[anti-abuse-wg] ICANN's "Money Grab"

In message <3469D4B3-C08D-4DFF-A271-587C8EE818DC at blacknight.com>, 
Michele Neylon - Blacknight <michele at blacknight.com> wrote:

>There's little point in pointing out the flaws in your argument, as
>you seem to view any facts that do not fit with your view as being invalid.
>
>As has been pointed out to you in the past, the 2013 RAA was NOT welcomed
>by registrars.

Please correct me if I'm wrong, but you, Mr. Neylon, *are* the head of
one of the registrar companies that has a direct financial interest in
this matter, right?  Is that correct is it not?

Also, while researching this topic (2013 RAA) I came upon the following
document which describes you as having been the "chair of the Registrars
Stakeholder Group", which "negotiated" against ICANN the terms of the
2013 RAA contract.  Is that true also?

   http://domainnamewire.com/tag/michele-neylon/

Your opinions on this matter may perhaps have some validity, but
you are not exactly a totally uninterested and unbiased observer,
are you?

In fact, prior to the finalization of the 2013 RAA, you personally were
doing all you could to make your views known to the widest possible
audience, in particular your view that the responsibilities assigned
to registrars, in particular, for insuring the accuracy of WHOIS data
should be minimized.  You _did_ write the following, didn't you?

   http://blog.blacknight.com/dont-make-us-treat-our-customers-like-criminals.html

To be clear, in case I wasn't already, I take exception to the extremely
weak terms and conditions of the 2013 Registrar Accreditaion Agreement...
terms and conditions which, it appears, you yourself negotiated against
ICANN to weaken and minimize on behalf of the Registrars Stakeholder Group,
of which you were Chairman.

Specifically, and in particular, I take exception to the wording
of sub-section 1.e of what is humorously called the "WHOIS ACCURACY
PROGRAM SPECIFICATION" portion of the 2013 RAA terms and conditions
which requires registrars to do the following:

     e.  Validate that all postal address fields are consistent across
         fields (for example: street exists in city, city exists in
         state/province, city matches postal code) where such information
         is technically and commercially feasible for the applicable country
         or territory.

Is this is a joke?  Who decides what is or isn't "commercially feasible"?
Obviously, the registrars themselves... the foxes guarding the henhouse.
So all any registrar has to do in order to opt-out completely from this
phony baloney "requirement" is simply to assert the CLAIM that FOR THEM,
individually, the above requirement is not "commercially feasible".  Is
that not correct?

How many registrars are actually checking EVEN and ONLY that the postal
addresses in WHOIS records are even just valid postal addresses?

I am *not* asking how many registrars check that the postal addresses
in WHOIS records are actually CORRECT ones for the specific domain
registrants who are using them.  I am only asking you, Michele Neylon,
in your capacity as Chairman of the Registrars Stakeholder Group, to
tell me how many of the members of your group are even just checking
that the postal addresses in WHOIS records are real, and not entirely
bogus?

Would that number be zero ?

I also take profound exception to the following ridiculous "requirement",
which is also present in the 2013 RAA, and which requires registrars to:

   f.  Verify:

       i.  the email address of the Registered Name Holder (and, if different,
           the Account Holder) by sending an email requiring an affirmative
           response through a tool-based authentication method such as
           providing a unique code that must be returned in a manner
           designated by the Registrar, or

       ii. the telephone number of the Registered Name Holder (and, if
           different, the Account Holder) by either (A) calling or sending
           an SMS to the Registered Name Holder's telephone number providing
           a unique code that must be returned in a manner designated by the
           Registrar, or (B) calling the Registered Name Holder's telephone
           number and requiring the Registered Name Holder to provide a
           unique code that was sent to the Registered Name Holder via web,
           email or postal mail.

Simple question: Why is this an either/or?  Why aren't registrars required
make at least some effort to validate BOTH the WHOIS contact e-mail address
AND also the WHOIS contact phone number?

You yourself, Mr. Neylon, negotiated against ICANN for the inclusion of
this language into the 2013 RAA, so perhaps you can explain to us all
why the registrars aren't required to lift a finger to validate the
phone numbers that appear in WHOIS records.

I, for one, would really like to hear you try to explain that.

I understand that you have a *political* (and financially incentivized)
viewpoint that domain registrants should be able to remain secretive
and anonymous, regardless of whether or not that is in the best
interests of the 2+ billion ordinary (and honest) users of the internet.
And it would appear that you and your fellow registrars were able to
prevail in this argument, and in this political viewpoint, specifically
when you were negotiating the terms and conditions of the 2013 RAA against
ICANN.  What I don't understand is why there is all of this pretense in
the RAA to make it *appear* as if there really are some requirements
imposed upon domain registrars to do some work to validate WHOIS information,
when in fact, the plain language of the 2013 RAA, as quoted above, makes
it abundantly clear that in fact, your group, the registrars, are only
required to do the absolute bare minimum, and to look only at the WHOIS
contact e-mail addresses... data values that are provably useless for
actually identifying the domain registrant.

So why all of the pretense?  Why didn't the 2013 RAA just simply state
the obvious truth, i.e. that "Registrars are only required to make an
effort to validate JUST the e-mail address" ?

You negotiated the 2013 RAA Mr. Neylon.  Please explain.


Regards,
rfg