The Industry Standard - ICANN slaps wrists and sends emails to spammers' registrars - Comments

Hi Cyndy, I think you've

Kieren McCarthy — Mon, 13 Oct 2008 14:55:05 -0400

Hi Cyndy,

I think you've overlooked some pretty clear indications over the past four months that there is much more going on that just "wrist-slapping", as you argue.

There is a very clear process now in place where registrars that do not comply with their contractual obligations are sent notices warning them. If they do not act within 15 days, that is escalated up to the point where they are de-accredited. And there are a number of registrars who can testify to precisely that. I can name three of them right now as ICANN has put out public announcements concerning their cases: 1dni.com, DotForce and Esoftwiz.

What happens then? Again, look at the announcements ICANN has made. They are deaccredited and then ICANN asks if other registrars are interested in assuming the domain registrations they have. And then, shortly afterwards, those domains are transferred to a new registrar.

That's the process and you can see it in these two announcements:
http://www.icann.org/en/announcements/announcement-2-30jul08-en.htm
http://www.icann.org/en/announcements/announcement-18sep08-en.htm

This is all ongoing as we speak, and if you subscribe to the Compliance newsletter (http://www.icann.org/en/newsletter/), each month you can see the work that is being done is chasing registrars. You will also see that most registrars do comply and that those that don't are chased until they do, Or they are deaccredited and they lose their domains.

As to the question "why isn't ICANN doing this... why isn't ICANN doing that?" - the answer in nearly all cases will be because ICANN does not have the right to do so. ICANN can only use the terms in its contract with registrars to enforce compliance. It is a very clear line that the Internet community decided upon around eight years ago.

If you believe that needs to change, if you think ICANN should be granted greater powers, if you believe the Registrar Accreditation Agreement needs to change so ICANN can manage registrar issues more effectively, then it is YOU that has to change it. And the only way to do that is to get involved in ICANN's process and persuade others of your argument.

ICANN is a multistakeholder process. ICANN staff - and in this area compliance staff - do what they are able to do with the boundaries agreed by the community. If you don't like it, it's up to you to fix it.

Let me give this link as a direct route to doing precisely that: http://www.icann.org/en/public-comment/#new-irtp

The comment period is closed but you can see what people have said, what is under discussion, who in ICANN is in charge of aiding the process, and so on. It's the start point.

Kieren McCarthy
General manager of public participation, ICANN

Alas, you are correct - too

Howard Hoyt — Thu, 09 Oct 2008 19:54:49 -0400

Alas, you are correct - too little and way too late.

But it goes beyond that. WDPRS who-is is a false metric that does not even cover all TLDs.
Even if it did, is that the best we can do --INCOMPLETE whois ??? Breech of contract ???

We saw how effective govt regulation of the mortgage business was-- the toothlessness of ICANN is much worse ...

ICANN slaps wrists and sends emails to spammers' registrars

Cyndy Aleo-Carreira — Tue, 07 Oct 2008 19:19:52 -0400

In what KnujOn claims is a "victory," ICANN sent two breach notices to domain registrars Joker.com and DNS.com.cn, stating that the two companies had

"failed to comply with Section 3.7.8 of the Registrar Accreditation Agreement (RAA) which requires registrars to take "reasonable steps to investigate" Whois inaccuracy claims."

The two registrars, with nearly one million domains registered between them, have both been accused of allowing domains to be registered with incomplete or false WHOIS information, a clear violation of ICANN policy.

Of course, in typical ICANN fashion, violators take a long time to get their wrist slap. According to the ICANN link, violations were first discovered last November, with "Notices of Concern" sent in May, and now a "Breach Notice" was sent giving the registrars 15 additional days before "termination proceedings begin."

Joker.com already replied to the Breach Notice, claiming that the domains with false or missing information had been suspended, and ICANN's response indicated that as long as the company can show that it attempted to get the registrants to correct the information and received no response, then Joker.com is cleared. DNS.com.cn has not yet responded to the Breach Notice, but has until 15 October to do so.

ICANN may wonder why organizations like KnujOn exist and regularly publish reports about registrars who fail to comply with even the regulations ICANN can enforce, and so much criticism is directed at the organization for being "toothless." Looking at a year-long process to levy what is essentially wrist-slap for allowing spammers to register domains with false or missing information and then backing down might be a good place to start. A year is far too long to deal with the problem of spammers, who have usually moved on well before ICANN even begins their process to register other domains.