Registrar Accreditation Agreement (RAA) DT
Sub Team B
TRANSCRIPTION
Thursday 19 August 2010 at 19:00 UTC

Note: The following is the output of transcribing from an audio recording of Registrar Accreditation
Agreement (RAA) drafting team Sub Team B meeting on Thursday 19 August 2010 at 19:00 UTC. Although the transcription is largely accurate, in some cases it is incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the meeting, but should not be treated as an authoritative record.

Present for the teleconference:
Steve Metalitz - IPC – Chair
Philip Corwin – CBUC
Tatyana Khramtsova – Registrar Stakeholder Group
Statton Hammock - Registrar Stakeholder Group
Michele Neylon – Registrar Stakeholder Group
Shiva Muthusamy – At-Large
Marc Trachtenberg – IPC
Cheryl Langdon-Orr - ALAC chair
Holly Raiche – At-Large

ICANN Staff
Margie Milam
Heidi Ullrich
Glen de Saint Géry
Liz Gasster
Gisella Gruber-White

Absent apologies:
Avri Doria - NCSG
Mason Cole - Registrar Stakeholder Group
Marika Konings

Coordinator: Excuse me, I'd like to remind all participants this conference is being recorded. If you have any objections you may disconnect at this time. You may begin.

Gisella Gruber-White: Thank you (Kelly). Good morning, good afternoon, good evening to everyone on today's RAA Sub-Team B call on Thursday, the 19th of August.

We have Steve Metalitz, Michele Neylon, Siva Muthuswamy, Holly Raiche, Tatyana Khramtsova, Cheryl Langdon-Orr, Statton Hammock.

From staff we have Glen Desaintgery, Liz Gasster, Margie Milam, Heidi Ulrich, myself Gisella Gruber-White and we have apologies from Mason Cole.

If I could please remind everyone to state their names when speaking for transcript purposes, thank you, over to you Margie and Steve.

Steve Metalitz: Thank you very much Gisella. This is Steve Metalitz. Well I think I want to welcome everybody back to sub team B. We haven't really been together for the last two months or so, six weeks.

So some of us have been enjoying summer and some of us have been enjoying winter during that time.

But we now have the job of looking at the comments that were received on the initial report and preparing our final report. And we have at hand an excellent summary that Margie has put together.

Of course half of it more or less deals with sub team A. And I'm putting that aside. And if you look at starting on Page 7, there's a number of comments about part of - about the work product of sub team B.

So what our, I think what our goal today would be is to figure out how we're going to respond to these. And get a better sense of what our timetable is for responding to them.

And it might be helpful at this point Margie if you could just first of all kind of set the expectations of are we expected to respond to every single comment? Or are we expected to actually go in and mark up the report? Or just what is the expectation here?

And then in terms of timetable, whatever we do, if it's going to go back to the council, there are some time limits. And maybe you could let us know what those would be for the next few meetings of the council.

Margie Milam: Sure, this is Margie. Essentially what we typically do with these (grids) is we go through the comments and see whether or not the initial report should be revised to accommodate them.

And so we don't necessarily have to respond to every comment because some of them aren't necessarily specific to the report. But we should look at them and decide whether it merits changing the report.

And so that's an exercise we should do. We're probably going to focus here on this call just on the amendment topics. We also need to schedule a separate call for the sub team A to go over the registrant rights charter work.

And then with regard to the council meetings, they have council meetings, obviously there's one next week. But it's too soon to submit a report by next week.

The GNSO council procedures typically call for reports and motions to be filed eight business days before their meeting. And so if we look at the meetings in September, they have a September 8 meeting, which would mean essentially that the report would have to be finalized next week.

And I don't see that that's possible at this point. And then the next one after that isn't until the end of September. I'm just trying to find it right now. I believe it's September 28, give me a moment. Let's see, Oct - September, I don't know. Gisella do you have the calendar in front of you?

Gisella Gruber-White: September 8, it's September 8 is the next one. It's on a Wednesday.

Margie Milam: Right and then after that?

Gisella Gruber-White: I'll come back to you.

Margie Milam: Yes that’s the one I'm trying to find. I know September 8 is the next one. I thought it was September 28, but for some reason I’m having difficulties finding it.

Steve Metalitz: Okay so if we were to meet that one...

Glen Desaintgery: The next one is September - is October 7.

Steve Metalitz: October 7.

Margie Milam: Oh okay, so we don't have another one in September?

Glen Desaintgery: No, the September 8 because the one on the 16th was moved to September 8. And then there's one October 7, October 28 and there is a present doodle for the meeting in November.

Steve Metalitz: Okay thank you very much Glen. Okay so that gives us a sense of what our target. We can't make, I agree we can't make next week or September 8. Just not enough advance time.

So we're really looking at getting something, I think it's realistic for us to try to get this done by the middle of September or so. And hopefully in time for the October 7 date.

Any comments or other questions about the time?

Cheryl-Langdon-Orr: Yes Steve I do have a question, I'm sorry, I should have raised my hand.

Steve Metalitz: Oh I'm sorry, yes, go ahead.

Cheryl-Langdon-Orr: What form and what ways and stuff will our response have? Is our response just this is what we think of the comment. But it does go back to ICANN and ultimately the end result I suppose is negotiations on RAA amendments.

But what are the steps that are between public comment and those negotiations, however they're structured?

Steve Metalitz: That's a very good question. I'm glad you raised that. I mean my assumption and others may well have better insights than I do. This report is going to the council, to the GNSO council.

