AT-LARGE ADVISORY COMMITTEE
ALAC Statement to the Board of ICANN
AMENDMENTS TO THE REGISTRAR ACCREDITATION AGREEMENT
Introductory Note by the Staff
This statement was developed by members of the community, led for the ALAC by Beau Brendler of North America, in the latter part of August 2008 and posted to the At-Large Advisory Committee working list on 28th August 2008 (the posting may may be reviewed at http://atlarge-lists.icann.org/pipermail/alac_atlarge-lists.icann.org/2008/000078.html). Comments from the community were requested, commencing on 1 st September 2008, at https://st.icann.org/alac-docs/index.cgi?alac_statement_on_raa_amendments_al_alac_st_0808_2As the deadline for responding to the RAA Amendments consultation was 31 st August, Mr. Brendler copied Tim Cole of the ICANN Staff on the draft, noting that it was still in draft form and that therefore it was possible that there might be some changes as the ALAC deliberated upon the text. At the ALAC’s teleconference on 9 th September 2008 (minutes available at https://st.icann.org/alac/index.cgi?09_september_2008_summary_minutes) it was decided that a vote would be held from 10 th to 17 th September on the draft. The vote to ratify the Statement was carried by 9-0. It follows on from a statement sent by the ALAC to the Board of ICANN on 8 th August 2007, available online at: http://www.atlarge.icann.org/en/correspondence/community-views-raa-negotiation.htm.
[End of introduction]
Note on Translations
The original version of this document is the English text, available at: http://www.atlarge.icann.org/en/correspondence/. Where a difference of interpretation exists or is perceived to exist between a non-English edition of this document and the original text, the original shall prevail. Thank you for the opportunity to comment on the recent proposed amendments to the Registrar Accreditation Agreement. This statement comprises four parts: “Background,” “Current Amendments and Issues,” “Remaining proposals from ‘Section F,’ ” and “Conclusion.” Part I – Background Late last fall, a working of the following participants was created: RJ Glass Vittorio Bertola Michele Neylon Hugh Dierker Debbie Garside John Levine Jacqueline Morris Nirmol Agarwal Seth Reiss Derek Smythe Jeff WilliamsDanny Younger This collection of individuals set forth policy recommendations for the RAA, which were then endorsed by the At-Large Advisory Committee and sent to the Board of Directors of ICANN as an Advisory on 8 th August 2008. However, of 27 separate recommendations tendered, the ICANN Staff selected one -- specifically, the inclusion of a standardized description of registrant rights within the RAA. Those in that working group and other members of the user community believe the proposed amendments to the RAA do not reflect the most important aspects of that group’s work. Further, throughout the agreement review process, public comments have been tendered in good faith that were later put aside by the ICANN Staff. Many of them, we believe, were specific implementable recommendations from the general public. These also have been put aside. The resulting set of amendments, therefore, is weak overall. Part II – Current Amendments and Issues In reference to item 2 b, “Requiring registrars to include on their websites a link to a ‘Registrant Rights and Responsibilities’ document to be created in consultation with the ICANN community,” we would like to make clear the ALAC has begun work on this document and hopes to circulate it to the community in September 2008. We have the following concerns and comments about the other amendments: Generally speaking, in the “Enforcement Tools” section, we believe the language does not go far enough to create deterrence, nor is it specific enough about the terms of graduated sanctions against non-compliant registrars. Specifically, in 1 a: We recommend deleting “at least.” 15 days is more than enough advance notice of an audit. In 1 b: What are the proposed graduated monetary sanctions, in US dollars, and to what violations do they correspond? In reference to 1c: “Group Liability – Preventing ‘serial misconduct’ by registrars when another affiliated (by common control) registrar's RAA is terminated,” we ask -- not just for this specific item and event but for the spirit of the RAA as a whole -- why should ICANN and the user community tolerate “serial misconduct” at all? A single willful fundamental and material contract breach should be sufficient to warrant a loss of accreditation. ICANN, rather than the registrars, should be responsible for enforcement and disclosure. Further, without endorsing any particular dispute resolution policy, transparency about their effects is useful. Concrete information-forcing mechanisms, e.g., requiring prominent notification of deviations from a standard set of contract terms, is preferable, since market competition only works when consumers know they are making a choice and understand the terms of the choice. Within the context of compliance enforcement in general, ICANN should require public display and disclosure of all registrar officers and directors, particularly in the event a registrar’s accreditation is terminated. In 2c: We recommend removing the clause, “or alternatively, give prominent