NCSG-DISCUSS Archives

NCSG-Discuss

NCSG-DISCUSS@LISTSERV.SYR.EDU
Options: Use Forum View

Use Monospaced Font
Show HTML Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Fwd: in case you did not see this
From:
Stephanie Perrin <[log in to unmask]>
Reply To:
Stephanie Perrin <[log in to unmask]>
Date:
Wed, 25 Jun 2014 05:55:18 +0800
Content-Type:
multipart/alternative
Parts/Attachments:
text/plain (5 kB) , text/html (7 kB) 
INteresting article.  Just a reminder, tomorrow morning at 8am in the 
Sandringham room, the EWG discusses its report again.  And privacy 
afternoon is from 3-6 in the Sovereign room.
http://domainincite.com/16963-a-million-domains-taken-down-by-email-checks


    A million domains taken down by email checks
    <http://domainincite.com/16963-a-million-domains-taken-down-by-email-checks>

Kevin Murphy <http://domainincite.com/about>, June 24, 2014, 14:34:25 
(UTC), Domain Registrars 
<http://domainincite.com/category/domain-registrars>

*Over 800,000 domain names have been suspended since the beginning of 
the year as a result of Whois email verification rules in the new ICANN 
Registrar Accreditation Agreement.*

That’s according to the Registrars Stakeholder Group, which collected 
suspension data from registrars representing about 75% of all registered 
gTLD domain names.

The actual number of suspended domains could be closer to a million.

The 2013 RAA requires registrars to verify the email addresses listed in 
their customers’ Whois records. If they don’t receive the verification, 
they have to suspend the domain.

The RrSG told the ICANN board in March that these checks were doing more 
harm than good 
<http://domainincite.com/16375-are-whois-email-checks-doing-more-harm-than-good> 
and today Tucows CEO Elliot Noss presented, as promised, data to back up 
the claim.

“There have been over 800,000 domains suspended,” Noss said. “We have 
stories of healthcare sites that have gone down, community groups whose 
sites have gone down.”

“I think we can safely say millions of internet users,” he said. “Those 
are real people just trying to use the internet. They are our great 
unrepresented core constituency.”

The RrSG wants to see contrasting data from law enforcement agencies and 
governments — which pushed hard for Whois verification — showing that 
the RAA requirement has had a demonstrable benefit.

Registrars asked at the Singapore meeting in March that law enforcement 
agencies (LEA) be put on notice that they can’t ask for more Whois 
controls until they’ve provided such data and ICANN CEO Fadi Chehade 
said 
<http://domainincite.com/16375-are-whois-email-checks-doing-more-harm-than-good> 
“It shall be done by London.”

Noss implied that the majority of the 800,000 suspended names belong to 
innocent registrants, such as those who had simply changed email 
addresses since registering their names.

“What was a lovely political win that we said time and time again in 
discussion after discussion was impractical and would provide no 
benefit, has demonstrably has created harm,” Noss said.

He was received with cautious support by ICANN board members.

Chair Steve Crocker wonder aloud how many of the 800,000 suspended 
domains are owned by bad guys, and he noted that LEA don’t appear to 
gather data in the way that the registrars are demanding.

“We were subjected, all of us, to heavy-duty pressure from the law 
enforcement community over a long period of time. We finally said, 
‘Okay, we hear you and we’ll help you get this stuff implemented,’”, he 
added. “That creates an obligation as far as I’m concerned on their part.”

“We’re in a — at least from a moral position — in a strong position to 
say, ‘You must help us understand this. Otherwise, you’re not doing your 
part of the job’”, he said.

Chehade also seemed to support the registrars’ position that LEA needs 
to justify its demands and offered to take their data and concerns to 
the LEA and the Governmental Advisory Committee.

“They put restrictions on us that are causing harm, according to these 
numbers,” he said. “Let’s take this back at them and say, hey, you ask 
for all these things, this is what happened.”

“If you can’t tell me what good this has done, be aware not to come back 
and ask for more,” he said. “I’m with you on this 100%. I’m saying let’s 
use the great findings you seem to have a found and well-package them in 
a case and I will be your advocate.”

Director Mike Silber also spoke in support of the RrSG’s position.

“My view is if what you are saying is correct, the LEA’s have blown 
their credibility,” he said. “They’re going to have to do a lot of work 
before we impose similar disproportional requirements on actors that are 
not proven to be bad actors.”

So what does this all mean for registrants?

I don’t think there’s any ongoing process right now to get the Whois 
verification requirements overturned — that would require a 
renegotiation of the RAA — but it does seem to mean demands from 
governments and police are going to have to be much more substantiated 
in future.

Noss attempted to link the problem to the recommendations of the Whois 
Expert Working Group (EWG), which propose a completely revamped, 
centralized Whois system with much more verification 
<http://domainincite.com/16855-whois-killer-is-a-recipe-for-a-clusterfuck> 
and not much to benefit registrants.

To paraphrase: if email verification causes so much harm, what harms 
could be caused by the EWG proposal?

The EWG was not stuffed with LEA or governments, however, so it couldn’t 
really be characterized as another set of unreasonable demands from the 
same entities.


PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com 
<http://www.haven2.com>, HANDLE: OConnorStP (ID for Twitter, Facebook, 
LinkedIn, etc.)

ATOM RSS1 RSS2