This is the third draft of the proposed ADNA Code of Practice for DNAs
operating within the ADNA framework.  Previous drafts were posted to the
dnasel list.  For those on that list, the relevant changes are
relatively minor:
- Section 2.8 relating to subdomains merged into Section 2.7.
- Section 2.2 populated a little more.
- Section 6.4 added
- The bundling and predatory pricing suggestions were removed
  because they are being discussed as part of the selection criteria.

This document is still in it's infancy, with plenty of unresolved
issues.  Feel free to comment.  The .rtf is available upon request.

Leni.
======================
Code of Practice

1 Introduction

This Code of Practice ("Code") governs the conduct of  Domain Name
Administrators ("DNAs") operating under the aegis of the Australian
Domain Name Authority. ("ADNA").

This Code shall apply to the conduct of DNA operations within domains
governed by ADNA, currently .au and it's subdomains.  It does not apply
to DNA activities in domains not governed by ADNA.

A DNA may not evade application of the Code, either by contract or
otherwise.

The Code shall be applied and enforced by the Code of Conduct committee
("The CCC") who shall be independent of  DNAs and appointed by the ADNA
board.

The Code may be amended from time to time by due process of the ADNA
board after due and proper consulation with DNAs. 

DNAs must comply with the spirit as well as the letter of the Code. 

DNAs recognise that compliance with the Code does not necessarily
guarantee that they are acting within the law. 

2 Code Of Practice

The ADNA board recognizes the concept of "competitive domains" in which
more than one DNA registers names.  A domain shall be labelled a
"competitive domain" at the sole discretion of the board.  Sections 2.6,
2.7 and 2.8 shall always apply to such domains. Sections 2.6, 2.7, and
2.8 shall not apply to domains not labelled "competitive domains".

2.1 	General Requirements 

DNAs shall use their reasonable endeavours to ensure the following: 

2.1.1 Services and promotional material do not contain or encourage
anything which is in the breach of the law, nor omit anything which the
law requires. 
2.1.2 Services and promotional material are not of a kind that are
likely to mislead by inaccuracy, ambiguity, exaggeration, omission or
otherwise. 
2.1.3 Promotions transmitted via radio, television, print or any other
media observe the provisions of this Code. 
2.2 Operational requirements
2.2.1 DNAs are required to maintain a database of contact information of
registrants. The database contains information about the entities to
whom allocations of names within a domain have been made. This
information shall include their name, e-mail address whether within the
allocated domain or elsewhere, and contact information independent of
the internet such as telephone number, fax number or postal address. The
database allows contact to be made with the owners of subdomains should
their  network connection become non-existent or inoperable.
2.2.2 DNAs shall make reasonable attempts to keep their database of
contact information of registrants up-to-date.
2.2.3 The database must be replicated offsite.

2.3 Privacy and secrecy

2.3.1 DNA services involve the collection of personal information from
customers, such as name and addresses.  DNAs shall make reasonable
endeavours to make it clear to the customer the purpose for which the
information is required. DNAs shall identify the information user if
that user is different from the DNA or AUNIC.  The DNA must also give
the customer the opportunity to prevent such usage. 
2.3.2 No undertaking given by a DNA to its customers, suppliers,
information providers or others shall preclude that party from
delivering information pertinent to a complaint to the ADNA CCC in
confidence.

2.4 Fair Trading 

2.4.1 In its dealings with consumers, other businesses and each other,
DNAs must act fairly and reasonably at all times. 
2.4.2 The DNA shall bring to the attention of its customers the
existence of the Code and the complaints procedure available to the
customer pursuant to the provisions of the Code. 

2.5 Pricing

2.5.1 The DNAs must ensure that the charge for the service is clearly
stated in relevant promotional material. The price quoted should include
taxes where applicable. 
2.5.2 Textual pricing information should be legible, prominent, and
presented in such a way that does not require close examination. 

2.6 Non-collusion

2.6.1 DNAs should not collude in order to fix prices and shall be
subject to ACCC guidelines.
2.6.2 DNAs shall treat all customers equally and consistently.  Pricing
and policies may change over time, and there may be volume discounts and
such-like but there should not be a policy of "one price/service for
this customer and another price/service for that customer".

2.7 Domain Names

2.7.1 Within a given domain and it's subdomains, DNAa shall treat all
names equally.  Pricing and policies may change over time, but there
should not be an effect of "one price for this name and one price for
that name".
2.7.2 With a shared registry, a DNA cannot guarantee that a name can be
registered on behalf of a customer until it has done so.  DNAs should
avoid making claims or guarantees that do not reflect this basic
principle.
2.7.3 DNAs will rigorously adhere to and apply the generic policies of a
domain.  This applies to the naming policy of a domain (such as that of
.com.au), as well as the  "first come, first served" policy that may
apply in other domains.
2.7.4 With respect to the domains that a DNA operates in, a DNA shall
only register names for it's exclusive use for the purpose of it's DNA
operations.  The number of domains in this category should be very
small.
2.7.5 With respect to domains that it operates in, a DNA may register a
domain name with the intention of registering names in the subdomain
only if all other DNAs within the ADNA framework are also able to
register names in the subdomain. As Robert Elz puts it, there is no
notion of "I thought of it first!"

