The Internet Corporation for
Assigned Names and Numbers
WHOIS TASK FORCE CALL September 23, 2002
September 23, 2002
Task Force members
Marilyn Cade Co Chair – BC
Tony Harris – Co- Chair ISPCPC
Dan Steinberg – GA
Abel Wisman - GA
Steve Metalitz – IPC
Laurence Djolakian – IPC
Thomas Roessler – GA Chair
Oscar Robles – ccTLD constituency
Sabine Dolderer - de
UNIDENTIFIED PARTICIPANT: AT&T Teleconference. Conference call for Miss Marilyn Cade. Conference ID number B as in Bob, M as in Michael, C as in Charles 5108.
CADE: We have enough (ph) so can you tell me -- I was just going to try to take the roll here, and I heard a couple of more people join.
STEVE METALITZ (ph): Hi this is Steve Metalitz (ph).
CADE: Hi Steve (ph).
UNIDENTIFIED PARTICIPANT: Hi people.
CADE: Hi Laurence (ph).
SABINE (ph): Yes. Hi Steve (ph). This is Sabine (ph) from .de
CADE: ... Sabine (ph) I didn't -- I wanted to be sure that we welcomed you and got started so we wouldn't waste your time.
SABINE (ph): Yes. Actually I have not so much time left. I maybe have only half an hour.
CADE: That's really fine. Let me just real quickly again do the roll call. Tony (ph), my co-chair (ph) and I are here. I have Thomas Roessler (ph). I have Abel Wisman (ph). I have Steve Metalitz (ph), Lauren (ph), Sabine (ph). Anyone else? And Glen (ph).
Why don't we go ahead and get started. I had invited Sabine (ph) to join us as she as many of you have met her because we have, the elected reps, have attended cross constituency consultations with the CCTLDs (ph). And many of you have met Sabine (ph). I asked her to join us to talk with us about the views of one of the, I guess I should say, the largest ...
SABINE (ph): One of the biggest figures (ph) ...
CADE: .... In CCTLDs (ph) registry. And it's quite a unique I think situation. May I just ask you Sabine (ph) to tell us about your registry? And then we'll go into maybe just a few questions.
This is very much an informal dialogue in our (INAUDIBLE) as a task force to better understand the uniqueness that exists in the CCTLVs (ph). Because we of course will be making some recommendations related to who is (ph). At this point the kind of at a very broad level, our recommendation is that who is (ph) issues need to develop on different tracks in relation to the CCTLDs (ph) and the GTLDs (ph).
But we wanted to have some information exchange with several of the CCTLDs (ph) managers, just to improve our understanding.
SABINE (ph): OK. Yes.
As you know DENIC (ph) is one of the bigger CCTLDss (ph), and we are very much based in Germany, so we don't have very much customers from outside Germany. At the moment we have about 15,000 registrations from outside Germany, mainly big companies have protecting their trade names according to 5.5 million in total. That's a very less amount. So basically, most of our customers are German residents. There is a possibility to register outside Germany, but it's very less used.
Currently about 70 to 80 percent of our users are private users, using a domain. And that's I think also why we have so much registrations in total. So in Germany it's very popular to have a sort of a, you know, birthday website or wedding website, or whatever. But just private purposes.
And we have since the very beginning a who is (ph) service like the who is (ph) service in the dot com (ph) area. But we have had a lot of discussions with our Data Protection Authorities about the issue, and we have now found sort of a modus vivendi where we both can live with. From the registry's point of view, we have basically the intent or we want to publish at least the data who owns the domain name to -- or who is the holder of the domain name, just because it's you (ph). And if somebody wants to ...
OSCAR (ph): Hi this is Oscar (ph).
SABINE (ph): Hi Oscar (ph). Sabine (ph) here.
Because if somebody wants to see if somebody has (INAUDIBLE) his trademark or his name, he has to know who is the domain name holder. And actually that's the only thing which the Data Protection Authority allows us to publish. And that's who is the holder and the address of the holder, the postal address of the holder.
We have had a lot of discussions to publish also telephone number, fax number, or email addresses, and that was refused actually later (ph) by the Data Protection Authority who softly (ph) say there is no real technical need for that.
So in Germany, we have all this -- we have had all of this to discuss -- if there is a technical or administrative (ph) need, if there is no need -- it's simply nice to have. They refuse us to touch the data, only if we have real hard reasons, then we are allowed to.
That's basically the summary.
THOMAS ROESSLER: May I get into the queue?
CADE (?): Yes sure. Shall we start a queue? Let's start with Thomas (ph), and then who else?
METALITZ (ph): This is Steve Metalitz (ph), if I can go in the queue.
CADE (?): OK. Why don't we start with Thomas (ph) and Steve (ph), and then we'll add other people to the queue.
THOMAS (ph) (?): Sabine (ph), I have one more question. What are you doing about advanced search services (ph) much of searching all domain names registered by a certain party or all domain names with a certain administrative or technical contact or things like that?
SABINE (ph): We only do that on a per case base. If somebody comes to us and makes us a reason, actually can claim that he has a reason that we should do the search for him. There is no overall set of possibilities reliable (ph).
THOMAS (ph): So it's no automatic service, but people have really to get to you and say please do it for us?
SABINE (ph): No. People have to come to us and have to say yes we have -- here is our trademark, we have the need to find out if our trademark's there. It's not allowable (ph) and it's not allowed to give you the reliable (ph).
CADE (?): Steve (ph)?
METALITZ (ph): Yes. I just wanted to get a little more information about the contact you've had with the Data Protection Authorities. As I understand it in Germany, there is not a central national Data Protection Authority ...
SABINE (ph): Yes.
METALITZ (ph): There are a number of them. Maybe you could talk a little more about the contact you've had with them and the directives (ph) you have received?
SABINE (ph): Yes. In Germany we are dealing (ph) as a private entity. We are underlying the Data Protection Law for Hessen -- no, not public authorities. That's the clear term. And so somebody is residing in Frankfurt (ph), the public authority which is responsible for us is the Data Protection Authority for Hessen (ph), which is the federal country where Frankfurt (ph) is in.
And they have done in 2000, quite a lot of things according to our practice and they have also recorded in their -- there is also a report from them which is only available in German, but there they have actually discussed all of the issues.
METALITZ (ph): So when you say that, you said in the beginning that the Data Protection Authorities would permit certain things and not permit certain things, you were referring to the Hessen (ph) authorities?
SABINE (ph): Yes. Actually I referred to the Hessen (ph) authority which was the one who was our supervisor according to these things (ph).
METALITZ (ph): Right. Thank you very much.
SABINE (ph): So they have to supervise all the organizations in Hessen (ph).
METALITZ (ph): Thank you.
CADE: Sabine (ph) it's Marilyn.
SABINE (ph): Yes.
CADE: Let me see if anyone else wants to join the queue.
HARRIS (ph): Yes. Can I get in the queue, Tony Harris (ph)?
CADE: OK Tony (ph).
LAURENCE (ph): Yes. And Laurence (ph) as well.
CADE: And Laurence (ph).
SABINE (ph): Actually I have to stress that even if we are -- the Hessen (ph) is responsible for us, I know that there are coordination meetings on a federal level where all of the federal authorities come together. And I know that they have raised the issue also on a more global level in Germany.
CADE: Let me take Tony (ph) and Laurence (ph), and then I'll add myself at the end of the queue.
HARRIS (ph): Yes. Sabine (ph) good morning, Tony Harris (ph) here.
I was just access the DENIC.de (ph), and I asked -- I entered a domain name which is Abovenet (ph), which I believe was registered by Michael Schneider (ph) ...
SABINE (ph): Yes.
HARRIS (ph): Some time back. And I was just seeing the fields that you have here in the response. It's in German, which gives me a little bit of a problem, I don't speak German.
SABINE (ph): Yes.
HARRIS (ph): But you have three items at the end, which are status, domain name, nameserver I'm not too clear what those three cover.
SABINE (ph): ....
HARRIS (ph): They're actually fields in your response on domain name data.
SABINE (ph): OK. You have domain name. First is domain name, then you have domain name holder. Domain inhaber (ph) ...
HARRIS: Yes that would be among that, that's fine.
HARRIS: OK. Then you have names server?
SABINE: Then you have the status, which is connected on, exactly we have a status if you have in Germany where what way we're doing it. We check names of list before we enter in it on the phone. We don't (INAUDIBLE).
HARRIS: You want to check on the name service.
SABINE: Yes we run a check on the name service.
HARRIS: Is that automatic or do you do that manually?
SABINE: It's an automatic. Obviously I don't have ...
HARRIS: It's important because we were discussing this the other day. So you that automatic then?