Cheryl-Langdon-Orr: Okay yes.

Steve Metalitz: Once we finalize it, then it, you know, and then it goes to the council. And the council acts on it. Or someone, you know, a councilor has to make a motion about what to do with it.

So it's really up to the council to decide the next step. Presumably if they are supportive, they would try to move this forward toward negotiations or recommend that that happen or something like that.

But I think it's up to the council to decide on the next step. I would defer to the - to anyone else that may have better insight into the procedures and if staff has any insight on this.

But I think it's up to the council. But the council really can't really do anything until we finalize the report.

Cheryl-Langdon-Orr: And a follow up question, if it's going to the council, it would assist council if against each recommendation perhaps there's a summary of what we think of, the comments that have made or a summary of the comments, plus our recommendations to assist any council decision.

Steve Metalitz: Yes, I mean as Margie said we don't necessarily have to respond to every comment.

Cheryl-Langdon-Orr: No, no. Yes, okay.

Steve Metalitz: But if we want to change our - our report has recommendations in it. It already recommends what are the high priority items. It has a recommendation with some descents about what the next steps ought to be.

And so we need to look at these comments and say well do we need to change any of our recommendations or make any other changes to the report before we finalize it.

Obviously this summary, you know, all the comments are public. The summary is public. So all that will be available to the council. But if we as the sub team think that as a result of some of the comments there should be changes to our recommendations or anything else that's in the initial report, that's the stage we're at now.

But we already have recommendations in there about next steps and about what the priority items ought to be.

Cheryl-Langdon-Orr: Thank you.

Steve Metalitz: Margie I think you have your hand up.

Margie Milam: Yes Steve, I just wanted to confirm that yes, I agree with your discussion on what the next steps would be. This report would go to the GNSO council. And then the GNSO council would weigh in on whether it chooses to adopt the next steps that are in the report or not.

Steve Metalitz: Any other comments or other questions at this stage? Well then I suggest that this point we turn to Margie's summary. Again, starting on Page 7 because the rest of it pretty much deals with the sub team A work.

And we could do it, first of all, if people who have read the comments have reactions or questions they want to raise or things that jump out that them, this would definitely be the time to bring that up.

I mean for example, if you've read all these comments and you think these are interesting but you don't think there's any need to change our report, you could certainly bring that forward now.

Or else we can, if we have - if people have those general reactions, let's get them on the table now. Otherwise we could just start going through the comments.

And Margie's organized them into about a dozen or so, a little bit more than that, headings. And so we could just start walking through them.

Any general reactions to the comments? I'll just say, you know, I thought that these comments reflect generally, you know, that people thought we did a pretty good job.

That doesn't mean there aren't some disagreements. But there were only a few comments that said this is really useless and you got this totally wrong. So I guess that's, I suppose that's good.

Okay well why don't we just get started then on this, starting on Page 7, Roman Numeral VI A is general observations. And I'm not, you know, there are statements here about moving faster and a statement about differentiating policy development from policy implementation.

That commenter is in our call. So, at least in the Adobe room. So did anybody feel that there's anything in that sub topic, in that area of general observations that would - based on which we should change our report?

Okay Holly, anybody else want to comment? Holly go ahead.

Holly Raiche: I suppose it's the third comment that says differentiation between policy development and policy implementation. And we're back in the middle arguments again.

This is something that may be as part of the explanation. And we're going back to the conversation about the appropriate role of the holes at large in the development of, you know, looking at the RAA and so forth.

Some of what we had decide which was the, you know, the role of, I suppose going back to ICANN's role as representing a global policy and the role of the at large structures and so forth to be part of that.

To say something about well it is proper that this sub team B does engage in the sort of discussions. And while I, you know, I take the policy development from policy implementation, I think we do have to say we do have a role in developing new policy.

We are making recommendations that do suggest changes. And we, it's an appropriate role that we're playing to do so, or something along those lines. But just I think that third paragraph needs to be responded to.

Steve Metalitz: Okay any other comments on this? Phil did you want to - I don't know if you're on the phone. But if you - did you want, since you were the author of this comment, did you have anything you wanted to say at this point?

Phil Corwin: Thanks Steve. You know, I mean I don't want to take a lot of time getting into semantics. This was hardly the most important thing we said in our comment letter.

We just wanted to make clear that eventually it was the GNSO's responsibility to establish new policy. So - which in now way was taken away from the work of this group, which was generally very good.

And we were very happy to participate in it, make a contribution.

Steve Metalitz: Thank you. Any other comments on this point? I'll put myself in the queue. I think one of our jobs that was given us by the council was to try to flag issues that were more appropriate for the policy development process.

And everybody had a chance to do that. We did flag a few issues that were therefore knocked out of our priority list.

But in general I think we ended, I'm certainly comfortable with where we ended up on this. Obviously it is up to the council in terms of the next steps.

And if the council decides oh no, these - some of these issues aren't appropriate for the contract negotiation. Well then we'll, you know, that's their decision.

And they have to make that on the basis of how they see the situation. But my recommendation is that we obviously acknowledge this comment. But (unintelligible) that it calls for any change in our recommendations.

Phil Corwin: And Steve, just to add in that I wasn't, the comment in our letter was not meant to in any way, we read it as indicating we wanted any recommendations changed. We just were talking about process.

Steve Metalitz: Okay thank you. I see Margie and Statton. So Margie.

Margie Milam: Sure, yes, on this point I just wanted to remind everyone that the next steps part of the report, it actually includes going through that process and filtering out what's more appropriate for consensus policy or not.

