Site Map

Please note:

You are viewing archival ICANN material. Links and information may be outdated or incorrect. Visit ICANN's main website for current information.

ICANN Meetings in Rome

GNSO Whois Task Force 3 Meeting

Wednesday, 3 March 2004

The following is the un-edited raw output of the real-time captioning taken during the meeting identified above. Although the captioning output is largely accurate, in some cases it is incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.

>>ROSS RADER: SO I THINK WE CAN GET STARTED NOW, FOLKS.
WE'VE MISSED A FEW MINUTES ON THE SCHEDULE BECAUSE OF SOME -- WE PROBABLY SHOULD HAVE FORESEEN THESE TECHNICAL DIFFICULTIES, BUT IF WE HAD, THEY WOULDN'T BE CALLED UNFORESEEN TECHNICAL DIFFICULTIES.

THIS WORKSHOP IS DESIGNED TO HOPEFULLY PROVIDE THE ICANN COMMUNITY WITH SOME INSIGHT AS TO WHAT'S GOING ON WITH WHOIS TASK FORCE NUMBER 3, AND EVEN MORE IMPORTANTLY, SOLICIT FEEDBACK FROM THE ICANN COMMUNITY REGARDING THE SCOPE OF OUR WORK AND THE TASKS WE'VE ENGAGED IN.

MY NAME IS ROSS RADER. I'M CO-CHAIRING THIS SESSION WITH SARAH DEUTSCH. BRIAN DARVILLE OUR TASK FORCE CHAIR WAS UNABLE TO MAKE IT TO THE ICANN MEETING IN ROME.

PERHAPS WE CAN GO AROUND THE TABLE AND HAVE THE TASK FORCE MEMBERS WHO ARE HERE INTRODUCE THEMSELVES AND WHO THEY REPRESENT.

>>SARAH DEUTSCH: HI, I'M SARAH DEUTSCH REPRESENTING THE BUSINESS CONSTITUENCY.

>>FRANNIE WELLINGS: FRANNIE WELLINGS REPRESENTING NONCOMMERCIAL USERS.

>>VITTORIO BERTOLA: VITTORIO BERTOLA REPRESENTING THE AT-LARGE ADVISORY COMMITTEE.

>>GREG RUTH: GREG RUTH REPRESENTING ISPCP CONSTITUENCY.

>>KIYOSHI TSURU: KIYOSHI TSURU. I'M THE ALTERNATE FOR BRIAN DARVILLE, INTELLECTUAL PROPERTY CONSTITUENCY.

>>KEN STUBBS: KEN STUBBS REPRESENTING THE REGISTRY CONSTITUENCY.

>>ROSS RADER: AND AGAIN, MY NAME IS ROSS RADER AND I REPRESENT THE REGISTRAR CONSTITUENCY.

SO I PREPARED SOME SLIDES HERE, AND ACTUALLY IN HONOR OF OUR HOSTS, I DECIDED TO SNAZZ UP MY PRESENTATION A BIT AND I USED THE FONT CALLED TIMES NEW ROMAN. SO I WAS THINKING AHEAD.

(LAUGHTER.)

>>ROSS RADER: THE OFFICIAL TITLE OF OUR TASK FORCE IS IMPROVING THE ACCURACY OF DATA COLLECTED THROUGH THE WHOIS PROCESS. SO IF YOU CAN MOVE TO THE NEXT SLIDE, PLEASE, STEVE.

AGAIN, HERE ARE OUR MEMBERS. WE ALSO HAVE A BUNCH OF ALTERNATES AND ADVISORS THAT WE BROUGHT ON BOARD. I DON'T ACTUALLY HAVE A COMPLETE LIST, BUT WE DO HAVE A BUNCH OF PEOPLE THAT ARE AREN'T UP THERE, SO THANKS TO THOSE ONES.

NEXT, PLEASE, STEVE.

SO THE TASK FORCE IS REALLY ENGAGED IN THREE MAIN ISSUES. ONE -- THEY'RE ALL ASSOCIATED WITH THE QUALITY OF THE DATA THAT'S PROCURED AT THE TIME OF REGISTRATION AND STORED IN THAT WHOIS DATABASE THAT WE KEEP HEARING ABOUT.

SO WE'RE REALLY LOOKING AT THREE MAIN ISSUES, THE VERIFICATION OF THE DATA AT THE TIME OF REGISTRATION, HOW THAT DATA IS MAINTAINED DURING THE COURSE OF THE REGISTRATION, DURING THE PERIOD OF THE SUBSCRIPTION OF THE REGISTRATION, AS WELL AS PROTECTING AGAINST DELIBERATE SUBMISSION OF FALSE INFORMATION BY BAD ACTORS OR ACTORS THAT MAY NOT HAVE FULL KNOWLEDGE OF THEIR RESPONSIBILITIES TO THE COMMUNITY.

NEXT.

I'M LOOKING AT THE WRONG SCREEN HERE. THANK YOU.
WE'RE ALSO -- WITHIN THOSE THREE ISSUES, WE'VE SETTLED OR FOUR MAJOR POINTS IN TERMS OF REFERENCE THAT WE WERE FOCUSING ON. IN ORDER TO GET AT OUR MAIN LOAD OF WORK, WHICH IS THE CRAFTING OF A BEST PRACTICES DOCUMENT, YOU SEE UP THERE AT POINT NUMBER THREE. IN SUPPORT OF THAT, WE'RE LOOKING TO GTLD REGISTRARS FOR INFORMATION ABOUT THEIR PRACTICES, WE'RE LOOKING AT THE TECHNOLOGY AND PRACTICES OF ONLINE SERVICE PROVIDERS. IN THIS CONCEPT, SERVICE PROVIDER IS REALLY ANY ENTITY THAT PROVIDES A SERVICE VIA THE INTERNET. WE'RE NOT SINGLING OUT INTERNET SERVICE PROVIDERS AS BEING A SERVICE PROVIDER. SO WE'RE TALKING ABOUT EBAY, CELLULAR COMPANIES, SO IT'S A VERY, VERY BROAD SEGMENT THAT WE'RE TRYING TO LOOK TO FOR FEEDBACK HERE.

WE'RE ALSO TRYING TO IDENTIFY ANY IMPLEMENTATION ISSUES THAT MAY COME UP AS A RESULT OF THIS BEST PRACTICES DOCUMENT THAT WE'RE LOOKING TO CREATE.

SO FAR WE'VE MANAGED TO NAIL DOWN OUR INTERIM REPORT. THUS FAR, WE'VE DESIGNED THOSE SERVICE PROVIDERS I WAS REFERRING TO. THOSE WERE DESIGNED TO GO OUT TO THE CCTLD REGISTRIES, THE GTLD REGISTRARS, AND THAT PANTHEON OF ONLINE SERVICES THAT WE LIST THERE.

THE -- FEEL FREE TO JUMP IN, SARAH, IF YOU WANT TO ADD TO ANY OF THESE.

>>SARAH DEUTSCH: I LIKED YOUR SECOND ROMAN REFERENCE TO THE PANTHEON.

>>ROSS RADER: THEY DIDN'T CATCH THAT. I BROUGHT A STRAIGHT MAN WITH ME.

THE SURVEYS WERE REALLY INTENDED TO DISCOVER A FEW KEY FACTS, WE HOPED. WHAT STEPS WERE TAKEN TO VERIFY THE ACCURACY OF THE DATA COLLECTED BUT NOT ONLY IN THE GTLD WORLD BUT ALSO IN THE CCTLD WORLD AS WELL AS IN OTHER AREAS. SO WHAT INFORMATION DO BANKS CAPTURE? WHAT INFORMATION DO THE ADDRESS REGISTRIES CAPTURE? WHAT ARE THE HUMAN IMPLICATIONS OR HUMAN RESOURCE IMPLICATIONS OF THOSE PRACTICES? DOES IT REQUIRE EXTRA STAFF OR EXTRA TRAINING? HAS AUTOMATED BEEN ABLE TO TAKE HOLD IN ANY PARTICULAR SECTORS? AT WHAT STAGE IS THIS VERIFICATION TAKING PLACE? BEFORE THE REGISTRATION IS ACCEPTED OR BEFORE THE DATA IS ACCEPTED? SOMETIME DURING THE SUBSCRIPTION? AFTER THE FACT?

AND WHAT HAPPENS IF THAT PROCESS DISCOVERS ANY INACCURACIES IN THAT DATA?

WE ALSO SEEK TO TRY TO UNCOVER SOME OF THE DIRECT FINANCIAL COSTS, IF OUTSOURCING ARRANGEMENTS ARE USED, WHAT IF ANY COSTS ARE ASSOCIATED WITH THAT, WHAT TECHNOLOGY LICENSES WOULD NEED TO BE DISCOVERED OR PAID FOR. AND PERHAPS MOST IMPORTANTLY, WHETHER OR NOT THERE'S ANY LOCAL OR REGIONAL LAWS THAT COME INTO PLAY. AND MOST CERTAINLY, THAT'S OBVIOUSLY -- IF WE'RE LOOKING TO IMPLEMENT SOMETHING THAT EVERYBODY CAN COMPLY WITH, A VERY, VERY IMPORTANT PART OF OUR DISCOVERY.

SO SO FAR, IN RESPONSE TO THESE SURVEYS, WE'VE GOT A SMALL NUMBER OF RESULTS BACK FROM A SMALL NUMBER OF REGISTRARS, I GUESS IS THE WAY TO CHARACTERIZE THAT. WE'RE STILL AWAITING INPUT FROM THE CCTLD MANAGERS VIA CENTR, AND WE'VE HAD SOME UNEXPECTED CHALLENGES RELATED TO THE ONLINE SERVICE PROVIDERS.

WE E-MAILED OUT OUR REQUEST TO RESPOND TO THAT SURVEY ON FEBRUARY 16TH. AND WE'VE ONLY GOTTEN ONE RESPONSE BACK.

OVERWHELMINGLY IT WAS CITED THAT PERHAPS THESE PROVIDERS WEREN'T INTERESTED IN PROVIDING A STATEMENT OF THEIR PRACTICES TO US BECAUSE THEY'RE LARGELY VIEWED AS PROPRIETARY, SO AS A RESULT OF WE'VE GOT SOME PRIVACY CONCERNS.

SO WHAT WE'RE HOPING TO DO TODAY IS START A SLIGHTLY DIFFERENT TACK ON GETTING AT THOSE TRUTHS THAT WE SEEK. OBVIOUSLY THE PUBLIC STATEMENTS ARE A BIG HELP. WE'LL GET TO THAT SHORTLY. BUT WHAT WE'VE ALSO DONE IS INVITED -- I SEE ONE HERE -- WE'VE INVITED TWO PARTICIPANTS. ONE HAS ACTUALLY SHOWN, WHICH IS A GOOD SIGN, TO PROVIDE US WITH SOME INSIGHT AS TO THESE PRACTICES FROM ANOTHER SECTOR. AND HOPEFULLY, WHILE HE IS PRESENTING, WE CAN HOPE THAT THE OTHER ONE SHOWS UP.

IS THERE A NEXT SLIDE? I DON'T THINK THERE IS.
SO WE'VE ASKED BERNARD TURCOTTE, THE PRESIDENT OF CIRA, THE CANADIAN REGISTRATION AUTHORITY, HE'S GOING TO PROVIDE US WITH A TEN-MINUTE OVERVIEW OF CIRA'S ACCURACY AND VERIFICATION PROCESSES AND HOPEFULLY MARK MCFADDEN SHOWS UP AS WELL TO GIVE US SOME INSIGHT AS TO THE ADDRESS REGISTRIES. SO WITH THAT, I'LL TURN IT OVER TO BERNIE FOR A FEW MINUTES.

>>ROSS RADER: I'D FILL TIME IF I COULD, BUT I'M OUT OF ROME JOKES.

>>BERNARD TURCOTTE: ALL RIGHT, THANK YOU FOR ASKING ME TO PRESENT ON THIS SUBJECT, WHICH IS --

>>>: YOU'RE HARD TO HEAR.

>>BERNARD TURCOTTE: I'M HARD TO HEAR. THAT'S SOMETHING I DON'T HEAR TOO OFTEN. THE SOUND MAN IS HAVING A SANDWICH, SO IT WILL BE FIXED QUICKLY.

I'LL BE PRESENTING ON WHOIS ACCURACY AND AS ROSS MENTIONED, I'M THE PRESIDENT AND CEO OF THE CANADIAN INTERNET REGISTRATION AUTHORITY.

FIRST, A FEW GENERAL COMMENTS. WHOIS ACCURACY CAN BE SIGNIFICANTLY INCREASED IF IT'S A PRIORITY. JUST TALKING ABOUT IT AND SAYING IT'S SOMETHING, YEAH, WE HAVE TO DO -- SORRY, I GET THE HAND MIKE -- WILL NOT DO ANYTHING. THIS IS A DISCIPLINE, AND IF YOU WANT TO DO IT, YOU HAVE TO BE CONVINCED YOU NEED TO DO IT.

THE "ANYTHING GOES" ERA OF REGISTRATIONS HAS CREATED MANY BAD HABITS RELATIVE TO INFORMATION ACCURACY FOR ALL INVOLVED. I'M NOT POINTING THE FINGER AT ANY PARTICULAR GROUP; IT'S JUST THE HISTORY AND THE WAY THIS THING EVOLVED. CHANGING THESE HABITS MAY BE THE BIGGEST PROBLEM TO BE SOLVED.

FREE ONLINE WHOIS SERVICES ARE A SIGNIFICANT PROBLEM IN INCREASING ACCURACY. PEOPLE ARE JUST TIRED OF HAVING THEIR ADDRESSES COLLECTED FROM ALL THE FREE WHOIS SERVICES.

INCREASING ACCURACY CAN BE DONE, BUT WILL DECREASE REVENUES AND INCREASE COSTS. THAT'S THE BAD NEWS. THE GOOD NEWS IS THESE FACTORS CAN BE MANAGED. AND HOPEFULLY I'LL SHOW YOU SOME OF THAT.

A LITTLE BACKGROUND ON DOT CA IF YOU'RE NOT FAMILIAR WITH IT. CURRENTLY ABOUT 400,000 REGISTRATIONS. IT'S A RESTRICTED REGISTRY, ONLY FOR CANADIANS. IT'S A REGISTRY-REGISTRAR MODEL. THE REGISTRY DOES NOT SELL SERVICES DIRECTLY TO THE PUBLIC. IT'S A FIGURES COME, FIRST SERVED ALLOCATION MODEL. THERE'S NO LIMIT TO THE NUMBER OF DOMAINS A REGISTRANT MAY REGISTER AND WE USE THE HONOR MODEL WHERE REGISTRANTS DO NOT HAVE TO PROVIDE FORMAL DOCUMENTATION TO REGISTER DOMAINS BUT MUST DO SO IF ASKED. REGISTRANTS MUST APPROVE CRITICAL CHANGES TO REGISTRATIONS AT THE REGISTRY. REGISTRY REVIEWS REGISTRANT INFORMATION. THE REGISTRY RETAINS THE RIGHT TO CANCEL ALL REGISTRATIONS FOR A REGISTRANT IF THE PROFILE INFORMATION IS NOT ACCURATE. AND WE DO.