SABINE: It's automatically it's when we check it actually if the name service which you're telling us have the sound loaded because in our approach it's actually seen if somebody tells us a name server and we enter the name server in our Email server which brought traffic on your name server and they're properly looking for a sort of consent that you're willing to provide a service. And therefore we do the check.
SABINE: And if you have -- if the checks haven't gone through you have four weeks to come with a new update and then you have – they’re (ph) not ready yet status.
HARRIS: OK. And the one after that the let's say (INAUDIBLE).
SABINE: … last change…
HARRIS: That’s the last change, in this case it says August 2000, fine.
SABINE: Yes …
HARRIS: …the (INAUDIBLE) I suppose is today’s date because it says 23 September …
SABINE: …today’s date it’s – usually it should actually be the same date and the same time but sometimes – if it has been on (INAUDIBLE) then you have some kind of delay from one hour and things like that – today …
HARRIS: Fine, thank you for clarifying that.
SABINE: We are working on the English.
HARRIS: OK. Yes, I tried to flag but it didn’t bring the English up.
SABINE: … it’s not that (INAUDIBLE) but it’s one of our major (INAUDIBLE) next couple of …
HARRIS: … OK.
MARILYN: Lauren (ph)?
LAURENCE (ph): Yes I just – maybe you answered (INAUDIBLE) question, how the dates are, how do you keep the dates up to date (ph) – do you regularly update the data which are on the (INAUDIBLE) how do you organize that?
SABINE: Actually we have sort of a (INAUDIBLE) model (ph) so the (INAUDIBLE) would have to contact the (INAUDIBLE) firm and they are providing us with the data. The main – actually the contract (ph) part (ph) of the domain (ph) is direct (ph) betweenRegistry and direct (phRegistrar and we have the responsibility (ph) to cancel the domain if there is incorrect data. And it is one duty of the registrant that people provide us with correct (ph) data. So …
LAURENCE: … So it’s up to the registrant to …
SABINE: … It’s an obligation of the registrant to provide …
LAURENCE: … if someone contacts you and says (ph) this data – I looked into (ph) it (ph) and this data is obviously wrong, do you react immediately, do you do something?
SABINE: Yes, we usually give the information to the registrar to provide us with current data if the registrar doesn’t (ph) come back to us we cancel the domain.
SABINE: Yes. That’s very straight forward we -- some interations (ph) in there but this is more or less straight forward. Thank you.
MARILYN: Sounds like heaven.
SABINE: It’s not heaven. It’s sometimes very difficult because our records (INAUDIBLE) have to deal with them (INAUDIBLE)
SABINE: It takes some time. …
MARILYN: … It’s (INAUDIBLE) I have a couple of questions, one thing that sounds very different to me about gTLD registrations from many other sub – excuse me from the GTLD Registration. At one point about three years ago I got network solution verifying (ph) to do an estimate for me of the kinds of registration they had just a ball park and at that time something like 70 to 80 percent were entity organization businesses.
People who was holding themselves out to communicate with the public in someway or another then there was of the remaining 20 percent there was some small number that were truly individual and there was a number of people who fell into the classic cyber squatting warehouser category. But what you described and it doesn't surprise me but I think it's very unique excuse me I think it may be different then the GTLDs you've described a very, very high percentage of individual who used the domain name really for a most personal use.
MARILYN: If it's actually personal use or public use for their you know Germans are applopious (ph) they come out whether they have football themes they have garden themes or whatever ...
MARILYN: And they just use it to communicate. I think it's first of all it's very cheap and it's very it's getting very popular we have in the past we have had to choose companies who offered its very aggressively marketing was marketing power and it was in two sizes and it just became very, very popular for everybody to have his own domain name.
MARILYN: And so that is what you've you have SLDs I take it. You have second level ...
SABINE: No we don't have that.
MARILYN: You don't have that.
SABINE: We have just flat that we haven't the numbers flat 5.6 in the domain.
MARILYN: You do OK it is flat.
MARILYN: But according the cyber squatting that's not such a big problem in Germany and that's because in Germany usually people who are have to pay their -- if you go to court it calls us trade violation. The one who loses the case has to pay the fee and they have to pay the fee accordingly to the estimated damages he made. So if you have a very well know trade mark then it's very expensive if you lose the case and so people learn very fast but it can be very expensive if you just decided squatting on trade marks.
MARILYN: And they had a couple of other questions. You talked about state of accuracy (ph). Have you -- do you see I mean of the 15 thousand names that you have that are companies doing business in Europe or primarily companies that are protecting their trade mark?
SABINE: We think of this well we don't have really looked quickly into it but its most of the people most of the entities doing business in Germany have registered with a German company subset and I think when we actually opened we opened for foreign registrations in 2001 last year October I think.
So its not so it's only one year ago.
SABINE: No 2000 we opened in 2000.
MARILYN: 2000 right.
SABINE: So it's two years ago and its we done market very impressive field well nobody marketed through it aggressively and so most of the trade marks are either registered by the subsidiaries the German subsidiaries of the big interview businesses or yes some minor amount of people from outside.
MARILYN: So really ...
HARRIS: I've just I have a very short question something Sabine (ph) said. When you said it's inexpensive what how much does the domain name cost in Germany?
SABINE (ph): It's actually we do we make it's actually we're one to one for profit base so we only take the money from our members which we need to run the service as the but in Germany you can get a domain name lets say for less $405 a year ...
HARRIS: Oh that's very reasonable.
MARILYN: ... On different languages or even lent it yourself sort of (INAUDIBLE).
SABINE: OK. Thank you.
MARILYN: Sabine (ph) the -- I want to go back to the process and I'll use the I use my company as an example just to kind of walk through this. So let's say that hypothetically AT&T has registered a domain name or that we are concerned about pleasing our mark because and we come to you and what's the process we would solve what's the process my inside or outside count vote would follow ...
SABINE (ph): OK.
MARILYN: ... Because we have evidence so we present you with a request but they then says we believe that some scam artist is going around to country to country and registering our famous and well known mark and it's causing consumer problems and confusing et cetera so we want to pursue validating that this is happening and we want to follow UDRP.
SABINE (ph): So (INAUDIBLE) duty my following (INAUDIBLE).
SABINE (ph): So actually we would offer you a sort of discreet entry while your cancel offers domain of transfer and then you'll be asked to go to the mailing holder directly.
MARILYN: OK. So you would offer us something what (ph) ...
SABINE (ph): We'd offer you we call it discreet entry which allows you to slot for the main for transfer and then you can it to the domain name holder either making friendly aware of the thing that is why using trade mark. Now he maybe should be able for domain name, which is Germany, does squat just because to tell him the amount of money you would, who you would sue him in Germany.
SABINE (ph): That usually that bad and if the domain name holder gives up and you ultimately gather the domain name.
MARILYN: So we would we'd come to you and present our evidence that's its ...
SABINE (ph): It's a trademark.
MARILYN: ... A trade mark and does it have to be a trade mark in that file in Germany or ...
SABINE (ph): No (INAUDIBLE) it has to be a trademark which is actually (INAUDIBLE) in Germany which means that the account of the European (INAUDIBLE) . It can also authorize his name. You have to make evidence that you have a sort of allowance to use the name we don't capture it really.
SABINE (ph): So it can also be the American trademark.
SABINE (ph): So it's more or less you'll have to make evidence that you haven't arrived ...
MARILYN CADE: And then.
SABINE (ph): ... Because it's not a real we don't charge about it ...
MARILYN CADE: I see.
SABINE (ph): I guess you have to present that or that.
MARILYN CADE: And let me go back to the accuracy (ph) issue so we could get the domain name hold we could get the domain name that's registered and we could get the mailing address of the person.
SABINE (ph): The postal address.
MARILYN CADE: Postal address yes.
SABINE (ph): Yes.
MARILYN: And are there circumstances where people need to come back to you to get other kinds of contact information telephone numbers or e-mail addresses and what's the process by which you would be able to provide that?
SABINE (ph): Usually if you have the postal address in Germany you are able to sue somebody.
MARILYN: Right, right.
SABINE (ph): So that's actually why we have the French Caldwell (ph) they could protection of authority business minimum requirement. So usually if we don't have all of e-mail or telephone access for them so that is actually the minimum need somebody has to provide until he get the letter and he don't response then you all the support that there is to pursue him immediately.
MARILYN: What if the mailing address is inaccurate if it's false?
SABINE (ph): If it's false you can get if would give us the information that the information is false and now we go to the Precise (ph) Patriotic (ph) Prop earlier you go to the registrar and tell hey the customer which you have put in to it is wrong data. Please provide us with a new address.
SABINE (ph): And if they don't come back (INAUDIBLE) we are able to cancel.
MARILYN: I see. I'm interested in the issue of cancellation because we've kind of seen that as they are fairly -- well when you explain one thing that is happening and I was at a part of the SCT Meeting here with some of the registrars last week.
