RE: [registrars] Lawmakers Domain name oversight too lax CNET News.com

["Rob Hall" <rob@xxxxxxxxxxxxx>]

The meeting was very interesting from a global point of view.

It was clear that the committee believes there is an imminent and serious
problem with Registrars, and how they police whois data.

It was also clear that in thinking of how this can be solved, the committee
is not thinking globally.  One suggestion made by them was that since all
Registrars verify the address of the person against the credit card to
prevent fraud, then why do they let someone put a different address on the
whois data.    As an example, this is flawed thinking, as only the US has
address verification abilities on their merchant processing.

I was also shocked that no one pointed out to the committee that the current
complaint system works.  In fact, it's very use was used to show how large
the problem is.

Basically, about 10,000 whois problem reports have been filed with ICANN.
(I believe the commerce department testified that this was one threehudredth
of one percent of all domain names).

Mr. Ben Edleman proclaimed that he believed that a few percent of the whois
data is wrong, and that it was probably as high as 10% of the domains had
bad data on it.  Ben then went on to say that he had a study of over 30,000
domains that had bad data on them.

Frankly, doesn't that beg the question of why the hell Ben didn't submit
them to ICANN as incorrect whois data ?

We have a system that works.  You complain about it on a public website, the
Registrar gets notified and takes action.

Then along come Ben and others who loudly say this is a huge problem, but
refuse to even use the existing system.

The fact that the ICANN system has only seen 10,000 complaints does not mean
it is not the right solution.  People refuse to notify anyone when they
discover bad data (and it appears even Ben has done exactly that).  There
are no barriers I know of to notification.  Perhaps this isn't as big a
problem as it was blown up to be yesterday.

But the committee is clearly banging down the path of attempting to get the
department of commerce to insert into it's MOU sanctions against Registrars
who have bad data.

Rob.

-----Original Message-----
From: owner-registrars@xxxxxxxxxxxxxx
[mailto:owner-registrars@xxxxxxxxxxxxxx]On Behalf Of Michael D. Palage
Sent: Friday, September 05, 2003 12:17 PM
To: Elana Broitman; registrars@xxxxxxxx
Subject: RE: [registrars] Lawmakers Domain name oversight too lax CNET
News.com


Elana:

There were 4 members were in attendance.

Lamar Smith (very active)
Howard Berman (very active)
John Carter; (very quiet until the end when he made some rather strongly
worded statements - including a reference to his belief in strict
contractual enforcement along with a reference to his belief and support of
the death penalty. I hear he was a former judge before being elected to
Congress. Seemed like an interesting gentleman)
Tammy Baldwin (although she only asked a question about the WLS and the MOU
extension and then left)

Mike

> -----Original Message-----
> From: Elana Broitman [mailto:ebroitman@xxxxxxxxxxxx]
> Sent: Friday, September 05, 2003 11:38 AM
> To: Michael D. Palage; registrars@xxxxxxxx
> Subject: RE: [registrars] Lawmakers Domain name oversight too lax CNET
> News.com
>
>
> Mike - which Members of Congress showed up for the hearing?
>
> Thanks
>
> Elana Broitman
> Register.com
> 575 Eighth Avenue
> New York, NY 10018
> Phone (212) 798-9215
> Fax   (212) 629-9309
> ebroitman@xxxxxxxxxxxx
>
>
> -----Original Message-----
> From: Michael D. Palage [mailto:michael@xxxxxxxxxx]
> Sent: Friday, September 05, 2003 11:30 AM
> To: registrars@xxxxxxxx
> Subject: RE: [registrars] Lawmakers Domain name oversight too lax CNET
> News.com
>
>
> Elana:
>
> I was in attendance during the hearings yesterday and sat in back of Brian
> Cute so he can either confirm, clarify or reject my assessment of the
> hearings.
>
> I believe the underlying focus was on the failure of ICANN registrars to
> identify & correct inaccurate data, not on the need to
> pre-verify. Last year
> when I testified before this same Committee I explained based upon my
> experience how the cost of pre-verification did not justify the results
> because the ease of which these mechanisms could be gamed based on then
> available technology.
>
> This year the focus was more on what registrars are doing to self police
> their data to root out bad guys. Specifically, the Committee did not seem
> that the current ICANN Whois third party reporting mechanism was
> enough. The
> Committee wanted to know what registrars were doing to self police. The
> question was asked how a grad student Ben Edelman could identify thousands
> of false whois records and registrars couldn't or wouldn't. Ben further
> stated that often it was in the registrar's interest to turn a
> blind eye to
> Whois entries to attract porn site operators, who register thousands of
> domain names at a time.
>
> Overall most of the panelist were rather critical of Registrars'
> performance
> to date, and one statement/question repeated numerous times by
> the Committee
> is why hasn't ICANN deaccredited a registrar yet.
>
> I would submit that any correspondences that suggest that registrars can't
> do anything because it will be "ultimately ineffective" will fall on deaf
> ears. Doing nothing is in my personal opinion not an option, as
> this is the
> fastest road to a legislative solution. I would also remind everyone about
> last year's proposed legislation that call for jail time for willfully
> providing false and inaccurate Whois data. A lot of people laughed about
> going to jail in connection with the registration and use of a
> domain name.
> I am sure that Mr. Zuccarin that is currently sitting in custody does not
> share this viewpoint.
>
> I would encourage any letter submitted to have ideas on what can be done,
> not a laundry list of reasons of why nothing can be done.
>
> Just my two cents for what they are worth.
>
> Best regards,
>
> Mike
>
>
>
>
>
>
>
>
>
> > -----Original Message-----
> > From: owner-registrars@xxxxxxxxxxxxxx
> > [mailto:owner-registrars@xxxxxxxxxxxxxx]On Behalf Of Elana Broitman
> > Sent: Friday, September 05, 2003 10:09 AM
> > To: registrars@xxxxxxxx
> > Subject: [registrars] Lawmakers Domain name oversight too lax CNET
> > News.com
> >
> >
> > Please note the pressure on ICANN to require more whois
> > verification mandates.  This underscores the need for a registrar
> > response so that law makers understand the difficulties, cost and
> > ultimate ineffectiveness of additional requirements.  I will post
> > shortly a draft response to submit for the record.  It is based
> > on the input received from registrars.  Please review and comment
> > by close of business Monday, as the House Committee must receive
> > it by Wednesday morning.
> >
> > Regards,
> >
> > Elana Broitman  <<Lawmakers Domain name oversight too lax  CNET
> > News.com.htm>>
> >
>
>