Latest news of the domain name industry

Recent Posts

ICANN: we won’t force registrars to suspend domains

Kevin Murphy, October 2, 2015, 09:04:26 (UTC), Domain Registrars

In one of the ongoing battles between registrars and the intellectual property lobby, ICANN’s compliance department seems to have sided with the registrars, for now.

Registrars will not be forced to suspend domain names when people complain about abusive or illegal behavior on the associated web sites, according to chief contract compliance office Allen Grogan.

The decision will please registrars but will come as a blow to the likes of music and movie studios and those who fight to shut down dodgy internet pharmacies.

Grogan yesterday published his interpretation of the 2013 Registrar Accreditation Agreement, specifically the section (3.18) that obliges registrars to “investigate and respond appropriately” abuse reports.

The IP crowd take this to mean that if they submit an abuse report claiming, for example, that a web site sells medicines across borders without an appropriate license, the registrar should check out the site then turn off the domain.

Registrars, on the other hand, claim they’re in no position to make a judgment call about the legality of a site unless presented with a proper court order.

Grogan appears to have taken this view also, though he indicated that his work is not yet done. He wrote:

Sometimes a complaining party takes the position that that there is only one appropriate response to a report of abuse or illegal activity, namely to suspend or terminate the domain name registration. In the same circumstances, a registrar may take the position that it is not qualified to make a determination regarding whether the activity in question is illegal and that the registrar is unwilling to suspend or terminate the domain name registration absent an order from a court of competent jurisdiction. I am continuing to work toward finding ways to bridge these gaps.

It’s a testament to how little agreement there is on this issue that, when we asked Grogan back in June how long it would take to provide clarity, he estimated it would take “a few weeks”. Yet it’s still not fully resolved.

His blog post last night contains a seven-point checklist that abuse reporters must conform to in order to give registrars enough detail to with with.

They must, for example, be specific about who they are, where the allegedly abusive content can be found, whose rights are being infringed, and which laws are being broken in which jurisdiction.

It also contains a six-point checklist for how registrars must respond.

Registrars are only obliged to investigate the URL in question (unless they fear exposure to malware or child abuse material), inform the registrant about the complaint, and inform the reporter what, if anything, they’ve done to remediate the situation.

There’s no obligation to suspend domains, and registrars seem to have great leeway in how they treat the report.

In short, Grogan has interpreted RAA 3.18 in a way that does not seem to place any substantial additional burden on registrars.

He’s convening a roundtable discussion for the forthcoming ICANN meeting in Dublin with a view to getting registrars to agree to some non-binding “voluntary self-regulatory” best practices.

Tagged: , , , , ,

Comments (4)

  1. James Louis says:

    It is amazing to see how ICANN can take something as straight forward as a two party contract and muck it up. Then again why even have contracts if ICANN is going to issue “interpretation via blog post”? (YES a new acronym has been born this day (IvBP))

    In this case – why even have section 3.18 in the contract if it is nothing but a meaningless charade? What was the ICANN Senior Management and Board’s intent when they insisted 2 years ago on this language in the bilateral negotiations? Exchange some emails but do nothing? What has changed now that they decided they will not really require anything but a series of check boxes that fit nicely into another compliance spreadsheet? Yes the IP lobby will and should be put off by this but it shouldn’t stop there.

    The larger issue people should be worried about is this trend of blog posts as a vehicle for contractual interpretation and enforcement. General counsels at the large contracted parties must be scratching their heads over this one. You don’t see GoDaddy pondering contractual interpretation via blog post and you’d be hard pressed to find any other publically traded company doing the same.

    Registrars may be happy with the short term result but what will ICANN IvBP next? Equal treatment of registrars for pricing and promotions? “Framework” for Specification 11 of the Registry Agreement? Whois validation? Inter-registrar transfer validation? Release of country names and territories at the second level? Assignments for future registry sales/acquisitions?

    Is that a predicable way to plan your business? Do you have any more certainty today about what your contract with ICANN means? Chances are you probably have less. It’s anybody’s guess about what they will interpret next.

    Could this extend beyond contract to how ICANN implements and adheres to any enhanced accountability mechanisms as a result of the CCWG? Will we see a blog post in 3 years explaining what “binding arbitration” really means to the ICANN Board?

    Is this the sign of a mature organization ready to take the training wheels off? I’m sure plenty of people, including registrars, would say no

    • “Exchange some emails but do nothing?”

      There are a lot of jurisdictions, and a lot of laws.

      What is it that you believe to be the “one size fits all” approach to a registrar receiving a claim from anyone on the internet that someone is doing something illegal?

      The many other large scale criminal organizations pointed out here before; HSBC, Bank of America, Verizon, Paypal, etc., which have all either made plea deals or settlements of consumer law violations; have been joined by what is probably the most massive criminal organization now on the planet – Volkswagen.

      Volkswagen has been engaged in deliberate, flagrant and willful criminal activity for a period spanning several years, and there is no question that they use their internet domain names to promote and further their criminal enterprise by advertising the illegal vehicles in question.

      You are their registrar and receive notice of Volkswagen’s criminal activity. Do you take their domain name down?

      And if your answer is “no”, then can you please provide some helpful distinction between the classes of criminals the registrars are supposed to police, and those criminals the registrars are intended to ignore?

      Mr. Grogan could not, and seemed positively baffled by the suggestion that Barclays Bank – an admitted criminal – should have its domain names suspended.

      In particular relation to Barclays, we now have the position of ICANN that while the AGB does not permit assignment of a TLD to an organization in which an official has been found guilty of a crime, it is perfectly acceptable if the organization as a whole has pleaded guilty to crimes.

      As is typical among those who do not have to deal with the endless stream of oddities that arrive via an abuse queue, I’m sure you think these situations are, in some unspoken way, “different from the situations I have in mind”. If so, then please point to the language of the RAA which distinguishes between a spammer and someone who puts millions of unlawfully toxic machines on road by advertising them online.

  2. Interesting take, however this is not ICANN making a new interpretation, but rather clarifying the existing interpretation for the benefit of those who were constantly trying to get ICANN to expand into a role of policy police and make the RAA section into something it was not intended to be.

    As one of the registrar reps at the table, it was commonly understood and agreed that the above was exactly what this section was intended to achieve: Turn registrar abuse channels from a black hole into something where a respondent would at least have a guarantee that it would be read and responded to.

    While certain interests have tried using this section and turn it into a duty of registrars to policy content, it was never intended as such and therefore the blog post Allen posted was very welcome indeed as it cleared up some common misunderstandings, while at the same time outlining details of what makes a good complaint.

  3. This is an absolute invitation to delayed justice.

Add Your Comment