"The the week of the 29th brought 995 more. So I think it's clear that, without significant outside promotion of these topics, almost nobody would have noticed this proposal."
This sentence makes me seeth. ICANN's proposal affects many millions of people who've chosen to utilize a domain name or will choose to do so in the future. If you asked a majority of these users they'd probably have difficulty placing ICANN as an organization if anything at all yet this unawareness would justify ICANN's position? ICANN certainly hasn't gone out of their way to make the public aware of the situation.
The tone of the article suggests the author is ready to disregard the templated responses from Save Domain Privacy and others yet wouldn't these be the main channels for users to become aware of the ICANN proposal and take the opportunity to register their disapproval? One of the few places where one can educate themselves about this secretive ICANN situation is one of the primary sources that can't be trusted for honest comment. It sounds like they've already made up their mind on things.
Even sweeping indictments in the last year from an overwhelming portion of the public on similar issues surrounding online privacy and the desire for an open internet don't seem to weigh on ICANN's mind in regards to this decision.
Reminiscent of The Hitchhiker's Guide to the Galaxy
"But the plans were on display . . ."
"On display? I eventually had to go down to the cellar
to find them."
"That's the display department."
"With a torch."
"Ah, well the lights had probably gone."
"So had the stairs."
"But look, you found the notice, didn't you?"
"Yes," said Arthur, "yes I did. It was on display in
the bottom of a locked filing cabinet stuck in a
disused lavatory with a sign on the door saying 'Beware
of the Leopard'."
> The tone of the article suggests the author is ready to disregard the templated responses from Save Domain Privacy and others.
I didn't intend to suggest that they be disregard, I just didn't have much to say about them other than their number.
Without these efforts to promote opposition, /I/ wouldn't have heard about this proposal I believe. I certainly don't think that the template messages should be ignored just because of their form.
Have you guys been checking on the functionality of this system?
Multiple attempts through the web site yielded a busy signal, but calling directly went through immediately, which makes me think they somehow have your Twilio number blocked.
They don't seem to be taking any input via telephone, and instead direct you to Google to find a webpage with an email address.
I understand that having the phone ring off the hook could possibly make ICANN take notice, but you're probably losing a good portion of people's feedback being registered due to the hurdles involved with calling.
We definitely have been getting busy signals the past few days but we figured it was multiple callers trying to ring them at once. We'll switch our Twilio number.
We've also encouraged people in multiple places that both calling and emailing will make the most impact. Most people have been emailing rather than calling anyway.
I have to admit, even though you already have my information as a paying Namecheap customer, I'm weirded about by having you wanting to "call you and guide you through the process."
Is it a really hard process? I've talked on the phone with Congressional staffers before in the US--I assumed it was something similar where a bored intern added a tally mark next to a side of the issue and reported to their boss later.
Most people appreciate this because they're not exactly sure what to say when ICANN picks up the phone. We also connect you directly to their office via Twilio after the instructions.
A similar discussion got posted to Reddit a while back, and nobody seems to be mentioning that the phrase that has everybody so riled up ("domains used for online financial transactions for commercial purpose should be ineligible for [WHOIS] privacy and proxy registrations") is taken entirely out of context. If you read the actual document, it's clear that this is a suggestion from a few specific parties to the discussion, and it is emphatically not the opinion of the ICANN working group as a whole, much less does it rise to the status of a "proposed rule". From the PDF: (https://gnso.icann.org/en/issues/raa/ppsai-initial-05may15-e...)
> The WG agrees that the status of a registrant as a commercial organization, non-commercial organization, or individual should not be the driving factor in whether P/P services are available to the registrant. Fundamentally, P/P services should remain available to registrants irrespective of their status as commercial or non-commercial organizations or as individuals.
...
> As noted above, the WG agrees that the mere fact of a domain being registered by a commercial entity, or by anyone conducting commercial activity in other spheres, should not prevent the use of P/P services. In addition, a majority of WG members did not think it either necessary or practical to prohibit domain names being actively used for commercial activity from using P/P services.
...
> the WG does not believe that P/P registrations should be limited to private individuals who use their domains for non-commercial purposes.
I think it's telling that the vast majority of feedback came from members of the public who read Namecheap's call-to-action at https://www.respectourprivacy.com/. As an outsider, it looks to me like Namecheap and the EFF are purposely distorting the situation to drum up some positive PR.
I don't see the EFF saying that ICANN is as a whole of that opinion; what they said is that there is such a proposal, and that ICANN is considering it (which they are, and which is why they're asking for external input).
Didn't ICANN recently introduce a "steal your domain if you fail to click a link in our phishing email" policy? If so, they can't be trusted not to do something else crazy, like enact this other anti-privacy policy being discussed here.
The form asks you to comment on a dozen or so specific parts of the report and the working group proposal. I imagine comments submitted this way will have more impact than a plain letter since you will be guided to address all of the contentious parts.
Knowing ICANN they will just want to make yet another .tld called .dissident or something retarded like .sucks for all those who want their privacy and also make it easy to block those who want privacy by authoritarian governments worldwide.
