david giza, stacy burnette & pam little
DESCRIPTION
Registrar Stakeholder Group Constituency Meeting . David Giza, Stacy Burnette & Pam Little. Contractual Compliance Team. October 2009. Agenda. FY 2010 Compliance Initiatives (Dave) Enforcement Activity Jan – Oct 2009 (Stacy) Whois Data Accuracy Study (Dave) - PowerPoint PPT PresentationTRANSCRIPT
David Giza, Stacy Burnette & Pam LittleContractual Compliance Team
October 2009
Registrar Stakeholder Group Constituency Meeting
Agenda
• FY 2010 Compliance Initiatives (Dave)• Enforcement Activity Jan – Oct 2009 (Stacy)• Whois Data Accuracy Study (Dave)• Privacy/Proxy Services Study (Stacy)• RDE Compliance (Pam)
October 2009
Team Members• David Giza, Sr. Director, Contractual Compliance
Team Leader• Pam Little, Sr. Director, Contractual Compliance,
Asia/Pacific• Stacy Burnette, Director, Contractual Compliance• Khalil Rasheed, Compliance Audit Manager• William McKelligott, Compliance Auditor• Constance Brown, Compliance Specialist
3
FY 2010 Compliance Initiatives• Enforcement Actions
– Identify and pursue non-complaint registrars– Use enforcement tools in 2009 RAA– Increase breach, non-renewal and termination
notices, as necessary• Audits – Registrar contact info., IRTP, RDE
requirements, UDRP and financial compliance• Research – Complete Whois Accuracy Work
October 2009
Enforcement Activity (Jan - Oct 2009)
• 16 Registrar Accreditation Agreement (RAA) Terminations and Non-Renewals– 9 Terminations– 7 Non-renewals
• 184 Breach Notices Transmitted• 4,290 Enforcement Actions • 9,304 Consumer Complaints Processed (Jan-
Sept)
October 2009
Common Non-Renewal and Termination Causes
• Registrars fail to comply with RDE deposit requirements
• Registrars fail to provide port 43 and web based Whois services.
• Registrars fail to pay accreditation fees
October 2009
Planned Registrar AuditsSchedule – 2010
January - March April - June July - SeptemberPrimary Contact Information, Phase 1
Public Contact Information, Phase 2 Non-Implementation of UDRP Arbitration Panel Decisions , Phase 2
IRTP (Inter-Registrar Transfer Policy), Phase 1 (Development)
1. IRTP, Phase 2 (Implementation)2. Non-Implementation of UDRP
Arbitration Panel Decisions, Phase 1 (Development)
RDE
1. RDE (Registrar Data Escrow)
2. Registration Agreement (with registrants)
RDE RDE
Whois Data Accuracy StudyVerification
• Determine proportion of domain names from the top 5 gTLDs with different levels of accuracy
• Random sample size of 2400 domain names• Accuracy defined per RAA Section 3.3.1.6 as the
correct name and a valid postal mailing address• Registrants contacted by NORC to verify ownership
of domain name• Preliminary results describe types of inaccuracies
found and barriers to accuracy
Whois Data Accuracy StudyThree Key Criteria
1. Is registrant’s address deliverable?
2. Can registrant’s name be linked with the address?
3. When contacted, does registrant verify/ acknowledge ownership of domain name?
Whois Data Accuracy StudyPreliminary Findings
• 51% of records meet all three criteria
• 80% meet at least 2/3 criteria
• 5% meet none of the criteria
Pri-vacy/proxy
do-mains, meet-ing 3/3 criteria
17%
Other do-
mains meet-ing 3/3 criteria
34%
Do-mains meet-ing 2/3 criteria
29%
Do-mains meet-ing 1/3 criteria15%
Do-mains
not meeting any of the 3
criteria5%
Whois Data Accuracy StudyNature of inaccuracies
• Registrant concerns about privacy• Limited requirements regarding identity,
proof of identity and proof of address• Confusion in role and meaning of registrant• Carelessness by registrant• Little value in domain name ownership • ASCII translation
Privacy/Proxy Registration Services Study
• Preliminary Results– 580, or about 24.7% of the 2346 domain names
analyzed, appear to have been registered using a privacy or proxy service
– Additional information contained in the draft report posted on the ICANN website at http://www.icann.org/en/compliance/reports/privacy-proxy-registration-services-study-28sep09-en.pdf
October 2009
RDE Obligations
• On-boarding obligations– Enter tri-parte data escrow agreement– Make initial deposit
• On-going obligations– Make scheduled deposits– Ensure data meet specs/format
October 2009
Consequences for Non-Compliance
• Non-compliance = Breach of RAA Section 3.6 • Consequences
– Escalated compliance actions– Suspension (if new RAA), non-renewal or
termination– ICANN may publish list of non-compliant
registrars
October 2009
Thank YouContractual Compliance Team
October 2009