CURRENTLY OPERATES A FREE ONLINE WHOIS. AND WE SUPERVISE A CDRP PROCESS, WHICH IS OUR VERSION OF THE UDRP.

ALL RIGHT. LET'S LAUNCH INTO ACTUAL THINGS. CIRA USES STRONG TYPING OF INFORMATION. THIS IS THE BEGINNING OF T REGISTRANTS MUST IDENTIFY THEIR TYPE FROM AMONGST 17 CATEGORIES FIXED BY THE REGISTRY, WHICH INCLUDES CITIZEN, CORPORATION, GOVERNMENT, LANDED IMMIGRANT. WHEN WE STARTED DOWN THIS ROAD AND WE SAID, WELL, THE REGISTRY IS GOING TO BE A CLOSED REGISTRY ONLY FOR CANADIANS, WE SAID OKAY, YOU HAVE TO DEFINE A CANADIAN. SO WE WENT TO SOME OF THE BEST LEGAL MINDS IN THE COUNTRY AND HELPED DEFINE WHAT IS A CANADIAN. THERE ARE ACTUAL 17 WAYS TO DEFINE A CANADIAN. WE MINIMIZE FREE-FORM FIELDS IN ALL THE REGISTRY INPUT.

CIRA USES STRONG AUTOMATIC INPUT VERIFICATION. WE SPEND A LOT OF TIME LOOKING AT THE DATA THAT COMES IN. EVERYTHING THAT CAN BE CODED AS A TEST, WE PUT -- AND IS INTELLIGENT TO DO SO, WE DO.

SO REGISTRANT NAME FORMAT, JUST TO GIVE YOU AN EXAMPLE, MUST MATCH THE REGISTRANT TYPE CHOSEN. EG, IF THE TYPE IS CANADIAN CORPORATION, THEN THE REGISTRANT NAME SHOULD INCLUDE INC OR SOME OTHER CORPORATE IDENTIFIER. IF THE REGISTRATION IS CANADIAN CITIZEN THEN THE REGISTRANT NAME SHOULD NOT INCLUDE INC OR CORP.

I'LL POINT TO A PROBLEM IN THE VALIDITY OF THE INFORMATION UP FRONT. WE CHECK THE VALIDITY OF E-MAIL ADDRESSES, PHONE NUMBERS, ADDRESSES, POSTAL CODES, ET CETERA. ON THIS AUTOMATIC INPUT VERIFICATION, ERRORS WILL CAUSE THE REGISTRATION REQUEST TO BE CANCELED WITH AN ERROR MESSAGE. USING THESE AUTOMATED TESTS, CIRA REJECTS ABOUT 10% OF ALL TRANSACTIONS SUBMITTED. THESE ARE NUMBERS OVER, I WOULD SAY, THE LAST 18 MONTHS TO GIVE YOU A GOOD IDEA.

MOST OF THESE REJECTED TRANSACTIONS ARE RESUBMITTED WITH CORRECT INFORMATION. IF AN APPLICATION PASSES THE AUTOMATIC VERIFICATION, IT IS ACCEPTED. SO IT IS REAL TIME, AND WE PROVIDE ALL THESE TESTS.

ONCE AN APPLICATION IS ACCEPTED, THE SUBMITTING REGISTRAR MAY CANCEL THE REGISTRATION FOR ANY VALID REASON WITHIN SEVEN DAYS FOR A FULL REFUND. THE REGISTRY MAY CANCEL THE REGISTRATION FOR ANY REASON, MAINLY VALIDITY OF REGISTRANT INFORMATION, WITHIN 30 DAYS OF ACCEPTING IT.

CIRA USES STRONG MANUAL INPUT VERIFICATION UPON POST ACCEPTATION. ALL APPLICATIONS THAT WERE ACCEPTED BY THE AUTOMATIC VERIFICATION SYSTEM THE PREVIOUS DAY ARE MANUALLY VERIFIED BY STAFF THE FOLLOWING DAY. ALL INPUT FIELDS ARE SCANNED BY STAFF. APPROXIMATELY 20% OF ALL ACCEPTED REQUESTS ARE FLAGGED AS HAVING A PROBLEM BY STAFF.

BEING FLAGGED DOES NOT CANCEL THE REGISTRATION BUT RATHER INITIATES A TIMED AUTOMATED VERIFICATION PROCESS INVOLVING THE REGISTRAR. WE DON'T RUN AFTER REGISTRANTS. IT'S THE REGISTRAR'S DEAL.

THE OUTCOMES OF THIS VERIFICATION PROCESS CAN BE CORRECTION OR CLARIFICATION OF THE FLAGGED PROBLEMS, WHICH WILL REMOVE THE FLAG, OR CANCELLATION OF THE REGISTRATION.

OF THE 20% OF APPLICATIONS THAT ARE FLAGGED, ABOUT 85% OF THOSE, 17% OF THE TOTAL, REQUIRE CORRECTIONS. ABOUT 15%, OR 3% OF THE TOTAL, REQUIRE NO CORRECTIONS AFTER EXPLANATIONS ARE PROVIDED TO THE REGISTRY.

OF ALL THE APPLICATIONS RECEIVED AND ACCEPTED BY THE AUTOMATIC VERIFICATION, LESS THAN 1% ARE EVENTUALLY CANCELED BY THE MANUAL VERIFICATION PROCESS.

MANUAL VERIFICATION REQUIRES ABOUT ONE HOUR OF CLERICAL TIME PER 500 DOMAINS TO COMPLETE THE INITIAL VERIFICATION, AND ANOTHER ONE HOUR TO COMPLETE FOLLOW-UP. SO THE FULL CYCLE ON THIS PROCESS IS ABOUT TWO HOURS PER 500 DOMAINS.

CIRA HAS IMPLEMENTED A FORMAL WEB-BASED INPUT TRACKING SYSTEM TO MANAGE THIS PROCESS. IT'S V1, AND WE'VE GOT SOME THINGS TO WORK OUT, BUT IT'S FOLLOWING THIS STUFF QUITE WELL.

COMPLAINT PROCESSING. CIRA INVESTIGATES ALL COMPLAINTS IT RECEIVES FROM ANY SOURCE, REGARDING REGISTRANTS NOT MEETING THE REQUIREMENTS OF THEIR AGREEMENT WITH THE REGISTRY AND INSURES APPROPRIATE FOLLOW UP WHICH MAY INCLUDE CANCELLATION OF REGISTRATIONS.

THE MOST USUAL COMPLAINT WE RECEIVE IS RELATED TO CANADIAN ELIGIBILITY REQUIREMENTS OR CER. CIRA INVESTIGATES ALL COMPLAINTS IT RECEIVES REGARDING REGISTRANTS NOT MEETING CER AND CANCELS ALL REGISTRANT ACCOUNTS AND ALL ASSOCIATED DOMAIN NAMES WHEN REGISTRANTS CANNOT PROVE THEY MEET THE REQUIREMENTS. THERE IS NO REFUND IF 30 DAYS PAST THE ORIGINAL REGISTRATION.

IT'S INTERESTING ENOUGH, WHEN YOU LISTEN IN ON PEOPLE WORKING THESE CALLS, PEOPLE ARE SURPRISED, "A," WHAT'S INTERESTING IS PEOPLE ARE SURPRISED WE ACTUALLY DO FOLLOW-UP. "B," THEY SORT OF GO, OH, YEAH, YOU CAUGHT ME. YEAH, I KNOW YOU'RE GOING TO FLUSH MY REGISTRATIONS.

AT ITS CURRENT LEVEL OF ABOUT 400,000 REGISTRATIONS, CIRA PROCESSES ABOUT TWO CER COMPLAINTS PER BUSINESS DAY OR ABOUT 400 PER YEAR, WHICH IS EQUAL TO .1% PER YEAR OF THE TOTAL REGISTRATIONS.

OF THESE, APPROXIMATELY HALF ARE CLOSED BY STAFF AFTER INTERNAL INVESTIGATIONS AS BEING UNFOUNDED.
THE REMAINING HALF GENERATE A FORMAL REQUEST FOR CONFIRMATION OF INFORMATION.

67% OF THESE FORMAL INVESTIGATIONS LEAD TO THE CANCELLATION OF THE REGISTRANT AND ITS ASSOCIATED REGISTRATIONS.

INVESTIGATING THESE REQUIRES ABOUT ONE HOUR OF STAFF TIME PER WEEK OR 10 TO 15 MINUTES EACH.
WHAT DOES THIS MEAN FOR ACCURACY? AS A DERIVED STATISTIC USING CONFIRMATION ERROR RATES, BECAUSE REGISTRANTS COME TO THE REGISTRY TO CONFIRM QUITE A FEW CRITICAL CHANGES, WE CAN ESTIMATE THAT AT LEAST 87% OF REGISTRANT PROFILES HAVE VALID CONTACT INFORMATION.

IT'S IMPORTANT TO NOTE THAT THE REGISTRARS IN OUR SYSTEM BEAR THE BRUNT OF MOST OF THESE PROCESSES. AND KEEP REMINDING US OF THIS.

ERROR RATES VARY SIGNIFICANTLY BETWEEN REGISTRARS; CAN BE UP TO ONE ORDER OF MAGNITUDE IN VARIATION. SO WE'RE NOT TALKING ABOUT SMALL VARIATIONS. THERE ARE HUGE VARIATIONS.
REGISTRARS WHICH INVEST IN UNDERSTANDING REQUIREMENTS AND ADJUST THEIR SYSTEMS AND PROCESSES FOR THESE HAVE SIGNIFICANTLY LOWER ERROR RATES THAN THOSE WHICH DO NOT.

WHERE ARE WE HEADED IN THE FUTURE? CURRENTLY CIRA IS IN THE PROCESS OF COMPLETING A SIGNIFICANT WHOIS SURVEY. THE MAIN REASONS FOR THIS ARE THE IMPLEMENTATION OF CANADIAN PRIVACY LEGISLATION WHICH EFFECTS THE REGISTRY. THE SECOND ONE IS HARVESTING OF WHOIS INFORMATION BY SPAMMERS IS THE LARGEST CONCERN FOR REGISTRANTS PROVIDING VALID INFORMATION.

WE EXPECT THE RESULTS WILL CAUSE CHANGES IN OUR CURRENT WHOIS POLICY.
ANOTHER DEVELOPMENT THAT WE ARE CURRENTLY WORKING ON IS BOUNCED E-MAILS. THE REGISTRY DOES EXCHANGE E-MAILS WITH THE REGISTRANTS ON A REGULAR BASIS. WE'RE LOOKING AT IMPLEMENTING A FORMAL TRACKING SYSTEM TO ENSURE REGISTRANT PROFILES HAVE A VALID E-MAIL ADDRESS AND ALSO TO ENSURE WE'RE NOT GETTING CAUGHT IN SOME MASSIVE SPAM FILTERS HERE AND THERE.

THANK YOU.

I DON'T KNOW IF WE HAVE TIME FOR QUESTIONS.

>>ROSS RADER: ABSOLUTELY, WE DO, BERNIE. THAT WAS A GREAT PRESENTATION. THANKS.
MAYBE I COULD KICK THINGS OFF WITH A QUESTION.

YOU MENTIONED THE VARIATIONS IN THE ERROR RATES OF REGISTRARS, AND AS A REGISTRAR, ONE OF THOSE REGISTRARS, I'D BE INTERESTED TO HEAR IF THERE'S ANY PROFILE THAT WOULD CAUSE -- OR ANY SPECIFIC BEHAVIORS THAT WOULD CAUSE THOSE RATES TO GO UP OR DECLINE OR HOW REGISTRARS ACTUALLY MANAGE THOSE. MAYBE YOU COULD USE US AS AN EXAMPLE IF IT'S EASIER. IF WE'RE A BAD EXAMPLE, PROCEED.

>>BERNARD TURCOTTE: IT'S INTERESTING, BECAUSE AS YOU KNOW, ONE OF OUR LARGE CUSTOMERS WAS TUCOWS ABOUT A YEAR AND A HALF AGO. WE SAT DOWN AND WE HAD A DISCUSSION ABOUT IT BECAUSE THEY'RE SERIOUS ABOUT THE WORK THEY DO AND THEY WANTED TO UNDERSTAND WHY THIS WAS WHEN I PROVIDED THEM WITH SOME INITIAL STATISTICS. AND THEY SAID, OH, OKAY, HERE ARE THE MAIN POINTS WE'RE HITTING THE BUMPS IN THE ROAD. THEY CAME BACK TO US AFTER THREE OR FOUR MONTHS AND SAID WE'RE GOING TO DO IT LIKE THIS WHEN WE GET INPUT FOR YOU GUYS AND WE SAID OKAY, IT SOUNDS GREAT. AND THE ERROR RATES JUST DOVE. AND NOW TUCOWS IS ONE OF OUR BEST REGISTRARS FOR THAT KIND OF STUFF.

SO IT DOESN'T TAKE A LOT. YOU KNOW, TUCOWS CAN'T STOP PRODUCTION ON EVERYTHING IN ITS SHOP AND PUT THREE PEOPLE ON FOR 17 MONTHS. I THINK IT WAS A COUPLE OF PEOPLE TAKING THE TIME TO UNDERSTAND THE ENVIRONMENT WHICH WAS FORCING THEM TO GET BETTER INFORMATION AND DID SOMETHING ABOUT IT.

>>ROSS RADER: SO YOU WOULDN'T SAY IT'S LARGE OR SMALL; IT'S REALLY A PROCEDURAL ISSUE THAT THE REGISTRARS HAVE TO DEAL WITH?

>>>: BERNARD TURCOTTE: AS I STATED ABOVE, THERE ARE A LOT OF HISTORICAL BAD HABITS THAT HAVE BEEN DEVELOPED. AND A LOT OF PEOPLE ARE USED TO: IT DOESN'T MATTER. DOES THE CREDIT CARD CLEAR? GREAT. IT'S THE USER'S RESPONSIBILITY FOR THE REST.

I THINK WHERE WE'RE GETTING AT IS WE'RE UNDERSTANDING THAT MAY NO LONGER BE A VALID WAY TO THINK ABOUT IT.

>>ROSS RADER: THANKS FOR THE GREAT ANSWER, BERNIE.

I THINK AT THIS POINT I'D LIKE TO OPEN THE FLOOR UP FOR QUESTIONS, EITHER OF BERNIE OR THE TASK FORCE ITSELF.

THOMAS, YOU LOOK LIKE YOU HAVE A MISSION.

