We've been researching an ICANN issue that has come up within our company, who is in the business of providing domain names. We have a section in our agreement that states that our company "will act in accordance with ICANN Registrar Accreditation agreement section 184.108.40.206 upon receipt of actionable evidence of illegal activity. This means that identifying information will be provided to law enforcement and officials of the court including attorneys as situations require in order to preserve our neutrality in any litigation."
One of our executives has asked us to look into this, specifically regarding the possibility of being sued for NOT providing information of our private domain registrants without a subpoena or court order (which, as I understand correctly, is the law?). His worry is that an attorney (who is an officer of the court), providing "actional evidence of illegal activity" (such as is often the case in trademark infringement
/cybersquatting allegations) could feel compelled to name us a defendant in such cases in order to force us to disclose this information. He also says that case law is evolving to impart some degree of liability to us in such cases if we fail to disclose the actual registrant.
Can you give me some insight and your opinion on this issue? Is it true that any third party can actually name US (the domain name provider) as a defendant in a suit and compel us to turn over the information? It seems like he is suggesting that we comply with these requests and make our policy a bit more "liberal" for the sake of preventing any possible legal action against us. But, wouldn't that open the door for our own clients to possibly sue us, since we're giving their information away without the necessary subpoena or court order? Sorry, I'm just a bit confused about the subject.
I can explain further if necessary since I'll be sitting in front of my computer all day. Thank you.