Much of the data that is in the who is the GTLD who is what I call age data. It's wrong because it's old and changes happen to the just admin changes et cetera. Do you gather it sounds like that you might not gather all of the kinds of data that the GTLD registries do such as the technical contact and the administrative contacts and the registrars themselves.
SABINE (ph): Actually what we are doing we have our registrars and obligation to give first of all the registrar has the obligation to give us all the new information. You see if he don't give us the information we see that it is a violation of the contract. And that's for us an issue to cancel it and our registrars also have the oblige (ph) by (ph) conflict (ph) to provide all the information that they get from the registrar (INAUDIBLE) without delay and people that learn in Germany that you know they learn on the hard way.
SABINE (ph): But they learned it.
MATALITZ(ph): Sabine (ph) my name is Steve Matalitz (ph)
MATALITZ (ph): May I ask a question? I thought you said something about what information you collect or rather what information is collective from the registrar. Do you collect the e-mail address and the telephone number of the registrant or do you not collect?
SABINE (ph): We'd collect for the (INAUDIBLE) we collect only the domain the name of the domain name holder and the administrative contact.. For the administrative contact we collect more information like the e-mail address and the telephone number.
MATALITZ (ph): I see. But it's not ...
SABINE (ph): But only if the administrative conflict allows us to publish the data we're allowed to publish it. So sometimes we use it for phoning him but if he not he didn't allow us to publish the data the problem.
MATALITZ (ph): Thanks.
CADE: Can I ask a follow up question on the -- one of the issues that we sort of struggle with who else needs access to the data and what they use it for and the survey that we did let me pause for a minute to see if anyone else from our group has joined in the meantime. Do we anyone who hasn't announced themselves?
SARAH ANDREWS (ph): Yes Marilyn this is Sarah (ph).
CADE: Hi Sarah (ph).
ANDREWS (ph): Hi.
CADE: You're hear just in time because I was going to try and paraphrase a question and I was thinking Oh God if Sarah was here she could help here.
ANDREWS (ph): Well no I was just going to ask about the law enforcement act.
CADE: Oh good. Sarah (ph) is with EPIC (ph) Sabine (ph).
SABINE (ph): ....
CADE: Sarah (ph) is with EPIC (ph) she will tell who that is and she's one of our task force members and then let me turn a couple of questions over to her Sarah (ph).
ANDREWS (ph): Hi this is Sarah Andrews (ph) I'm with the Electronic Privacy Information Center (ph). We're a public interest group in Washington DC.
And I just had some questions regarding law enforcement access provisions. Are the access provisions the same for the private individual to get access to yours (ph) data?
SABINE: We have according to German data protection law usually there is the same they can be published to everybody on the same basis. So there is no difference.
According to German Data usually the protection for private sources is much bigger than for business entities. So we usually have to deal with as we always have thought that there are it's private data also included we have to deal with everything like is it for private data and therefore we have to protect -- in that way.
ANDREWS (ph): But when you're using the site on a case by case basis what would they need to show you? For example the trade mark owner shows you, you know evidence of their trademark.
SABINE: If it's a German trademark hall we usually get a couple of trademarks -- how do you say it.
THOMAS ROESSLER: Yes it's like a spickit (ph) than the counterparts of the PTO right
SABINE: Yes something where you have the official entry data
THOMAS ROESSLER: Sabine (ph) how are you dealing with national law and criminal law enforcement.
SABINE (ph): Sorry I understand you very -- it's so difficult for me to understand.
SABINE (ph): Oh usually we -- what we are usually doing is we -- if they have a sort of a (INAUDIBLE) why they need the data then we give them the data. Sometimes we have to give them if it's for kiss full (ph) analyze they have to...
SABINE (ph): We have to give them more day's subject with German law. Usually we try to look in German law and then we give a point of German law the data they have with filing.
MARILYN: Sabine (ph) I'm going to this here on I'm going to ask you a follow up question on this particular issue. One of the things that I observe with law enforcement and that I work with and I wearing a totally different hat I share a group that is concerned about protecting kids online and they rely local law enforcement uses the who is fairly heavily both domestically and internationally to try to look for child pornographers and other kinds of problems.
Do you in your feeling with law enforcement -- do you get different contacts -- you have a lot of different contacts from law enforcement ranging from tax to customs to a variety of different folks that come to you with different kinds of needs or are there needs all pretty much the same?
SABINE (ph): Usually the one we are looking child pornography and things they don't come direct to us because they get the data they need usually by the who is information directly.
We have some I have had a letter from one where they are complying (ph) about also their want entry, which is wrong, where we deal on the same basis how I told you earlier.
We have -- I wish that mainly one first about the techs (ph) authorities they are some times asking for list of information because if somebody has paid tech (ph) for some internet offers where you are looking for other internet offers to use providing.
And then they are looking for lists but that's usually not the case on the other.
MARILYN: Shall we do that queue does anyone else have...
LAURENCE: Yes I have a question.
MARILYN: Laurence (ph)?
THOMAS ROESSLER: Thomas (ph) here everyone but this can go into the end of the queue.
MARILYN: OK so Laurence (ph) Thomas (ph) Sarah (ph) did you have any follow up?
ANDREWS (ph) (?): Not right now.
MARILYN: OK thanks. Laurence (ph).
LAURENCE (ph): Yes Sabine (ph) when you say if I understand well for enforcement purposes you said that people providing data you need evidence that this data are needed.
Does it mean for instance that here for instance that our inter (ph) Paris city apartment there is a website where CDs (ph) for instance are sold illegally and they need to have the contact data of the person behind this web site and they contact you but then (ph) what information they need to provide you?
What do you mean when you say I need evidence which type of evidence do you need?
SABINE (ph) (?): The problem with this data you are describing would -- public (ph) illegal (ph). So if they need additional data it's usually data base search it for list of the namings (ph), list of which domains somebody has also -- so it's a more dedicated search in the data base and therefore we need evidence and some smaller -- if we are looking at some body that would go to a court and ask them to provide the data that we will have to give it.
THOMAS: But you don't give data without a court order?
SABINE (ph) (?): Pardon me.
SABINE: Are you going to translate? He's on (ph) the word he can do it better.
SABINE (ph) (?): Do you need a court order in France?
UNIDENTIFIED PARTICIPANT: No we don't need a court order.
THOMAS ROESSLER: We are trying to figure out if it's more we have to give it or don't really have to give it (INAUDIBLE) if I understand correctly if I do it estimate (ph) the court order they will always give it to the multi-court (ph) order you may get it or you may not get it correct?
SABINE: Yes we don't require a court order because that's.
SABINE: I said it was sufficient but not necessary.
MARILYN: Sabine (ph) for instance in this country ISPs get a very high number of requests for information what we call kitter (ph) information and we actually have a law that prevents us as ISPs from providing co-ecta (ph) contonic (ph) communication. So...
SABINE (ph) (?): I don't understand can you just try to repeat it.
MARILYN: Much of the information that -- well I was just trying (ph) to think about -- so how do you determine that the law enforcement person who comes to you is really a law enforcement person. Do you require them to give you a badge number or some king of verification that their with the tax authority or.
SABINE (ph) (?): Usually you see it at their -- they usually do it on official paper -- so you have the postal address and if you send to post to fiscal (ph) department something then it's...
MARILYNRight OK. So you would...
SABINE (ph) (?): We don't give it on the phone or we don't give it via e-mail so it's just...
SABINE (ph) (?): We only give these things on paper and ...
LAURENCE : Approximately would you say how long does it take for this procedure? If we need to access some data we will contact you. You decide that you have enough evidence to provide this data you contact (ph) the ledger (ph). How long does it take?
SABINE: It can be done within one week.
SABINE (ph) (?): It's not a big. It not that it is something which officially it's like some of Marilyn is coming with AT&T Chad (ph) lines (ph) and telling me we are AT&T and we want to see what AT&T star (ph) is bailed (ph) and we usually do that.
MARILYN: Sabine (ph) if we had an urgent situation where we had a porno site -- a child porno site was up with our brand or it was a piracy site or a consumer fraud site -- there's a way to expedite?
SABINE (ph) (?): No. Actually we don't see and in Germany actually that's one thing which comes up and done by the ISPs?
SABINE (ph) (?): Oh, which can also be done, but you can only do it on IP level and not on the main level. So it doesn't make really sense if you just put it on the main level.
MARILYN: And I'm assuming I know the answer to this but I'm going to ask anyway. The last question I sent you which was about marketing is you know there's a lot of complaint (ph) in the United States there's an estimate that a third of the traffic that is being carried by ISPs is unsolicited and we call it spam here.
Do you and there's a concern that a lot of the registrars in the gTLD the environment or even the registries that -- who is (ph) is being data mind (ph) or that perhaps the lists being sold and in fact in the GTLD the environment they are sold for marketing purposes.
