RE: [registrars] Fw: WHOIS & Transfers reports

["Tim Ruiz" <tim@godaddy.com>]

>Mini-storage owner wouldn't give the car, because the asking party
>is a unknown person. In domain industry, the asking party is a known
>entity bound by agreements. This entity must be trusted. If they are
>not trustworthy, ICANN must eliminate them.

The mini-storage operator is bound by some pretty clear laws and
regulations, call them agreements if you will, agreed to when they chose to
begin operations.

The point is that there is currently no enforcement. When there are problems
we are pretty much left to fend for ourselves and work it out with the other
registrar. Sometimes that goes well, sometimes it doesn't. There is also
nothing in our RAA or RRA that will protect us from being held liable if a
registrant chooses to pursue us in the event of a fraudulent transfer.
Hence, it is a matter of trust involving a competitor, or call it an entity
if you like, the result is the same.

Tim

-----Original Message-----
From: owner-registrars@dnso.org [mailto:owner-registrars@dnso.org]On
Behalf Of Nezih Erkman
Sent: Thursday, February 27, 2003 10:46 AM
To: Registrars Constituency
Subject: Re: [registrars] Fw: WHOIS & Transfers reports


I just want to second Bruce and summarize it so there will be no
misunderstanding:

Before a transfer request, gaining registrar MUST have received
authorization for transfer.
If a transfer is initiated without getting authorization from proper
contact, it's the gaining registrar who broke the law NOT the
losing registrar.
At that point, ICANN must step in and enforce their agreement or eliminate
the bad apple.

I also understand Tim's concerns. Unfortunately, unauthorized transfers are
still happening and we all suffer, as much as we suffer
from 'not being able to transfer with a proper authorization'. Trusting your
competitor is the wrong phrase. We trust ICANN who
gives accreditation and introduce them to us as an trustworthy entity.

Mini-storage owner wouldn't give the car, because the asking party is a
unknown person. In domain industry, the asking party is a
known entity bound by agreements. This entity must be trusted. If they are
not trustworthy, ICANN must eliminate them.

Best Regards,

Nezih Jack Erkman
R & K GBS, Inc.
000Domains.com
501-779-1934
----- Original Message -----
From: "Siegfried Langenbach" <svl@nrw.net>
To: "Registrars" <Registrars@dnso.org>
Sent: Thursday, February 27, 2003 1:18 AM
Subject: Re: [registrars] Fw: WHOIS & Transfers reports


