Re: [registrars] Fw: WHOIS & Transfers reports

["Nezih Erkman" <nezih@erkman.com>]

I just want to second Bruce and summarize it so there will be no misunderstanding:

Before a transfer request, gaining registrar MUST have received authorization for transfer.
If a transfer is initiated without getting authorization from proper contact, it's the gaining registrar who broke the law NOT the
losing registrar.
At that point, ICANN must step in and enforce their agreement or eliminate the bad apple.

I also understand Tim's concerns. Unfortunately, unauthorized transfers are still happening and we all suffer, as much as we suffer
from 'not being able to transfer with a proper authorization'. Trusting your competitor is the wrong phrase. We trust ICANN who
gives accreditation and introduce them to us as an trustworthy entity.

Mini-storage owner wouldn't give the car, because the asking party is a unknown person. In domain industry, the asking party is a
known entity bound by agreements. This entity must be trusted. If they are not trustworthy, ICANN must eliminate them.

Best Regards,

Nezih Jack Erkman
R & K GBS, Inc.
000Domains.com
501-779-1934
----- Original Message -----
From: "Siegfried Langenbach" <svl@nrw.net>
To: "Registrars" <Registrars@dnso.org>
Sent: Thursday, February 27, 2003 1:18 AM
Subject: Re: [registrars] Fw: WHOIS & Transfers reports


> Hallo,
>
> It is not the first time in that very issue that I rise my objections to the
> suggested transfer procedure.
>
> For the sake of shortness I will concentrate on one item only:
>
> 25. Instances when the Losing Registrar may not deny a
> transfer include, but are not limited to;
>
> *   No response from the Registrant or Administrative
>     contact ...
>
> I do repeat : no response can, according to german law ( and I
> would be surprised if in other european countries that is different),
> NOT be considered as agreement.
>
> It just as simple : introducing that will have the effect that some
> registrars will act agains the law or not follow that procedure:
> not really a good result.
> Not dealing with that fact is not going to help anybody.
>
> siegfried
>
>
> On 26 Feb 2003 at 19:38, Ken Stubbs wrote:
>
> > FYI...
> >
> > ----- Original Message -----
> > From: "Cute, Brian" <bcute@networksolutions.com>
> > Sent: Wednesday, February 26, 2003 7:07 PM
> > Subject: WHOIS & Transfers reports
> >
> >
> > > Dear Bruce and Ken,
> > >
> > > I am writing you on behalf of Network Solutions with regard
> > > to the GNSO Council's recent approval of task force reports on Transfers
> > and
> > > WHOIS.  As our registrar representatives on the Council, I write to you to
> > > underscore Network Solutions' continuing concern regarding the likely
> > > negative impact of the implementation of these Reports on registrants and
> > > registrars alike.  Specifically, the growing awareness within the
> > Registrar
> > > community of the privacy implications raised by these Reports has given us
> > > pause to again carefully consider whether the implementation of either
> > > Report at this time is desirable.  We believe that implementation of
> > either
> > > report would be premature, at best.
> > >
> > > Network Solutions participated in the development of each
> > > report in an effort to improve the recommendations contained therein.  We
> > > believe that the reports have been improved, but have become increasingly
> > > convinced that implementation of them could 1) create significant privacy
> > > concerns for registrants; 2) subject consumers to future unauthorized
> > domain
> > > name transfers and unwanted marketing solicitations;  and 3) create
> > > unworkable obligations and significant potential liability for registrars.
> > >
> > > Specifically, the Transfers Report seeks to
> > > significantly restructure the transfer process in response to concerns
> > > raised almost two years ago about the efficiency and reliability of the
> > > transfer process.  During that period, however, broad improvements in the
> > > efficiency of transfers have rendered the issues addressed by the
> > Transfers
> > > Report all but moot.  At Network Solutions, for example, transfer success
> > > rates have dramatically improved since the Transfers Task Force initiated
> > > its work.  Today, almost 90 percent of attempts to transfer domain names
> > > from Network Solutions are successful and we expect that ratio to continue
> > > to rise as our processes are improved.  As a result, we believe that
> > > implementation of the Transfers Report would have a limited impact on the
> > > efficiency of transfers.
> > >
> > > In contrast, the proposed transfer procedures would
> > > unavoidably have the affect of increasing the rate of unauthorized
> > > transfers.  Rising incidences of slamming make the inherent risk of
> > imposing
> > > the proposed transfer scheme contained in the Transfers Report greater
> > than
> > > ever for registrants.  Although the Transfers Report attempts to provide
> > as
> > > many safeguards as possible for registrants, the proposed process requires
> > > registry transfers to be initiated before the registrant has verified the
> > > transfer.  We continue to believe that this system will encourage
> > slamming,
> > > as unscrupulous actors will simply migrate to the gaining registrars with
> > > the weakest systems of checks and balances.
> > >
> > > Finally, shifting responsibility for transfer verification
> > > to gaining registrars creates an unreasonable burden for registrars, as it
> > > is virtually impossible for registrars to efficiently and reliably verify
> > > the identity of registrants.  Compounding this structural flaw, the
> > > Transfers Report would have registrars verify transfer requests through
> > the
> > > collection of registrant personal data.  In addition to raising privacy
> > > concerns for registrants, collection of personal data subjects registrars
> > to
> > > potential liability for the collection, handling and storage of this
> > > personal data.  As just about everyone in the industry knows, registrars'
> > > obligations under various privacy laws have not been adequately addressed
> > in
> > > EITHER the Transfers or the WHOIS Reports process.
> > >
> > > It is also premature to implement the WHOIS Report at this
> > > time.  While we support the goal of maintaining accurate WHOIS data, the
> > > WHOIS Report seeks to impose registrant identity verification obligations
> > > that require registrars to obtain personal data from registrants.  As
> > noted
> > > above, it is impossible for registrars to efficiently and reliably verify
> > > the identity of registrants.  Requiring registrars to collect additional
> > > personal data -- data that will not be published along with WHOIS data --
> > > raises significant privacy concerns.  Since the WHOIS Task Force's
> > original
> > > mandate did not require an examination of privacy considerations, these
> > > concerns must be addressed before any determination concerning the WHOIS
> > > Report implementation can be made.
> > >
> > > Finally, although the GNSO Council seems to have proposed
> > > that the WHOIS task force report not be implemented until the Council has
> > > completed its examination of the privacy implications of WHOIS, this
> > > condition is not clear and any further implementation of the WHOIS report
> > > should specifically be delayed until the Council's privacy study is
> > > completed.  This is important because even the proposed modifications to
> > > Registrars' bulk WHOIS access agreements, in the final analysis, will
> > > neither eliminate prospective misuse of registrant data nor protect
> > > consumers from unwelcome marketing solicitations.  Incremental attempts to
> > > restrict third party use of bulk WHOIS data do not address the fundamental
> > > point (and growing consensus among registrars) that only the elimination
> > of
> > > third party bulk WHOIS access obligations will protect registrars and
> > > consumers alike from misuse of registrant data.
> > >
> > > In light of the all of the above, I wanted to let you know
> > > our continued strong view that it would be premature for the Board to
> > > approve and implement either Report until the privacy concerns cited above
> > > are fully addressed and understood.
> > >
> > >
> > > Sincerely,
> > > Brian Cute
> > >
> > >
> >
>
>
>