And that's included I think in step 1 of both process A and process B. So that's certainly something that already contemplated by the report.

Steve Metalitz: Thank you. That's a good point. Statton, did you have a comment?

Statton Hammock: Yes Steve, I just wanted to say I agree with your comment that I don't think it requires a change in our report at all. I thought Phil's comment was good and one I agree with. But I don’t think it requires anything more on our part.

Steve Metalitz: Thank you. Any other points to be made under this general observations topic? Cheryl, I see you want to be recognized, go ahead. Cheryl are you with us?

Man: The operator has put her on mute.

Coordinator: Your line is open Cheryl.

Cheryl Langdon-Orr: Thank you. I don't plan to come on and off mute every time I want to say something. I just want to make sure while I'm typing frantically (at you) that it's not being read while you're having the conversation.

You must at least look at it later. You can put me back on mute now operator.

Steve Metalitz: Thank you Cheryl. And that, yes, Cheryl had, as you could see there, she's supporting what Margie and others were saying.

Okay, if there's no other comments on topic A, I think we can move on to topic B, third party enforcement. And basically you recall that there were some suggestions that the contract should be change - RAA should be changed so that third parties to the contract can enforce the provisions.

There would be third party beneficiary clauses or in some other way. And we do have two or three commenters that supported that. I should say we did not make that a high priority item in our recommendations.

Two or three commenters did support that. So again I think the question is do we think that we should change our report based on this? Or if not, why not?

So I'll open the floor to people who want to comment on whether we should change our recommendation regarding third party beneficiary status or the ability of non-parties to the contract to enforce it, registrants, or individual registrants or members of the public or others, any comments on that?

Okay Michele has his hand up. Why don't you go ahead and then others will be gathering their thoughts I'm sure.

Michele Neylon: The problem with the third party beneficiary enforcement thing is that within the ccTLD world, all the of the registries make sure that there are no - there is no third party enforcement.

So while some people could understand and possibly sympathize with (spears) of what some people might be asking for here, ultimately I can't see how that's going to help them in the long run.

Steve Metalitz: Okay, because the ccTLDs don't do it? I'm not sure what the connection was between that and obviously there's a lot of things where ccTLDs and GTLDs see things differently.

Michele Neylon: Yes but see the point I was trying to make all these (obstrinctly) was that a lot of the concerns that people are raising are in relation to the Internets in general.

Now in this instance they're focusing their displeasure as it were with aspects of the RAA. However, I think that, you know, it's opening up a massive can of worms. That's about it really.

Steve Metalitz: Okay thank you. Phil has his hand up and anybody else want to be in the queue?

Woman: No.

Phil Corwin: Thanks Steve. I just want to make a quick point. I don't think there's any need to change the report. But I would, just reading these comments, I would differentiate between registrants who have a contractual relationship with a registrar.

And therefore might have an argument in court or a right to urge ICANN to enforce the RAA if they think their registrar has not abided by it and they've been harmed in some way and the other six billion on the planet who make up the general public.

So I just want to note that while I think there might be an argument for registrants to bring some action if they think they suffered harm because the RAA hasn't been abided by.

I get real queasy about a general right for the public at large when they have no contractual relationship with anyone.

Steve Metalitz: Point and Cheryl is supporting you and also making a point that this is probably something where we ought to at least respond to these comments. Whether or not we change our recommendations.

Margie, you had a point.

Margie Milam: Yes and this is a personal comment. It's not a staff comment because I haven’t had a chance to check with the legal department on this issue.

But just, if from my experience I would maybe show some concern about that predictability of the results if anyone could enforce those contracts. I think, you know, probably something that might result, would end up with (poor) decisions with different interpretations of the RAA.

And, you know, and that might lead to unpredictable results. But again, I would ask (probably reserves), you know, talk to the legal department and see how ICANN officially would view that request.

Steve Metalitz: Okay thank you Margie. Other comments on this point? I'll recognize myself. I wonder if, I agree with Cheryl. We probably ought to say something about this.

I, again, I'm not persuaded we should change our recommendations. But I wonder if we could, at least to somebody makes two points. First, that we would see some significant practical difficulties with actually giving registrants, much less the general public, standing to enforce the agreement.

But that, that's the first point, but the second that I think the council and ICANN really need to take this, these comments seriously. And in some ways they reflect concern about how the parties to the contract are enforcing it.

(Unintelligible) I can't have some, if you will, responsibility to - ICANN's role is to help protect the interests of registrants in many ways. And if it's not done through third party standing then, you know, a lot of it goes onto ICANN shoulders to make sure that there's good enforcement of the agreement.

So that would be my suggestion for how we, I mean obviously it would have to be put into a coherent sentence or two. But I wonder what people think about that way of responding to these comments.

Any support from Cheryl, Holly has a reaction. Holly go ahead.

Holly Raiche: Well two things aside from the fact that I'm going to have to leave you in about one minute. I think this goes hand in hand with the - with D, which is compliance.

I think, you know, having a bit of a law background, third party enforcement is always a very difficult issue, let alone the public at large which is an impossible issue.

But what's underlying that seems to be some sort of action by ICANN or at least compliance where in fact compliance hasn't been enforced. And so maybe part of the answer for that is in D.

And then I want to make one more comment before I hang up, have to go, about resellers. And again this is pretty much a legal point. I do take Alan Greenberg's point on resellers, which is an appearance that by putting particular obligations in and not having a blanket covering of registrars.

