FINAL VERSION SUBMITTED (IF RATIFIED)
The final version to be submitted, if the draft is ratified, will be placed here by upon completion of the vote.
FINAL DRAFT VERSION TO BE VOTED UPON BY THE ALAC
The final draft version to be voted upon by the ALAC will be placed here before the vote is to begin.
DNS Abuse has been discussed and debated within ICANN for well over a decade. The ALAC has repeatedly heard registrars say that ICANN Contractual Compliance should take action against “bad actors” and ICANN Contractual Compliance saying that they did not have the tools to enforce compliance by such “bad actors”.
It was evident that the only way to address this stalemate was for the Contracted Parties and ICANN Org to sit down and ensure that ICANN Org had the necessary tools to compel Registrars (and even Registry Operators) to take appropriate action on a timely basis to either stop or at least disrupt clear incidences of DNS Abuse, or even contemplate prevention of DNS Abuse.
It is with collective pleasure that the ALAC compliments the Registrar Stakeholder Group, the Registry Stakeholder Group and ICANN Org for finally doing just that.
The ALAC supports the proposed contractual improvements to section 3.18 of the Registrar Accreditation Agreement and section 4, Specification 6 the Registry Agreement, and strongly encourages the Registrar Stakeholder Group and the Registry Stakeholder Group to adopt them, enabling all relevant parties to take whatever action necessary to ensure that they are implemented without delay.
In particular, the ALAC is pleased to note the proposed introduction of a new section 4.2 within Specification 6 of the Registry Agreement which seeks to provide for specific baseline action by a Registry Operator to stop, or otherwise disrupt a domain name from being used for DNS Abuse, and especially for such Registry Operator to take direct action where it deems appropriate.
The ALAC welcomes the accompanying Draft ICANN Advisory explaining the new requirements, and which provides guidance and expectations for action by registrars and registries to ensure compliance with the new contractual terms. We believe that the case scenarios spelt out therein offer some clarity on actions expected by registrars and/or registries in terms of appropriateness and timing.
However, the ALAC would appreciate the inclusion of expectations on concrete actions that might be taken by ICANN Contractual Compliance against a Registrar or Registry Operator if either, as the case may be, were found or deemed by ICANN Contractual Compliance to not meet the guidance set forth in the Draft ICANN Advisory. Such expectations for action by ICANN Contractual Compliance would be imminently useful, and in particular, an indication of at what point non-compliance would be viewed as a material breach of obligations in either of the agreements.
We hope that the Contracted Parties and ICANN org will continue to be responsive to progressive feedback from various parts of the ICANN Community, in an ongoing collective effort to effectively combat DNS Abuse both as currently defined, and as it may evolve over time.
DRAFT SUBMITTED FOR DISCUSSION
The first draft submitted will be placed here before the call for comments begins. The Draft should be preceded by the name of the person submitting the draft and the date/time. If, during the discussion, the draft is revised, the older version(S) should be left in place and the new version along with a header line identifying the drafter and date/time should be placed above the older version(s), separated by a Horizontal Rule (available + Insert More Content control).
https://docs.google.com/document/d/1JSeWOFk7dIOwiVwW0aACWYEsZqH0bNJIlk7TMatoCMc/edit#
High level overview from Holly Raiche
10 Comments
Justine Chew
What a few of us have mentioned repeatedly is that we also need to look at Draft ICANN Advisory DNS Abuse Amendments (PDF, 183.59 KB)
Steinar Grøtterød
I agree that At-Large should add to the public comment that the ICANN Advisory MUST be seen as the "toolbox" for ICANN Compliance. Both the CPH Negitiation Team and ICANN Compliance have in several meetings emphasized that the proposed RA and RAA together with the ICANN Advisory will make it possible to act on Registries and Registrars when not in complaince
Alan Greenberg
The public comment page clearly states that the Advisory " would come into effect if the proposed amendments are approved". Is there any doubt that this is the case?
Steinar Grøtterød
To my knowledge and understanding, the ICANN Advisory will come into effect when the RA/RAA amendments are approved. However, I would expect the ICANN Advisory to be updatedbased on outcome of Rr/Ry audits.
Alan Greenberg
First draft:
DNS Abuse has been discussed and debated within ICANN for what seems forever. Going back to 2010, a GNSO group (Registration Abuse Policies Implementation Drafting Team - RAP-‐IDT) identified issues and recommended actions be taken.
Much talk, little action.
We have repeatedly heard registrars say that compliance should take action against “bad actors” and ICANN Compliance saying that they did not have the tools.
The ALAC has repeatedly, over many years, advised that that the obvious need was for registrars and ICANN Org to sit down and ensure that ICANN have the necessary tools.
It is with collective pleasure that the ALAC compliments registrars and ICANN Org for finally doing just that.
There are no doubt additional changes that the ALAC could identify to make the RAA/RA changes even better in our view, but this is not the time for that discussion.
The ALAC supports the planned contractual improvements and encourages all parties to take whatever action necessary to ensure that they are implemented with minimal delay.
Steinar Grøtterød
I would recommend to add the importance of the new added RA Spec 6.4.2:
4.2. DNS Abuse Mitigation. Where a Registry Operator reasonably determines, based on actionable evidence, that a registered domain name in the TLD is being used for DNS Abuse, Registry Operator must promptly take the appropriate mitigation action(s) that are reasonably necessary to contribute to stopping, or otherwise disrupting, the domain name from being used for DNS Abuse. Such action(s) shall, at a minimum, include:
Action(s) may vary depending on the circumstances of each case, taking into account the severity of the harm from the DNS Abuse and the possibility of associated collateral damage.
Alan Greenberg
Steinar, can you be more specific. Are you suggesting that we explicitly call out this change as being important, possibly implying that the other changes are not?
Justine Chew
Hi Steinar,
I agree with you in principle seeing that section 4.2 is entirely new. In this respect, I have included a paragraph in the draft statement and would welcome your input on it. Please refer to the googledoc shared as our draft submission above.
Thanks,
Justine
Steinar Grøtterød
Hi Alan and Justine,
The "clean version" is excellent and signals my thinking.
I support the At-Large public comment response.
Steinar Grøtterød
Deadline for submission is extended to July 20, 2023