>>THOMAS ROESSLER: WELL, NOT PRECISELY A MISSION, BUT WHAT MAY BE SOMETHING TO POINT YOU TO. AND THAT'S THE SPAM YOU'RE GETTING DAILY.

>>ROSS RADER: COULD YOU JUST INTRODUCE YOURSELF?

>>THOMAS ROESSLER: OH, I'M SORRY. THOMAS ROESSLER FROM THE AT-LARGE ADVISORY COMMITTEE. I'VE BEEN SITTING UP THERE ALL DAY, SO I FORGOT TO INTRODUCE MYSELF. SORRY.

I WOULD LIKE TO ASK YOU TO LOOK AT THE SPAM YOU ARE GETTING AND AT THE SENDER ADDRESSES. MOST PEOPLE WHO TRY TO AVOID SPAM IN THEIR IN BOXES HAVE SYSTEMS IN PLACE THAT CHECK SENDER ADDRESSES FOR PLAUSIBILITY. IT MAY BE DIFFICULT TO TRY TO DELIVER AN ERROR RESPONSE TO THE SENDER OF THE SPAM MESSAGE. THE EFFECT WE ARE SEEING NOW IS CALLED JOJOB. WE ARE SEEING SPAMMERS ARE TAKING E-MAIL ADDRESSES ARE ORDINARY NETIZENS AND ARE USING THESE E-MAIL ADDRESSES AS SENDER ADDRESSES FOR SPAM.

SO ESSENTIALLY, THE EFFECT WE HAVE THERE IS THAT VERIFICATION OF ADDRESS INFORMATION, OR MORE PRECISELY PLAUSIBILITY CHECKING OF ADDRESS INFORMATION HAS LED TO LET ME CALL IT ELECTRONIC IDENTITY THEFT. AND THE ARGUMENT CAN BE MADE THAT THE IDENTIFICATION AND PLAUSIBILITY REQUIREMENTS THAT ARE IN PLACE TO GET A BANK ACCOUNT TO PREVENT MONEY LAUNDERING HAVE HAD A SIMILAR EFFECT IN REAL LIFE AND ARE LEADING TO AN INCREASE IN IDENTITY THEFT THERE.

AS LONG AS IT'S JUST CA THAT'S DOING PLAUSIBILITY CHECKS THE EFFECT WILL BE THE BAD ACTORS STAY AWAY FROM YOU AND GO TO DOT COME. IF WE ARE GOING TO GET PLAUSIBILITY CHECKS IN ALL RELEVANT TLDS, WHAT WE ARE PROBABLY GOING TO SEE IS NOT LESS BAD ACTORS BUT THE SAME BAD ACTORS HIDING BEHIND THE NAMES AND ADDRESSES AND IDENTITIES OF INNOCENT THIRD PARTIES WHO DON'T HAVE AN IDEA.

TO THOSE OF YOU WHO WERE IN CARTHAGE MAY REMEMBER A PRESENTATION THAT WAS GIVEN THERE BY MARILYN CADE WHERE SHE MENTIONED A CASE THEY WERE TRACKING DOWN USING WHOIS INFORMATION. WELL, THEY GOT AN ADDRESS THERE BUT THEY ENDED UP WITH AN INNOCENT THIRD PARTY WHOSE IDENTITY HAD BEEN STOLEN TO REGISTER A DOMAIN NAME.

SO I WOULD LIKE TO CAUTION YOU, YOU MAY GET SHORT-TERM SUCCESS; YOU MAY GET SHORT-TERM LOCAL SUCCESS WITH SOME REGISTRARS, WITH SOME TLDS, BUT IT'S NOT AT ALL CLEAR THAT BAD ACTOR PROBLEMS ARE GOING TO GET ANY BETTER OR REQUIRING PLAUSIBILITY CHECKS OR BY ATTEMPTING TO REALLY VERIFY THAT IT'S THE REGISTRANT'S INFORMATION THAT YOU GET.

>>ROSS RADER: THOMAS, IF I COULD JUST ASK YOU A FOLLOW-UP. IF PLAUSIBILITY CHECKING MAY OR MAY NOT WORK, IS THERE AN AREA THAT YOU WOULD TURN THE TASK FORCE'S ATTENTION TO THAT MAY POSSIBLY WORK?

>>THOMAS ROESSLER: I THINK IT'S A SYSTEMIC PROBLEM. I DON'T SEE A REAL SOLUTION THERE. YOU ARE GOING TO HAVE PEOPLE LYING AND YOU ARE NOT ABLE TO VERIFY THAT THE REGISTRANT IS REALLY THE PERSON -- THAT THE INFORMATION YOU GET IS REALLY THE REGISTRANT'S INFORMATION. EVERYTHING CAN BE FAKE. YOU JUST HAVE NO WAY TO CHECK IT. AS LONG AS IDENTITY WORKS, YOU ARE JUST DRIVING THE BAD ACTORS UNDERGROUND AND YOU'RE DRIVING THEM TO GET INNOCENT THIRD PARTIES INVOLVED AND DAMAGE THEM.

>>ROSS RADER: THANK YOU, THOMAS.
JUST ADMINISTRATIVELY SPEAKING -- ONE SECOND, KEN -- BERNIE, I KNOW YOU'RE SHORT ON TIME, HOW ARE YOU DOING? CAN YOU STICK AROUND A FEW MORE MINUTES? OR GIVE ME A SIGNAL IF YOU HAVE TO GO.

KEN.

>>KEN STUBBS: EXCUSE ME, BERNIE. THE COMMENTS THAT I HAVE REALLY AREN'T NECESSARILY ADDRESSED TO BERNIE, SO MAYBE IT WOULD BE BEST IF ANYONE HAS ANY QUESTIONS THAT ARE SPECIFICALLY ADDRESSED TO HIS PRESENTATION. THEY ARE A FOLLOW-UP TO WHAT THOMAS SAID BUT I'D RATHER DEFER THAT, AND THAT WAY IF ANYBODY WANTS TO ASK BERNIE ANY SPECIFIC QUESTIONS.

>>ROSS RADER: THAT'S A GREAT IDEA, KEN.
SO IF -- ARE THERE QUESTIONS TO BERNIE'S PRESENTATIONS? I DON'T SEE MARK IN THE ROOM. STEVE HAS ONE. WE'LL TAKE ONE FROM SARAH, THEN STEVE, AND THEN VITTORIO. SO WE'LL GO TO SARAH AND STEVE AND THEN VITTORIO.

>>SARAH DEUTSCH: BERNIE, I HAD A QUESTION ABOUT SINCE YOU'VE IMPLEMENTED THESE PRACTICES, HAVE YOU SEEN AN ISSUE WHERE PEOPLE ARE COMMITTING IDENTITY THEFT IN ORDER TO BYPASS YOUR POLICIES OR HAVE THEY EFFECTIVELY SERVED AS A DETERRENT, IN YOUR VIEW?

>>BERNARD TURCOTTE: I KNOW IT EXISTS.
THE BEST ANSWER I CAN GIVE YOU RIGHT NOW IS WE DO NOT SEEM TO HAVE ANY SIGNIFICANT AMOUNT OF IT FROM ALL OF THE FOLLOW-UP THAT WE DO.

WE END UP -- OUR CUSTOMER SERVICE IN SOME WAY OR ANOTHER WHEN THINGS GO VERY BAD ENDS UP TALKING TO REGISTRANTS DIRECTLY.
AND I CAN SAY THAT OVER THE LAST YEAR, I PROBABLY CAN COUNT ON A SINGLE HAND THE TIMES WHERE SOMEONE HAS SAID, "I HAVE NO IDEA WHAT YOU ARE TALKING ABOUT," OR WE'VE NOTICED THAT THERE'S THIS KIND OF PROBLEM.

SO FOR US, THERE'S NOT REALLY THAT PROBLEM.
THE TWO BIGGEST PROBLEMS WE HAVE AND WE WERE TRYING TO RESOLVE BY THIS IS TRYING TO KEEP A GOOD, CLEAN SET OF DATA FOR BOTH OURSELVES, THE REGISTRAR, AND THE REGISTRANT.

BECAUSE WHEN THE REGISTRANT WANTS A SERVICE AND THE ADMIN CONTACT E-MAIL HAS DIED, USUALLY THEY WANT THAT SERVICE VERY QUICKLY.
AND ALL OF A SUDDEN IT'S CHAOS FOR EVERYONE IN THE FOOD CHAIN.
SO TRYING TO KEEP THAT CLEAN HELPS MINIMIZE THE CHAOS WHEN IT GETS THERE.
THAT'S ABOUT ALL I CAN TELL YOU RIGHT NOW.

>>SARAH DEUTSCH: THANKS.

>>ROSS RADER: IS THIS QUESTION FOR BERNIE DIRECTLY?

>>JEAN-MICHEL BECAR: IT'S A GENERIC COMMENT AND QUESTION.
SO I'M JEAN-MICHEL BECAR FROM GLOBAL MEDIA ONLINE, JAPAN.
I HAVE TO COMPLIMENT YOU FOR THE WORK YOU HAVE DONE.
IF I HAD TO RUN A CCTLD, THAT'S THE WAY I WOULD DO IT.

NOW I'M WONDERING HOW IT WILL WORK FOR DOT-COM, FOR EXAMPLE, WHERE WE HAVE 22 MILLION, I GUESS, DOMAIN NAMES TO CHECK AFTER ALL THOSE YEARS OF REGISTRATION.
AND FURTHERMORE, WE HAVE ALL OF THE REGISTRANTS AT DOT-COM ARE FROM EVERYWHERE IN THE WORLD.

HOW TO CHECK AN ADDRESS IS VALID OR A (INAUDIBLE) IS VALID.
SO THE ONLY VALID INFORMATION AND THE ONLY INFORMATION I'M 100% SURE OF TODAY IS CREDIT CARD INFORMATION.

BECAUSE IF I HAVE A PROBLEM WITH THAT DOMAIN, I CAN -- WITH A COURT ACTION, I CAN GO TO THE BANK AND HAVE THE REAL IDENTITY OF THE CUSTOMER.
SO DON'T THROW AWAY THE CREDIT CARD INFORMATION SO FAST.
IT'S THE ONLY 100% ACCURATE DATA I HAVE.
THAT'S ALL.

>>ROSS RADER: DO YOU WANT TO RESPOND TO THAT, BERNIE, OR....

>>BERNARD TURCOTTE: NO.
I THINK THE DYNAMICS ARE DIFFERENT FOR DIFFERENT GROUPS, WHICH IS WHY I CLEARLY SPECIFIED OUR ENVIRONMENT, WHICH ALLOWS US TO DO THINGS.
I THINK THERE ARE TWO THINGS.

AS I MENTIONED EARLY ON IN MY PRESENTATION, IT DEPENDS WHAT YOU WANT TO DO.
I MEAN, YES, THE SIMPLE SOLUTION IS TO SAY, WELL, THERE'S NOTHING TO BE DONE AND THEREFORE THE ONLY THING WE WILL HAVE IS AN E-MAIL ADDRESS AND A CREDIT CARD NUMBER, WHICH WE WILL KEEP SECRET.
THERE ARE SOME PROBLEMS ASSOCIATED WITH THAT ALSO, I THINK.

SO WE -- IN OUR CASE, WE SCRATCHED OUR HEADS AND WE WORKED AT IT, AND WE COULD COME UP WITH THIS, AND IT SEEMS TO WORK FOR US.

>>ROSS RADER: STEVE.

>>STEVE METALITZ: YES, STEVE METALITZ, INTELLECTUAL PROPERTY CONSTITUENCY.
FIRST, I WANT TO THANK BERNIE FOR THE VERY GOOD PRESENTATION.
AND YOU HAVE BEEN VERY HELPFUL.
DOT CA WAS VERY HELPFUL TO THE EARLIER WHOIS TASK FORCE AS WELL WHEN WE WERE LOOKING AT THIS SAME QUESTION.

I'M NOT SURE IF MY QUESTION IS FOR YOU OR FOR ROSS, ACTUALLY.
BUT IT'S -- IN THE EXAMPLE THAT YOU GAVE WITH TUCOWS, HOW TRANSFERABLE WERE ANY OF THE CHANGES THAT WERE MADE THAT INCREASED THE ACCURACY OF THE DATA THAT WAS COLLECTED IN DOT CA, HOW TRANSFERABLE WERE THOSE PRACTICES TO REGISTRATIONS THAT TUCOWS WAS TAKING FOR OTHER REGISTRIES?

>>ROSS RADER: I DON'T KNOW, TO GIVE YOU A PERFECTLY HONEST ANSWER TO THE QUESTION.
I SUSPECT THAT WITHIN THAT "I DON'T KNOW" THERE IS AN ELEMENT OF DEFINITELY TRANSPORTABLE AND PERHAPS A LARGER OR A SMALLER ELEMENT OF NOT TRANSPORTABLE AT ALL.

I JUST REALLY DON'T KNOW WHAT WAS CHANGED OR WHAT THE IMPACTS OF THOSE CHANGES WERE TO THE ORGANIZATION.
SO I REALLY DON'T KNOW.

>>STEVE METALITZ: IF THAT'S SOMETHING THAT YOU WOULD BE ABLE TO SHARE WITH THE REST OF THE TASK FORCE IN ITS DELIBERATIONS, I THINK THAT MIGHT BE VERY HELPFUL.

>>ROSS RADER: THAT WOULD BE A GREAT IDEA.
THANKS.
VITTORIO.

>>VITTORIO BERTOLA: THANK YOU.
THE FIRST ONE, WELL, DO YOU ACCEPT ONLY A CANADIAN REGISTRANT OR ALSO ACCEPT OTHER REGISTRANTS?
BECAUSE IN THAT CASE, IT WOULD BE INTERESTING FOR ME TO UNDERSTAND HOW WOULD YOU VERIFY THE PLAUSIBILITY OF THEIR DATA?

AND SECOND QUESTION IS, HOW DO YOU PICK THE REGISTRATIONS TO BE FLAGGED AND THEN TO BE LATER CHECKED?
SO WHICH KIND OF CRITERIA?
JUST YOU HAVE A LOOK AT THEM AND SAY THIS GUY'S NAME LOOKS STRANGE, THAT KIND OF STUFF?
AND IF YOU DO SO, THEN HOW DO YOU VERIFY THAT THEY ACTUALLY CORRELATE?
YOU JUST GO TO THE REGISTRAR, NOT AFTER THE ACTUAL REGISTRANT?

FINALLY, THE THIRD QUESTION IS DO YOU KNOW OF ANY OTHER CCTLDS WHO ACTUALLY HAVE THIS MECHANISM IN PLACE?

>>BERNARD TURCOTTE: I'LL START -- YOUR FIRST QUESTION WAS RELATIVE TO -- I LOSE THEM AFTER TWO.
I'M SORRY.

