Fwd: [council] Response from GoDaddy regarding action taken with respect to a .org domain name

[Mawaki Chango]

> I am concerned less with the specifics of this case then with the
> process generally.

Good! The confusion may have come from the fact that the article you
pointed to, which was also forwarded by Robert, was discussing that
specific case (and not ICANN policy, or lack thereof, in that
regard,) and rather in terms that may have sounded to some slightly
one-sided. At least I guess that is the reason why GoDaddy requested
a right of response on the council list. I perfectly realize that you
didn't mean your post to NCUC list to be forwarded to the council
list but rather to provoke discussion on the broader policy issues
within NCUC first, but things happened otherwise.

As to those policy questions you're raising, I may summarize the
issues and forward them to the council (maybe to the particular
attention of the registrar constituency) with a post-hoc disclaimer
about the thread on the specific case GoDaddy's vs. Seclists.org.

It may depend on what the others think, if at all.

Mawaki



--- Harold Feld <hfeld at mediaaccess.org> wrote:

> Quoting Mawaki Chango <ki_chango at YAHOO.COM>:
>
> > I agree with you as to forwarding your earlier message to the
> GNSO
> > Council list, without further discussion on this list and further
> > elaboration.
> >
> > Please note, however, that Robert Guerra sent a message with the
> same
> > concern, you certainly are not the only one concerned. Here are
> my
> > two cents:
> >
> > 1) If we want to go further on this, and I do think it is a
> relevant
> > to do so, I would advise that we also request the "plaintiff" to
> > explain and document how end users credentials of another network
> end
> > up being disclosed on their web servers and pages, and based on
> their
> > policy provisions what actions they have or should have taken
> against
> > the person/service responsible of such misuse. Why nothing has
> been
> > done in that regard, and contact has not been made with MySpace
> to
> > inform them of whatever steps were taken to resolve that issue.
> As an
> > end user, I wouldn't like to see my identity credentilas in a
> network
> > service that I use be disclosed by any organization be it an NCUC
> > member.
>
> I am concerned less with the specifics of this case then with the
> process generally.  While it is useful to receive full information
> on
> this particular incident, I believe it more importnat to focus on
> the
> general concern tht this leaves far too much power in the hands of
>
> registrars.  Even if Go Daddy behaved entirely correctly, the next
>
> registrar may not.
>
> I would also very much like to know how Go Daddy determined what
> harm
> would result from elimination of the name.  How did Go Daddy
> satisfuy
> itself that it's actions would not have caused significant harm to
>
> innocent parties?  Or did it really believe that the potential harm
> of
> the released information was so great that it justified immediate
> action regardless.  And, if this is the case, what procedures did
> it
> have in place to restore service to innocent third parties.
>
> > 2) ICANN has reponsibility to do something there, while it should
> > avoid micro-regulation and micro-management. At least because all
> > this industry is highly geograpically distributed, and there is a
> > void in many countries to that effect (the former explaining the
> > latter, maybe.) As for issues such as the grace period, etc.
> ICANN
> > could have a safeguard policy that would require a minimum of
> notice
> > to be given and steps to be taken before any drastic measure such
> as
> > shutting down a website. If necessary, provision could be made
> for
> > the principle of subsidiarity wherever there might be conflict
> with
> > national regulations.
>
> Indeed, what the appropriate steps are is another conversation.  It
>
> may simply be enough to put registrars on notice that such behavior
>
> will arouse regulatory scrutiny.  It may be worthwhile to make a
> formal request, either by the NCUC to the Registrar Constituency or
>
> requesting that the GNSO make such a request, that the Registrar
> community adopt a "best practcices" document.  Or some form of
> enforcement action via the ICANN process to prevent a name deletion
>
> may be necessary.
>
> Like Sitefinder, the question is not merely "what was the right
> thing
> to do here," but "what is the process for ensurng that the right
> result hapens consistently in the future."  This need not take the
>
> form of regulation (although that might ultimately prove
> necessary).
> But it seems to me that it warrants rather more than "how do you
> even
> suspect a registrar might act inappropriately."
>
> Harold
>
> > Just general ideas.
> >
> > Mawaki
> >
>
>
>
>