Registrar Accreditation Agreement

Revision as of 19:39, 29 January 2014 by Jonah (talk | contribs) (Feedback)

The Registrar Accreditation Agreement (RAA) is the contract that governs the relationship between ICANN and its accredited registrars.

History edit

The RAA was originally one of several agreements between ICANN, the United States Department of Commerce (DOC), and Network Solutions, with the intent of enhancing and solidifying the competition between .com, .net, and .org TLD registrars. These agreements were tentatively announced on September 28, 1999, and, after oral and written public comments, were revised and then adopted by ICANN on November 4, 1999. At the time, registrars were allowed to take up the new agreement in place of their old agreement.[1]

On May 21, 2009, ICANN approved revisions to the RAA, which were intended to clarify the responsibilities of the registrars and the rights of the registrants. These revisions came about in response to market development and the significant growth in the number of accredited registrars and domain name registrations, and through a comprehensive review of the RAA and the Accreditation process called for in March 2007 by then-ICANN CEO Paul Twomey. This new RAA applies to all the new registrars, registrars that voluntarily adopt the contract prior the renewal date, and to registrars that renew after the approval date.[2] But, following this revision, there were still those who thought the RAA did not do enough to address public concerns. Thus the RAA Drafting Team was formed, made up of members of the GNSO and the At-Large Community, to propose further revisions.

Law enforcement officials, particularly the Serious Organized Crime Agency (SOCA) in the United Kingdom and the United States Federal Bureau of Investigation (FBI), asked ICANN to implement procedures to curb incidence of abuse in the domain name system (DNS). The two agencies proposed some measures to be incorporated in the RAA such as stronger verification of registrants' name, address, phone number, e-mail address and method of payment for domain names.[3]

In October, 2011, at the ICANN 42 meeting in Dakar, Senegal, the ICANN Board approved the immediate negotiation between ICANN and Registrar Negotiation Team regarding the proposed amendments to the RAA. The amendment topics, which included law enforcement, registrant protection and internet stability, were recommended by the Governmental Advisory Committee (GAC)and the GNSO Working Group. The result of the amendment negotiations were to be considered by ICANN during its meeting in Costa Rica in March, 2012.[4]

On December 13th, ICANN announced an open comment period on the Preliminary GNSO Issue Report regarding the RAA amendments, to close one month later. Comments on the prelininary report were to be considered for the Final Issue Report, to be presented to the GNSO council following the closure of the comment period. This was done in anticipation of discussions at the ICANN 43 meeting in Costa Rica, at the request of the Board.[5]

Prior to the ICANN Meeting in Costa Rica, the RAA Negotiation Team submitted a summary of the negotiations on the RAA on March 1, 2012. The RAA Negotiation Team and ICANN indicated they had nearly reached agreement on a majority of the topics discussed during the 13 negotiation sessions, in both principles and language. You can find the Summary of RAA Negotiations here.

Development edit

In September, 2012, a working group related to the European Commission sent a letter to ICANN warning that its proposed additions to the RAA would infringe on European Privacy laws. The issues in question are the proposals to make registrars retain data about their customers for up to two years after registration, and by the idea that registrars should re-verify contact data every year. These proposals were discussed and supported by the GAC and the law enforcement voices within ICANN at ICANN 44 in Prague. This is potentially conflicting given that the GAC supported these measures and this pan-European body is coming down against it.[6]

In October, 2012, just before the ICANN 45 Meeting in Toronto, ICANN CEO Fadi Chehadé stated that due to European privacy laws, European registrars may be exempt from the proposed new Whois verification requirements. It was emphasized that the GAC had already endorsed the measures, with relevant laws in mind. This suggestion would seemingly create 2 different RAAs, which would arguably create inequitable standards between international registrars.[7] This came after another European body, the Council of Europe, expressed its concern over the privacy requirements in the proposed RAA.[8]

In early 2013, ICANN and the Registrar Stakeholder Group hit an impasse in their negotiations. It seems that while they agree on many points, with both sides making concessions and compromises, the main sticking point was ICANN's insistence on a unilateral right to amend, which was also a contentious addition to ICANN's new Registry Agreement for new gTLD operators. The addition would give the ICANN Board the right to amend the RAA in any way it sees fit by a 2/3 majority vote. It seems that this may be part of new CEO, Fadi Chehadé's, strategy at making the industry more accountable and better regarded, and also a way to avoid extended debate and negotiations over future contracts. ICANN published its suggested agreement for public comments in the midst of ongoing negotiations, given that the efforts had stalled.