2.8 Avoiding Appearance of Conflict of Interest

A customer (that is, the administrative contact) may use an "agent" to
register a name on their behalf.  An agent is the person, company or
organisation that fills out or submits the application form to a DNA on
behalf of the customer.

A DNA may have "related parties" defined as any individual, business or
corporate entity with which it has an operational, employment or
directorship function in common.

In order to avoid any appearance of confilct of interest, a DNA should
not accept registration requests from any customer or agent that is a
related party.

This means for example, that an ISP, or it's directors can run a DNA,
but the ISP business cannot register names with the DNA business.  The
ISP must use the services of an unrelated DNA.

The nature of this prohibition and identification of the "related
parties" should appear on any and all application forms where there is a
risk of such confict of interest arising.

3 Complaint Procedures and Sanctions 

3.1 Complaints

The CCC will be responsible for considering the full nature and extent
of complaints and may consult with the DNA(s) concerned. The CCC shall
be entitled to consult relevant parties (for example governement
authorities) prior to making a determination. DNAs agree to co-operate
fully with the CCC.

We can anticipate that complaints may be presented by:
á members of the general public,
á authoritative bodies (for example the Police, the ACCC) and
á other DNAs.

It would seem that there are three possible scenarios for complaints: 
á A complaint is made directly to a DNA. The DNA acts on that complaint
and remedies the complaint to the satisfaction of the complainant. 
á A complaint is made directly to a DNA. The DNA and complainant are
unable to resolve the issue. The complainant refers the complaint to the
CCC of ADNA. 
á A complaint is made directly to the CCC.

The CCC acknowledges that the DNA may not have direct knowledge of a
complaint and may initially contact the DNA on an informal basis. 
Before making a determination, the CCC will:
á notify the DNA in writing of the complaint and
á allow the DNA an opportunity to respond.

The CCC shall be responsible for communicating the determination of the
complaint to the DNA and the complainant.  Where a complaint is upheld
by the CCC, the CCC may seek to claim from the DNA, at its sole
discretion, the reasonable administrative costs incurred by the CCC in
processing the complaint. 

3.2 Sanctions

DNAs must comply with any conclusion reached by the CCC, including a
decision to impose a sanction as a result of a breach of the Code. 
Written notification of this will be forwarded to the DNA by the CCC.

The sanctions to be imposed by the CCC on behalf of the ISPA shall be
regularly reviewed and may include fines and ultimately, revoking the
DNAs licence to operate in any or all domains under the ADNA aegis.  

The CCC shall apply sanctions to the DNA in proportion to the perceived
seriousness of the breach of the Code.  The CCC will make it's best
effort to apply any sanctions consistently among DNAs.  Repeated
breaches may attract stiffer sanctions.

4 Acknowledgements

This document was developed by the internet community in Australia.  An
early draft of this document was based in part on the ISPA UK Code of
Practice: http://www.ispa.org.uk.  Thanks to Robert Elz for permission
to use parts of his post relating to managment of the id.au domain:
http://www.id.au.

5 Suggested but not yet added

This section is empty as of draft #3.

6 Weaknesses and required clarification

6.1 What does a DNA do?

A DNA takes registrations over the web, makes changes to their local
copy of the zone file, and incorporates them into the central registry. 
Does a DNA have to run a name server?  If not, who does and why are they
paying for it?  Should DNAs be required to contribute by running
secondaries?

6.2 Implications for selection criteria

People have pointed out (kre in particular) that a code of conduct isn't
good at dealing with conflict of interest issues and that this issue
really has to be tackled in the Selection Criteria to avoid any
potential problems before they arise.  In particular, the question of
whether ISP or related parties can act as DNAs

Conflict of interest complaints will be expensive to investigate.

6.3 Complaints procedure

More work is needed on the complaints procedure, including:
á Statement of intention on how to populate the CCC - they should be
seen to be independent of DNAs.
á a clear procedure for initiating and resolving complaints.  Eg. E-mail
address, telephone number, a on-line web form.  Turnaround times etc.

6.4 Database of contact information of registrants

Who "owns" the database?  Has this ownership been tested in a court? 
This is the subject of some debate in the USA.

Should ADNA keep a replicated copy of each DNAs database in case a DNA
just vanishes?  Alternatively, ADNA could require DNAs to keep a
replicated copy of the database offsite and require that it be notified
of the location.