Basically having - resellers having the same responsibility as registrars. I think that also, that probably needs a bit of legal advice. And it may mean we actually have to change some wording.

But I think that we might go back to ICANN and say is Alan's point valid. So that's what I have to say about that. But again, supporting you Steve and Cheryl.

I think compliance as well as that issue about the enforceability of third party rights, maybe the way through that one is just compliance and supporting.

So look, I've all got to love you and leave you. And I'm very sorry. But I will watch what happens with the rest of the meeting. So thank you all.

Steve Metalitz: Okay thank you Holly.

Holly Raiche: All right, bye.

Steve Metalitz: I think that there's general agreement and from what I'm hearing and seeing on what we should be saying about in response to the B comments. And I think we could certainly cross-reference the compliance point which we will get to.

Let me ask, see Margie has her hand up. And let me just ask you, go ahead if it's about B.

Margie Milam: Yes Steve if you could just repeat the two points you want included in on the report so I can make sure to revise it.

Steve Metalitz: No this wouldn't be in the re - I don't think this would be a change in the report. I think it would be in a response to the - I don't think that anyone is calling for changes to the recommendations in the report in response to B.

But just to com - to observe that there would be significant practical difficulties even with allowing registrants to enforce the agreement, much less the general public.

And secondly that this underscores ICANN's responsibilities for compliance activities. Many of which are to - are really directed at enforcing the agreement in the interests of registrants.

That's kind of...

Margie Milam: And I guess my question, sure, and then my question to you Steve is where would this document appear? I mean is it, what I envisioned was that the final report would include as an attachment the comments.

I suppose at the end of the summary comments we could, you know, include a statement that says response to comments. And that could be there. Or it could be in the narrative of the final report that talks about the work of the group.

Steve Metalitz: Well I'm not sure to be honest. I'm not, if it fits somewhere in the body of the report that would be fine. My concern is that I think there was a general feeling that we should say something in response to these comments.

So whether it's in a separate document or in the body of the report, let's, I think let's kind of see what we end up with. How many of these there are on which we think we need to say something.

Are people comfortable with that for now? We're obviously not going to - let's see if we can keep marching through Margie's summary here. And we'll see how many of them there are.

Okay if there's no objection let's move on to C which is the reseller point. And Holly left us with the view that I think that this was - we may need some legal analysis or some - we may need to stress in our report that we do think the resellers should take on all of the registrar requirements, delegate it to them.

Let me open the floor to any other comments on this reseller point. And I haven't gone back to look at, you know, the specific provisions that Alan refers to here so.

Is this an area that people feel we should say something about? Or are we comfortable leaving the report as is on this point? Okay, I don't hear any support for at this point for actually changing our reports.

So for now let's assume that we will not. Again this is not, you know, we may agree with Alan's comment here. But again that doesn't necessarily mean we have to change the report to reflect that.

Let's move on to D. There were a couple of comments on compliance. One, stressing that every provision be written to permit meaningful verification of compliance.

And then Alan Greenberg, again on the reseller issue about some of the things that ICANN could do to - under compliance. I think as I read this just as it's being excerpted here, it almost seems like this is a comment on compliance activities under the existing RAA.

But let me ask if people have reactions to these points in D? Michele has his hand up. Anybody else want to get in the queue? Okay Michele go ahead.

Michele Neylon: Yes just a bit confused by the MAAWG's comment. Maybe somebody who understands what they're talking about would explain it to me. I'm just having difficulty understanding this.

It is essential that every provision be written to permit meaningful verification of compliance. What do they mean by that? So it's not very clear to me.

Steve Metalitz: Well I'll give my reaction and others can feel free to give theirs. I think this is actually very consistent with what we said throughout this entire process that it doesn't - if we have a provision in the RAA, let's only have it in there if we think we can enforce.

Or that ICANN can carry out meaningful compliance activities if, you know, it 's so general or vague that they can't really enforce it then it's not helpful to have it.

So that's why we got the input of the compliance staff throughout the process. We, there were some points on which they said we really think this, you know, can't, we don’t know how we would enforce this.

And that was a factor in our deliberations. And so I think that what he is saying there is really quite consistent with what we tried to do. And whether we succeeded or not is another question. Does that help at all with you?

Michele Neylon: Yes I think so. I mean if you're talking about basically not asking people to do things that they can't possibly do and making sure that they actually do what they say they're going to do, then that's fine by me.

Steve Metalitz: Okay I think that's exactly how I read it. Do we want to say we agree with that point? Or do we want to just keep silent on it? Or is there any other change that you think ought to be made?

Okay hearing no comments on that, I don't think there's any grounds at all to change our recommendations or say anything specifically on this point.

And as I said I think the second one, as I read Alan's comment there, it is really sort of more of a critique of the current compliance policies rather than as to what should go into a new version of the RAA.

So unless others see that differently, I suggest that we move on to section E, registrar business dealings with registrants.

And I think, if I don't, I mean Phil was on the line. But it seems to me that his comment there really is similar to the earlier point about the policy developments, drawing the line about the policy development.

Phil Corwin: That's correct Steve. But I'm not going to jump in on every point here where we, you know, spoke to it on our comment letter unless there's some need for clarification.

But this comment's pretty simple. One, we generally support moving forward with further consideration of the high priority suggestions. We list a couple of basically practical considerations we think ought to go into that further consideration.

And then again just saying some things are - there are some things you can address by amending the RAA that don't fall in the policy area. And that, but if they're new policies, they ought to go through the GNSO process. And, you know, I think it’s pretty simple.

Steve Metalitz: Okay does anybody feel we should make any change in our report based on this?

Phil Corwin: Yes and to be clear, we weren't calling for any change in the report. We're just talking about some considerations for going forward to implement the report.

Steve Metalitz: Okay, other comments on section E? Alan's comment has to do with transfers. Well, or post expiration transfers. And I’m not sure that there's anything that calls for any change in our recommendations. Any other comments on E?

If not, let's move on if we could to F, privacy proxy services. There are three comments listed under this. One basically supportive, one I think saying - I think from the comment from the American Red Cross saying it doesn't really go far enough in terms of combating malicious online conduct.

And then the one from the MAAWG saying we should raise matrix item 511 to medium priority which is the restricting it to non-commercial purposes, restricting proxy services I should say, privacy and proxy services to non-commercial purposes.

So let's, does anybody have comments on any of those or reactions to those? All right the one specific on in there I mean is about this matrix item to be put in medium priority.

And I think that they're raising a legitimate point. Not - we decided it was not a high priority topic. But does anybody feel that we should change our recommendation as a result?

Or say anything in a if we have a separate statement in reaction to the comments? Okay hearing no proposals on that score, let's move on to G, improvements to Whois.

And here are the comments. There should be a time limit for registrars to act on invalid Whois information and designation of a legal contact in Whois and having verified Whois.

You know, I'd have to go back and look at this. But I think some of this may be, first of all, to verify Whois was certainly part of the recommendations from law enforcement as I recall.

I'm not sure it's one that we classify as high priority. And then in terms of the time limit for responding to act on invalid Whois information that might actually be in our high priority item.

But I'll go back and look. Did anybody have reactions on this - these items in section G of the summary?

Margie Milam: Steve it's Margie. Would you like me to pull up our list?

Steve Metalitz: Yes I'm just looking at, I'm looking at the hard copy here. And I'm not, certainly defining circumstances under which registrars require to cancel registration for false Whois data could include...

Margie Milam: Yes I think that's right.

Steve Metalitz: Hello? Am I on mute?

Margie Milam: No, you're...

Steve Metalitz: Sorry, I'm sorry. I dropped my headset here. So I mean it could cover a time limit. It doesn't specify that. What do people think about that? I'm referring here to our priority, our seventh priority item, define circumstance under which the registrars require to cancel registration for false Whois data.

What do people feel about changing that to also refer to a time limit for action as the RA - the MAAWG recommends. Is there any reaction to that idea? Michele has his hand up, anybody else? Michele go ahead.

Michele Neylon: I mean there's several areas within various parts of the RAA and other documents where registrars are expected to act on things. But it's not, in most cases it hasn't been very clearly defined what is considered timely or anything bordering on that.

In one of the discussions that we're currently having, I think we agreed in one instance something like five or seven working days or something specific.

As long as from a registrar perspective, as long as it's a re - that's, you know, timely also equates reasonable. And I don't have any issue with defining it. It's very important from an operational perspective that you're able. But there is a reasonable aspect to that expectation.

Steve Metalitz: Okay thank you Michele. Any other comments on this? Are people comfortable with amending our recommenda - our high priority recommendation 7 to also refer to a reasonable time limit for action by the registrar?

Man: Yes.

Steve Metalitz: All right then that's a change that we should make in the report under high priority 7, adding reference to a reasonable time limit.

Any comments on the other two comments from George Kirikos on Whois here? Any reactions to those or anything that people feel we need to change? Michele go ahead.

Michele Neylon: I (don't know) whether it was within George's comments on this particular report or elsewhere. But I saw him go into more detail about what he was referring to with respect to verified Whois.

The problem with what he's taking into the kind of full extreme of what some of the things that George is proposing would have quite a negative impact because if he had an entire theory about (hocums) and (coastal) interventions and sending things out to registrants and everything else.

And then registrants having to go to Web pages and then (turn these top guns). There's one particular European ccTLD that does this. And invariably what ends up happening is that the registrant ends up losing the domain or it takes them three months to activate us.

So I don't really see that as - that would have a very negative unintended consequence. For registrars to implement higher degrees of security in how they're dealing with their registrants would probably lead to - potentially would lead to a better policy of Whois which might be a more reasonable outcome.

Steve Metalitz: Okay thank you. Any other comments on section G? Section H, need for additional sanctions and penalties. Sanctions should also apply when reverse domain name hijacking cases occur in UDRPs.

I'm not sure that's a comment on our - again, just looking at it as it's excerpted here. I don’t think it's a comment on our report, unless I'm missing something.

Phil has...

Phil Corwin: Yes I would back up on that Steve. I think this is a topic for UDRP reform when it's undertaken that while the RAA references the UDRP and requires registrars to comply with UDRP decisions, the type of change George is advocating is totally separate from the provisions of the RAA.

Steve Metalitz: All right, any other comments on H? I see (Steve) has asked for the link to the Web page for the comments. And hopefully the staff can send him that link where all the comments are located.

I, registrar contacts and basically they're saying ICANN should publish the information of registrar contacts and when last time it was verified.

So, for example, the designation of technically competent point of contact on malicious conduct issues. That should be published and along with the date that it was last verified. So, any comments on that?

The date - I think the idea of having a date stamp certainly makes some sense to, and I think Cheryl is also making that point. So, you have a sense of when you see it whether it's current or not.

There - does anybody disagree with that? Michele go ahead, oh no, yes, go ahead Michele. You have your hand up.

Michele Neylon: How can I phrase this diplomatically? Some of the contact information that a registrar would provide to ICANN and to the registry operators would include things like, in our case for example, my mobile telephone number.

I wouldn't be very happy if that was published somewhere where everybody on the face of the plant has access to it.

I have absolutely zero issue with ICANN publishing the kind of contact information that we already publish on our Website as we are mandated to do under European law.

But taking every single contact point that we have made available to ICANN and putting it into the public eye is something that I would not be very happy about at all.

If ICANN would provide a time stamp on the last verified, I have absolutely zero issue with that.

Steve Metalitz: Okay thank you Michele. Other comments on point I? Okay, I wonder if people agree with what Michele was saying that we could look at tweaking our recommendations to refer to the date stamp for verification without changing what we say about what should be made public.

I feel, I'm a little uncertain here because I'm not sure the - what we say. I'd have to go back and look at the particular items in the matrix to see whether they say anything about publication.

I think in some cases they do. In some cases they don't. So I'm just a little uncertain about that. But is there general agreement that having a date stamp for when the data was last verified is a good id...

Michele Neylon: Are we waiting for something?

Margie Milam: Did we lose Steve?

Michele Neylon: Is Steve still on the call?

Man: I can hear everybody. I'm not Steve.

Michele Neylon: Is everybody on the call except for Steve?

Gisella Gruber-White: Yes, everyone should be on the call except for Steve.

Michele Neylon: Okay, Margie could you take over temporarily while Steve...

Margie Milam: Yes, yes. I'll go ahead until Steve gets back on. Okay so I guess we're now on item J, registrar transfers. And this is a comment by (unintelligible) about registrar transfers.

Is this something that we feel that the report should be revised to address? Michele you have a comment.

Michele Neylon: That's already covered by the existing IRTP.

Margie Milam: Yes that's why we have a lot of work underway with the IRTP. (does anyone else have – go ahead, I'm sorry.

Michele Neylon: No I was just going to say, I mean reading that, I mean I haven't seen the full comments. But no registrar should transfer otherwise used for any other purpose, blah, blah, blah.

That's already covered in the existing IRTP. That's already there. It’s not anything new. That's the existing policy. So I think it's not, it superfluous, unless of course you meant something else.

Steve Metalitz: This is Steve, I'm back. Sorry, I don’t know what happened there. But are we done with J?

Margie Milam: Yes I believe so, no change.

Steve Metalitz: All right, K, 60-day lock following registrant change. I, again I'm not sure this goes to an RAA issue rather than a transfer policy issue. Michele, did you have a comment on K?

Michele Neylon: I'm chair of the (FIRTPIRTPBWG), is as the registrant change question is part of that working group's remiss. And it's something we are currently working on.

So again I would say that we should just (punter) back. It's already being dealt with.

Steve Metalitz: Okay thank you, any disagreement with that? Not, L, grace period considerations, is this also within the IR - within the P, maybe the PENDR working group.

Again I don't know that it's an RAA issue, or an issue with our recommendations, Michele.

Michele Neylon: Okay I'm on the PENDR group as well. This is one of the areas that is being looked at as part of the post expiring the main name recovery working group.

If Mr. (Williams) wishes to provide input to that group's initial report, he had the opportunity to do so. But I don't believe that he did.

Steve Metalitz: Thank you, any objection to moving on to M? All records regarding that registrants registered domain name should be viewable and (readable) for accuracy by the registrant only.

I guess this is a new function on Whois maps. There was this Whois services report finalized. But I'm not sure I see anything in here that's directly related to our recommendations, Michele.

Michele Neylon: It's already covered by the current RAA plus you'd also have to allow for the fact that you might need to make a change to the Whois data in the case of a dispute or similar. So again rejected as superfluous.

Steve Metalitz: Any other comments on this? Okay, N, cybersquatting, two comment from Phil Corwin listed here. One dealing with the definition and incorporating the one in the UDRP. And the other is registrar response timelines should be considered in the context of UDRP reform.

So I guess that's a recommend - we have a recommendation on that. We have a high priority topic 12 I think. Let me ask Phil if he wanted to add anything to what's down here in the excerpt. Go ahead.

Phil Corwin: I don't have a really add. But I think trying to define cybersquatting will be a very long and contentious issue. It's just better to reference the, you know, ICANN has an internal process, administrative process for directing cybersquatting. It's the UDRP.

And I don't see how you could even begin to define it until you did a comprehensive review of all the different decisions, some of which are conflicting on almost identical fact situations.

So what we, you know, we strongly say that registrars shouldn't engage in cybersquatting any more than general registrants. But let's leave deciding what's cybersquatting to the UDRP.

Procedures on the second point, you know, reading it now I could argue it both ways. I could say registrar response might be addressed in the RAA or might be an issue for UDRP.

I'm not going to fall on my sword over that one. But on the first one we - we would urge this group not to try to go down the road of defining cybersquatting which it becomes a legal maze.

Steve Metalitz: Okay yes, I think what you're referring to here is we have a comment on high priority topic 1 that says must include contractual definition of cybersquatting. And I think that's what you're reacting to here.

Phil Corwin: Yes, I would think that's what I was reacting to. And I don't know how you would define it in a contract other than just referencing adverse decisions against registrants under the UDRP.

Steve Metalitz: Michele has his hand up. Anybody else want to be - want to discuss this issue? Michele go ahead.