What's the situation related to that in Germany?
SABINA (ph) (?): Actually in Germany you don't get the data on a marketing base. So we don't provide the data on CD or you can't buy it. So the data is only with us and what we are doing is we are limited to offer this.
We have the who is (ph) service calendar you can only ask for one domain. You don't get like in you don't get more of who is (ph) information.
MARILYN: You only get one at a time.
SABINE (ph) (?): you only get one at the time so and we are at the moment discussing also on a further limitation on the amount of requests per IP (ph). So that they can make (ph) money (ph) more or less prohibited.
MARILYN: And is there any discussion that you're aware of about transfer of the data within -- do you see any discussions when you talk with the data privacy folks about the transfer of the data -- like if I was in France and I make an inquiry is there any concern being raised with you by the data privacy folks about non German citizens you know about this German citizen information being transferred across boarders.
SABINE (ph) (?): I think they haven't really thought about it. So they didn't come up off me. But fortunately through my data privacy agency was such responsible for me also responsible for looking for these type of pornography things and therefore they are usually wearing two hats and once inside they want to protect the data on the other hand side they need the data for this issue we mentioned.
So we try obviously to find a (INAUDIBLE) which is supposed issues visible.
MARILYN: Thomas (ph) had another question.
ROESSLER: Actually two at this point. First one -- I hope I understood you correctly if at twice (ph) that you do not provide bulk access -- that it's a complete database for any purpose.
SABINE (ph) (?): Yes.
ROESSLER: OK second question I'm a little curious about one thing German equivalent of the FBI (INAUDIBLE) have a department which solves what are called (INAUDIBLE) -- that means they are doing research about metrics for crime without any specific (INAUDIBLE) basically they are fishing (ph) and I'm wondering if they are contacting you about any thing and what kind of access you are providing to them besides of course public (INAUDIBLE)?
SABINE (ph) (?): None I'm aware of.
ROESSLER: OK -- just --I am curious.
MARILYN: Thomas (ph) did you have another question?
ROESSLER: No that was it.
MARILYN: Anyone will take one last now (ph). Sabine (ph) I have a question it's not really a question it's sort of a statement we've talked to Bernie (ph) we're going to talk to Patricio Poblete a bit later at 12 today we have -- we will probably ask to have a further dialogue with the CC TLDs (ph) in Shanghai (ph) and I will send that invitation of to the Egpon (ph) and ask whether it is possible to have some discussion.
We are hearing in an interesting discussion that is coming across from the gTLDs -- the registrars you allow I think -- my question to you that convoluted -- do you allow I can register I can accredit to GTLD the registrars to act as a DENIC (ph) registrar?
SABINE (ph) (?): No well yes and no. Actually we -- everybody who is a member of DENIC is allowed to be a registrar within DENIC and we have some I can not tell you the registrars which are always also DENIC registrars but we don't allow ICANN registrars Per se.
MARILYN: I see.
SABINE (ph) (?): So they have to play to our rules. But actually AT&T is a member of DENIC
SABINE (ph) (?): For your information.
MARILYN: We're small members.
SABINE (ph) (?): You're a small member yes according to the numbers.
SABINE (ph) (?): But not otherwise.
MARILYN: And mostly for our interest is in trying to take care of our own customers and of our own needs rather then to be (INAUDIBLE) provider. Let me go back to my second question.
We're hearing now from some of the GTLD registrars that they are concerned about the cost of getting the data and keeping it accurate and are not sure it is that that it is their job to bear that responsibility of keeping the Whois as it is presently offered in the GTLD environment.
I don't mean to perforate (ph) for them but I'm hearing that discussion emerge.
THOMAS (ph): Marilyn I'm sorry for butting in but I've I'm trying to understand your question in one point. Are we talking about proactive checking at the time of registration or are we talking about repro active checking after the main has been reduced at some time.
CADE: The discussion I heard Thomas (ph) was that the feeling was that they don't they don't need the data which I sort of question because of transfers and that's where I wanted to go with Sabine (ph) to ask her about transfers.
But the discussion I'm hearing emerging is and I'm sorry that Tim (ph) and Ken (ph) are not on the phone because it would be good to get their point of view. But that much of the data that's gathered in the GTLD who is exceeds the data that they need for billing purposes.
And except for the administrative contact which is the primary information that they would need is provided really to serve others need and if that's an additional cost together that data and keep it accurate. My question to Sabine (ph) is to what extent do you find problems in transfers between registrars if those are supported in terms of accuracy of the data.
SABINE (ph): Really none. Mostly none because we have different transfer than the GTLD area. So the transfer up in Germany are done in a complete different base.
So usually your transfer in Germany is started by the registrar who gains the customer and he has to clarify that actually the same customer who is always the main name holder and then these requests is rechecked by the former registrar. And the former registrar has flounder (ph) it. So it's a sort of double check.
CADE: That's actually what Sabine (ph) I may send to you the draft approach that's now being considered in the transfer task force because we probably could have learned a lot by just talking to you than that these mutts (ph) try to come up with a solution. But let me ask ...
SABINE (ph): It's actually a duty file registrar that those checks if its the same main name holder and they have to do it. It's part of their job.
CADE: Any other questions for Sabine (ph). Then this has been very helpful and I think it's particularly helpful for us as a task force in trying to you know think about what different issues are out there. That CCTLD space and also helps to inform our thinking about the broader work of the task force.
SABINE (ph): OK.
CADE: Thank you. We will see you in Shanghai (ph) yes.
SABINE (ph): Yes.
CADE: Oh good.
SABINE (ph): OK see you.
CADE: Bye-bye. We'll be joined by Patricio (ph) I think around 12.
OSCAR (ph): Yes Marilyn this is Oscar (ph). I don't know really if Patricio (ph) would make it but ...
OSCAR (ph): He's informed and he received all the information about these decisions so I will tell you.
CADE: Great. Could we maybe Oscar (ph) in the event that what I'd like to do maybe we could ask you to talk with us briefly about the issues related to Whois in Mexico.
OSCAR (ph): Yes what exactly would you like to meet.
CADE: Maybe just briefly what kind of Whois you have. How you support accuracy of the data. Whether you but I don't know if you were on when Sabine (ph) told us that probably their estimate is that of their 5.5 million names only about 15,000 are outside of Germany and that most of the registration 70 -- 80 percent of the registration are private users. Not even companies that more private uses which is very different from the GTLDs.
OSCAR (ph): OK let me let me start by telling you that the Whois is in automatic
Whois I mean this is live Whois by the time the holder of the domain name enters
their information in our website it is there already updated on the Whois database.
So it is a Live Whois database which very few registries have this system, because
it represents to have a different infrastructure. We used to have the social
information like telephone numbers, e-mail and some postal address for the contacts
but we received in the past weeks some kind of massive access getting the information
from the contacts. And we decided to stop the publication of this social information
until we could define, from the technical point of view a system that might
prevent doing this a practice of use of abuse of the Whois
CADE: Yes can I just stop you so basically what you had is what we would call a data mining attack where ...
OSCAR (ph): Yes we checked the logs of these access and it was very limited. I mean they couldn't get more than 100-domain name information. But the issue is that the customers really received spamming from them, so they were affected customers.
CADE: Should I should I be embarrassed and ask you if there was a U.S base entity (ph).
OSCAR (ph): I'm sorry.
CADE: Was it a U.S based entity (ph) that was doing the data mining.
OSCAR (ph): We could not say it is only an U.S. based entity but currently it is from Asia and U.S.
CADE: Because we've had interesting we've had huge problems as ISPs in recent like in the recent months from Asia. I'm sorry I interrupted you but -- so you so now you are blocking access to the telephone number, the e-mail yes?
OSCAR (ph): Right we are blocking the social information. We just published the technical information, I mean the very basic information of the domain names and the name of the contacts. In case they need some additional information they can send an e-mail to a human account, an e-mail and we will send them the information. This is only a kind of filtration or active delay in order to block this abuse.
TONY (ph): Can I ask Oscar (ph) something.
CADE: Sure. Let me just ask him one question and then we'll take a queue. How many domain names do you have registered?
OSCAR (ph): 72,000.
CADE: 72,000. I'm sorry Tony (ph) yes.
TONY (ph): No it's OK. I was just looking at there the (INAUDIBLE) Mexico page and (INAUDIBLE) Bankomex.com.mex (ph) which is a bank maybe one of you largest banks (ph) in Mexico Oscar (ph).
OSCAR (ph): Yes.
TONY (ph): And I just saw the information I got back. You have the data creation, data of the last modification, name of the organization, address then you have three items which are contacts. Administrative, technical and payment contact.
OSCAR (ph): Right.
