamental and material contract breach should be sufficient to warrant a loss of accreditation. ICANN, rather than the registrars, should be responsible for enforcement and disclosure.
Further, without endorsing any particular dispute resolution policy, transparency about their effects is useful. Concrete information-forcing mechanisms, e.g., requiring prominent notification of deviations from a standard set of contract terms, is preferable, since market competition only works when consumers know they are making a choice and understand the
terms of the choice. Within the context of compliance enforcement in general, ICANN should require public display and disclosure of all registrar officers and directors, particularly in the event a registrar’s accreditation is terminated.
In 2c: We recommend removing the clause, “or alternatively, give prominent notification that such data will not be escrowed,” because we cannot foresee a circumstance in which not escrowing would be desirable.
In 3c: Concern grows in the user community about compliance among ICANN-accredited registrars. It is one thing to display a seal or logo, and quite another to be fully in compliance with its requirements. Significant numbers of users have come forward to question whether, in fact, those registrars who claim compliance, fully are. It is an intrinsic flaw in “seal” programs that they require policing to be effective. We would like to see evidence that there is, in fact, ongoing review of compliance among ICANN registrars that display such seals, which are an enticement to the general public. Those found not to be fully should lose the right to display the seal while compliance investigation is ongoing.
Other general issues: Since the consultation period, several members of the user community (and the business constituency in the ICANN community) have raised concern about domain name warehousing. At the moment there appears to be no contractual or compliance language that prevents registrars from “warehousing” expired domain names. We believe this creates an unfair situation for members of the public who might wish to own a particular domain name. A number of ICANN-accredited registrars have admitted to engaging in this practice and the user community has made clear its objections.
In addition, the user community and the ICANN community has spent time and resources recently discussing contractual violations such as front-running. Where are the provisions in the RAA to deal with this problem?
When registrars pay for multiple-year registrations and the registrar enters only a single year into the WHOIS record, what RAA provisions will ensure the registrant is protected should the registrar go under?
When a registrar reacts to a customer charge-back by changing the WHOIS record for the registrant's other registrations, what provisions in the RAA will make the registrant whole?
Part III – Remaining proposals from “Section F”
As noted in the “Background” section at the beginning of this statement, in response to the ALAC’s submission during the initial consultation period, ICANN staff, in its summary of comments, grouped many of ALAC’s proposed additions to the agreement in Section F. Several members of the user community note that the Staff Analysis of Section F of the Synthesis of Public Comments (Analysis for ALAC of Section F) reads as if it were written in direct consultation with the registrar community. However, we do recognize and appreciate Tim Cole’s clarification of some of these issues in briefings to the ALAC in Los Angeles and by phone in August 2008.
In addition, certain events have made some proposals in Section F moot. However, we believe the following suggested amendments remain valid candidates for consideration (some with slight wording modifications):
• While customers should be able to select a registrar based on its willingness to be responsive to its customer’s desires, ICANN should seek to limit disclaimers by registrars that are not in compliance with all terms of the agreement. This is obviously critical for ICANN-accredited registrars.
• ICANN should require standardized Acceptable Use Policy in registration agreements to address criminal fraud, when this directly affects the operational stability, reliability, security and global interoperability of the Internet.
• Enforce and make public the results of dispute mechanisms in place that obligate registrars to facilitate enforcement of abusive registration policies, such as the UDRP.
• Registrars should be required to offer DNSSEC.
Part IV – Conclusion
Thus far we have received the proposed revisions to the RAA but we have yet to hear the results of the comprehensive review of the registrar accreditation process. In a late August posting, the spam mitigation firm Knujon pointed to the nefarious activities of a single registrar associated with illicit pharmaceuticals that has sponsored 48 phantom accreditations. Extending accreditations to shell companies formed for the express purpose of gaming the system must stop. These phantom registrars are currently being used to game the aftermarket, but as we move into the new gTLD cycle, they will next be used to actively game the new gTLD landrush periods.
As a community, we are aware of accredited registrars in North America with officers that have been convicted of mail fraud, that continue to be associated with the deceptive marketing practices employed by the Domain Registry of America. We do not consider this an acceptable situation. Accreditation processes must be reviewed, and that review must be released for public scrutiny.
We are aware of registrars that now stand as defendants in courts of law accused of cybersquatting, yet ICANN lacks the will to suspend their accreditations. Where is the commitment to protection of the public interest? Where is the respect for the community view? And when the next RegisterFly incident occurs, what provision in the RAA will give remedy to the registrant?