notification that such data will not be escrowed,” because we cannot foresee a circumstance in which not escrowing would be desirable. In 3c: Concern grows in the user community about compliance among ICANN-accredited registrars. It is one thing to display a seal or logo, and quite another to be fully in compliance with its requirements. Significant numbers of users have come forward to question whether, in fact, those registrars who claim compliance, fully are. It is an intrinsic flaw in “seal” programs that they require policing to be effective. We would like to see evidence that there is, in fact, ongoing review of compliance among ICANN registrars that display such seals, which are an enticement to the general public. Those found not to be fully should lose the right to display the seal while compliance investigation is ongoing. Other general issues: Since the consultation period, several members of the user community (and the business constituency in the ICANN community) have raised concern about domain name warehousing. At the moment there appears to be no contractual or compliance language that prevents registrars from “warehousing” expired domain names. We believe this creates an unfair situation for members of the public who might wish to own a particular domain name. A number of ICANN-accredited registrars have admitted to engaging in this practice and the user community has made clear its objections. In addition, the user community and the ICANN community has spent time and resources recently discussing contractual violations such as front-running. Where are the provisions in the RAA to deal with this problem? When registrars pay for multiple-year registrations and the registrar enters only a single year into the WHOIS record, what RAA provisions will ensure the registrant is protected should the registrar go under? When a registrar reacts to a customer charge-back by changing the WHOIS record for the registrant's other registrations, what provisions in the RAA will make the registrant whole? Part III – Remaining proposals from “Section F” As noted in the “Background” section at the beginning of this statement, in response to the ALAC’s submission during the initial consultation period, ICANN staff, in its summary of comments, grouped many of ALAC’s proposed additions to the agreement in Section F. Several members of the user community note that the Staff Analysis of Section F of the Synthesis of Public Comments (available online at https://st.icann.org/raa-policy/index.cgi/Analysis%20for%20ALAC%20of%20Section%20F.pdf?action=attachments_download;page_name=raa_working_group_documents;id=20080212125220-0-16666) reads as if it were written in direct consultation with the registrar community. However, we do recognize and appreciate Tim Cole’s clarification of some of these issues in briefings to the ALAC in Los Angeles and by phone in August 2008. In addition, certain events have made some proposals in Section F moot. However, we believe the following suggested amendments remain valid candidates for consideration (some with slight wording modifications):
- While customers should be able to select a registrar based on its willingness to be responsive to its customer’s desires, ICANN should seek to limit disclaimers by registrars that are not in compliance with all terms of the agreement. This is obviously critical for ICANN-accredited registrars.
- ICANN should require standardized Acceptable Use Policy in registration agreements to address criminal fraud, when this directly affects the operational stability, reliability, security and global interoperability of the Internet.
- Enforce and make public the results of dispute mechanisms in place that obligate registrars to facilitate enforcement of abusive registration policies, such as the UDRP.
- Registrars should be required to offer DNSSEC.
Part IV – Conclusion Thus far we have received the proposed revisions to the RAA but we have yet to hear the results of the comprehensive review of the registrar accreditation process. In a late August posting, the spam mitigation firm Knujon pointed to the nefarious activities of a single registrar associated with illicit pharmaceuticals that has sponsored 48 phantom accreditations. Extending accreditations to shell companies formed for the express purpose of gaming the system must stop. These phantom registrars are currently being used to game the aftermarket, but as we move into the new gTLD cycle, they will next be used to actively game the new gTLD landrush periods. As a community, we are aware of accredited registrars in North America with officers that have been convicted of mail fraud, that continue to be associated with the deceptive marketing practices employed by the Domain Registry of America. We do not consider this an acceptable situation. Accreditation processes must be reviewed, and that review must be released for public scrutiny. We are aware of registrars that now stand as defendants in courts of law accused of cybersquatting, yet ICANN lacks the will to suspend their accreditations. Where is the commitment to protection of the public interest? Where is the respect for the community view? And when the next RegisterFly incident occurs, what provision in the RAA will give remedy to the registrant?