Google filed it’s comment on the whois privacy issue with ICANN today.
Google seems to hate the proposal of the ICANN working group to prohibit commercial domain registrants from using proxy or privacy services calling it unfair to small businesses and individuals.
Google even cites it’s own Charleston Road Registry an example of how big companies will still be able to use shell companies to hide ownership of domain names, something small businesses and individuals will not be able to do saying:
“”Corporations, in particular, often use proxies or subsidiaries to provide local contacts, as in the case of registered agents, to provide privacy as in the case of law firms or “shell companies” acting on behalf of their principals, or in furtherance of necessary business arrangements, as in the case of the separation between Google Inc. and Charleston Road Registry Inc.”
Here is the full letter submitted to ICANN by Andy Abrams, Senior Trademark Counsel, of Google Inc to ICANN:
“Google appreciates the efforts of members of the Privacy and Proxy Accreditation Issues Working Group, but for the reasons explained herein, we are doubtful that these efforts will lead to useful WHOIS reform.
Below, we offer some general comments on the WHOIS effort and the report’s approach, followed by specific comments on a number of the report’s recommendations.
First, the ICANN community has been debating WHOIS related topics for many years with very little to show for the time and energy expended. As a result, we believe it may be more productive to focus this energy on topics that affect the security of the DNS and are more likely to generate community consensus.
Previous efforts to address WHOIS have not produced meaningful changes to 1 either policies or ongoing operations, and those few efforts that have resulted in consensus policies2 generally only deal with edge cases and are rarely invoked. Given that the current working group is, once again, unable to come to a consensus on key elements of the recommendations, including the only ones likely to meaningfully affect most users’ interactions with the system, we believe that the effort to reform WHOIS is stalled.
As a result, we believe that the ICANN community should consider focusing on work that better and more directly addresses underlying issues rather than devoting more time to WHOIS related work.
For example, WHOIS is often discussed as an important tool in addressing security threats such as botnets or phishing, so the community would be better served by work that helps to better understand how the DNS enables such attacks and how registries and registrars can better engage with other stakeholders to directly address these challenges.
Second, the report’s overall framework is impractical and ineffective, and it has a disproportionate effect on individuals and small businesses.
The report’s recommendations ignore a fundamental flaw in their design: they can only reach a small fraction of privacy and
Moreover, this flaw has an unfairly disproportionate impact on individuals and smaller businesses. Any ICANN policy will necessarily only affect a fraction of privacy and proxy providers, and any sufficiently motivated registrant will still have access to unaccredited providers
This makes the open discussion regarding commercial use of privacy and proxy services in the draft report largely moot—commercial entities can and will continue to routinely use unaccredited privacy and proxy services regardless of ICANN’s rules.
Registrar provided privacy and proxy services simply offer the general public the same type of privacy that has long been available to corporations and wealthy individuals through arrangements such as shell corporations.
While it is unfortunate that individuals and small businesses need to engage in an additional service in order to maintain their privacy in conjunction with their domain name registrations, we believe that the democratization of these services through registrar based offerings have expanded the breadth and quality of user participation, content creation, and free speech on the Internet.
The focus on registrar provided offerings to the exclusion of other types of privacy and proxy services is an attempt to take these options away from individuals and small businesses both because individuals and smaller entities will be less likely to seek out stand alone privacy and proxy options, and because standalone solutions tend to be more expensive than registrar offerings.
We believe strongly that any policy around the use of privacy and proxy services in conjunction with domain names should be fairly applied and consider relevant services provided, regardless of whether the service is offered by a registrar or an entity outside of the
traditional domain name ecosystem.
The report’s recommendations also ignore a long history of corporations and individuals making use of proxy and privacy services.
Corporations, in particular, often use proxies or subsidiaries to provide local contacts, as in the case of registered agents, to provide privacy as in the case of law firms or “shell companies” acting on behalf of their principals, or in furtherance of necessary business arrangements, as in the case of the separation between Google Inc. and Charleston Road Registry Inc.
