Monday, February 25, 2019

ICANN and the New Top-Level Domains, panel 2

ICANN and the New Top-Level Domains

“Walled Gardens:” Should gTLDs Become Private Platforms?
Becky Burr, ICANN Board & Neustar: We used to talk about .kids as a walled garden/moderated content for kids, a safe space. [Based on what we know about who abuses kids, it’s not surprising that it hasn’t worked all that well.] Others are more general—open to anyone to register, but with rules for registrants. Whether that’s good or bad has to be more granular.

Sarah Deutsch, ICANN Board: To me, depends on what the garden is: if it doesn’t allow other people in and there’s bad activity, such as anticompetitive activity, that wouldn’t be good. Other spaces might just be regulated. That could be a walled garden.  Worries: where someone gets exclusive rights to run a generic term as one competitor in the market.  [Example from Aufderheide: L’Oreal owning .beauty]

Kathy Kleiman, Center for Information Technology, Princeton University: When we started, gTLDs were to be managed in the public interest. We looked for abuse of the structure (malware, botnets) and not bad content (where laws differ worldwide and where it wasn’t our job to judge content). Country rejected SOPA/PIPA domain name blocking. We protected due process. But on the way to new gTLDs, ICANN decided to open up registry agreements to voluntary commitments.  Registry applicants slid a lot of other stuff into those agreements, which ICANN allowed.  Donuts, w/hundreds of TLDs, created a policy allowing it to block registrations based on agreements w/TM owners, a policy that had been rejected at the ICANN level.  Judge © and TM claims.  Minds + Machines promises to “constructively work with law enforcement to address reported cases of abuse”—law enforcement asks for a lot of things based on mere allegations, and no due process is mentioned.  Yet ICANN has a limited mandate.

Nonetheless, ICANN apparently embraced voluntary content regulation in its new bylaws.  Question for the panel: what’s left of the multistakeholder model and what is ICANN’s continuing role in protecting the open structure of the internet?

Jeff Neuman, Com Laude/Valideus: The ultimate end users are also of concern. (1) registries w/restrictions—only allow certain entities in. (2) closed generics: taking a generic word and using it w/in own organization/its affiliates. (3) ability to take down names that violate your policies.  All 3 of these can be and are good things. Organizations are facing increasing scrutiny for the content delivered through their platforms—FB, domain name registry [those actually have very different levels of control of individual posts/incentives to take users’ interests into account/levels of public exposure].  Have to think of it from their perspective. Wish it was as easy as saying we don’t regulate content. But there’s child porn, imminent threats of harm, counterfeiting and infringing movies. When things are that obvious, and you know that you will be criticized for allowing that activity through your platform, then the choice isn’t as simple as not looking at content.  He’s seen actual threats of car bombings [so he would have gotten rid of FB if he ran .com?] and he’d rather take that down than not do so.

Mitch Stoltz, EFF: Not super concerned with defining “walled garden.”  As a concept it’s useful to talk about gatekeepers of speech on the internet, of which there are many varieties. FB has an incredible amount of power over who gets to speak and who will hear it. It’s scary that registries can make your entire website disappear; registry is a private company w/its own business motivations exercising arbitrary power over speech.  It is important that different registries can do it historically doesn’t have policies like those the new ones are adopting.  Cloudflare has immense power.  Content industry wants to leverage that to make it police for copyright if it polices for child porn/foreign pharmacies. But it’s easy to see where it goes from there.  If we built a smart highway would we want it to scan to make sure you were driving in an ok way? [Note that China’s social credit system is doing exactly that—you won’t be able to travel easily unless you have good social credit.]

Burr: There are enormous numbers of issues here.  ICANN shouldn’t have taken on the burden of trying to figure out compliance w/all these public interest commitments, which applicants made in order to get a competitive advantage.  Now that people used those to get a competitive advantage, holding them unenforceable is unattractive too. We grandfathered the existing commitments into the new bylaws in order to kick the can down the road (outsourcing compliance which isn’t great either).   

If there are lots of different registries then it might not be a big problem if they have varying rules.