The public "You should go voice your complaint" campaigns do more harm than good as far as ICANN goes.
In the end, it all comes down to ICANN typically just has one person review all the feedback - and when there's a mass write-in those typically get dismissed in bulk.
The comment period opened on May 5th, but between then and June 22nd there were only seven messages. However, the week of the 22nd brought 10,015 messages. The the week of the 29th brought 995 more. So I think it's clear that, without significant outside promotion of these topics, almost nobody would have noticed this proposal.
Does ICANN not want the public to contribute to its process? ISTM they could do a bit more publicity.
>Does ICANN not want the public to contribute to its process?
No, no they do not..
They post "public comment periods" as a smoke screen so they can claim transparency, openness and give the illusion of some kind of democratic process.
We at Sitetruth.com operate a system which attempts to evaluate the legitimacy of the business behind business web sites. We do this by attempting to link the web site to a real-world business, then obtaining business background information from commercial sources. We thus have an interest in correct ownership data for web sites being easily available.
ICANN proposes that "Domain name registrations involving P/P service providers should be clearly labelled as such in WHOIS." We agree, and add that the "clear labeling" should be easily machine-parsable. We would consider this a negative indicator when evaluating business legitimacy.
As for the questions presented for public comment:
Q: "Should registrants of domain names associated with commercial activities and which are used for online financial transactions be prohibited from using, or continuing to use, P/P services?"
A: Yes. In many jurisdictions, a business must disclose the actual name and address of the business behind a web site, or be guilty of a criminal offense. See California Business and Professions Code section 17538, which reads:
"Before accepting any payment or processing any debit or credit charge or funds transfer, the vendor shall disclose to the buyer in writing or by electronic means of communication ... the legal name under which the business is conducted and, except as provided in paragraph (3), the complete street address from which the business is actually conducted." Also see The European Electronic Commerce Directive (2000/31/EC), which is even broader:
... Member States shall ensure that the service provider shall render easily, directly and permanently accessible to the recipients of the service and competent authorities, at least the following information:
(a) the name of the service provider;
(b) the geographic address at which the service provider is established;
(c) the details of the service provider, including his electronic mail address, which allow him to be contacted rapidly and communicated with in a direct and effective manner;
(d) where the service provider is registered in a trade or similar public register, the trade register in which the service provider is entered and his registration number, or equivalent means of identification in that register;
(e) where the activity is subject to an authorisation scheme, the particulars of the relevant supervisory authority"
The European Union's position is quite clear. While individuals have privacy rights under the European Privacy Directive, businesses do not. Online businesses are subject to stringent disclosure requirements. ICANN should follow that model.
Q: "Do you think it would be useful to adopt a definition of "commercial” or “transactional” to define those domains for which P/P service registrations should be disallowed? If so, what should the definition(s) be?
A: The definition of "commercial" should be that used in the European Directive on Electronic Commerce. That definition works for the EU. Any site which accepts payments, offers items for sale, or engages in transactions of value should be considered commercial. Whether advertising-supported sites should be considered commercial remains an open question.
Q: "Would it be necessary to make a distinction in the WHOIS data fields to be displayed as a result of distinguishing between domain names used for online financial transactions and domain names that are not?"
A: For a domain identified as "commercial" per the previous criteria, the information listed as required by the European Directive on Electronic Commerce should be publicly available.
> A: Yes. In many jurisdictions, a business must disclose the actual name and address of the business behind a web site, or be guilty of a criminal offense.
So, why should ICANN enforce this? Especially since this is not true of all jurisdictions -- but even if it were, why is it useful for ICANN to be involved in enforcing individual national or sub-national laws? Shouldn't the standard legal process of law enforcement (and lawmaking, if necessary) in each jurisdiction cover this? What is ICANN's role in enforcing criminal law?
What happens if California repeals that law? Should ICANN still have these requirements?
> See California Business and Professions Code section 17538, which reads: "[...] the vendor shall disclose to the buyer[...]"
This section doesn't seem to have a requirement for the vendor to disclose their information to the general public, nor does it seem to have a requirement for the buyer to disclose their information to the vendor, let alone the general public.
For instance, as you mention, ad-supported websites may or may not be considered commercial. I may be willing to disclose my legal name and street address to my advertisers, but not to my site readers.
> Any site which accepts payments, offers items for sale, or engages in transactions of value should be considered commercial.
Isn't this at odds with your prior claim that individuals have privacy rights that business do not? If I set up a tip jar via Stripe or PayPal for my open-source project, am I now a business?
And, again, what about private individuals who make payments? If I log into a website using OpenID based on my personal domain name, and buy something with a credit card, has my domain name now become a site that "engages in transactions of value"?
It seems like we should have good answers to these questions before adding additional requirements. Again, in the absence of a clear reason why law enforcement needs ICANN's help, the fact that criminal law requires things is not, by itself, a reason for ICANN to urgently require things. Criminal law will take care of itself.