Michele Neylon: This is something I've said pretty much the same thing on this topic since we first started discuss this however many months ago was, I mean we - I think, from what I recall there was a high priority request in somebody's input into this with respect to cybersquatting.

I think warehousing was one which is much more clearly defined. The cybersquatting, as Phil says, I mean it's opening up a massive can of worms. And so, you know, I'd be pretty much in favor of whatever Phil said.

Steve Metalitz: So I think Phil's recommendation is that you don't need a contractual definition because you have a definition in the UDRP, right? So why would we need a new definition in the RAA?

And speaking personally, I tend to agree with that. I guess does anybody else have a different view on it? Obviously somebody did at some point because that's why it came into the comment here.

And I'm not 100% sure who it was. But Margie, you had your hand up.

Margie Milam: Yes, I'm just trying to understand where we're headed. Are we saying that we don't need a definition in the contract? And because that's essentially I, you know, defined to what we've already established in the UDRP?

But we're still saying that registrars shouldn't engage, you know, that the conduct itself is still something that should be an amendment topic. Or at least that's, I’m trying to understand what we're saying that...

((Crosstalk))

Margie Milam: I think that it's a high priority item. We just wouldn't try to define it.

Steve Metalitz: I think what you said encompasses my view. So really we just take out this comment. We wouldn't change the item in the high priority list. We'd just take out this comment that says must include contractual definition of cybersquatting.

Margie Milam: Okay.

Steve Metalitz: Is there any objection to doing that? If not, then I suggest that we take out that comment, that six-word comment. Any other com - any other reactions on the items in N that in terms of changing our recommendations?

Okay it's now just about the top of the hour. So I don't, and I don't know if people can continue on this. We have about three or four more items to discuss under recommendations.

And then we have the next steps discussion. And I think that's going to - that's probably going to take a little while. So do people want to continue and try to wrap up at least this parts Roman Numeral VI? Or should we break here?

Michele Neylon: Both Cheryl and (unintelligible) are supportive of continuing.

Steve Metalitz: Okay then unless people object, obviously if people have to drop off, they will. But let's just plunge ahead here.

O is enhancing the RAA to address malicious conduct. And I think there are some general statements here. But I'm not sure there's anything here that goes directly to a recommendation.

But let me open the floor to any comments on these Item O comments. Hearing none, I don't think there's anything here that would lead us to change our recommendations.

Item P is about the priorities. And there are several comments here. The MAAWG wants to drop Number 1 and Number 12 and substitute two items from the medium priority list.

So 1 and 12 are the two dealing with UDRP. Excuse me, that's not right, 1 is the prohibition on registrar or cybersquatting, 12 is clarification of registrar responsibilities in connection with UDRP proceedings.

And they would like to drop those and add - and elevate medium priority Number 3 which is service level agreement on Whois availability. And 5, expand scope of authority to terminate accreditation.

So do people have reactions to that proposal? This is really the paragraph on the bottom of Page 11 of Margie's summary. So I think Margie had her hand up and then Michele.

Margie Milam: (Unintelligible). I'm just having read the MAAWG's comments, what they were really saying is if we feel that that high priority list can only include 12, make these adjustments.

So, you know, if there - and their thinking was, you know, that you're more likely to get, you know, a limited number of amendments to be listed as a large number.

But if there is flexibility in the number of high priority items then, you know, they didn't feel that you necessarily needed to drop those two items. And it's just, we were going to limit the number of high priorities as well.

Steve Metalitz: Okay thank you. That's helpful clarification, Michele.

Michele Neylon: I think in some ways I can understand where they're coming from. But at the same time I think they misunderstood the prioritization.

I mean the fact that something is low or medium priority, from my understanding of the discussion we've had on this, was more a case of prioritizing rather than saying this is going to be easy to implement. Versus this is going to be hard to implement.

So while I understand where they're coming from, that they've interpreted those priorities to point towards the likelihood of them being implemented. I think I'd have to disagree with what they're - what they've understood from us.

Steve Metalitz: All right, thank you. Any other comments on P? I don't hear from what people have said any strong interest in revising our priorities based on this.

You know, I...

((Crosstalk))

Steve Metalitz: Oh excuse me.

Michele Neylon: Cheryl is typing that...

Steve Metalitz: What we mean by prioritization. Well one thing we did explain that the list of priorities was not in order. I mean we're not saying priority, high priority 1 is the top priority. We were saying these 12 are all high priority.

And I think there was, I certainly had the feeling that we, 12 might even be too many. We certainly wouldn't want to expand it beyond 12. At least that was my sense.

Certainly if people feel that what we said about prioritization might have been unclear to the commenters, it's worth looking at to see if that could be clarified. Any other comments on this? Michele go ahead.

Michele Neylon: Now just being supportive of what Cheryl was typing in that even if - by judging by my interpretation and possibly Cheryl's. But obviously I don't read her mind.

It might help just to expand possibly on how the - what was intended or meant or what the upshot of the prioritization was.

Steve Metalitz: Okay.

Michele Neylon: I mean not, because I think as I was trying to express earlier, I think (Dave) understood us that high priority means this will happen versus other priorities meaning that it was unlikely to happen.

Steve Metalitz: Well let - what I would suggest here is let's take a look at what we said in the report about prioritization. And if there's anything we could do to clarify that in response to this then we could do so.

But that we wouldn't move something from one category to the other based on this comment. Is there general agreement with that?

All right, well let's all take a look at that. And staff maybe you, if you have any, if there's anything you think we could state more clearly. We'd certainly welcome your views on that.