TONY (ph): And I noticed that in each case the e-mail was the same. Its firstname.lastname@example.org (ph) is that are they all you have on this information?
OSCAR (ph): I'm sorry?
TONY (ph): Is it a (INAUDIBLE) you have on the information?
OSCAR (ph): I'm sorry I didn't get the question.
TONY (ph): OK. In other words these e-mails here they're all the same e-mail. These are this is the next e-mail where you have to get the information right. You're not giving out the directly the e-mail.
OSCAR (ph): Yes but what did you just say -- information the e-mails.
TONY (ph): In your page in Nic Mx (ph) Nic M X (ph).
OSCAR (ph): Yes and you see what.
TONY (ph): I went in and I asked for bancomix.com.mx (ph)
OSCAR (ph): Let me try.
TONY (ph): Yes ok.
OSCAR (ph): RMX.
TONY (ph): And I brought up the information on its these. The domain name is already taken. OK Bancomix.com.mx (ph) and I was seeing the data which you which you show when somebody comes in and looks for information.
OSCAR (ph): And you're telling me that the there's e-mail there.
TONY (ph): Yes you have administrative contacts, technical contacts and Saman (ph) contact.
CADE: Tony (ph) what is -- what is ...
TONY (ph): But I think it looks like the e-mail is the e-mail of the of your organization.
CADE: All right that's what it sounds to me like. It sounds like that e-mail to Oscars (ph) entity (ph) right to the human account that wasn't able to respond.
TONY (ph): Do you like at neat a m isn't that their account or ...
CADE: What is the e-mail again.
TONY (ph): Because I don't see any ...
OSCAR (ph): I'm trying another one sheridan.comx (ph) ok just to see what information you get back on that.
OSCAR: And in this case ...
STEVE (ph): OK this is Steve (ph) (INAUDIBLE) honestly I have a totally different read out from bancomix.com.mx (ph). I guess the administrator technical and third contact with Nepago (ph) as web master CNS via networks.
OSCAR (ph): Yes and there is no e-mails associated, yes. Maybe we'll do so Tony (ph) on the previous page we return the results of the query and some contacts names and -- yes names and they match this query so maybe the previous query match with some contact names and obviously when you query an exact name or singular name it will return the information of this contact.
TONY (ph): Right says here yes web master CNS via networks. Via Networks isn't ISP.
OSCAR (ph): Right.
MARIYN CADE: Yes so you are giving here e-mail addresses of an ISP if somebody wants to contact them.
TONY (ph): Yes.
CADE: So let's keep going with the so because of the standards then a pulling back of some of the contact information the -- Let's go to the data accuracy issue if we could.
TONY (ph): Yes.
CADE: Do you what's your what's you process for dealing with first of all do you require accurate information in the in the registrant agreement in any way?
OSCAR : Yes we have a an agreement on-line. An on-line agreement which is valid in Mexican legislation. The only problem is that the digital signature is not already in place so it is like a gap in this agreement but anyway we have in this agreement the WIPO policy, the one included in the best practices for the ccTLDs, which says that the registrant is responsible for the accuracy of the WHOIS information. So we asked for it and in case -- we don't check for this normally, but in case someone feels that it is not updated for a domain name, they may start the procedure where in case it is true that the information was not updated the domain end holder may loose the domain name so it is the procedure that the IP lawyers call the take down procedure.
So in case the information is not updated or inaccurate or it is not true they may loose the domain name.
PATRICIO (ph): Hello this is Patricio (ph).
CADE: Hi Patricio (ph). Welcome. We're just hearing Oscar for a bit about the (ph) nic (ph) in Mexico and then we will turn to you. Let us ask him just a couple of more questions.
STEVE METALITZ: : Marilyn this is Steve Metalitz can I get in the queue for a question.
CADE: Sure and let me do a queue for Oscar (ph) right now and then we will -- so I have Steve (ph) ...
HARRIS (ph): And me Tony Harris (ph).
CADE: And Tony (ph) anyone else? Steve (ph) let's start with you and then we'll see.
STEVE METALITZ: OK Oscar (ph) is there a timetable for restoring -- who has accessed the kind of access that you had prior to this incident you talked about ...
OSCAR (ph): In the case of the take down procedure.
STEVE METALITZ: No, not in the take down procedure. You had said that because you had this incidence involving Spam (ph) you'd taken a lot of the who is information and not made it available on-line -- you have to send an e-mail for it. Do you plan -- you said you wanted to put technical controls in place to try to prevent that from happening again. Do you have a timetable for putting those controls in place?
OSCAR : OK. Yes that's what we want to do but we don't have a timetable because we are waiting for the local legislation on the privacy issues so we don't want to start doing anything before it is published.
We have several problems because in Mexico when the country signs a free trade agreement or something with another country it becomes a law for the Mexican territory -- this new agreement so we have signed a free trade agreement with the United States and with Europe.
So if we don't have a privacy legislation that we should apply the free trade considerations on privacy with the United States or with Europe. But it is not clear which of those two considerations should we apply -- the Europe ones or the United States ones -- so it is complicated because we are in this -- another gap too.
STEVE METALITZ : So until there is legislation on the topic you don't expect to have restored access.
OSCAR (ph): OK let me see if I hear clear your question. Yes we won't expect to restore anything and before we don't see any direction on this legislation a list -- we want to see some light on what would be decided before we develop something.
STEVE METALITZ: OK thank you.
OSCAR (ph): You're welcome.
CADE: And Tony (ph).
HARRIS (ph): Yes well actually Oscar (ph) just answered the same question I was going to make.
CADE: OK do we have any other questions for Oscar (ph) before we move to Patricio (ph). Patricio (ph) we really appreciate you joining us and the effort on the part of the task force is to try to understand some of the different issues that CCTLDs (ph) are facing and how they deal with such and to just better inform ourselves a little bit about the different situations for many of the CCTLDs (ph) of course have been operating for quite a long period of time and have national law to be responsive to which we've heard.
We've heard from Bernie (ph) from Canada, from Sabine (ph) and from Oscar (ph) and now from you for a bit about Chile.
PATRICIO (ph): OK so I'm here ready to answer your questions and Marguerita Moldit Pardrigua (ph) – share (ph) with me too so she can help in case there are some hard legal questions.
CADE: I doubt if we will be really into the hard legal questions. The folks on the -- let us tell you who is on the call because I think you are not as familiar with our task force so let me ask people very quickly to tell you who they are -- this is a task force of the names council that's working on who is -- our policy recommendations so let's just go around on the call and introduce ourselves.
I'm Marilyn Cade I am with AT&T -- I'm with the business constituency and I'm one of the co-chairs of the task force.
HARRIS (ph): Tony Harris (ph) Cabase (ph) Argentina -- co-chair of the task force.
STEVE METALITZ :Steve Metalitz (ph) international and electrical property alliance from the intellectual property constituency.
ROESSLER Thomas Roessler ... a little bit of habit being a full mathematician chairman of the general assembly of the domain and supporting organization.
LAURENCE DJOLAKIAN : Laurence Djolakian I'm working for the motion pictures association in the Brussels office in Europe and we are a member of the IPC.
ANDREWS (ph): Sarah Andrews (ph) the electronic EC (ph) information center non-commercial constituencies.
CADE: Do we still have Abel (ph).
WISMAN (ph): Yes we still have him I'm just patient and listening. I'm Abel Wisman (ph) member of the GA
ROBLES (ph): Oscar Robles for Nic mx) and from CCTLD constituency and let me thank you Patricio (ph) for accepting this invitation with the very short notice. Thank you once again.
PATRICIO (ph): That's OK -- a familiar name.
CADE: Patricio (ph) could you start out by telling us how many registrations you manage whether -what form of WHOIS and how people interact with Suez (ph) and with the registry and then we'll just kind of take it from there.
PATRICIO (ph): OK our -- currently has something in around 80,000 -- domain names and the way it works when we receive a request for registration and I believe we are unlike most CCTLDs (ph) in this -- we publish those requests in a list that can be seen by everyone on our website and we do that during 30 days and that's to allow for somebody who feels that a better right to that domain name is somehow or have some rights that are somehow infringed by that request to -- we send a competing domain name registration and that practice has allowed us to solve most cases of intensive fiber cutting very quickly right at the beginning.
Besides that we do have the possibility of asking of somebody asking for revocation (ph) of the domain name that has already been assigned but that's much later in the process.
So in that sense the reliability of at least the names of the domain names and the identities of the -- is an integral part of our registration system.
Now the data that we make available through our website is the basically it's a start at being the same as what you usually see in .com and with it being limiting that very much us with being having to defend ourselves from our users mostly from people trying to harvest information from our website to spam them and so what we do now when you request something through our web site you do get some minimal contact information but it doesn't include any addresses -- be they physical or email or telephone number.