>>VITTORIO BERTOLA: DO YOU ACCEPT INTERNATIONAL REGISTRANTS?

>>BERNARD TURCOTTE: OH, YES.
IN A VERY LIMITED FASHION.

WE HAVE ONE ESCAPE CLAUSE WHICH IS FOR FOREIGNERS THAT HAVE TRADEMARKS REGISTERED IN CANADA.
UNDER THAT CATEGORY, YOU ARE ALLOWED TO REGISTER A DOT CA NAME.

BUT THAT DOT CA NAME MUST CONTAIN THE FULL TRADEMARK NAME THAT IS REGISTERED, AS A MINIMUM.
AND THEREFORE WE HAVE, IF YOU WILL, CONTACT INFORMATION IN CANADA, BECAUSE THE TRADEMARK DATABASE IS ACCESSIBLE.

THAT'S THE FIRST ONE.

THE SECOND ONE WAS HOW WE FIGURE OUT ABOUT WHICH INFORMATION TO GET.

>>VITTORIO BERTOLA: DO YOU FIGURE OUT WHICH ONES HAVE TO BE FLAGGED FIRST?

>>BERNARD TURCOTTE: THAT'S ACTUALLY AN INTERESTING PROCESS.
AFTER WE STARTED THE REGISTRY, I STARTED LOOKING AT THE REGISTRATIONS MYSELF ON A DAILY BASIS.
AND THEN I STARTED PUTTING THEM IN A CERTAIN FORMAT TO SCAN THEM.
AND THAT'S WHERE I NOTICED THE FIRST SET OF PROBLEMS.
TO MAKE A LONG STORY SHORT, THIS EVOLVED OVER ABOUT A YEAR OF REFINEMENTS, WHEN WE ACTUALLY CREATED A SET OF RULES FROM THINGS THAT WE WERE SPOTTING.

AND THEY BROKE INTO TWO CLASSES.
THERE WERE THINGS WHICH WE WOULD CODE INTO THE INPUT VARIATION IN THE AUTOMATIC STAGE UP-FRONT, WHICH WE DID.

THERE WERE OTHER THINGS WHICH WE SIMPLY WROTE DOWN AS NOTES FOR PEOPLE WHO TOOK IT OVER FROM ME, IF YOU WILL, DOING IT ON A DAILY BASIS.
AND THE STRANGE THING, WE WEREN'T CERTAIN ABOUT HOW IT WOULD TRANSFER OVER TO CLERICAL, LIKE, YOU KNOW, I'VE BEEN DOING THIS FOR A LONG TIME AND I HAVE MY OWN BIASES WHEN I'M LOOKING AT THIS.

BUT THE AMAZING THING IS THAT IT TRANSFERRED PERFECTLY WELL.
PEOPLE -- EVERYONE HAS THEIR OWN SPECIALTY.

BUT I'D SAY, OVERALL, YOU GIVE SOMEONE A WEEK OR TWO'S TRAINING ON THIS, AND THEY START PICKING OFF THE PATTERNS. AND THAT'S WHY I HAD THOSE STATISTICS IN THERE TODAY.
I MEAN, ABOUT 85% OF THOSE WE PICK OUT, THERE IS A PROBLEM, ONE WAY OR ANOTHER.
SO WE TEND TO DO FAIRLY WELL ON THAT.
AND DON'T ASK ME FOR A SPECIFIC ALGORITHM.

WHAT I CAN TELL YOU IS THAT IT COMES OUT NATURALLY.
IF YOU SPEND THE TIME AND YOU GO THROUGH REGISTRATION, YOU START PICKING UP THE PATTERNS.

>>VITTORIO BERTOLA: LAST ONE WAS, DO YOU KNOW ANY OTHER CCTLD WHO'S DOING THIS?

>>BERNARD TURCOTTE: NO, I DON'T.

>>ROSS RADER: BERNIE, JUST FOR MY EDIFICATION, WHAT'S THE CURRENT REGISTRATION RATE WITHIN DOT CA?
AND DOES DOT CA DO ANYTHING WITH VERIFICATION ON RENEWAL?

>>BERNARD TURCOTTE: CURRENT REGISTRATION RATE IS BETWEEN 5- AND 800 A DAY, DEPENDING, SOMEWHERE LIKE THAT.
AND, NO, WE DON'T DO ANYTHING UPON RENEWAL.

HOWEVER, AS I SAID, BECAUSE WE DO E-MAIL THE REGISTRANTS FOR CONFIRMATION REQUESTS, THE WAY WE'RE HEADED IS TO MONITOR BOUNCED E-MAILS.

>>ROSS RADER: ANY MORE QUESTIONS FOR BERNIE?
YES, PLEASE.

>>KEN TAYLOR: HI, KEN TAYLOR FOR MARKSMEN.

WHAT HAS YOUR COMMUNICATION BEEN LIKE WITH THE REGISTRANTS WHO HAVE LARGE NUMBERS OF NOT CORRECT DATA THAT TUCOWS COMPLIED WITH ONCE YOU TALKED WITH THEM AND DO YOU HAVE ANY AUTHORITY TO MAKE THEM COMPLY?

OR IS THAT JUST AN ONGOING PROBLEM?
OR HOW IS THAT HAPPENING?

>>BERNARD TURCOTTE: IT'S ONE OF THOSE OPEN-ENDED QUESTIONS.
SOME OF THEM ARE REALLY HAPPY TO HEAR FROM US AND WANT TO LOOK AT IT AND.
SOME ARE THE ONES WHO ARE JUST REALLY NOT INTERESTED.

PERSONALLY, I THINK IT'S SILLY, BECAUSE I THINK THE BUSINESS CASE FOR IT HAS BEEN MADE.
THEY END UP STUCK WITH THE WORK ANYWAYS.
I CAN GUARANTY IT.

BECAUSE IF THEY DON'T DO THE WORK, WE SIMPLY CANCEL THE REGISTRATIONS.
SO KICKING AND SCREAMING, THEY COME.

BUT I FIND IT SILLY THAT WHEN WE TELL THESE PEOPLE, "LISTEN, JUST CLEAN THIS UP.
HERE ARE A COUPLE OF EXAMPLES OF PEOPLE WHO HAVE DONE IT," AND IT JUST GOES THROUGH THE FLOOR AS FAR AS CLEANUP GOES AFTER FOR BOTH SIDES, FOR OURSELVES AND THE REGISTRAR, YET SOME DON'T WANT TO DO IT.

HEY, IT'S A FREE MARKET.

>>ROSS RADER: I THINK UNLESS THERE'S ANYTHING ELSE OR ANY QUESTIONS LURKING AT THE BACK OF THE ROOM -- I DON'T SEE MARILYN HERE, SO I THINK YOU'RE OKAY TO LEAVE, BERNIE.

THANK YOU VERY MUCH.

>>BERNARD TURCOTTE: THANK YOU, EVERYONE.

>>ROSS RADER: KEN, I BELIEVE YOU HAD A MORE GENERAL COMMENT.

>>KEN STUBBS: YEAH.
THANKS, ROSS.

FIRSTLY, I JUST OPENED MY MAIL UP TODAY, AND ON ONE OF MY REGULAR ACCOUNTS, I WAS NOTIFIED THAT THE ACCOUNT WAS BEING CANCELED BECAUSE OF ABUSE.

AND I JUST OPENED MY YAHOO! MAIL ACCOUNT UP, AND I HAVE APPROXIMATELY 450 PIECES IN THE LAST TEN DAYS IN THE GARBAGE FILE, AND AT LEAST A THIRD OF THEM ARE NOTIFICATIONS TELLING ME THAT E-MAIL I SENT OUT WAS BOUNCED OR RETURNED.

SO IT'S CLEAR THAT PEOPLE HAVE GRABBED E-MAIL ACCOUNTS THAT I'VE HAD, MINED THEM ONE WAY OR ANOTHER, AND ARE USING THESE ACCOUNTS TO SPAM.

THE ONE THING THAT I GET SOMEWHAT FRUSTRATED AROUND -- AND I WON'T GET ON A LARGE PODIUM ON THIS -- IS I'M ALWAYS AMAZED AT THE FACT THAT WE SEEM TO BE PUTTING OUT THE FIRE THE WRONG WAY.

WE'RE SPENDING AN INORDINATE AMOUNT OF RESOURCES AND SO FORTH TO GO AFTER PEOPLE USING THE WHOIS DATABASE TO STOP SPAM.

IT WOULD SEEM TO ME THAT AS I LOOK AT THE SPAM, THE OVERWHELMING MAJORITY OF THE SPAM IS TRYING TO CREATE SOME SORT OF A BUYING DECISION TO ME, FOR ME, IT WOULD SEEM TO ME THAT THE PERSON WHO'S FULFILLING MY PURCHASE DECISION IS PROBABLY PAYING THE SPAMMER TO SEND THE E-MAILS OUT.

SO IT WOULD SEEM TO ME THAT MAYBE WE NEED TO CONCENTRATE OR ENCOURAGE, THROUGH VARIOUS CONTACTS WE HAVE HERE, EITHER HERE OR THROUGH THE GAC, TO GET SOME OF THE RESOURCES REFOCUSED ON THOSE PEOPLE THAT ARE ACTUALLY PAYING THE SPAMMERS TO DO IT.

I MEAN, IT TAKES JUST AS MUCH LEGAL ACTION TO SHUT THESE GUYS DOWN WHO ARE DOING THESE SPAMMING AS IT WOULD SEEM TO ME THE PEOPLE WHO ARE ACTUALLY PAYING THEM FOR DOING IT.
YOU KNOW.

MAYBE -- THAT'S ALL I'M GOING TO SAY ABOUT IT.
BUT, REALLY, IT'S KIND OF FRUSTRATING TO SEE.

>>ROSS RADER: YEAH, I THINK IT'S QUITE CLEAR THAT AT THE VERY LEAST, A BLENDED APPROACH TO SOLVING THIS PROBLEM WILL BE WHAT CARRIES THE DAY.
BUT IF YOU EVER WANT TO TRADE THAT RELATIVELY SPAM-FREE ACCOUNT FOR ONE OF MINE, PLEASE LET ME KNOW.

>>ROSS RADER: WE HAVE ANOTHER ACCOUNT FROM THE FLOOR -- COMMENT FROM THE FLOOR.

>> IAN PETER: YES, I'M IAN PETER FROM THE INTERNET MART 2 PROJECT.
I WANT TO FOLLOW UP ON THOMAS'S COMMENTS AND ALSO KEN'S COMMENTS RELATING TO SPAM.

I HAVE BEEN WORKING FOR A WHILE WITH THE IETF SPAM RESEARCH GROUP IN ONE PARTICULAR AREA WHICH IS NOW COMING RIGHT TO THE FORE AS ONE OF A NUMBER OF MEANS TO COMBAT SPAM.

SOME OF YOU WOULD HAVE SEEN A NOTICE FROM BILL GATES FROM MICROSOFT RECENTLY ANNOUNCING HIS CALLER ID PROPOSAL.
OTHER PEOPLE WHO HAVE BEEN FOLLOWING THIS MIGHT HAVE NOTICED A YAHOO! PROPOSAL WHICH IS CALLED "DOMAIN KEYS."

OVER 8,000 ISPS HAVE RECENTLY PUT FORWARD AND HAVE NOW ADOPTED A SIMILAR PROPOSAL CALLED "SPF," WHICH IS COMING FROM POBOX.COM.

AND THERE'S ANOTHER SIMILAR PROJECT CALLED LMAP.
NOW, THE COMMONALITY WITH ALL OF THESE IS THAT WHAT THEY DO, WITH DIFFERENT METHODS, IS LOOK TO THE DNS, WHERE, FOR EVERY DOMAIN THERE IS IS AN IP NUMBER.

NOW, THE (INAUDIBLE) JOBBING WHICH WAS BEING TALKED ABOUT BASICALLY STEALS YOUR NAME, BECAUSE IT'S EXTREMELY EASY TO CREATE FRAUD IN SMTP, IN THE "FROM" FIELDS AND SO ON.

WHAT IT DOES IS LOOKS AT THE IP NUMBER, WHICH CANNOT BE FORGED, WHICH SAYS DOES THIS IP NUMBER RELATE TO THIS DOMAIN?

AND IS THIS WHERE THIS DOMAIN NORMALLY SENDS?
NORMALLY SENDS MAIL FROM?
IF NOT, THERE'S PERHAPS SOME GOOD REASON TO SUSPECT THAT THIS MIGHT BE FRAUD.
SO IT'S NOT A SILVER BULLET FOR ALL SPAM.
THERE IS NONE.

BUT CERTAINLY A METHODOLOGY WHICH I THINK RELATES TO YOUR WORK HERE THAT IS A GOOD METHODOLOGY THAT HAS THE POTENTIAL, WITH WORMS, VIRUSES, AND SPAMS, TO CUT A LOT OF IT OUT OF THE WAY JUST SIMPLY BY MAKING FRAUD SOMETHING WHICH IS, YOU KNOW, SORT OF A LOT HARDER TO DO.

THE WHOLE THING ABOUT SMTP OR THE SIMPLE MESSAGE TRANSFER PROTOCOL, IT WAS WRITTEN IN A NICE, FRIENDLY AGE WHEN THERE WAS A FEW ENGINEERS WHO TALKED TO EACH OTHER, AND THERE WAS NO REASON FOR ANYBODY TO DO ANYTHING.

IT DOESN'T, IN ITS CURRENT FORM, SCALE TO A WORLD WHERE WE DO NEED SECURITY, WE DO NEED TRUST AND WE ACTUALLY DO BUSINESS RATHER THAN JUST COMMUNICATE THROUGH OUR E-MAIL.

SO THEY ARE THE SORT OF ADDRESSES.
SO THAT'S JUST A MATTER OF A LITTLE BIT OF CLARIFICATION AND ADDITIONAL INFORMATION ON THAT.

>>ROSS RADER: SO WE NEED A NOT-SO-SIMPLE MAIL TRANSFER PROTOCOL.
SO JUST TO BE CLEAR ON THE SUGGESTION, IS THE IMPLICATION THERE THAT THAT WORK GOING ON WITHIN THE IETF MAY ACTUALLY PROVIDE THIS COMMUNITY WITH SOME MEANS OF VERIFYING THE ACCURACY OF DATA AT SOME POINT?

>> IAN PETER: LET'S SAY MAY.

>>ROSS RADER: OR MAY BE ONE ELEMENT OF VERIFICATION?

>> IAN PETER: TECHNICALLY, IT WILL BE VERY SIMPLE TO SOLVE THIS PROBLEM.
WHETHER IT WILL HAPPEN POLITICALLY IS ANOTHER MATTER ALTOGETHER.