In the EU at least, the distinction between citizens and commercial entities is often blurry, as I'm not sure about other places, but in the EU many countries have this notion of "authorized professional" as a legal commercial entity and many people are taking advantage of it. EU directives are also mostly guidelines (i.e. they specify a desired result, not how that should happen) and yes, disclosure of information about a business should happen, but the channel for that is not specified.
As an example of why your mention of European directives is bullshit, Romania is an EU member, yet the WHOIS information for our .ro TLD is locked behind www.rotld.ro. So in order to find out the WHOIS information about a domain, you have to go to a web interface and then go through a CAPTCHA screen meant to prevent crawlers.
Personally, I have yet to hear about a valid use-case for automated crawling of WHOIS information.
Also, Sitetruth.com is a shady business. I mean, you block ads on search engines you don't own and you do so for commercial purposes. That smells to me like copyright infringement. And seriously, who patents an ad blocker?
"You block ads on search engines you don't own and you do so for commercial purposes. That smells to me like copyright infringement."
Some content providers have the idea that their ad-based business model is somehow protected by copyright, and that users can't block ads. This has no basis in law and has gone nowhere in court.[1]
"And seriously, who patents an ad blocker?"
Google's Eric Schimdt once testified before Congress that it was technically impossible for Google to evaluate the legitimacy of web site operators. We did it. That meets one of the strongest criteria for invention - the big guys tried to do it and failed. Ad Limiter is a demo of that.
We're looking for someone who wants to take a bite out of Google. Yahoo gave up on search and became a Bing reseller, and Bing is just too confused internally. As computing gets cheaper, it becomes cheaper to provide search services, which makes Google vulnerable. As costs went down, ad density should have decreased. But it didn't. This puts Google on the wrong side of Moore's Law. A non ad supported search engine may become feasible, especially in the mobile space where it can go on the phone bill. It's interesting to see what Verizon is starting to do with Bing.
Great, so if I'm being harassed, and I accept donations or set up a legal defense fund or whatever, I'll have to dox myself.
This is a real-names policy, just like Facebook currently has, with all of the problems and oppression that brings. Adding the distinction of "commercial activities" is about as help as it is in licensing (i.e. it isn't at all helpful).
The changes ICANN seems to be making these days worry me, mostly because I don't see a clear explanation of the reasoning behind their recent moves. When I got the email from namecheap, I did use their template, but I immediately assumed it would be tossed into /dev/null.
If you aren't aware, ICANN has recently been pushing to remove themselves from their US contract, supposedly at the behest of other countries who don't like the idea of US governance of the system. My problem though is that I don't see any clear explanation of why this is actually needed, and I see plenty of reasons why keeping it under US oversight is a good thing.
For example, has ICANN formed an independent outside auditor or oversight body to replace the functions the US has traditionally performed? Good luck wading through their website to figure that out. I've even heard ICANN members say that it's merely "symbolic", so that other countries will trust ICANN more. That doesn't make sense though, when there are some quantifiable differences in operation and oversight under the new governance model.
"Without the NTIA contract, there’s no limit on ICANN’s ability to raise fees on its domain-name system services, added Daniel Castro, senior analyst at the Information Technology & Innovation Foundation, a tech-focused think tank.
“Without U.S. oversight, ICANN has the potential to grow into the world’s largest unregulated monopoly,” he said. “We should be very mindful of creating a global organization with little accountability that can effectively tax the Internet.”
The participants in ICANN would not allow the organization to become an unregulated monopoly, Strickling countered. That view “totally disregards the presence of hundreds of stakeholders, thousands of stakeholders, who actually set the policies for ICANN,” he said. “If you’re saying [the groups involved] are all going to allow that to happen, then you’re basically saying you don’t believe in the multistakeholder model.”"
If anyone has a good explanation of what they mean, in detail, by "global multistakeholder community", and how those "stakeholders" will actually be able to influence ICANN, I would really like to see it.
I found it odd that the author used the personal pronoun 'I' and felt free to apply her own evaluation of comments as the final word. ICANN is a public trust, not a personal fiefdom.
Why would a person who isn't a member of ICANN not be free to comment personally on publicly available information using as medium their personal blog?
This sentence makes me seeth. ICANN's proposal affects many millions of people who've chosen to utilize a domain name or will choose to do so in the future. If you asked a majority of these users they'd probably have difficulty placing ICANN as an organization if anything at all yet this unawareness would justify ICANN's position? ICANN certainly hasn't gone out of their way to make the public aware of the situation.
The tone of the article suggests the author is ready to disregard the templated responses from Save Domain Privacy and others yet wouldn't these be the main channels for users to become aware of the ICANN proposal and take the opportunity to register their disapproval? One of the few places where one can educate themselves about this secretive ICANN situation is one of the primary sources that can't be trusted for honest comment. It sounds like they've already made up their mind on things.
Even sweeping indictments in the last year from an overwhelming portion of the public on similar issues surrounding online privacy and the desire for an open internet don't seem to weigh on ICANN's mind in regards to this decision.