You have to request them by e-mail and that's automated you get immediate automated reply but we use that to limit the number of queries that you can issue during a day and so that's one limit that we've placed on this and the other one is that we don't give you all the information.
Actually there is in the set of data that we collect there is one piece of information which is what we call the root in Chile which is an identity number an ID number which is -- in Chile we have an universal ID and the -- we collect that -- we store them in our data base and that's essential to identify the registrant but we do not publish it you cannot get it through our website.
But we make them available in courts when they do request that. In a few cases we have had requests coming from a court that because somebody slipped somebody else because of a domain name and they required us to identify who the holder of the domain name is and to the courts we provide all the information including this ID number. That's basically it.
CADE: That's fascinating. So that would be universal ID would be equivalent to the US Social Security number probably?
PATRICIO (ph): That's right.
CADE: Do you want to take a queue, oh I have a quick question before you move on to questions from others.
Do you have second ...
PATRICIO (ph): All the domain names have rights under .CL we do not sub divide the main names based in Chile.
CADE: I see and can I just go back to you Oscar (ph) do you sub-divide the main names based in Mexico.
OSCAR : Yes we have classifications like the GTLs .com.mx, .net.mx and so on.
CADE: Right OK. Do we have questions from the task force for Patricio (ph) or Marguerita (ph)?
METALITZ: This is Steve Metalitz (ph) I just want to say while Patricio (ph) was laying this out I kind of went through the system he talked about -- sent the email to ask for the further information and I've already gotten that so it does seem to be a highly automated system.
What it's given me is the name, mailing address, telephone number and e-mail address of the administrative contact. I used ibm.cl just at random. It provided that information to me by e-mail and within a matter of moments.
Is there any other information that is available besides what I got by e-mail?
PATRICIO (ph): I suppose you got -- I mean effective contact for that domain you could also have request for technical content information but there isn't much else that you're going to get through that interface.
METALITZ: OK I wasn't sure I thought -- I didn't know that I was just requesting the administrative contact information. Is there another path that I would take to request the technical content information?
PATRICIO (ph): I believe there are two buttons that you can press -- one for administrative content and the other for technical content.
METALITZ: OK I may have missed that. Thank you.
CADE: Patricio (ph) are there specific -- and I guess this might go to either both you and Oscar (ph) are there any specific privacy laws in your Countries that give you direction one way or the other on what you should be providing access to.
PATRICIO (ph): Pardon me I missed the first part of your question can you repeat that please?
CADE: Are there specific privacy laws.
PATRICIO (ph): OK that's what I thought (ph). There is a law that's been enacted more or less recently which is a data protection law in Chile. We -- our analysis of that law indicates that it doesn't really limit very much what we can do in that respect.
The law identified some pieces of information that it calls sensitive information and the availability of that information is very limited but nothing of what we collect falls into that category of sensitive information so apparently that's our reading of the law and there hasn't been a ... test anything of this in court.
But our reading of the law is that it doesn't set many limits on the amount of information that we can make available. So most of the limits that we post are more of things that have evolved to avoid this harvesting of information for standing purposes.
CADE: And OK Sarah (ph) do you want to ask any further questions about the law.
ANDREWS (ph): No.
CADE: OK, data accuracy. I want to go back to data accuracy for just a minute.
PATRICIO (ph): The thing for us the most important is to make sure that the identity of the registrant agrees with that of his ID number. What we used to do and it turned out to be very cumbersome was that -- and this was three or four years ago -- we when we had fewer domain names, we used to request people to fax us a copy of their ID card and these ID cards are used for people from the ID Bureau (ph). And also for companies, and that's the equivalent of the IRS that issues -- the Chilean (ph) equivalent of the IRS issues those.
PATRICIO: And we used to ask people to fax us there -- a copy of their ID card. And that worked, so we could check and it was required that they had to agree. We don't do that anymore. It was just too cumbersome.
So what we're testing right now is a system where we would be able to, online, connect to the databases that -- the government databases for identification. So once you give us your ID number, we get your name or your company's name, and you consider (ph) from then on. So in that way there can be no way that you can give us false information in that sense.
About the rest of the information, the address or the e-mail, we don't have really many mechanisms to make sure that that is correct. Except that when we discover information that's definitely false, people just type in garbage in those fields, we consider that that application for a domain name is null and void, and we delete those. But otherwise we don't really have a system in place to deal with those.
Now of course the way we communicate with the users is by e-mail. So if you don't provide a working email address at the beginning, you're not really going to be able to complete your domain name registration.
Does that answer your question for you?
CADE (?): Yes. Others, do any of the rest of you have questions?
METALITZ: This is Steve Metalitz, I just have one question.
CADE (?): Sure.
METALITZ: The reason why the more detailed contact information is available by email, is that in order to control the harvesting of the data so that you can limit the number of requests, for example?
PATRICIO: That's exactly correct.
METALITZ: OK. Thank you.
CADE (?): .... Can I ask a question as well?
Sabine told us that 70 to 80 percent of the domain names in Germany and DENIC are probably used for personal uses. Do you either you, Patricio (ph), or Oscar (ph) have a sense of the kinds of registrations that you get? And what percentage of out of country registrations, even roughly?
PATRICIO: OK. In Chile (ph) the number of domain names that are registered by companies is about 65 percent. The remaining 35 percent come from regular persons.
CADE (?): And so would that include, in the 65 percent, does that include non-profit organizations and schools ...
PATRICIO: That's everything, we do not distinguish ...
CADE (?): So that would be schools, educational institutions, government agencies et cetera. So you've still got a pretty high percentage of individual registrations.
PATRICIO: That's right.
OSCAR ROBLES: In the case of dot Mex. Marilyn, we don't have a way to have this division between Mexican domain holders and foreign domain holders because many of them are done by ISPs. So we don't know if those domain registrations come in from Verisign or from people outside Mexico or Mexicans.
And yes, we have a lot of registrations coming from final users too, so it's very difficult.
CADE (?): So you would expect that you do have a high number of individuals? Besides the company registrations, you would think that you would have maybe a high number of individuals as well who are registering for personal uses?
OSCAR ROBLES: What was the question again?
CADE (?): Well -- so let me give you an example. When I registered privatesectorworkinggroup.net (ph) it was for a -- the purposes of communicating with other people who are interested in commercial issues. When I registered I -- when I put up a web site, a family website, it was for personal use.
OSCAR ROBLES: Yes.
CADE (?): Do you have that distinction? Even if you don't know the numbers, do you think there are a lot of individual registrations?
OSCAR ROBLES: We use the .org. Mx. as an individual userclassification. But we don't prevent the use of .com .Mx. for individual purposes.
CADE : Sure.
OSCAR ROBLES: But as it is cheaper to register domain names on the GTL (ph) base, it is probably the final decision for the individual users in Mexico at this moment to go to the GTLD base, and the rest of the user -- the corporative users, the companies will choose dot com dot Mex. (ph) either for protect their names or because they want to use the dot Mex. (ph).
CADE (?): So could we ask -- Sabine (ph) told us that registration for a domain name in Germany was, like maybe, $4.00 to $5.00. Can we ask you and Oscar (ph) roughly what the cost is in Chile and in Mexico?
OSCAR ROBLES: In dot Mex. (ph) it is $35 yearly. And (INAUDIBLE) at the registration moment.
CADE (?): Thirty-five yearly.
MARILYN CADE: Can you repeat that?
OSCAR ROBLES: Thirty-five.
CADE (?): Thirty-five yearly and the first registration requires two years in advance.
OSCAR ROBLES: Right.
MARILYN CADE: That's U.S. dollars?
UNIDENTIFIED PARTICIPANT: Yes.
PATRICIO: And in Chile it's 10,000 Pesos (ph) per year?
UNIDENTIFIED PARTICIPANT: In Chile it's 20,000 Pesos (ph) for two years which right now it's about $30 U.S. for two years, so that would be 15 per year.
MARILYN CADE: OK.
CADE (?): So that's -- when I compare that to -- I think that's fairly similar to the cost to register in Australia, New Zealand, and many other countries. In some cases it's even higher to register at CCTLDs in some other countries.
STEVE METALITZ: May I ask one question to follow up?
CADE (?): Yes.
STEVE METALITZ: Patricio (ph), I see again on the who is (ph) data for IBM.CL (ph) that you have a -- there's an entry there called "type of organization". Individual, would he check other - and you list education, commercial, government, military, or other.
PATRICIO (ph): Yes.
STEVE METALITZ: If I were an individual registering in .CL (ph), would I just check other, or is there some ...
PATRICIO (ph): Check the other. Now that's not very reliable, and it's kind of a obsolete field of information that we've never done much with it. And the ID (INAUDIBLE) an organizations, with accounts (ph) from the number. The ID number differs if you are an individual or a company.
