Open Letter to Dan Halloran.
I've just been reading the ICANN Advisory concerning WHOIS data accuracy, as published here
I'd be grateful if you could respond to me and the community, with answers to the following questions:
1. It appears that Yesnic submitted at least 269 applications in the .info
Sunrise process, which were duly registered on the basis of the Trademark information which they submitted. Subsequently around 200 of these have been successfully challenged by Afilias and made available in their second landrush.
(a) What steps has ICANN taken to find out whether Yesnic submitted false Trademark data?
(b) If Yesnic is shown to have submitted false data, does ICANN recognise a responsibility to the general public to call into question their accreditation, since ICANN accreditation is supposed to signal to the public that a Registrar is endorsed by ICANN and the accreditation of other registrars would lose its value if discredited by any registrar who had breached the public trust?
(c) If ICANN has not yet ascertained all the facts, will you undertake to carry out an investigation and report back to the community on your findings in an open and transparent manner, since public trust in ICANN-accredited registrars is a very important matter?
2. It appears that DomainBank breached the Registry/Registrar rules in the submission of 93 .info Sunrise names on behalf of William Lorenz of Strategic Domains. This case has been widely publicised and previously reported to ICANN on several occasions. See this ICANNWatch correspondence for example and these replies. The Registry/Registrar rules stipulate that to sponsor a Sunrise name, registrars had to ensure that four data fields were properly entered: Trademark Name; Trademark Number; Trademark Country; Trademark Date. DomainBank submitted 93 names which lacked information in ALL FOUR of these datafields.
(a) Given Hal Lubsen's association both with DomainBank AND with Afilias
(as its CEO), can ICANN please confirm that the Afilias rules were indeed
abused in this case? This is a matter which concerns the public because of demonstrable conflict of interest (in that these visibly ineligible applications were registered on spurious grounds - to the benefit of both DomainBank and Afilias, with both of which Mr Lubsen was closely associated). It is also a matter of public concern, because if even the Afilias CEO's registrar company was abusing the Afilias rules and submitting invalid WHOIS data, what trust can there be in any ICANN Registry or Accredited Registrar?
(b) Will ICANN please state what censure, actions or sanctions have / or
will be taken against the parties involved? Please bear in mind that
consumers lost money, because many ICANN-accredited registrars
charged non-refundable fees to pre-register names in anticipation of the .info Landrush. When DomainBank sponsored these 93 names in
the .info Sunrise, customers (including myself) lost the chance of obtaining some of these specific names in the Landrush - a product we had paid for. This loss may well have been replicated over 100,000 times in the .info Sunrise fiasco. Resigning Afilias Director Robert Connelly called it "an abomination".
(c) If ICANN has not yet investigated this serious case, will you undertake to report back on your findings and inform me and the community of your findings and actions - in an open and transparent manner?
3. In the case of Spy Productions, which is a well-documented case where the registrar admitted he filled in fake Trademark data in the .info Sunrise to give his customers a chance, I note that ICANN holds the sponsoring Registrar responsible for accurate information, not the reseller. From your advisory: "The registrar obligations outlined above (as well as all other registrar obligations under the RAA) apply with equal force to all registrations sponsored by a registrar in any TLD for which it is accredited by ICANN, whether those registrations were placed directly with the registrar or through some agent or reseller. In other words, registrars are responsible for providing Whois data (and correcting any reported inaccuracies in that data) for all names under their sponsorship, including the data pertaining to customers of their resellers."
(a) Please could you confirm whether ICANN has investigated this
well-publicised case of WHOIS abuse?
(b) Has either Tucows or ICANN taken any action in response to these events, to protect the broad internet public?
(c) Does ICANN have a mechanism for "shutting down" resellers, for example by requiring defined standards from ICANN's own accredited Registrars?
(d) Would ICANN consider removing Tucows accreditation if they failed to police their own resellers (as appears to have happened in this instance)?
4. It appears that in the .biz Group 2B names release, Signature Domains gained a strong advantage over other consumers and the general public, by submitting a very short list of applications on behalf of one of their ownpartners (Mr Joshua Blacker). ICANN has remained silent on this matter, and Signature Domains remains an ICANN-accredited registrar. Only ten names were registered (for Mr Blacker) and no-one else got any (probably because this was an exclusive list not available for the public).
(a) Will ICANN take action BEFORE .info LR2 to make sure that Registrars
do not 'game' the system by submitting exclusive lists like these? This is a matter which goes beyond Neulevel or Afilias, because it requires revisions of the Agreements already in place, and because ICANN should not be content to preside over processes which break their requirement of the public having fair and unprejudiced access to domain names.
(b) Will you please inform me and the community what action will be taken by Neulevel (initially) and ICANN (with reference to accreditation) in the case of Signature Domains - if it is found that they broke any Agreements or ICANN rules? At the heart of this is a profound public concern that registrars should NOT simply exist for their own benefit. In the case of Signature Domains and the .biz 2B, this is exactly the concern that has been generated.
(c) What is the general policy of ICANN with regard to removing
ICANN-accreditation? (If a registrar fulfils the technical requirements for
accreditation, does that mean that they can breach agreements and rules with impunity, at the expense of the general public - and does ICANN acknowledge a responsibility to the public to make sure that if they accredit registrars, those registrars maintain certain standards?)
5. Finally, given the fact that the worst elements of the registrar community might prove incapable of regulating themselves (and many people would say this was pretty self-evident) is it not in the interests of the consumer and the internet public for ICANN to make its "Best Practices for Registrars" into "Mandatory Practices for Registrars" upon which their accreditation depends?
Dan, thank you for the time you may give to these questions, which I believe deserve to be taken seriously and answered openly and in detail, part by part. I would be grateful if you could respond in any correspondence in open form, as I may want to refer to your comments in part or in whole on one or several ICANN mailing lists. (This message is copied to the ga-list.)
If ICANN deserves to retain its administration of the DNS, it must be based on the central responsibility of putting the internet public first, and ensuring that domain names are distributed openly, validly, and fairly.
Your advisory on WHOIS touches on areas of responsibility that registrars have. If such advice (and other ICANN agreements) are just words then they will fail to protect the public and ICANN will fail in its mission.
If such advice (and the other rules of operations for registries and registrars) are to properly protect the public, then you need to demonstrate that they cannot be flouted and ignored. What is the point of telling the public that a registrar is ICANN-accredited, if that accreditation means nothing more than technical capability and the registrar is allowed to cheat or break rules in a way which
makes the public suffer?