Points of agreement include: new Whois accuracy measures, featuring a challenge-response mechanism for first-time registrants via email or phone verification; addresses submitted will have to meet the Universal Postal Union standards, and phone numbers must conform to ITU formatting; the address will have to be verified to be an actual location, though proof of residence or ownership by the registrant will not be required; registrants providing false information that fail verification will have 15 days to correct the information before facing suspension of the domains. A further sticking point beyond the unilateral right to amend is ICANN's request that registrars verify their customer records, which tend to be more accurate than Whois records.[9]

During ICANN 46 in April of 2013, newer versions of the RAA and the Registry Agreement were both published for public comment[10]. After weeks of negotiations and drafts, the new RAA was approved by the ICANN board on June 27, 2013. The new version will be obligatory for registrars who dealing with new gTLDs, but it is not yet obligatory for .org, .info, or .biz.[11][12]

Contents of RAA edit

General Obligations of ICANN:

ICANN, under the RAA, is obliged to carry out its functions in an open manner and is to promote intensive competition between registrars. It should also not apply standards, procedures, or policies to single out registrars for disparate treatment unless it has a reasonable cause.

General Obligations of the Registrars:

Registrars are obliged to comply with all related ICANN-adopted policies. The Registrars are also obliged not to restrain competition.[13]

Members of the RAA Drafting Team edit

Some of the members of the RAA Drafting Team include: Nacho Amadoz, Dev Anand, David Cake, Karen Banks, Elisa Cooper, Phil Corwin, Paul Diaz, Avri Doria, William Drake, Chuck Gomez, Statton Hammock, Tatyana Khramtsova, Adrian Kinderis, Konstantino Komaitis, Phil Lodico, Rebecca Mackinnon, Steve Metallitz, Michele Neylon, Mike Rodenbaugh, Kristina Rosette, Wendy Seltzer, Marc Trachtenberg, Tim Ruiz

The complete RAA-DT membership list is available here

RAA Negotiation Topics edit

Topics discussed during negotiation sessions falls under four categories:[14]

  • Registrar Obligations/Duties
  • Privacy and Proxy Services/Resellers
  • Whois Data
  • Contract Administration

Feedback edit

.Nxt Criticism and Investigation on RAA Negotiations edit

Kieren McCarthy of .nxt alleged that ICANN conducted secret negotiation with registrars and it failed to provide adequate openness and transparency regarding the RAA negotiations. For this reason, .nxt conducted its own investigation to find out what actually transpired during the negotiations. In his article, he reported that the .nx investigation uncovered:[15]

  • Disagreements between registrars
  • ICANN was willing to "throw registrars under the bus" just to keep governments happy and show that problems are resolved
  • ICANN's negotiating team was under pressure to deliver results
  • Registrars were forced by ICANN to make public statements regarding the changes in the RAA, even though they did not have clear implementation policies
  • Some registrars refused to acknowledge the changes and were advocating walking-away from the negotiations

NTIA edit

In October, 2012, NTIA Secretary Larry Strickling wrote to ICANN in part to commend it on its recent successes and also to encourage it to continue to work on issues in need of further attention or improvement. One of the successes that Sec. Strickling notes is the "significant effort to accomodate the law enforcement recommendations, as endorsed by the ICANN's Governmental Advisory Committee (GAC), in a new Registrar Accreditation Agreement." NTIA participates in ICANN via the GAC.http://www.icann.org/en/news/correspondence/strickling-to-crocker-04oct12-en Strickling to Crocker 04oct12, ICANN.org]</ref>

European Union edit

In January 2014, a European Union data protection body sent a letter to ICANN for the second time, saying that the 2013 RAA violated a number of EU privacy laws. The same body sent ICANN a letter in July of 2013 and ICANN responded by stating that the body did not have legal authority to voice the opinion of the entire EU.[16]

References edit

External Links edit