STEVE METALITZ: OK. Thank you.
CADE (?): Anything further for our guests? Before we move to talking about the task forces.
PATRICIO: If I may add something about the prices for the domain name registrations.
PATRICIO: We've done a study in Latin America comparing the prices for domain name registrations.
CADE (ph): …
PATRICIO: And that probably in our web site and I guess ...
PATRICIO: Oscar (ph) I don't know it's probably social intellectual deal web site right.
OSCAR (ph): Yes let me check (INAUDIBLE).
PATRICIO: Yes radius go from zero which is Argentina and El Salvador and then comes Chile with actually 27 dollars 40. So that's it just went down in U.S dollars. Followed by Venezuela (ph) 34 (INAUDIBLE) 34 it all takes (INAUDIBLE) for two years.
PATRICIO: Then it goes through similar countries with numbers like 50, 60, 70 feet. Mexico is of the seventieth (ph) level and then it jumps to 100 and even 150. So that's more like the ratio that is in Latin America.
CADE: Oh that's good that is helpful.
OSCAR ROBLES: Patricio (ph) you don't mind I put forward this link to the task force.
PATRICIO (ph): Sure no problem.
CADE: Oh that'd be great that'd be great. Now we're going to ask you guys what do you think the single biggest challenge is that you face in relation to who is. Or as the CC tell me recognizing that you have individual national issues to deal with. A national log is there anything in particular that well before I ask you that question I need to ask you a different question I guess.
You are you following the work that is going on at the IETF on I think Abel (ph) you forwarded something to us today.
ABEL (ph): Yes it was an RFC4 De lousia (ph).
: I haven't been following it.
CADE: How do you feel about the issue of standard elements and for who is regardless of whether the access is made available. How do you both feel about the ideal standards standardization of elements of data elements?
PATRICIO: Well I think that one thing that we can all do is in icon and (INAUDIBLE) the rest of the community is developed some sort of recommendations that we can look at and decide to whether we can implement them in our countries and the full recommendation about the common data elements.
I think it's very helpful none of us really wants to be inventing everything all the time so if other people have looked into this and decided that this or that piece of data is useful -- whoa -- we'll certainly want to look at it and we'll probably come to the same conclusion.
The real problem actually comes when you try to make some of these things mandatory for ccTLDs because then if you're if they're running into all sort of problems on sovereignty (ph) and local legislation. But the extent of information and sharing of these kind of recommended standards. I think it's pretty useful.
ABEL WISMAN: Can I ask a question for a change.
CADE: Of course.
ABEL WISMAN: Would any women institute the Mexican registry if and or if she was made where in for instance the domain name the DN server and the registrar in the owners name but no further data was given. Would they be or would they run into legal problems if they would subscribe to or co-operate with the set of an International database cross deal lease.
OSCAR ROBLES: It is for data mx?
ABEL WISMAN: For both actually.
OSCAR ROBLES: OK if you plan to provide all the information that we require it is you cannot register it in my name. You need to provide all the information. Oriently (ph) we can we cannot verify that this is a two (ph) information.
We just crossed but in the case someone start the take down procedure we should verify that the this information that you provide is true. And in the case we we'll find that this information was false you can lost it to my name.
ABEL WISMAN: Yes I can understand that but it's not exactly what I meant. What I meant is if a cross TLD whois would be made even if RCF (ph) was written so the IETF comes back and says OK we have the solution to allow every county to implement its own rules.
All we do is we have a basic set of rules for the WHOIS which means if somebody does WHOIS they will find the name of the registrant option leaded the registrar. But I would say the name of the registrant DNS for that domain and e-mail address for that can mean no nothing at all furthermore.
Would there be any legal problems in any of those in any of your countries to work with that.
OSCAR ROBLES: At this time we are not sure because I tell you as I say it is not defiant the Mexican legislation on privacy issues. It is just their basic approach for privacy matters so now we can say that these recommendations could be applied for dot Mex. (ph) or not because we are not sure about it.
ABEL WISMAN: OK.
CADE: Abel your what you're suggesting is a cross who is searchability that would that would differ from what data was gathered right. Because the cross who is if its searchable across the number of WHOIS That would be the data that's presented but not necessarily the data that's gathered.
ABEL (ph): No, it what I mean is an unlimited presentation of the data.
ABEL (ph): In other words there'd be a data base would be stay solitaire and would stay all on its own just a very small percentage would be made available to a cross on his data base. (INAUDIBLE) back to the first RFCM on the WHOIS what the WHOIS was meant for.
OSCAR ROBLES: OK currently you might you might see several solutions for cross-registry information. But it is based on queries to the different WHOIS syllabus (ph).
OSCAR ROBLES: I think that the what the final user may or to receive a data when you're formatting rather than a central light WHOIS
And that would be the problem the thing of the informality on the information that we should provide rather than the WHOIS centralizes (ph) able to share the WHOIS information.
CADE: And I think that one of the constituents was one of the findings that there's one of the questions that we looked at a number of the questions that we looked at in the survey -- indicated that users wanted consistency of data elements.
Let me wrap this part Tony (ph) unless there's anything that you would like to raise as a co-chair at this point.
TONY (ph): No I think we've covered very good territory with them.
CADE: Let us say thank you to both of you. This is very helpful to us because we have heard from CCTLDs (ph) with very wide set of experiences and size and I think it's very helpful to us as a task force.
And Oscar (ph) thank you for you and Patricio (ph) in particular -- Oscar (ph) instead of having to wear two hats today. Marguerita (ph) thank you for joining us and see we didn't have any tough legal questions.
PATRICIO (ph) (?): Glad to be of help. Goodbye.
CADE: Thanks so much. Goodbye.
What we need to do for the next 20 minutes is sort of race through our the status of our small group reports and I need to work with you guys to put these into a draft so that we can have something that we can post towards the end of the week.
Can I just go around those of you who are leading a group -- I know Ram is not on the call. But on last weeks call told me I would have something I think he must be struggling with his deadlines because I didn't hear back from him.
METALINS (ph): Marilyn this is Steve (ph) in working group one I think there's one loose end I think we need to tie down. I mean we had already circulated but there is a loose end that we need to tie down which Thomas (ph) raised on our previous call.
I think once we do that we will have our -- we will have it ready to go. I don't know if it's exactly in the format it's needed for plugging in but at least the content would be there.
CADE: Yes I'm going -- what I'm going to do Steve (ph) I think is begin the drafting -- I have the outline we need to follow -- but I need to post it to people and I thought what we would do is try for the interim posting to just make sure that it's easy for people to submit questions.
So I will -- Louis (ph) kind of has a -- seconds of breathing time because you know they are getting ready to post the final interim report on October the 1st. I need to talk to him about what seems feasible for the interim report in terms of putting a link up to our side -- to the DNSO web site -- and putting it into the format that people can easily submit comments.
What is the loose end again sorry?
METALITZ: Thomas (ph) raised the question about whether something like a redemption grace period would apply for names that were about to be deleted because of bad contact data. So we need to kind of iron that out.
CADE: Yes and the ...
STEVE METALITZ: ... Something should be made depending on the length of registration things like that -- like treat aged registrations more gently than you -- things like that.
CADE: Yes would you also -- I do think that 15 days maybe a short period of time for that so when you guys look at that would you -- 15 days could be literally two weeks and people could be gone on holidays for that long.
STEVE METALITZ : Well 15 days usually is two weeks but this is a different question which is once ... the times past what happens does it automatically get deleted or does it go into the limbo that others do.
CADE: Right, right but would you also look at the length of time.
STEVE METALITZ Yes.
CADE: OK and by the way you could just post that as a question for comments.
STEVE METALITZ: Right but if we could reach consensus within our group ...
CADE: Yes that would be great, that would be great. Is Christy joined us? No. She has let me know she was going to be a bit late and Steve (ph) I know you're kind of doing double duty because ...
STEVE METALITZ : Yes Karen (ph) asked me to keep an eye on her forum (ph) but I don't think there's been any traffic on that so I don't know exactly where that stands and I wasn't on the last call -- I'm not sure if there was any discussion there but there had been a draft circulated and I know it was discussed two meetings ago but I don't know exactly where that stands.
CADE: Maybe we can follow up with some of the other members and see if we can get ...
STEVE METALITZ: Yes.
CADE: And I can call Ram and see I think I'm not sure what (INAUDIBLE) because he had indicated that he would have something so what I'd like to do is by the end of the week go ahead and post the interim set of recommendations.
We have Thomas (ph), could you speak briefly about the GA (ph) session.
THOMAS (ph): Well the GA (ph) session is three blocks -- one are whose, one are transfers ah sorry -- one are whose, one are deletes and two are transfers -- the whose may have to be prepared for this script while I think that it's right now for this group and actually the current planning is that it is a ... of the GA (ph) but if things work out with ... I may quite well be able to chair it myself.