Example of problem: something weird is going on in a set of domains. Sites selling every dog breed in the world to US consumers, shipping the puppies sight unseen. She didn’t buy a dog so she can’t say she was ripped off, but there was no question that this was a scam & we took them down. It’s critical that people be able to exercise that kind of judgment where consumer harms are involved. There’s no state action & scammers can go register on some other site; we aren’t going to protect it. She doesn’t think that’s a matter of free speech.

Deutsch: all sorts of third party sites have provisions about copyright & TM etc; DMCA gives you obligations for takedown.  It’s not that surprising for stuff to be in a contract. There is also more pressure on platforms, ISPs, even possibly registrars & registries to take more fiduciary responsibilities for what’s on their sites. But shadow regulation also tends to grow.

Neuman: .biz had a problem with being a known source of spam; made it hard for legit clients to get emails through.  Created an anti-abuse policy for acting on malware, phishing, spam: first policy in the big registries. Registrars would have 12 hours to take the domain down or we’d do it. That made us pariahs in the community. But there wasn’t a slippery slope. In 2005, took down 32,000 domains with zero complaints from the registrants.  We’ve taken down 100,000s of domains. Took .biz from most abusive to one of the safest TLDs. Not all slippery slopes have to be slid down.

Stoltz: There are issues of norms & due process. Should the power company combat fraud by accepting complaints about fraud & cut off a business’s electricity if it finds the complaint persuasive? That sounds bizarre. Power is used in the commission of all sorts of crimes, but it’s still not their role to police that.  There is space for competition among policies, but that only works if that’s evident to consumers—if people know what they’re buying, and if there is actual competition.  Donuts owns 1 of 6 of the new domains, and they use policy rejected by ICANN.

Kleiman: the key move here is ICANN’s abandonment of the principle that it was about regulating infrastructure and move into regulating content.  The attempt here is not just to get the regulations into the agreements but to get to ICANN to enforce content regulations.

Q: if an applicant made promises & got the domain b/c of the promises, it’s sensible for ICANN to be one of the entities that can hold them to its promise.  If Goodyear got .tires and biased the search within that gTLDs—that would be ok if it’s disclosed, but maybe ICANN should stop it from happening. FTC said it would watch and if there’s deceptive trade practices the US would enforce against it. That’s how it happened at ICANN; there’s no blanket prohibition on a competitor running a closed generic and we deal with problems after the fact; would it be better to have it otherwise?

Karanicolas: Infrastructure layer makes a difference: there’s a difference b/t Twitter kicking Milo off and Comcast installing a filter to prevent anyone on their network from seeing Milo’s content. But where do registries fall on that spectrum?  [Right, one of the distinctions to be made here is the puppy mill v. Craigslist, both of which might be offering scams.  Do we have any way of distinguishing that in order to protect Craigslist against a significant chilling effect?]

Q: We need to know what the rules are about people being kicked off. If there are pre-agreements w/certain TM owners, is the decisionmaker biased?  Is there any way to appeal? If you’re making government-like decisions then there should be government-like protective structures for decisions.

Deutsch: .bible—applicant wanted to exclude nonChristians and anybody of which it didn’t approve, and to make UDRP panelists sign a statement of faith. This is a real world example of what happens in a closed generic space and we need to be mindful of that.

Neuman: .disaster could easily be exploited for fraud.  But we need to look out for end users more than a right to register any name that you want. A closed generic could be a lot more useful for end users than what’s in the market now. If Amazon had .book and could give an official page to any author, is that better or worse than letting anyone register and maybe never getting .book into widespread use.

Burr: doesn’t like the power company metaphor b/c power is a utility; I don’t have a choice about where I get power from. Registries/registrars doesn’t fit into that paradigm.  DMCA issues: registries/registrars can’t simply take down one piece of allegedly infringing content: that makes them fit poorly into the DMCA framework.  Issues w/r/t copyright & TM are not the same as issues about what’s not legal in Thailand (criticizing the royal family) or consumer fraud.  [Which is very telling insofar as Donuts and similar agreements are about copyright and TM, and side agreements w/© and TM owners are what have brought us here.  Donuts didn’t make any agreements with the gov’t of Thailand, or with the FTC or even the BBB.]

No comments: