Registration Abuse Policies WG: Initial Report Information Session Greg Aaron Chair, Registration Abuse Policies Working Group 10 March 2010.

Slides:



Advertisements
Similar presentations
WELCOME BUDGET MANAGERS AND CHIEF FISCAL OFFICERS
Advertisements

Learning from Events 12th June 2013 The Tata Steel Approach
Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.
Major Activities in JPNIC Since APNIC17 Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.
No 1 IT Governance – how to get the right and secured IT services Bjorn Undall and Bengt E W Andersson The Swedish National Audit Office Oman
INTERNAL CONTROLS.
1 Compliance Responsibilities: National Service Criminal History Checks Corporation for National and Community Service Office of Grants Management, Washington,
1 ICANNs Contractual Compliance Program David Giza, Senior Director, Contractual Compliance Stacy Burnette, Director, Contractual Compliance ICANN Policy.
Generic Names Supporting Organisation Bruce Tonkin Chair, GNSO Council.
Proposals for Improvements to the RAA June 21, 2010.
1 Update on New gTLD PDP Joint GAC/GNSO meeting Avri Doria Chair, GSNO Council San Juan, Puerto Rico.
Internationalizing WHOIS Preliminary Approaches for Discussion Internationalized Registration Data Working Group ICANN Meeting, Brussels, Belgium Jeremy.
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
Post-Expiration Domain Name Recovery PDP Presentation of Final Report.
Protection of Intl Organization Names in new gTLDs ALAC Presentation Brian Peck.
GNSO Working Session on the Vertical Integration PDP 4 December 2010.
Update to NCPH on WHOIS GNSO NCPH Inter-Sessional Meeting 29 Jan 2013.
1 Introduction to Safety Management April Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.
Reliability Center Data Request Task Force Report WECC Board Meeting April 2009.
The Managing Authority –Keystone of the Control System
Module N° 7 – Introduction to SMS
Some slides in this presentation were excerpted from US Eds February 2009 PowerPoint presentation titled: Help! Im a New Title I Director. What Do I Need.
Illinois Department of Children and Family Services, Pathways to Strengthening and Supporting Families Program April 15, 2010 Division of Service Support,
2 HOME DELIVERED MEALS Waiver Workshop Presented by: Regional and Local Services (RLS) Access and Intake /Area Agency on Aging (A&I/AAA) May 27-28, 2009.
The UEA House of Delegates Directing YOUR Association through the democratic process. 1.
EMS Checklist (ISO model)
1 The interconnection of business registers Judit Fischer – DG Internal Market and Services Budapest, 14 June 2010.
1 Vince Galotti Chief/ATMICAO 27 March 2007 REGULATING THROUGH SAFETY PERFORMANCE TARGETS.
Senior Manager – Research Finance & Programmes
1 Attributing the costs of health & social care Research & Development – Understanding AcoRD Trudi Simmons Senior Manager – Research Finance & Programmes.
Clinical Trial Agreements
RTI Implementer Webinar Series: Establishing a Screening Process
Internal Control and Control Risk
19 January * Affirmation of Commitments (AoC) review * Mandate began in October 2010 * Cross-community composition, law enforcement (LE) representative.
At-Large Whois Briefing 05 March * Affirmation of Commitments (AoC) review * 2009 signed document between US DoC and ICANN * Commits ICANN to enforce.
Revision of WIPO Standard ST.14 Committee on WIPO Standards, third session Geneva 15 – 19 April 2013 Anna Graschenkova Standards Section.
Abuse Prevention and Response Protocol.
Reevaluation Exceptional Children Division 1. Reevaluation NC Policies , , and
WHOIS Policy Review Team Draft Report Governmental Advisory Committee (GAC) 14 February 2012.
Policy & Implementation WG Initial Recommendations Report.
Text #ICANN51. Text #ICANN51 15 October 2014 At-large policy round table Holly Raiche Panel 1: Privacy and Proxy 1000 – 1045 Hrs.
Registrars SG Briefing- Vertical Integration Special Trademark Issues Margie Milam Senior Policy Counselor ICANN 8 March 2010.
Fake Renewal Notices. About Mikey 2 3 GNSO working groups: Cross community working groups DNS security and stability Fake renewal notices Fast flux Inter.
Final Report on Improvements to the RAA Steve Metalitz 5 December 2010.
Consumer Trust, Consumer Choice & Competition Presenter: Steve DelBianco Chair: Rosemary Sinclair.
Text #ICANN49 Whois Studies Update. Text #ICANN49 Recent Developments Final two GNSO-commissioned Whois Studies just completed – on Whois Privacy & Proxy.
Michael Yakushev, cctld.ru Board Member.  WHOIS existed before ICANN (1982-)  Review of WHOIS Policy is prescribed by AoC (2009)  Review Team was formed.
Update from ICANN staff on SSR Activities Greg Rattray Tuesday 21 st 2010.
Text. #ICANN49 Data & Metrics for Policy Making Working Group Thursday 27 March 2014 – 08:00.
IRTP Part D PDP WG Items for Review. Items for Review Policy Development Process WG Charter GNSO WG Guidelines.
Policy Update. Agenda Locking of a Domain Name Subject to UDRP Proceedings PDP Thick Whois PDP IRTP Part D PDP Policy & Implementation Other efforts?
Transfers Task Force Briefing ICANN Domain Names Council Meeting March 12, 2002 Registry Registrar BRegistrar A.
Proposals for Improvements to the RAA June 22, 2010.
1 1 The GNSO Role in Internet Governance Presented by: Chuck Gomes Date: 13 May 2010.
Post-Expiration Domain Name Recovery PDP WG ICANN – San Francisco March 2011.
RrSG Working Groups Status Update James M. Bladel, GoDaddy.com Reston, VA Mar 2010.
Governmental Advisory Committee Public Safety Working Group 1.
Review of CCWG-Acct 3 rd Proposal and ALAC Issues Alan Greenberg 04 December 2015.
Contractual Compliance Pam Little Stacy Burnette Khalil Rasheed.
Update on Consumer Choice, Competition and Innovation (CCI) WG Rosemary Sinclair.
Inter-Registrar Transfer Policy Part C Presentation of Initial Report.
GNSO IDN work Dr Bruce Tonkin Chair, GNSO Council IDN Workshop Marrakech, June 25, 2006.
‘Thick’ Whois PDP Items for Review. Items for Review GNSO Policy Development Process ‘thick’ Whois Issue Report DT’s Mission WG Charter Template.
GDPR (General Data Protection Regulation)
Implementation Review Team Meeting
Registration Abuse Policies WG
Abuse Mitigation + NG RDS PDP
IDN Variant TLDs Program Update
Action Request (Advice) Registry
Updates about Work Track 5 Geographic Names at the Top-Level
Presentation transcript:

Registration Abuse Policies WG: Initial Report Information Session Greg Aaron Chair, Registration Abuse Policies Working Group 10 March 2010

2 Background Registries and registrars seem to lack uniform approaches to deal with domain name registration abuse What role ICANN should play in addressing registration abuse? What issues, if any, are suitable for GNSO policy development? Registration Abuse Policies Pre-PDP Working Group launched in March 2009

Objectives RAP pre-PDP WG tasked to address issues such as: What is the difference between registration abuse and domain name use abuse? What is the effectiveness of existing registration abuse policies? Would there be benefits to a more uniform approach by registries and registrars? What issues, if any, are suitable for GNSO policy development? Initial Report published on 12 Feb

Initial Report – Definition of Abuse Abuse is an action that: a.Causes actual harm and substantial harm, or is a material predicate of such harm, and b.Is illegal or illegitimate, or is otherwise contrary to the intention and design of a stated legitimate purpose, if such purpose is disclosed. The party or parties harmed, and the substance or severity of the abuse, should be identified and discussed in relation to a specific proposed abuse. A predicate is a related action or enabler. There must be a clear link between the predicate and the abuse, and justification enough to address the abuse by addressing the predicate (enabling action). 4

Initial Report – Registration Abuse vs. Domain Name Use Abuse Understanding and differentiating between registration abuse and use abuse is essential in the ICANN policy context Registration abuses may occur at various points in a domain names lifecycle Registration issues are related to the core domain name-related activities performed by registrars and registries. (domain creation, transfers, Whois data, etc.) Use issues concern what a registrant does with the domain after it has been created, or the services the registrant operates on the domain. 5

Issues Report: Regarding Registration vs. Use In determining whether the issue is within the scope of the ICANN policy process and the scope of the GNSO, staff and the General Counsels office have considered the following factors: 7.1 Whether the issue is within the scope of ICANNs mission statement … section of the Registrar Accreditation Agreement between ICANN and accredited registrars provides for the establishment of new and revised consensus policies concerning the registration of domain names, including abuse in the registration of names, but policies involving the use of a domain name (unrelated to its registration) are outside the scope of policies that ICANN could enforce on registries and/or registrars. The use of domain names may be taken into account when establishing or changing registration policies. Thus, potential changes to existing contractual provisions related to abuse in the registration of names would be within scope of GNSO policy making. Consideration of new policies related to the use of a domain name unrelated to its registration would not be within scope.

Initial Report – Registration Abuses Explored WG developed a list of abuses, developed definition, determined what registration issues exists (if any), scope and policy issues involved Abuses covered include: Cybersquatting Front-running Gripe sites; deceptive, and/or offensive domain names Fake renewal notices Name spinning Pay-per-click Traffic diversion False affiliation Domain kiting / tasting 7

Initial Report – Malicious Use of Domain Names Examples of malicious use: phishing, malware, spam. The question is what ICANN can reasonably do within its mission and policymaking boundaries. Malicious uses of domain names have limited but notable intersections with registration issues. (Example: WHOIS issues.) Issues discussed include intent, risk and indemnification, and the Expedited Registry Security Request (ERSR). All registrars and most if not all registries are already empowered to develop antiabuse policies and suspend domains if they wish to do so. Doubts about whether ICANN has the power to force contracted parties to suspend domain names for malicious uses. 8

Initial Report – Whois Access Basic accessibility of Whois has inherent relationship with registration process abuses. Also a key issue related to malicious use of domain names Findings: Thin-registry Whois data is not always accessible on a predictable, guaranteed, or enforceable basis. Users sometimes receive different Whois results depending on where or how lookup is performed. Problems with enforcement of existing registrar obligations. 9

Initial Report – Uniformity of Contracts Sub-team investigated questions related to desirability or not of uniform provisions related to registration abuse in registration agreements Detailed analysis, but no consensus on way forward 10

Initial Report – Meta Issues Number of attributes in common such as: Discussed in various WGs and Advisory Groups Scope spans different policies Previous groups have discussed these issues without solution Worthy of substantive discussion and action, but might not be suitable for policy development Uniformity of Reporting Collection and dissemination of best practices 11

RECOMMENDATIONS 12

Initial Report – Recommendations Unanimous Consensus Cybersquatting The RAPWG recommends the initiation of a Policy Development Process by requesting an Issues Report to investigate the current state of the UDRP, and consider revisions to address cybersquatting if appropriate. This effort should consider: How the UDRP has addressed the problem of cybersquatting to date, and any insufficiencies/inequalities associated with the process. Whether the definition of cybersquatting inherent within the existing UDRP language needs to be reviewed or updated. [This is not a recommendation regarding newTLD rights protection mechanisms – see below.] 13

Initial Report – Recommendations Unanimous Consensus Malicious Use of Domain Names The RAPWG recommends the creation of non-binding best practices to help registrars and registries address the illicit use of domain names. This effort should be supported by ICANN resources, and should be created via a community process such as a working or advisory group while also taking the need for security and trust into consideration. The effort should consider (but not be limited to) these subjects: –Practices for identifying and investigating common forms of malicious use (such as malware and phishing) –Creating antiabuse terms of service for inclusion in RegistrarRegistrant agreements, and for use by TLD operators. –Practices for identifying stolen credentials 14

Initial Report – Recommendations Unanimous Consensus Malicious Use of Domain Names (continued) –Identifying compromised/hacked domains versus domain registered by abusers –Practices for suspending domain names –Account access security management –Security resources of use or interest to registrars and registries –Survey registrars and registries to determine practices being used, and their adoption rates. 15

Initial Report – Recommendations Unanimous Consensus Whois Access The GNSO should determine what additional research and processes may be needed to ensure that WHOIS data is accessible in an appropriately reliable, enforceable, and consistent fashion. The GNSO Council should consider how such might be related to other WHOIS efforts, such as the upcoming review of WHOIS policy and implementation required by ICANNs new Affirmation of Commitments. 16

Initial Report – Recommendations Unanimous Consensus Whois Access (continued) The GNSO should request that the ICANN Compliance Department publish more data about WHOIS accessibility, on at least an annual basis. This data should include a) the number of registrars that show a pattern of unreasonable restriction of access to their port 43 WHOIS servers, and b) the results of an annual compliance audit of compliance with all contractual WHOIS access obligations. 17

Initial Report – Recommendations Consensus Fake Renewal Notices #1. The RAPWG recommends that the GNSO refer this issue to ICANNs Contractual Compliance department for possible enforcement action, including investigation of misuse of WHOIS data. Alternative view (supported by 1 member): There does not seem to be any policy that Compliance could enforce. #2. The following recommendation is conditional. The WG would first like to learn the ICANN Compliance Departments opinions regarding Recommendation #1 above, and the WG will further discuss this recommendation: that the RAPWG recommends the initiation of a Policy Development Process by requesting an Issues Report to investigate fake renewal notices. 18

Initial Report – Recommendations Unanimous Consensus Domain Kiting / Tasting and Front-Running It is unclear to what extent domain kiting happens, and the RAPWG does not recommend policy development at this time. The RAPWG suggests that the Council monitor the issue (in conjunction with ongoing reviews of domaintasting), and consider next steps if conditions warrant. It is unclear to what extent frontrunning happens, and the RAPWG does not recommend policy development at this time. The RAPWG suggests that the Council monitor the issue and consider next steps if conditions warrant. 19

Initial Report – Recommendations Unanimous Consensus Meta Issue: Uniformity of Reporting The RAPWG recommends that the GNSO, and the larger ICANN community in general, create and support uniform reporting processes. 20

Initial Report – Recommendations Unanimous Consensus Meta Issue: Collection and dissemination of best practices The RAPWG recommends that the GNSO, and the larger ICANN community in general, create and support structured, funded mechanisms for the collection and maintenance of best practices. 21

Initial Report – Recommendations Rough Consensus Gripe sites; deceptive and/or offensive domain names: Make no recommendation. Alternative view (supported by 4 members): The URDP should be revisited to determine what substantive policy changes, if any, would be necessary to address any inconsistencies relating to decisions on gripe names and to provide for fast track substantive and procedural mechanisms in the event of the registration of deceptive domain names that mislead adults or children to objectionable sites. 22

Initial Report – Recommendations Strong Support but Significant Opposition Gripe sites; deceptive and/or offensive domain names WG turned down a proposed recommendation that registries develop best practices to restrict the registration of offensive domain strings. Alternative view (supported by 5 members): Registries should consider developing internal best practice policies that would restrict the registration of offensive strings in order to mitigate the potential harm to consumers and children. 23

Initial Report – Recommendations Strong Support but Significant Opposition Uniformity of Contracts The RAPWG recommends the creation of an Issues Report to evaluate whether a minimum baseline of registration abuse provisions should be created for all in-scope ICANN agreements, and if created, how such language would be structured to address the most common forms of registration abuse. (8 members) Significant Opposition: Opposed to the recommendation for an Issues Report (5 members) 24

Initial Report – Recommendations No Consensus Cybersquatting: NewTLD Rights Protection Mechanisms (Supported by 7 members of the RAPWG:) The RAPWG recommends the initiation of a Policy Development Process by requesting an Issues Report to investigate the appropriateness and effectiveness of how any Rights Protection Mechanisms that are developed elsewhere in the community (e.g. the New gTLD program) can be applied to the problem of cybersquatting in the current gTLD space. (6 members of the RAPWG:) The initiation of such a process is premature; the effectiveness and consequences of the Rights Protection Mechanisms proposed for the new TLDs is unknown. Discussion of RPMs should continue via the New TLD program. Experience with them should be gained before considering their appropriate relation (if any) to the existing TLD space. 25

Your Input Requested Participate in the Public Comment Forum on the Initial Report (until 28 March): comment/#rap-initial-reporthttp:// comment/#rap-initial-report Review the Complete Initial Report en.pdf en.pdf 26

Next Steps RAPWG will review and analyze the comments received during the public comment period Update Report accordingly Presentation of Final Report to the GNSO Meeting in time for the ICANN meeting in Brussels GNSO Council to consider recommendations and decide on next steps 27

COMMENTS? QUESTIONS? 28

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.