I think the other comments in this section are either very general or I think the last Phil's comment we already talked about about the definition of cybersquatting.

So if there's no objection, let's move on to the last section which is Q. Comments on the matrix. Some of them, the ideas are preposterous. I'm sure we would all - might all agree with that.

But I'm not sure that there's anything that we can do at this point in terms of our recommendations. And then Phil, you had a couple of comments here. Would you like to flush this out at all if you're - are you still with us?

You had a comment on the registrar code of conduct and on a couple of the other...

Phil Corwin: I'm sorry Steve, I'm still with you. I just forgot to take my mute button off.

Steve Metalitz: Okay.

Phil Corwin: We don't think, you know, people like Michele and other people who enter into contracts with ICANN under, you know, enter into the RAA, we think they're sophisticated parties. That they wouldn't - they don't need and wouldn't benefit from a registrar code of conduct.

It's different than a rates and responsibilities charter for general registrants who may need that kind of guide to their understanding of what they're entering into when they sign up with a registrar.

And then the other comment just repeats something that was there earlier that we were endorsing active consideration of two matrix items which was requiring privacy proxy services to forward allegations of malicious conduct and other bad acts to their customers in a prompt manner.

And the one that would require registrars to promptly notify ICANN of security breaches and to notify registrants when they have reasonable evidence that their accounts have been breached by unauthorized individuals so.

Steve Metalitz: Okay.

Phil Corwin: It's fairly straightforward I think.

Steve Metalitz: Thank you. Michele you had some comments.

Michele Neylon: It was actually more of a question for the North American lawyers in the room. I gather that there was some case recently with respect to what Phil was saying there about breaches of pri - of security and privacy which now means that if I understood it correctly.

And I could have gotten it completely wrong. That American companies are now obliged to disclose this. Is that correct or did I misunderstand something?

Steve Metalitz: Well there are a number of state laws now that would require disclosure of data breaches on personally identifiable information in some circumstances. But they vary from state to state.

Michele Neylon: Okay, fair enough.

Man: They don't require disclosure of the personal information.

Steve Metalitz: No, no...

((Crosstalk))

Steve Metalitz: That there was a breach, yes.

Man: Exactly.

Steve Metalitz: Yes I didn't say that very well. Okay I'm trying to remember what we said about the registrar code of conduct. I do - I dimly recall our saying that it's been quite a while.

And there still isn't one. But I don't see that, I'm not sure that's reflected in our recommendations. So I'm not quite sure what to, how to react to that. I guess my other reaction would be to say not all of the registrars are as responsible and sophisticated as Michele.

And the idea of a registrar code of conduct was to try to lift up the ones in the lower echelon, let's put it that way. So that was the whole theory of it anyway so. Michele you had a...

Michele Neylon: Yes just because Cheryl is on mute and this is just more case of reading into the record her comments which are hers and hers alone. She's just saying that at large does believe a registrar code of conduct would be useful and productive, especially in a global industry.

And as obviously as I'm not ALAC, I'm not either supporting or saying anything. I'm just saying that for Cheryl.

Steve Metalitz: Thank you and I think that's a good point. Thank you for doing that. Well does anybody feel we should change any of our recommendations based on these comments?

Again I feel I'm at a bit of a loss here because I can't remember what exactly we said about the registrar code of conduct. Maybe Margie is going to help me out on that. Margie go ahead.

Margie Milam: Actually, yes I'm looking for...

Steve Metalitz: You were going to say something else. Go ahead.

Margie Milam: I know we did say something about it. And I know specifically that as staff, we recommended that this be one of the considerations. Only because, you know, when you look at some of these priority items, some of them can become contract provisions that are very difficult to change.

Versus, you know, they might be more appropriate in the code of conduct that the registrars would, according to the agreement, you know, would adopt the code of conduct.

And then there may not be a necessity of having it be a formal amendment. So, and also, I did find the reference. It's in our medium priority list.

I think it's Number 10. So just wanted to let you know that that is listed as Number 10 on our medium priority list.

Steve Metalitz: Thank you. You're absolutely right. Staff to draft registrar code of conduct if registrars fail to do so by time certain.

And that was a, based on a proposal that had come in. Thank you. Any views on any changes that are needed in response to these comments? If not and in view of the time, let me suggest this that we - I will work with staff.

And we will circulate a document incorporating the changes we've talked about and a few responses that we talked about that wouldn't affect our recommendations.

We'll get that out to everybody. And everybody should feel free also to re-look at all these comments and see if there's anything else that they feel needs to be picked up in our response.

And then on our next call we'll review that. Try to finalize that. And also have our discussion about section 7, the next steps where there obviously are differing opinions about how we should deal with that.

And I think hopefully we could accomplish both those in one call. And perhaps wrap up our review and wrap up our work after that call.

So I would suggest that we try to do that within the next couple weeks. We will circulate a doodle for some - with some dates perhaps early in the week of August 30 to try to have that next call.

And again, you will have a document to react to and hopefully if people have comments, they can also share those on the list.

Are there any other, and I appreciate everybody sticking around for an extra 15 minutes or so here. Are there any other, is there any objection to the next steps that I've laid out there or other comments that people wish to make?

If not I'd like to thank everybody for their participation, please keep your eye out for the - for a doodle with the next date. And also for a new version of the draft report reflecting the changes we've talked about here.

Thanks very much.

Margie Milam: Bye everybody.

END

  • No labels