SOMETIME AROUND MIDNIGHT TONIGHT ROME TIME, IN KOREA, THERE'S A WORKSHOP GOING ON AT IETF WHICH WILL CONSIDER TWO OF THOSE FOUR PROPOSALS I MENTIONED.

THE OTHER TWO WILL NOT BE CONSIDERED, BECAUSE BOTH MICROSOFT AND THE YAHOO! PEOPLE HAVE GIVEN UP ON THE IETF PROCESS AS BEING TOO SLOW TO BE ABLE TO ADOPT THE NECESSARY CHANGE IN THIS AREA.
FOR INSTANCE, AT MINNEAPOLIS, SPAM -- AT THE LAST IETF MEETING, SPAM WAS HARDLY ON THE AGENDA.

IT ONLY BECAME A LAST-MOMENT ADDITION TO THE CURRENT IETF AGENDA.
SO, YES, THE ANSWERS ARE THERE.
WHETHER THEY WILL BE ADOPTED BY IETF IS ANOTHER QUESTION.
WHETHER, IN THE ABSENCE OR IN -- YOU KNOW, WITH IETF INERTIA, SOME OTHER SOLUTION MIGHT BE BROUGHT FORWARD ON A MORE PROPRIETARY BASIS, WHICH WOULD BE A PITY, MIGHT HAPPEN IS ANOTHER SORT OF QUESTION THAT IS OUT THERE.

>>ROSS RADER: ONE LAST QUESTION.

IS THIS ACTUALLY A FORMAL WORKING GROUP OF THE IETF OR IS IT YET TO BE CHARTERED?
>> IAN PETER: THE ASRG IS FROM -- THE ANTI-SPAM RESEARCH GROUP IS A PART OF THE IRTF.

THERE IS THOUGHT OF A FORMAL WORK GROUP BEING SET UP AS A RESULT OF THE DISCUSSION.
AS I SAY, IT WILL GO ON ABOUT MIDNIGHT TONIGHT.

>>ROSS RADER: THAT'S GREAT.
THAT'S VERY HELPFUL.
THANK YOU.
ABSOLUTELY, STEVE.
IS THERE ANY QUESTIONS ALONG THOSE LINES?
SARAH PERHAPS?
AND THEN WE'LL GET TO STEVE IN A SECOND.

>>SARAH DEUTSCH: THIS ISN'T A QUESTION, BUT JUST A FOLLOW-UP ON THE SPAM ISSUE.
I KNOW VERIZON AND AOL AND A NUMBER OF COMPANIES HAVE BEEN WORKING THE SPAM ISSUE QUITE CAREFULLY AND CLOSELY.
AND ONE OF THE THINGS WE'VE LOOKED AT WERE, YOU KNOW, WHAT IS THE SPAMMER'S TOOLBOX?
WHAT ARE THEY USING TO GATHER ALL THESE NAMES?
AND, ACTUALLY, THE WHOIS DATABASE DOES NOT REALLY COME UP AS AN AREA THEY WERE PARTICULARLY MINING.
THEY WERE USING ISSUES SUCH AS FALSIFIED HEADERS AND TRANSMISSION INFORMATION.

A HUGE PROBLEM WAS THE ABUSE OF FREE E-MAIL SERVICES, WHERE THEY VERY SLOWLY REGISTER FAKE NAMES USING OPEN PROXIES AND RELAYS AND SOMETHING CALLED FORM MAIL, WHERE THEY MAY SEND YOU A FAKE FORM, YOU FILL IT OUT, THEY'VE GOT YOUR INFORMATION, ZOMBI NETWORKS.

AND THERE IS DEFINITELY SOME ACCOUNT GATHERING AND HARVESTING AND IDENTITY THEFT.
BUT IT'S NOT LIKE THEY SAY, OH, LET'S GO TO THE WHOIS DATABASE.
IT DOES NOT SEEM TO BE THE PRIMARY AREA OF FOCUS FOR THE SPAMMERS.

>>ROSS RADER: THAT'S VERY HELPFUL.
THANK YOU.
STEVE METALITZ, I BELIEVE, WAS FIRST.
UNLESS YOU GUYS WANT TO ARM WRESTLE FOR IT.
GO AHEAD, STEVE.

>>STEVE METALITZ: JUST AS A POINT OF INFORMATION, SINCE WE'RE TALKING ABOUT SPAM, AND SINCE ICANN LAST MET, THERE HAS BEEN ONE LEGAL DEVELOPMENT IN THE UNITED STATES WHICH MAY BE OF INTEREST, WHICH WAS THE ENACTMENT OF THE CANNED SPAM ACT, WHICH IS NOW IN FORCE.

AND ONE OF THE PROVISIONS OF THAT MAKES IT A CRIME TO REGISTER A DOMAIN NAME -- MORE THAN ONE DOMAIN NAME USING MATERIALLY FALSE DATA, AND TO USE THAT DOMAIN NAME AS A PLATFORM FROM WHICH TO LAUNCH MULTIPLE E-MAILS, IN OTHER WORDS, TO SPAM.

SO -- BY THE WAY, THERE'S ALSO A SIMILAR PROVISION ABOUT FRAUDULENTLY ASSERTING THE AUTHORITY TO USE AN IP NUMBER AND THEN, IN THE SAME WAY, LAUNCHING SPAM FROM THERE.

SO THIS IS, I THINK, THE FIRST INSTANCE IN WHICH, IN THE UNITED STATES, ANYWAY, THERE'S BEEN A CRIMINAL PROVISION THAT IS BASED ON THE REGISTRATION OF A DOMAIN NAME USING FALSE CONTACT DATA, IF YOU THEN GO ON TO DO SOMETHING ELSE WITH THAT DOMAIN NAME.
BUT I JUST WANTED TO BRING THAT TO THE TASK FORCE'S ATTENTION.

>>ROSS RADER: THAT'S GREAT, STEVE.
THANKS.
ACTUALLY, I DID HAVE ONE QUESTION FOR YOU THERE.

WOULD YOU VIEW THAT COMBINATION OF LEGISLATION AS WELL AS THE OTHER PROPOSED LEGISLATION THAT WE HAVE TALKED ABOUT AS BEING EFFECTIVE AND USEFUL?
AND IS IT SOMETHING THAT THIS TASK FORCE SHOULD TAKE A LOOK AT?
SPECIFICALLY AS IT RELATES TO ACCURACY AND BRINGING THAT DATABASE UP TO PAR?

>>STEVE METALITZ: WELL, I DON'T THINK WE KNOW YET HOW EFFECTIVE OR USEFUL IT WILL BE, BECAUSE THIS HAS JUST GONE INTO EFFECT JANUARY 1ST.
AND THE OTHER LEGISLATION YOU REFERRED TO IS PROPOSED LEGISLATION.
AND, IN ANY CASE, I THINK THE FOCUS OF THIS TASK FORCE IS WHAT CAN BE DONE WITHIN THE ICANN FRAMEWORK TO IMPROVE THE ACCURACY OF WHOIS DATA.
BUT THIS IS JUST PART OF THE ENVIRONMENT WHICH IS -- AND, OBVIOUSLY, THE UNITED STATES IS NOT THE ONLY ONE, BUT I JUST -- OTHER COUNTRIES HAVE PASSED ANTISPAM LAW.
AND PERHAPS THEY HAVE SIMILAR PROVISIONS.
I AM JUST NOT AWARE OF IT.
BUT I WAS JUST BRINGING THIS TO YOUR ATTENTION.

>>ROSS RADER: THANK YOU, STEVE.
ANY FOLLOW-UPS FROM THE PANEL?
ANYONE?
THOMAS.

>>THOMAS ROESSLER: WELL, I WILL BE TRYING TO LET THIS BE MY LAST COMMENT ON THE SPAM STUFF.
BRIEF FOLLOW-UP --

>>ROSS RADER: IS IT ABOUT ACCURACY?

>>THOMAS ROESSLER: IT IS A BRIEF COMMAND ABOUT THE STRUCTURAL SIMILARITY.
ONE THING SARAH SAID WAS SPAMMER'S TOOLBOX CONTAINED ZOMBIE NETWORKS.
AND I THINK IN THE CONTEXT OF USING INNOCENT THIRD PARTIES' RESOURCES, IDENTITIES TO COMMIT FRAUD, ZOMBIE NETWORKS ARE A POINT THAT NEEDS TO BE UNDERSTOOD BY ALL PARTICIPANTS HERE.

ZOMBIE NETWORKS ARE HOME COMPUTERS CONNECTED THROUGH DSL OR CABLE LINES OR SOMETHING LIKE THAT UNDER THE CONTROL OF A THIRD PARTY.

THE TOOLS TO GET THESE MACHINES UNDER CONTROL ARE E-MAIL WORMS LIKE CERBIC F.
THIS IS THE FIRST WORM, IN FACT, WHICH HAS BEEN PROVEN TO BE USED FOR SPAMMING.
THE STRUCTURE IS WHAT I ASSERTED EARLIER ON.
YOU HAVE A CRACKDOWN.
WHEN THERE IS ACCOUNTABILITY, YOU ENFORCE ACCOUNTABILITY.
WHAT HAPPENS IS, INNOCENT BYSTANDERS ARE BEING ABUSED FOR THEIR SERVICES.
THE STRUCTURE IS THERE ALL OVER THE PLACE WHERE THIS HAPPENS.
S IN THE COMMENT I WANTED TO MAKE.

>>ROSS RADER: GREAT.
MARGIE.

>>MARGIE MILAM: HI.
THIS IS MERGER MILAM FROM MARK MONITOR.

I WANTED TO REFER BACK TO THE SURVEY I HAD TALKED ABOUT IN THE PRIOR WORKSHOPS.
WE CONDUCTED A SURVEY AMONG OUR CUSTOMERS ABOUT WHOIS ISSUES, AND SOME OF THE ANSWERS RELATE PARTICULARLY TO THIS TASK FORCE.
LET ME GO THROUGH SOME OF THE FINDINGS.

78% OF THE PARTICIPANTS HAD HAD PROBLEMS IDENTIFYING DOMAIN NAME OWNERS BECAUSE OF FALSE OR MISLEADING INFORMATION --

>>ROSS RADER: ACTUALLY, IF I COULD JUST INTERRUPT QUICKLY WITH A PROCEDURAL CLARIFICATION.
COULD YOU JUST, FOR THE RECORD, SORT OF RESTATE THE COMPOSITION OF WHO THOSE PEOPLE ARE WHO THAT WENT OUT TO SO IT'S PART OF OUR RECORD.

>>MARGIE MILAM: WE'RE A DOMAIN NAME REGISTRAR AND ALSO PROVIDE INTELLECTUAL PROPERTY SERVICES.
SO WE SENT OUT A NOTIFICATION OF A WEB-BASED CONFERENCE TO OUR CUSTOMERS AND TO POTENTIAL CUSTOMERS, ASKING THEM IF THEY HAD ANY INTEREST IN LEARNING MORE ABOUT ICANN WHOIS PROCESSES.

SO ABOUT 65 PARTICIPANTS CALLED INTO THE CALL AND LISTENED IN. AND WE CONDUCTED A SURVEY ONLINE.
AND THEN WE ALSO OPENED THE MIKE TO QUESTIONS AT THE END OF THE SURVEY.
SO THE -- IT WAS ABOUT AN HOUR, TOOK PLACE ABOUT A WEEK AGO.

AND WHAT WAS INTERESTING FOR THE PURPOSES OF THIS TASK FORCE WAS THAT -- I THINK THERE'S ISSUES WITH ICANN POLICY AND ENFORCEMENT OF THE POLICY.

A LOT OF THE QUESTIONS THAT CAME UP FROM OUR CLIENTS AT THE END OF THE SURVEY WERE REALLY PRACTICAL QUESTIONS ON HOW TO GET THEIR EXISTING REGISTRAR TO UPDATE THEIR WHOIS DATA -- THEIR OWN WHOIS RECORDS.

THAT SEEMED TO BE A COMMON THEME AMONG OUR CUSTOMERS, THAT, YOU KNOW, CONTACTING THEIR OWN REGISTRAR TO UPDATE THE INFORMATION WAS A PROBLEM.
WHEN THEY WERE TALKING ABOUT A DOMAIN NAME THAT WAS NOT OWNED BY OUR CUSTOMERS BUT IT MAY BE A PROBLEM SITE WHERE THE INFORMATION WAS INACCURATE, MANY OF THEM HAD CONTACTED THE -- GONE THROUGH THE INTERNET WHOIS PROBLEM REPORT TO REPORT INACCURACIES IN THE WHOIS INFORMATION.

AND THERE WAS FRUSTRATION AMONG THE CUSTOMERS AND THE PEOPLE ON THE CALL ABOUT NOT HAVING THAT PROCESS ACTUALLY WORK.

SO THEY WOULD SUBMIT A REQUEST, YOU KNOW, SAYING, YOU KNOW, ON THE INTERNET SITE THAT THE WHOIS INFORMATION WAS INACCURATE AND NOTHING WOULD HAPPEN.

THE RECORD WOULD NEVER BE UPDATED.
SO I THINK THE MESSAGE FROM AT LEAST OUR CUSTOMERS WERE, YOU KNOW, IF ICANN COULD ENFORCE THEIR POLICIES AND GET THE REGISTRARS TO UPDATE THE RECORDS WHEN THEY'RE NOTIFIED, YOU KNOW, OF AN INACCURACY, THAT THAT WOULD BE VERY HELPFUL.

THANK YOU.

>>ROSS RADER: THANK YOU, MARGIE.
I SEE DAN HALLORAN IS TRYING TO SNEAK OUT OF THE ROOM.
BUT MARGIE TOUCHES ON A VERY IMPORTANT POINT.

IT WAS CERTAINLY SOMETHING THAT I WANTED TO INTRODUCE AT ONE POINT OR ANOTHER.
AND IT'S THE INTERNIC PROBLEM REPORTING SYSTEM THAT DEALS WITH -- THE CURRENT METHOD OF DEALING WITH INACCURATE DATA WITHIN THE WHOIS.

AND I WAS WONDERING, DAN, IF YOU HAD A SECOND TO MAYBE GIVE THE ROOM AN OVERVIEW OF THAT, BECAUSE IT CERTAINLY HAS A DEFINITE BEARING ON THE ACCURACY OF THE DATA.
I TAKE THAT AS A YES?

A ROUND OF APPLAUSE.

>>DAN HALLORAN: YES.

SO ICANN DOES OPERATE ON THE INTERNIC WEB SITE A WHOIS PROBLEM REPORT SYSTEM.

IT LETS ANY INTERNET USER COME TO THE WEB SITE, PUT IN THEIR -- THE DOMAIN NAME THEY'RE CONCERNED ABOUT, AND PUT IN THEIR OWN NAME AND THEIR E-MAIL ADDRESS, AND IT -- WHAT THAT SYSTEM DOES IS IT GOES AND GRABS THE WHOIS DATA FOR THAT NAME.