All of these offline arrangements have well established legal and operational models; similarly, online businesses merit consistent treatment and should not be subject to an arbitrarily stricter set of rules that serve to limit privacy and flexibility and indeed, the proposed privacy and proxy rules would not and likely could not prohibit corporations from availing themselves of these structures (because banning such practices would fall outside of ICANN’s remit ), so, again, they will have a disproportionate impact on individuals and small businesses.
Based on these high level observations, we make the following specific recommendations regarding the proposals in the draft report:
● Accredited privacy and proxy services should not be required to either Publish or Disclose registrant contact information other than when required by relevant law and utilizing relevant legal procedures. Privacy and proxy providers should not be required to present, process, or honor any forms required by ICANN in place of relevant
Similarly, frameworks for responses to both Intellectual Property Rights Holders and Law Enforcement should be replaced with a general requirement for privacy and proxy services to operate in accordance with relevant law.
There are already a number of prelitigation options available for intellectual property rights holders, including ICANN imposed mechanisms such as the URS and UDRP as well as legal processes such as the DMCA.
● Privacy and proxy services should ensure that communication submitted to them should be properly forwarded to the registrant, but should not be responsible for adjudicating disputes over specific types of content or behavior on behalf of the registrant.
Disputes around intellectual property, in particular, are highly complex and fact driven, and neither registrars nor privacy and proxy providers are in a position to mediate claims regarding the use of intellectual property, particularly in situations involving user generated content.
The proper role of these providers is to provide an alternative means of contactability, so the accreditation process should focus on their ability to effectively do so.
● Privacy and proxy services may choose to Publish or Disclose registrant contact information under other circumstances, but they should have clear policies, included in their terms of service, on when they will do so.
Registrants should understand the services they are being offered.
If Privacy and Proxy Services elect to Publish or Disclose registrant contact information in situations other than when required by national law, this should be made clear to the registrant at the time they elect the service. Just as importantly, privacy and proxy providers must apply their published policies on Publication and Disclosure fairly and consistently.
● The report provides no practical mechanism for registrants to choose between accredited privacy or proxy providers. If the report includes support for choice between proxy providers, possible mechanisms should be elaborated; otherwise the recommendation should be removed as impractical.
● We support the recommendation that privacy and proxy providers should facilitate the transfer, renewal, or restoration of domain names.
Proxy and privacy services must not interfere with a registrant’s ability to manage their domain names. In most cases, simply performing the function of facilitating communication with the registrant should be sufficient to ensure proper management of the domain, but in some circumstances, such as submitting a report in conjunction with a restoration during the Redemption Grace Period, the provider may need to take action on behalf of the registrant. No registrant should lose any rights or protection otherwise available via the RAA or their registration agreement by virtue of taking advantage of a registrar provided privacy or proxy service.
● Privacy and proxy services should be available to all types of registrants, regardless of whether the registrant engages in any kind of commercial activity.
Registrars as well as privacy and proxy providers should not be contractually required by ICANN to categorize the use of an Internet service or to determine how a registrant may or may not use their website both now and in the future. Further, it is not practical or
operationally feasible to restrict privacy and proxy services to websites involved in commercial transactions.
● Privacy and proxy providers should maintain and publish statistics on the number of Publication and Disclosure requests they receive, as well as the number of instances in which those requests are honored. As we have seen in other for a transparency around the types and frequency of requests helps shed light on how laws and policies affect users and the flow of information online. Currently, we don’t have any useful statistics to fully understand to what extent privacy and proxy services are receiving requests, the nature of those requests, and whether those requests are in fact valid or not.
While we appreciate the opportunity to comment on the GNSO Privacy & Proxy Services Accreditation Issues Working Group Initial Report, many of the comments, as well as the overall scope of the Working Group’s efforts, are misguided.
While we understand some of the concerns raised in the report, the recommendations contained within the report will not resolve
the issues they are ostensibly designed to address.
As such, the ICANN community should instead focus its efforts on solving the real problems underlying WHOIS concerns, such as
addressing security threats such as botnets or phishing. The community would be better served by work that helps to better understand how the DNS enables such attacks and how registries and registrars can better engage with other stakeholders to directly address these challenges.””