> Hallo,
>
> It is not the first time in that very issue that I rise my objections to
the
> suggested transfer procedure.
>
> For the sake of shortness I will concentrate on one item only:
>
> 25. Instances when the Losing Registrar may not deny a
> transfer include, but are not limited to;
>
> *   No response from the Registrant or Administrative
>     contact ...
>
> I do repeat : no response can, according to german law ( and I
> would be surprised if in other european countries that is different),
> NOT be considered as agreement.
>
> It just as simple : introducing that will have the effect that some
> registrars will act agains the law or not follow that procedure:
> not really a good result.
> Not dealing with that fact is not going to help anybody.
>
> siegfried
>
>
> On 26 Feb 2003 at 19:38, Ken Stubbs wrote:
>
> > FYI...
> >
> > ----- Original Message -----
> > From: "Cute, Brian" <bcute@networksolutions.com>
> > Sent: Wednesday, February 26, 2003 7:07 PM
> > Subject: WHOIS & Transfers reports
> >
> >
> > > Dear Bruce and Ken,
> > >
> > > I am writing you on behalf of Network Solutions with regard
> > > to the GNSO Council's recent approval of task force reports on
Transfers
> > and
> > > WHOIS.  As our registrar representatives on the Council, I write to
you to
> > > underscore Network Solutions' continuing concern regarding the likely
> > > negative impact of the implementation of these Reports on registrants
and
> > > registrars alike.  Specifically, the growing awareness within the
> > Registrar
> > > community of the privacy implications raised by these Reports has
given us
> > > pause to again carefully consider whether the implementation of either
> > > Report at this time is desirable.  We believe that implementation of
> > either
> > > report would be premature, at best.
> > >
> > > Network Solutions participated in the development of each
> > > report in an effort to improve the recommendations contained therein.
We
> > > believe that the reports have been improved, but have become
increasingly
> > > convinced that implementation of them could 1) create significant
privacy
> > > concerns for registrants; 2) subject consumers to future unauthorized
> > domain
> > > name transfers and unwanted marketing solicitations;  and 3) create
> > > unworkable obligations and significant potential liability for
registrars.
> > >
> > > Specifically, the Transfers Report seeks to
> > > significantly restructure the transfer process in response to concerns
> > > raised almost two years ago about the efficiency and reliability of
the
> > > transfer process.  During that period, however, broad improvements in
the
> > > efficiency of transfers have rendered the issues addressed by the
> > Transfers
> > > Report all but moot.  At Network Solutions, for example, transfer
success
> > > rates have dramatically improved since the Transfers Task Force
initiated
> > > its work.  Today, almost 90 percent of attempts to transfer domain
names
> > > from Network Solutions are successful and we expect that ratio to
continue
> > > to rise as our processes are improved.  As a result, we believe that
> > > implementation of the Transfers Report would have a limited impact on
the
> > > efficiency of transfers.
> > >
> > > In contrast, the proposed transfer procedures would
> > > unavoidably have the affect of increasing the rate of unauthorized
> > > transfers.  Rising incidences of slamming make the inherent risk of
> > imposing
> > > the proposed transfer scheme contained in the Transfers Report greater
> > than
> > > ever for registrants.  Although the Transfers Report attempts to
provide
> > as
> > > many safeguards as possible for registrants, the proposed process
requires
> > > registry transfers to be initiated before the registrant has verified
the
> > > transfer.  We continue to believe that this system will encourage
> > slamming,
> > > as unscrupulous actors will simply migrate to the gaining registrars
with
> > > the weakest systems of checks and balances.
> > >
> > > Finally, shifting responsibility for transfer verification
> > > to gaining registrars creates an unreasonable burden for registrars,
as it
> > > is virtually impossible for registrars to efficiently and reliably
verify
> > > the identity of registrants.  Compounding this structural flaw, the
> > > Transfers Report would have registrars verify transfer requests
through
> > the
> > > collection of registrant personal data.  In addition to raising
privacy
> > > concerns for registrants, collection of personal data subjects
registrars
> > to
> > > potential liability for the collection, handling and storage of this
> > > personal data.  As just about everyone in the industry knows,
registrars'
> > > obligations under various privacy laws have not been adequately
addressed
> > in
> > > EITHER the Transfers or the WHOIS Reports process.
> > >
> > > It is also premature to implement the WHOIS Report at this
> > > time.  While we support the goal of maintaining accurate WHOIS data,
the
> > > WHOIS Report seeks to impose registrant identity verification
obligations
> > > that require registrars to obtain personal data from registrants.  As
> > noted
> > > above, it is impossible for registrars to efficiently and reliably
verify
> > > the identity of registrants.  Requiring registrars to collect
additional
> > > personal data -- data that will not be published along with WHOIS
data --
> > > raises significant privacy concerns.  Since the WHOIS Task Force's
> > original
> > > mandate did not require an examination of privacy considerations,
these
> > > concerns must be addressed before any determination concerning the
WHOIS
> > > Report implementation can be made.
> > >
> > > Finally, although the GNSO Council seems to have proposed
> > > that the WHOIS task force report not be implemented until the Council
has
> > > completed its examination of the privacy implications of WHOIS, this
> > > condition is not clear and any further implementation of the WHOIS
report
> > > should specifically be delayed until the Council's privacy study is
> > > completed.  This is important because even the proposed modifications
to
> > > Registrars' bulk WHOIS access agreements, in the final analysis, will
> > > neither eliminate prospective misuse of registrant data nor protect
> > > consumers from unwelcome marketing solicitations.  Incremental
attempts to
> > > restrict third party use of bulk WHOIS data do not address the
fundamental
> > > point (and growing consensus among registrars) that only the
elimination
> > of
> > > third party bulk WHOIS access obligations will protect registrars and
> > > consumers alike from misuse of registrant data.
> > >
> > > In light of the all of the above, I wanted to let you know
> > > our continued strong view that it would be premature for the Board to
> > > approve and implement either Report until the privacy concerns cited
above
> > > are fully addressed and understood.
> > >
> > >
> > > Sincerely,
> > > Brian Cute
> > >
> > >
> >
>
>
>