IT WAS FIRST LAUNCHED ABOUT A YEAR AND A HALF, TWO YEARS AGO.
AND IT INITIALLY ONLY DEALT WITH COM, NET, ORG.
WITHIN A MONTH, WE ARE EXPANDING THAT TO THE OTHER TLDS.
RIGHT NOW IT'S VERSION 1.0 OF THE SYSTEM STILL.

SO THE INTERNIC SYSTEM WILL GO GRAB THAT DOMAIN'S WHOIS AND THEN LET THE REPORTER KIND OF FILL IN SOME CHECK BOXES AND SAY WHAT THEIR CONCERNS WITH THAT DATA ARE.
IT SENDS A COPY OF THE REPORT BACK TO THAT E-MAIL ADDRESS OF THE REPORTER TO MAKE SURE IT REALLY WAS THAT PERSON SUBMITTING IT.
AND IT'S SORT OF A VALIDITY CHECK ON THE REPORT.

THEN DUMPS A COPY OF THE REPORT INTO THE ICANN DATABASE, BASICALLY, AND FORWARDS A COPY OF THE REPORT ALSO TO THE REGISTRAR AND ASKS THE REGISTRAR, THIS IS A REPORT ABOUT INACCURATE WHOIS DATA.
PLEASE FOLLOW UP ON IT.

IT'S -- WE'RE -- I DON'T WANT TO OFF THE TOP OF MY HEAD GIVE BAD STATISTICS, SO I'LL GIVE YOU JUST BALLPARK.

WE RECEIVED ABOUT 20,000 REPORTS, A LITTLE OVER 20,000 REPORTS IN A YEAR AND A HALF.
WE'RE WORKING RIGHT NOW ON DRAFTING A MORE DETAILED STATISTICAL REPORT WITH NARRATIVE INFORMATION ABOUT IT.

THAT REPORT IS DUE TO BE PUBLISHED BY MARCH 31ST UNDER OUR MOU.
SO YOU'LL HAVE MORE LATER, BUT THAT'S THE GENERAL OVERVIEW.

ALSO IN THAT REPORT, WE'LL DESCRIBE SOME OF THE -- WE'VE BEEN WORKING FOR SOME TIME ON SORT OF ENHANCEMENTS TO EXPAND IT TO MORE TLDS, TO MAKE IT MORE TRANSPARENT FOR ICANN, FOR THE PERSON WHO SUBMITTED THE REPORT TO SEE WHAT'S GOING ON, TO BE ABLE TO CHECK BACK AND HAVE AN AUTOMATED WAY TO SORT OF COMPLAIN ABOUT IT, HEY, I SUBMITTED THIS REPORT A MONTH AGO, THE REGISTRAR HASN'T DONE ANYTHING ON IT OR NOTHING'S HAPPENED, CAN YOU LOOK INTO THIS.

THAT'S THE GIST.

>>ROSS RADER: THAT'S VERY HELPFUL.
THANK YOU.

COULD YOU SPEND MAYBE HALF A SECOND ON DESCRIBING THE CURRENT REGISTRAR OBLIGATIONS THAT RELATES TO THAT PROCESS.
SO, IN OTHER WORDS, YOU RECEIVE A REPORT ABOUT BYTE.ORG, MY DOMAIN NAME, IT GOES TO MY REGISTRAR.
AND WHAT DO THEY HAVE TO DO WITH THAT?

>>DAN HALLORAN: THE CURRENT -- JUST OFF THE TOP OF MY HEAD, THEY HAVE AN OBLIGATION TO TAKE REASONABLE STEPS TO INVESTIGATE THE REPORTED INACCURACY.
AND IF THEY LEARN ABOUT INACCURATE DATA, THEY HAVE TO TAKE STEPS TO CORRECT IT.

SO ICANN'S DONE A SERIES OF ADVISORIES TO REGISTRARS OVER THE PAST FEW YEARS TO DESCRIBE WHAT THOSE REASONABLE STEPS MIGHT INCLUDE.

GOING INTO DETAIL ABOUT SOME OF THE TIME PERIODS THERE, ONE OF THE THINGS THAT COMES INTO PLAY IS EVERY REGISTRANT'S REGISTRATION AGREEMENT, THE REGISTRANT HAS TO AGREE THAT IT WILL RESPOND TO AN INQUIRY ABOUT ITS DATA WITHIN 15 DAYS ON PAIN OF POSSIBLY HAVING THE DOMAIN CANCELED.

SO PROBABLY THE BEST WOULD BE TO, WITHOUT GOING THROUGH ALL THOSE ADVISORIES -- IT GOES ON FOR PAGES AND PAGES -- BUT MAYBE GET THOSE SOMEHOW INTO YOUR RECORDS.
AND I'M AVAILABLE TO ANSWER QUESTIONS ABOUT THOSE BY E-MAIL OR WHATEVER OFFLINE.

>>ROSS RADER: GREAT.
I'M SURE WE'LL HAVE A LOT OF FOLLOW-UPS FOR YOU ON THAT POINT.

WERE THERE ANY SPECIFIC QUESTIONS FROM THE PANEL ON THAT PROCESS BEFORE WE LET DAN GO?
YES, GO AHEAD, PLEASE.

>>JEAN-MICHEL BECAR: I HAVE A QUESTION FOR DAN.
SO IF -- I HAVE SEVERAL CUSTOMERS WHO ASK ME, I FOUND THIS SPAMMER, AND, OBVIOUSLY, THE WHOIS IS INACCURATE.
SO I ASK THEM TO PUT A COMPLAINT ON INTERNIC.NET.
BUT WE NEVER HAD A FOLLOW-UP FROM THE REGISTRAR.
WHAT SHOULD I DO IN THAT CASE?
SHOULD I GO BACK TO THE REGISTRAR OR SHOULD I GO TO YOU?

>>DAN HALLORAN: WE HAVE SORT OF A BLURB E-MAIL WE SEND OUT.
WE GET THOSE FROM TIME TO TIME.
AND, BASICALLY, WE SEND A NOTE BACK TO THE PERSON WHO, LET'S SAY ANY HAD SENT THAT TO ICANN INSTEAD OF JEAN-MICHEL.
WE WOULD -- WE OFTEN GET IT, SOMEONE WILL WRITE BACK FIVE DAYS LATER AND SAY, HEY, THIS DOMAIN IS STILL UP.
THEY HAVEN'T DONE ANYTHING.
TAKE AWAY THEIR ACCREDITATION 15 DAYS LATER.
SO WE KIND OF GIVE LINKS TO THOSE ADVISORIES AND EXPLAIN WHAT THE REGISTRAR'S RESPONSIBILITIES ARE.

RELOOK AT THAT ON A CASE BY CASE BASIS, FOLLOW UP, ASK THE REGISTRAR TO GET BACK TO US, TELL US WHAT STEPS YOU TOOK TO INVESTIGATE THIS.
WHAT COMMUNICATION DID YOU GET BACK?

WE GO INTO SOME HAND-HOLDING AND LOOKING AT IT WITH THE REGISTRAR TO MAKE SURE THEY WERE TAKING REASONABLE STEPS.

WE DON'T GET -- OUT OF THOSE 22,000, WE DON'T GET A WHOLE LOT OF KIND OF FOLLOW-UP COMPLAINTS LIKE THAT.

YOU KNOW, I CAN THINK OF MAYBE LESS THAN -- FAR LESS THAN 1% DO WE HEAR BACK FROM THE PERSON WHO SUBMITTED THE REPORT WITH ANY CONCERNS ABOUT HOW THE REGISTRAR HANDLED IT.

BUT TO TAKE THAT INTO ACCOUNT, THAT'S ALSO ONE OF THE THINGS WE'RE LOOKING FOR, IS -- IN THE ENHANCEMENTS TO THE SYSTEM IS KIND OF WAYS TO FACILITATE THAT OR MAYBE EVEN (INAUDIBLE) THAT.

ONE OF THE THINGS WE'VE BEEN THINKING ABOUT IS EVEN, LIKE, SENDING A -- KIND OF A PROACTIVE REMINDER OUT TO THE PERSON WHO SUBMITTED THE REPORT, SAY, A MONTH LATER AND SAY WE WANT TO LET YOU KNOW IT'S BEEN A MONTH SINCE YOU SUBMITTED THIS REPORT.
DO YOU HAVE ANY CONCERNS ABOUT THIS?
OR WAS IT HANDLED TO YOUR SATISFACTION?
OR SOMETHING.
SO THAT'S ONE OF THE IDEAS OUT THERE.

BUT BOTTOM LINE, AND AS WITH ANY OTHER CONCERN ABOUT REGISTRAR COMPLIANCE, WHICH IS WHAT THAT WOULD BE, CONTACT ICANN.

>>JEAN-MICHEL BECAR: OKAY.

>>ROSS RADER: AND SOON YOU WILL BE ABLE TO SAY, "CONTACT SOMEBODY ELSE AT ICANN."

>>DAN HALLORAN: YES, PLEASE.

>>KATHRYN KLEIMAN: I HAVE A QUESTION FOR DAN.
KATHRYN KLEIMAN, NONCOMMERCIAL USERS CONSTITUENCY.

DAN, WHEN THE COMPLAINTS ARE BEING REVIEWED, I'LL JUST PUT IT THIS WAY, IS ANYBODY LOOKING AT KIND OF THE NATURE OR THE -- THE NATURE OF THE DOMAIN NAME OR MAYBE EVEN THE NATURE OF THE PERSON WHO IS SEEKING THE INFORMATION?

AGAIN, WITHOUT -- AS HAS BEEN TALKED ABOUT IN THE PRIOR TASK FORCES, WITHOUT ANY KIND OF EXISTING PRIVACY PROTECTION, YOU KNOW, YOU HAVE WHISTLE BLOWERS, YOU HAVE PLANNED PARENTHOOD CLINICS WHO DON'T WANT THEIR ADDRESSES OUT THERE, PARTICULARLY IN THE U.S., YOU HAVE EMPLOYEES COMPLAINING ABOUT EMPLOYERS.

BEFORE ADMINISTRATIVE PROCEDURES ARE INVOKED TO DELETE DOMAIN NAMES, ARE PEOPLE KIND OF LOOKING AT THE NATURE OF THE DOMAIN NAME AND PERHAPS WHAT THE -- WHY THE PERSON'S NOT LISTING THEIR INFORMATION PUBLICLY?

>>DAN HALLORAN: UNDER THE CURRENT SYSTEM, WE ACTUALLY DO HAVE A PERSON WHO SITS AT A COMPUTER AND LOOKS AT EVERY SINGLE REPORT AS IT COMES IN. MOSTLY WHAT THEY'RE TRYING TO WEED OUT IS ALL THE -- WE GET TONS OF COMPLAINTS; YOU KNOW, "I MOVED AND MY PHONE NUMBER CHANGED. PLEASE UPDATE MY WHOIS RECORDS." AND THAT'S -- THEY'RE TRYING TO USE OUR INTERNIC BAD WHOIS DATA REPORTING SYSTEM FOR THAT. WE SEND THEM BIG DISCLAIMERS SAYING DON'T USE THIS FOR THAT, WE STILL GET THAT.

IT'S A RESOURCE STRAIN AND SOMETIMES A DRAG ON GETTING REPORTS OUT TO REGISTRARS, SO WE'RE LOOKING TO ACTUALLY SKIP THAT STEP IN THE NEXT ONE. THAT DOESN'T MEAN THAT THE REGISTRAR -- WHEN YOU SUBMIT ONE OF THESE REPORTS, IT DOESN'T KICK IN SOME AUTOMATIC CLOCK THAT STARTS THE TIMER AND THAT MEANS GETTING DELETED. IT'S A REPORT TO THE REGISTRAR. THEY ARE SUPPOSED TO TAKE REASONABLE STEPS WHICH WILL VARY UNDER CIRCUMSTANCES. WE WENT INTO SOME DETAIL AS TO WHAT STEPS THE REGISTRAR MIGHT TAKE TO A REPORT WILL VARY, DEPENDING ON WHAT TYPE OF HARM MIGHT BE GOING ON, DEPENDING ON HOW WILLFUL OR OVERT THE INACCURACY IS. IF IT LOOKS LIKE SOMEONE PUT DOWN THE WRONG ZIP CODE FOR A CITY, THAT'S ONE THING, THEY MIGHT GIVE GRANDMA JONES TIME TO REPLY TO A LETTER. SO IT WILL GIVE REGISTRARS SOME FLEXIBILITY TO DEAL WITH SITUATIONS LIKE THAT.

>>ROSS RADER: YOU TOUCH ON AN INTERESTING POINT AS WELL, DAN, THAT AS IT RELATES TO ACCURACY, WE OFTEN ASSUME THAT WE'RE TALKING ABOUT A REGISTRAR OBLIGATION. BUT YOU ALSO TOUCH ON THE FACT THAT THERE'S -- I'M SORRY, WE OFTEN THINK OF THE REGISTRANT OBLIGATION TO PROVIDE REGISTRARS WITH ACCURATE DATA, BUT THERE'S ALSO THE FLIP SIDE OF THAT COIN, WHEN A REGISTRANT WANTS TO PROVIDE A REGISTRAR WITH ACCURATE DATA AND FOR WHATEVER REASON CANNOT.

SO THAT'S ALSO IMPORTANT FOR US TO REMEMBER IN OUR DELIBERATIONS.

DO YOU HAVE A FOLLOW-UP, KATHY?

>>KATHRYN KLEIMAN: A DIFFERENT QUESTION.

>>ROSS RADER: OKAY; GO AHEAD.

>>KATHRYN KLEIMAN: I WANTED TO BETTER UNDERSTAND A LITTLE BIT ABOUT THE SCOPE OF THIS TASK FORCE. I'VE BEEN TRYING TO KIND OF UNDERSTAND BEING ON TASK FORCE TWO, WHERE THEY ALL INTERSECT. IT SEEMS TO ME ONE OF THE BEST WAYS TO ACHIEVE ACCURACY IS TO HAVE PRIVACY, IT'S WORKED IN TELEPHONE NUMBER AREA. IF YOU PROVIDE AN ABILITY TO KEEP PRIVATE A TELEPHONE NUMBER, THE PEOPLE PUTTING IN A SELF HELP MECHANISM BECAUSE PEOPLE WANT DUE PROCESS, PEOPLE WILL PARTICIPATE MORE, ONE THINKS. SO I WAS WONDERING IF THIS TASK FORCE -- ARE YOU LOOKING AT THAT ISSUE OF INCREASING ACCURACY THROUGH PRIVACY PROTECTIONS?

IF YOU'RE NOT, WHY?

AND THEN JUST WHAT INDIVIDUALS, SINCE ACCURACY IS WHAT YOU GUYS ARE THINKING ABOUT SO MUCH, I'D BE INTERESTED TO HEAR ANYBODY COMMENT ON A PERSONAL BASIS.