CADE: Yes you had I want to raise a couple of things that I think are important to tomorrow we will have the opportunity to have a dialogue with the registrars and Steve do you have a dialing number for that?
STEVE (ph): You sent ...
ABEL (ph): Yes you have it.
CADE (?): Pardon me. Pardon me.
STEVE (ph): Yes I think a dialing number was sent out on that I think.
CADE (?): I'm not sure but did it go to everyone?
ABEL (ph): No.
STEVE (ph): Well I've ...
SABINE (ph): I haven't seen anything.
CADE (?): Yes.
ABEL (ph): No me either.
CADE (?): I think ...
STEVE (ph): I've got it here if you ...
CADE?: Could you?
STEVE (ph): Yes it's 1-617-715-5010 and the code is 94647.
CADE (?): And I will repost it to this group I just it got setup with the idea that it would be a smaller group and then we planned to expand their ports to accommodate all of us and they did that so I will send this out. But Abel (ph) that's why I didn't actually have it before.
ABEL (ph): So.
CADE (?): So I wasn't on the smaller group. OK. On the registrar discussion tomorrow let me share briefly a bit more about what I am hearing that I think would be very important to better understand and that we need to just listen as oppose to really spend a lot of time expressing our opinion.
So the task force needs to be very much in listening mode guys to the extend that you can force yourself to do that. There's some of the discussion and around the four elements that we a braze (ph) and some of the discussion that I was hearing is that some registrars I'm not sure don't doubtfully are looking at accurate who is as an under mandate.
Any change it is important to remember that there is an existing policy in place today and that any change would take a change in could send us approach to changing policy. So the registrars today are responsible for accuracy of data and should there be any change in the data that is provided it does take just a policy to recommend that.
The Go Daddy (ph) recently introduced a new service ...
STEVE (ph) (?): Marilyn before you get to go daddy ...
STEVE (ph) (?): Can I ask a question about ...
STEVE (ph) (?): ... The point there you say that there may need to be changes in policy. The policy now is that they are responsible for this?
STEVE (ph) (?): So that if it's an unfunded mandate it exists now?
STEVE (ph) (?): And their concern they want to make a change so that it wouldn't be their responsibility is that what you're picking up?
CADE: What I was picking up is a question about the uses of the WHOIS and a distinction of just trying to explore whether all the data needed to be gathered or provided and whether other funding mechanisms might be feasible such as description base services or differential access somewhere along the line. I mean ...
STEVE (ph) (?): But those are different questions then accuracy right?
STEVE (ph) (?): OK.
CADE: Yes. There (ph) -- the other I was picking up is that the some registrars I do want to make that distinction because I haven't talked to a lot just to a few but some registrars are noting that it's expensive to maintain accurate information. Others in particularly it kind of seems like the smaller registrars are doing maybe a better job of maintaining accurate information then the larger one because they may have more personalized contact with the registrars.
But I'm making you know I'm really speculating and that's why it will be very important to hear from the registrars tomorrow.
STEVE (ph) (?): Thank you. You were going to go on and say something about the Go Daddy (ph).
CADE: Yes I will. What I'd like to do is if we can is have the discussion lead around each of the four topics by the team leader but if they're not going to be on the call and I'll post this so if they're not going to be on the call then either Tony (ph) or I would step in or we would recruit one of your the task force members to see that particular discussion sort of layout the four areas we're focused on and then go into more detail discussion with them around any other areas that they want to raise.
On the Go Daddy (ph) issue I was just noting that Go Daddy (ph) has recently introduced a new service.
ABEL (ph) (?): Yes.
CADE: And if I'm assuming they will be on the call tomorrow and we can ask them a bit more about that service. I did post to you guys that after looking at it the thing that leaped out at me was so comment at all about the service is a marketing approach that many E commerce entities had avoided and that is scare mongering (ph).
ABEL (ph): And that is what the last part you said sorry I didn't hear that?
CADE: Sorry scare mongering (ph). Basically we've e commerce ...
ABEL (ph): Yes I know I don't agree with it I think this was waiting to happen. Nothing else I said that before and I think I wrote it to the NCU (INAUDIBLE) about eight or nine months ago. This was waiting to happen.
CADE: I'm sorry Abel (ph) what was waiting to happen?
ABEL (ph): This project this offer this product.
CADE: Oh I wasn't making a comment about the offer.
ABEL (ph): No but the way they sell it up its bound.
CADE: Oh I see.
ABEL (ph): I know its not common fault but it come and get this more happening that's worse then that being the end I think.
CADE: Yes. I was just saying that in the E commerce phase most of us have tried to take a different approach with consumers because we want them to use the net and to feel that we can provide the solutions to address the problems. I was sort of ...
ABEL (ph): Hey that's what they are doing too. Marilyn I know that it sounds very noble and so on and so on but in the end you've been caught up by time and by spend and by porn kings and God knows what and so I think a lot of people have thrown the gloves off a long time ago in the Internet.
CADE: If you haven't taken a look at this service so I would urge you to because I think it'll be on the call tomorrow and I would expect other services like this and you guys will remember that one of our question address the availability of service like this and we've got kind of low interest at that time but I think Abel (ph) you may be pointing out that interest maybe changing now.
ABEL (ph): Well yes if are you in numbers I don't think that the current amount of remain help will appeal these that the duty of these things that there will be 80 percent will be business. I think a larger part will be have to come private entities and that ship will be going on.
CADE: Yes and I still do think that ship has been going on that's why I reference the fact that my data was ...
ABEL (ph): Yes.
CADE: ... Really old.
ABEL (ph): Yes and I think the ship has been made quite a while.
CADE: Yes and ...
ABEL (ph): One of the reasons for me to send out what I send out today was that in order to keep the (INAUDIBLE) cause we do keep a lot of things we might look at a look at a lot of things we seem to at times forget the bigger picture or the more narrow picture there's a chain of responsibility in the who is (ph) and a chain of who sets up which data base there has been and there will always be and that's why the call tomorrow for me is so interesting not so much for what Godaddy (ph) did as it is for the fact that each registrar basically is the one that defines his own data base.
The entire whois is a combination of databases it's not like the route service.
CADE (?): It will be very interesting to hear the thoughts of the participants tomorrow on uniformity and consistency..
ABEL WISMAN: And just one question just after rampsen (ph) of the initial message on your data service that you are out of their agreement with their client I hope everyone receives that comment I think it may help everyone what's going on there.
CADE (?): How?
THOMAS ROESSLER: It's online you can find it on the web site and up above URL it's kind of interesting because it's you see that they have a very precise set of duties for the registrars that use that service and it's brought down to a use it (ph) and to use your anonymity (ph).
And they have very distinctive rules on what kind of postal mail they are going to forward and what kind of postal mail they are not going to forward for actually things that are well thought of models who may wish to read the blocked (ph) agreement.
CADE (?): Oh good thank you that's very helpful.
MARILYN CADE: I did see I just want to make one further point. I did see the Verisign (ph) folks briefly last week and mentioned to them that we would like to still have an update from them about the work they are doing on the you who is. It was clear that what we had was really an update on work that is going on in the standard base.
And they've agreed to clarify four what is exactly is that they are doing in the states where the $200 million dollar investment is committed so I'm going to ask them if they will do that by e-mail rather than our trying to go back to another call just so that we can move ahead.
And that covers the extent of today's call I think next Monday hopefully would be primarily approving our draft interim (ph) report and working with Glenn to get it which means we'd need to do some editing and writing late this week and try to get things finalized that we can get an interim (ph) with important stock (ph) hosted on Monday of next week.
And that would make Monday of next week then we wouldn't have a call for two weeks after that unless the small groups need further work together which you may need.
LAURENCE: Marilyn will there be a who is (ph) in Shanghai (ph) or a meeting between the members of the task force.
CADE: Yes I want to have a meeting of the task force on Sunday for those of you who are there and Thomas (ph) just mentioned there will be one hour who is (ph) session at the GA there is still conversation on the part of the GAC about preparing for a who is session that's not in Shanghai to follow sometime early next Spring and I've asked the GAC chair to plan to discuss that with us as the task force as their thoughts evolve on that front.
So I would presume Laurence (ph) Pros (ph) send a notice out to the task force members that I and we would need I think in the meeting what we would want to do is to prepare for the who is (ph) session which really should be I believe a commentary on the draft final report which we should have posted at that time.
MARILYN CADE: OK very interesting discussion with the CCTLDs (ph) I'm also hearing some interesting things about the level of work that they do and making sure that their data is very accurate.
We welcome your feedback on this transcript. Please go to http://www.emediamillworks.com/feedback/ or call Elizabeth Pennell at 301-731-1728 x138.