>>ROSS RADER: THAT'S NOT SOMETHING THIS TASK FORCE IS CURRENTLY LOOKING AT. WE'RE IN DATA GATHERING RIGHT NOW. I DON'T THINK I'VE HAD A CONCRETE DISCUSSION WITH ANYONE AT THIS TABLE OR THOSE NOT AT THIS TABLE AS TO THEIR POSITIONS AND VIEWS THEY TAKE ON GETTING TO ACCURATE DATA IN THE WHOIS DATABASE. SO IT'S A MATTER OF PROCESS AT THIS POINT.

WHICH BRINGS ME TO LET'S TALK ABOUT NEXT, WHICH IS THE BEST WAY TO GET THESE TYPES OF THINGS ON OUR AGENDA IS TO FIND SOMEBODY THAT QUALIFIES TO FILL OUT OUR SURVEY, AND HAVE THEM FILL IT OUT AND SUBMIT IT.

THAT SURVEY IS REALLY OPEN FOR VIRTUALLY ANYBODY TO FILL OUT.

I WOULD JUST DIRECT EVERYONE TO THE GNSO.ICANN.ORG WEB SITE. OUR SURVEY IS -- THE ONE IN PARTICULAR THAT'S OPEN TO THE BROADEST RANGE THE STAKEHOLDERS WOULD BE THE GENERAL SURVEY WE SENT OUT TO THE ONLINE SERVICE PROVIDERS, AND THAT'S INCLUDED IN OUR INTERIM REPORT AS ONE OF THE APPENDICES.

SO IF YOU CAN GET THAT OUT TO WHOMEVER YOU CAN GET TO FILL IT OUT, WE WOULD SINCERELY APPRECIATE THAT FEEDBACK.

AS I MENTIONED EARLIER, WE'VE HAD ONE RESPONSE BACK TO THE SURVEY, AND IT MAKES IT REALLY DIFFICULT TO ANALYZE THE DATA GATHERED IF ALL WE'RE LOOKING AT IS ONE RESPONSE. IT'S NOT GOING TO BE A VERY INTERESTING CONVERSATION.

PLEASE, STEVE. OH, VITTORIO.

>>VITTORIO BERTOLA: I JUST WANTED TO COMMENT A LITTLE ON THIS.

HONESTLY, THIS IS SOMETHING AS ROSS WAS SAYING THAT WE STILL HAVE TO DISCUSS IN THE TASK FORCE BECAUSE YES, WE'RE STILL AT THE DATA GATHERING PHASE. BUT UP TO NOW, I THINK THAT THIS DISCUSSION IS MORE OR LESS GOING IN THE WRONG DIRECTION BECAUSE I THINK THAT, YES, THERE ARE INACCURATE DATA IN WHOIS, BUT IF YOU TAKE A CLOSER LOOK AT THIS, I THINK THERE ARE MORE OR LESS THREE CATEGORIES. I MEAN, THERE ARE THOSE WHO -- WELL, THERE ARE THOSE WHO PROVIDE FALSE DATA TO DEFEND THEIR PRIVACY, SO AS KATHY POINTED OUT, YOU WILL JUST SOLVE THOSE PROBLEMS IF YOU INTRODUCE SOME PRIVACY PROTECTION MECHANISM. THAT IS NOT OUR JOB. THEN THERE ARE THOSE WHO WANT TO PROVIDE FALSE DATA BECAUSE THEY PLAN TO DO FRAUD WITH THE DOMAIN NAME, BUT I DON'T THINK THE VERIFICATION MECHANISM WILL SOLVE THAT EITHER BECAUSE AS THOMAS POINTED OUT IT WILL JUST PROVIDE THEM -- IF YOU'RE REALLY MOTIVATED TO PUT FALSE DATA INTO WHOIS, YOU CAN DO ALL THE CHECKS YOU WANT, YOU WILL JUST HAVE THEM PUT FALSE DATA INTO THE WHOIS, STEALING FROM SOMEONE ELSE. SO THERE IS NO AUTOMATIC WAY TO VERIFY THESE KIND OF PEOPLE. AND SINCE THEY ARE THE ONES WHO ARE REALLY MOTIVATED TO DO SO, THEY WILL DO SO AND YOU WILL NOT GET ANYWHERE.

I THINK SO PERHAPS IT WILL BE A LITTLE MORE PRODUCTIVE TO FOCUS ON THOSE WHO, YES, THEY PROVIDE FALSE DATA BUT POSSIBLY THEY DON'T WANT TO DO SO.

SO I THINK PERHAPS THIS IS THE BIGGEST CATEGORY, AND THERE ARE A HUGE AMOUNT OF PEOPLE WHO WOULD LIKE TO PROVIDE TRUE DATA BUT THEY CANNOT DO SO, BECAUSE MY TRUE LIFE EXAMPLE IS I AM THE (INAUDIBLE) FOR SOME DOMAINS AROUND THE WORLD (INAUDIBLE) STRATEGY 2000, AND THERE IS A PHONE COMPANY FOR WHICH I HAVE NOT BEEN WORKING ANYMORE SINCE TWO YEARS AGO AND THEY DIDN'T BOTHER TO CHANGE THE DATA. BUT EVEN IF THEY TRY TO DO SO THEY DIDN'T HAVE ANY PRACTICAL MECHANISM TO DO SO, IN THE CCTLDS BUT EVEN IN THE GTLDS, BECAUSE FOR EXAMPLE YOU COULD USE MY PERSONAL E-MAIL ADDRESS OF THE COMPANY AND THAT'S NOT WORKING ANYMORE AND SO YOU DON'T HAVE ANY AUTHENTICATION MECHANISM TO GET IN AND UPDATE YOUR DATA. AND PERHAPS FOCUSING ON THESE KIND OF PROBLEMS COULD BE MUCH MORE PRODUCTIVE THAN TRYING TO FIND OTHER SOLUTIONS TO THIS.

AND YOU ALSO HAVE TO TAKE INTO ACCOUNT SOMETHING THAT IS OFTEN IS FORGOT FROM PEOPLE FROM THE U.S., BECAUSE ESPECIALLY IN THE REST OF THE WORLD, YOU HAVE A MUCH LONGER CHAIN OF PEOPLE BECAUSE, FOR EXAMPLE, ONE OF THE TWO OR THREE BIGGEST REGISTRARS IN ITALY IS NOT AN ICANN ACCREDITED REGISTRAR, AND SO HE IS USING THEM TO CREATE DOMAINS AND THEY ARE (INAUDIBLE) AND THEY ARE BEING USED BY HIS FRIENDS WHO IS PERHAPS THE MORE TECHNICALLY SAVVY ONE. SO YOU HAVE A CHAIN OF FIVE OR SIX OR SEVEN PEOPLE BEFORE YOU GET TO THE REGISTRANT. SO THIS IS ALSO WHY I THINK THAT KIND OF AUTOMATIC MECHANISM WHERE YOU FILL OUT A FORM AND A MESSAGE GETS SENT TO THE REGISTRAR OR REGISTRANT WILL NEVER WORK BECAUSE THEY MIGHT BE THE WRONG PEOPLE. AND ONCE YOU GET AN ENGLISH E-MAIL SENT OUT IN VIETNAM TO A VIETNAMESE REGISTRANT WHO IS NOT THE ACTUAL REGISTRANT BUT IS JUST A FRIEND OR HOSTING COMPANY OR WHATEVER, YOU'LL NEVER GET ANYTHING THAT WAY.

>>ROSS RADER: THANK YOU, VITTORIO.

SARAH HAD A COMMENT FOR KATHY AS WELL.

>>SARAH DEUTSCH: I THINK ONE INTERESTING WAY TO LOOK AT THIS ISSUE, AND IT'S NOT JUST ICANN AND A WHOIS ISSUE BUT GENERALLY THE WHOLE ISSUE OF INTELLECTUAL PROPERTY RIGHTS AND LAW ENFORCEMENT AND IMPROVING ISSUES OF CYBERCRIME, ET CETERA, IS NOT TO LOOK AT IMPROVEMENTS AS NECESSARILY AN IRONCLAD SOLUTION THAT WILL NEVER BE BROKEN. THAT THE WAY PEOPLE ARE STARTING TO LOOK AT MANY OF THESE SOLUTIONS IS CALLED THE SPEED BUMP APPROACH, WHICH IS THERE WILL BE SOME LEAKAGE, THERE WILL ALWAYS BE BAD CHARACTERS WHO ARE GOING TO FIND A WAY TO HACK AROUND OR USE TECHNOLOGY TO WORK AROUND ANY PROBLEM, BUT THE ISSUE HERE IS TO PUT UP A SPEED BUMP SO IF SOMEBODY IS JUST A REGULAR CYBERSQUATTER, AND IT'S VERY EASY TO WRITE 999 MICKEY MOUSE WAY THEY WILL DO THAT. THERE WILL BE A CERTAIN GROUP THAT ARE DETERRED BECAUSE THERE WILL BE SOME ACCURACY BUILT INTO THE PROCESS. THERE WILL BE A GROUP THAT WOULD GO THE NEXT STEP BY DOING IDENTITY THEFT OR WHATEVER IT TAKES TO COMMIT A CRIME!
. BUT WHAT WE'RE SEEKING HERE IS IMPROVEMENT AND NOT SOME FULL-PROOF SOLUTION TO THE PROBLEM.

>>ROSS RADER: THANK YOU, SARAH.
STEVE, I THINK YOU WERE NEXT.

>>STEVEN METALITZ: THANK YOU. THIS IS REALLY IN RESPONSE TO KATHY'S COMMENT. IN TERMS OF THIS TASK FORCE, IF YOU LOOK AT THE DESCRIPTION OF WORK THIS WAS APPROVED BY THE GNSO COUNCIL, IT STATES, "THIS TASK FORCE, TASK FORCE 3, SHOULD NOT CONSIDER MECHANISMS FOR RESTRICTING THE PUBLIC DISPLAY FOR SOME DATA ELEMENTS, WHICH MAY LEAD TO A REDUCTION IN THE PROVISION OF FALSE INFORMATION BY THOSE REGISTRANTS SEEKING TO PROTECT THEIR PRIVACY. THIS IS THE SUBJECT OF A SEPARATE TASK FORCE."

AND I THINK THAT REFERS TO TASK FORCE 2, WHICH KATHY AND I SERVE ON. AND I WOULD INVITE KATHY, IF SHE HAS EMPIRICAL EVIDENCE ABOUT -- I THINK SHE MENTIONED OTHER TELECOMMUNICATIONS AREAS THAT PEOPLE PROVIDE MORE ACCURATE DATA WHEN IT'S NOT PUBLICLY AVAILABLE, I THINK YOU SHOULD CONTRIBUTE THAT TO TASK FORCE 2. AS WE'RE ALL SAYING HERE IN ALL THE TASK FORCES, WE NEED MORE DATA AND THE MORE CONTRIBUTIONS WE GET FROM PEOPLE WHO HAVE INFORMATION TO SHARE I THINK THE BETTER WE WILL DO.

>>ROSS RADER: ABSOLUTELY, STEVE. AND PLEASE DON'T TAKE MY EARLIER ANSWER AS AN INDICATION THAT WE'RE LOOKING TO ALSO WRESTLE WITH THAT THORNY PROBLEM.

I THINK THAT IF WE ARRIVED AT A CONCLUSION THAT SAW THAT EVENTUALITY TO BE THE MOST APPROPRIATE SOLUTION, THAT WE WOULD CERTAINLY AT LEAST CONSULT WITH YOUR TASK FORCE IF NOT WHOLEHEARTEDLY DEFER TO YOUR TASK FORCE IN AN EFFORT TO AVOID WRITING THAT FINAL REPORT. SO THANK YOU.

(LAUGHTER.)

>>JEAN-MICHEL BECAR: JEAN-MICHEL BECAR.

I WOULD LIKE TO ADD SOMETHING YOU SHOULD CONSIDER AS TASK FORCE 3 ABOUT ACCURACY. TODAY WE ARE IN A STRANGE SITUATION. WE ARE -- WE JUST MIGRATED WITH DOT ORG DOMAIN AND AT THAT TIME, IT WAS '99 BEFORE THE ICANN REGISTRAR ACCREDITATION. WE DIDN'T HAVE SO MUCH OBLIGATION TO GATHER DATA FROM THE REGISTRAR. SO WE END UP WITH ALL OF THE DOT ORG DOMAIN WITH NO E-MAIL AND NO PHONE NUMBER, FOR EXAMPLE, FOR THE REGISTRANT. AND TODAY -- YESTERDAY WE MIGRATED TO EPP AND TODAY THEY SAY WE WILL ENFORCE THE EPP STANDARD AND WE HAVE TO MAKE THE E-MAIL MANDATORY FIELDS SO WE HAVE ALL THE REGISTRANT WITH INACCURATE DATA. SO WE KNOW WE HAVE A LOT OF DOMAIN TODAY WITH INACCURATE DATA. WE HAD TO DO IT.

SO I THINK IT'S -- VITTORIO CITED SEVERAL TYPE OF INACCURATE DATA. THAT'S ONE NEW TYPE AND I THINK YOU SHOULD TAKE INTO ACCOUNT THAT.

>>ROSS RADER: THAT'S EXCELLENT. THANK YOU, THANK YOU.
IS THERE ANYTHING ELSE FROM THE PANEL OR THE FLOOR THAT WE SHOULD PERHAPS LOOK AT OR DISCUSS? SPECIFICALLY AS IT RELATES TO ACCURACY. SARAH HAS SOMETHING?

PLEASE GO AHEAD, FRAN.

>>FRANNIE WELLINGS: I JUST WANTED TO ADD, BASED ON STEVE'S RESPONSE TO KATHY'S COMMENTS, THAT JUST BECAUSE THE TASK FORCES AS DRAFTED BY STEVE AND A FEW OTHERS SEPARATE PRIVACY FROM ACCURACY IT DOESN'T MEAN THAT THIS IS NECESSARILY THE BEST WAY TO GO.

SO THIS IS, YES, PRIVACY WAS DEFINED AS OUT OF SCOPE FOR OUR TASK FORCE, BUT IN THE PUBLIC COMMENT PERIOD, I THINK IT'S FAIR FOR PEOPLE TO DISCUSS THAT AS A POSSIBILITY.

>>ROSS RADER: THANK YOU. KIYOSHI.

>>KIYOSHI TSURU: THANKS, ROSS. AND WITHOUT THE INTENT TO ELABORATE ON THIS TOO MUCH, YEAH, I THINK THE INITIAL CHARTER OF THE WHOIS STEERING COMMITTEE WAS DEALING WITH THIS HOLISTICALLY; HOWEVER, MEMBERS OF THE STEERING COMMITTEE DECIDED IT WAS BETTER TO ADDRESS EACH OF THESE ISSUES SEPARATELY.

AND OF COURSE ACCURACY HAS A LOT TO DO WITH TASK FORCE 2, AT THE VERY LEAST. BUT THE THING IS, OUR MANDATE IS TO WORK PARALLELLY, IN PARALLEL, AND TO FOCUS ON WHAT WE'RE DOING.

SO IF AS A RESULT OF WHAT WE FIND WE FIND THAT THERE'S SOMETHING ELSE, WE CAN DEFINITELY LIAISE WITH 2. BUT I THINK WE HAVE TO FOCUS ON THE MANDATE OF HOW ACCURACY PLAYS ITS ROLE IN THE WHOIS REALM.
>>ROSS RADER: ABSOLUTELY. THAT'S A VERY GOOD POINT.
PLEASE. A NEW FACE.
>>Y. J. PARK: HI, ACTUALLY, THANK YOU FOR ORGANIZING THIS WORKSHOP AND WHERE I COULD LEARN A LOT OF THESE WHOIS ISSUES FROM REGISTRANT PERSPECTIVE.
AND ONE THING I --
>>ROSS RADER: COULD YOU JUST INTRODUCE YOURSELF.
>>Y. J. PARK: Y.J. PARK, DOMAIN NAME REGISTRANT. AND I WANTED TO SHARE MY OBSERVATION ABOUT THIS WORKSHOP, AND I THINK THIS WORKSHOP WAS PRECEDED FIRST PART WAS ABOUT ACCESS AND THE SECOND PART ABOUT DATA ELEMENT, AND THE THIRD PART IS ABOUT ACCURACY. BUT BASED ON WHAT WE HAVE DISCUSSED FOR TODAY, I THINK THEY'RE HAVING A LOT OF BALANCE BETWEEN THE PRIVACY AND ACCURACY STUFF. AND IF WE NEED TO DISCUSS THIS ACCURACY SEPARATELY, I THINK WE ALSO HAVE TO HAVE THE PRIVACY TASK FORCE IN ON THESE WHOIS DISCUSSIONS BECAUSE I REALLY DON'T THINK THESE PRIVACY AND ACCURACY ISSUES HAVE BEEN REFLECTED BALANCEDLY. IT WAS TRIED TO BE REFLECTED; FOR EXAMPLE, IN THE TASK FORCE 2 IN THE DATA ELEMENT. BUT FOR EXAMPLE, THIS TASK FORCE IS MOSTLY JUST TO FOCUS ON THE ACCURACY. AND THEN I THINK WE NEED TO HAVE THIS PRIVACY CONCERN. AS A REGISTRANT, I REALLY HAVE TO BE CONCERNED ABOUT THOSE TWO ISSUES. I ALSO SYMPATHETIC ABOUT THE NECESSARY TO BRING THE, LIKE, LEGAL (INAUDIBLE) MECHANISMS AND THOSE KIND OF -- SOME NEEDS TO BRING THE -- YEAH, OKAY.

BUT ALSO, I THINK THE WHOLE PRIVACY PROTECTION ISSUES IS VERY IMPORTANT. AND THERE HAVE BEEN A LOT OF TRADEOFF BETWEEN PRIVACY AND ACCURACY. SO I THINK HOPEFULLY THIS TASK FORCE IS GOING TO DISCUSS THE NEEDS TO FORM ANOTHER TASK FORCE WHICH IS GOING TO TALK ABOUT THIS PRIVACY.

>>ROSS RADER: THANK YOU, Y.J. TAKING OFF MY FACILITATOR HAT FOR A SECOND AND SPEAKING SOLELY AS A PARTICIPANT IN THIS TASK FORCE, I CAN CERTAINLY STATE THAT IT'S DEFINITELY WITHIN THE SCOPE OF THIS TASK FORCE TO CONSIDER THE COST OF ACCURACY. AND CERTAINLY PRIVACY OR LACK THEREOF IS DEFINITELY GOING TO BE ONE OF THOSE COSTS.

SO IT'S NOT A -- THE COMPLETE SUM OF THOSE COSTS, BUT IT'S DEFINITELY ONE OF THOSE THINGS THAT I'M GOING TO HAVE TO CONSIDER AS WE MOVE FORWARD WITH OUR WORK.

SO AT THE VERY LEAST, PLEASE DON'T FEEL THAT THOSE NEEDS OR THOSE REQUIREMENTS ARE BEING WASHED AWAY, BECAUSE I THINK EVERYBODY IS VERY, VERY CONSCIOUS OF THEM.
PLEASE, SARAH.

>>SARAH DEUTSCH: I JUST WANTED TO NOTE THAT I THINK PRIVACY IS AN IMPORTANT ISSUE. IRONICALLY, IT'S ONE OF THE REASONS WHY THE TASK FORCE HAS NOT RECEIVED ENOUGH RESPONSES TO THE SURVEY, BECAUSE COMPANIES DON'T FEEL COMFORTABLE GIVING AWAY THEIR PRIVATE INFORMATION ABOUT THEIR DATA ACCURACY PRACTICES.

SO WE ARE STUCK IN A STRANGE SITUATION WHERE WE HAVE TO, AGAIN, FIND THAT BALANCE TO GET THE INFORMATION YET WHILE PRESERVING THE PRIVACY. AND I WOULD -- TAKING OFF MY COMMITTEE HAT HERE, VERIZON ITSELF HAS BEEN INVOLVED IN A DISPUTES THAT BALANCED THOSE EXACT TWO ISSUES. I MEAN, AS AN ISP WE HAVE PEOPLE'S IP ADDRESSES AND THEIR NAMES, ADDRESSES AND PHONE NUMBERS THAT SIT BEHIND THOSE ADDRESSES, AND I WOULD ADD THAT THAT INFORMATION IS ACCURATE BUT WE SPENT THE LAST 18 MONTHS AND ARE, IN FACT, STILL IN LITIGATION WITH THE RECORDING INDUSTRY WHO IS LOOKING FOR A SHORT-CUT PROCESS TO COLLECT ALL THOSE NAMES FOR US WITHOUT GOING THROUGH A JUDGE OR A SUBPOENA. AND LUCKILY, THE COURT OF APPEALS RULED THAT WHAT THEY WERE DOING IS ILLEGAL; THEY HAVE TO GO THROUGH A COURT.

BUT THE BOTTOM LINE FOR US IS THAT WE DO HAVE THE ACCURATE DATA BUT WE FEEL MORE COMFORTABLE HAVING -- IN THAT CASE, HAVING A PROCESS IN PLACE.

AND SO I PERSONALLY THINK THERE IS A BALANCE THAT CAN BE FOUND IN THIS SPACE, AND I THINK WE SHOULD KEEP THAT IN MIND AS THE TASK FORCE MOVES FORWARD IN ITS ACCURACY COLLECTION MISSION.

>>ROSS RADER: EXCELLENT.
NOTHING? I THINK AT THIS POINT WE'RE ACTUALLY ON SCHEDULE, DESPITE HAVING STARTED LATE, WHICH JUST MEANS WE DIDN'T HAVE ENOUGH CONTENT TO FILL UP THE FULL 90 MINUTES. BUT I WOULD LIKE TO JUST SOLICIT ONE LAST CALL FOR COMMENTS FROM ANYBODY THAT WOULD LIKE TO COME FORWARD AND ADDRESS THE TASK FORCE.

PLEASE.
AND IS THERE ANYONE ELSE? WE'LL MAKE THIS THE LAST COMMENT, THEN. GREAT.

>>UTE DECKER: MY NAME IS UTE DECKER AND I'M FROM THE INTELLECTUAL PROPERTY CONSTITUENCY.
I MAY HAVE MISSED IT EARLIER BUT I PARTICIPATED IN THE TASK FORCE 2 AS WELL AND I CAME AWAY FROM THAT SORT OF THINKING THERE WAS A LOT OF WORK TO BE DONE ON ACCURACY BECAUSE THE MESSAGE BASICALLY WAS ANYONE WHO PROTECTED THEIR PRIVACY AND DIDN'T WANT TO PUT FORWARD ACCURATE INFORMATION COULD DO SO.

SO I ALSO, IN THIS TASK FORCE, THE REPORT WAS MORE ON THE POSITIVE SIDE AND YOU HEARD FROM THE CANADIAN EXAMPLE. THAT WAS VERY GOOD, AND WE HEARD FROM EVERYTHING THAT ICANN WAS DOING. I TAKE IT THIS TASK FORCE IS STILL AT THE STAGE OF COLLECTING INFORMATION.

I THINK WHAT I'M LOOKING FOR IS TO GO AWAY WITH SORT OF A PLAN OF ACTION OF WHAT EXACTLY THAT THIS TASK FORCE AND THE TIME SOMETHING GOING TO DO IN ORDER TO IMPROVE THE SITUATION THAT I UNDERSTAND IS NOT VERY SATISFACTORY.

>>ROSS RADER: I'M GOING TO DEFER SOMEWHAT TO MY COLLEAGUES IN ANSWERING THAT QUESTION, BUT IN ORDER FOR US TO GET TO ANY SORT OF CONCLUSION WE NEED MORE DATA, SO ONE THING TO ASK, IN ORDER FOR US TO HELP YOU WITH THAT CONCERN, I WOULD ASK YOU AND YOUR COLLEAGUES TO CONSIDER FILLING OUT THAT SURVEY.

IT'S REALLY IMPORTANT THAT WE GET AT THAT DATA.

THE OFFICIAL POLICY DEVELOPMENT PROCESS AS OUTLINED IN THE BYLAWS IS VERY, VERY QUICK. I DON'T HAVE A GOOD SENSE, EXACTLY, OF WHAT OUR DATES ARE NOW. WE ARE MEASURING THINGS IN TERMS OF WEEKS, AND NOT MANY MONTHS BUT CERTAINLY A NUMBER OF MONTHS.

WE, ACCORDING TO THE OFFICIAL SCHEDULE, SHOULD BE ROUGHLY HALFWAY THROUGH OUR WORK RIGHT NOW. WE'RE PROBABLY CLOSER TO A THIRD OF OUR WAY THROUGH THE WORK. THAT LACK OF DATA IS REALLY HINDERING US AT THIS POINT. SO IF ANYTHING, THAT WILL DRAW THE TIME LINES.

DOES ANYBODY HERE HAVE A STATEMENT OF THE DATES IN FRONT OF THEM? I DON'T HAVE MY COMPUTER UP. KIYOSHI?

>>KIYOSHI TSURU: YEAH, JUST TO EXPRESS THAT VIEW IS CORRECT. THIS TASK FORCE IS TO LOOK AT ACCURACY OBJECTIVELY, AS WE SAW IT IN THE CANADIAN MODEL, HOW DATA IS VERIFIED. AND IF IT HAS ANY OTHER IMPLICATIONS THAT FALL OUTSIDE ITS CHARTER, THOSE IMPLICATIONS WILL BE ANALYZED WHEN THE WORK OF THE THREE TASK FORCES COME TOGETHER, AND WHEN THESE RESULTS, THESE REPORTS ARE INTERTWINED, IF YOU WILL.

SO I THINK OUR MISSION IS OBJECTIVELY TO LOOK AT SOMETHING LIKE THE PRODUCT WE SAW? CANADA, WHAT IS ACCURATE, WHAT IS INACCURATE, AND HOW TO DEAL WITH THE PROBLEM OR HOW TO ENCOURAGE ACCURACY IN DATA COLLECTION.

>>ROSS RADER: HERE IS THE TIME LINES HERE. OUR NEXT DEADLINE IS MARCH 19TH. WE HAVE A REQUIREMENT FOR THE CONSTITUENCIES TO SUBMIT THEIR VARIOUS STATEMENTS. I DON'T BELIEVE ANY HAVE YET. THAT WAS MY "YOU SHALL FEEL GUILTY" LOOK, INCLUDING MY CONSTITUENCY SO I'LL GLARE AT MYSELF LATER.

APRIL 9TH IS THE NEXT DEADLINE AFTER THAT. WE HAVE A PRELIMINARY REPORT TO THE NAMES COUNCIL OF THE GNSO DUE.

ON APRIL THE 29TH, SORT OF FOLLOWING THAT REPORT TO THE COUNCIL, THAT REPORT GOES OUT FOR PUBLIC COMMENT. ON THE 29TH OF APRIL THE COMMENT PERIOD CLOSES. SO KEEP AN EYE OUT FOR THE REPORT BEING FILED AND IF YOU HAVE ANY COMMENTS ON IT, PLEASE FILE YOUR COMMENTS.

FOLLOWING THE PUBLIC COMMENT PERIOD IT LOOKS LIKE WE HAVE THREE WEEKS, MAY THE 20TH, TO CRAFT A FINAL REPORT WHICH WILL BE TABLED WITH THE GNSO COUNCIL. THE COUNCIL WILL CONSIDER THAT REPORT, ITS RECOMMENDATIONS, AND EITHER MAKE A RECOMMENDATION TO THE BOARD BASED ON THAT REPORT OR OTHERWISE PROCEED AS THEY SEE FIT ACCORDING TO THEIR PROCESSES.

IS THAT HELPFUL? GREAT.
SO I DON'T BELIEVE THERE'S ANY FURTHER COMMENTS FROM THE FLOOR.
IS THERE ANY CLOSING STATEMENTS WE WOULD LIKE TO MAKE? WE CAN SAFELY CLOSE THINGS OFF?

I'D LIKE TO THANK EVERYBODY FOR SO PATIENTLY SITTING THROUGH THIS, ESPECIALLY SO CLOSE TO AFTER LUNCH. IT WAS SUCH A SHORT TIME BETWEEN THE VARIOUS SESSIONS.

IT WAS VERY HELPFUL FOR US. I THINK THERE WAS A LOT OF GOOD INFORMATION BROUGHT FORWARD. AGAIN, I WOULD ENCOURAGE EVERYBODY TO TAKE A LOOK AT OUR INTERIM REPORT. IF YOU HAVE ANY COMMENTS ON THAT, PLEASE DIRECT THEM TO YOUR CONSTITUENCY REPRESENTATIVES AND SO THAT THEY CAN BE PROPERLY BE TAKEN UP AT OUR NEXT MEETING.

OUR MEETINGS ARE EVERY TWO WEEKS -- OR, SORRY, WEEKLY ON WEDNESDAYS, SO YOU CAN USUALLY GET PRETTY QUICK FEEDBACK ON ANYTHING THAT YOU SEND OUR WAY.

AND ALSO, PLEASE DO FILL OUT THAT SURVEY, AND FORWARD THAT SURVEY TO ANYBODY YOU CAN THINK OF THAT SHOULD FILL IT OUT AS WELL. THAT WOULD BE VERY USEFUL FOR US.

THANK YOU VERY MUCH, EVERYONE.

(APPLAUSE.)

© Internet Corporation for Assigned Names and Numbers