A major financial services lobby group has threatened to sue ICANN unless it puts strict limitations on “.bank” top-level domains.
BITS, the technology policy arm of the Financial Services Roundtable, said financial domains should be banned from the first round of new TLDs, until rules governing security are developed.
In a November 4 letter to ICANN chief executive Rod Beckstrom, BITS said:
If these critical issues are not fully resolved and ICANN chooses not to defer financial TLD delegation, BITS, its members and its partners are prepared to employ all available legislative, regulatory, administrative and judicial mechanisms.
BITS counts all the major US banks among its membership, as well as many large insurance companies and share-trading services.
The organization is concerned that TLDs such as .bank could lead to consumer confusion and an increase in fraud online if delegated into the wrong hands.
While BITS said that it “prefer[s] a prudent solution”, it has threatened to file “legal complaints in one or more jurisdictions” and to lobby the US Congress for legislation.
It noted that ICANN’s IANA contract, which gives it the power to create new TLDs, expires next August, and said that it may lobby Congress for legislation mandating better security as a condition of the renewal.
BITS and other financial groups have already written to members of Congress, in September, expressing disappointment with the absence of a high-security TLD policy from ICANN and adding:
In recognition of the need for higher levels of security and stability in financial services gTLDs than in gTLDs generally, we urge you to support inclusion of language in cyber security legislation language that prevents ICANN from adding financial services gTLDs to the root zone unless the IANA contract specifies higher levels of security for such gTLDs.
The Federal Deposit Insurance Corporation, the US government body responsible for insuring banks, has also written to the Department of Commerce, expressing its concerns about the possible introduction of a .bank TLD.
Currently, I’m not aware of any public initiative to apply for .bank, but it’s possible that restrictions on financial services TLDs could capture the recently launched German “.insurance” project.
The BITS correspondence was published (pdf) as an attachment to an ongoing Reconsideration Request lodged by Michael Palage, chair of the High Security Top Level Domain Verification Program Advisory Group.
The HSTLD group has been working on a set of technological policy specifications for registries managing high-security TLDs.
Palage is annoyed that ICANN’s board seems to have distanced itself from the HSTLD concept before the group has even finished its work, by resolving in September that:
ICANN will not endorse or govern the program, and does not wish to be liable for issues arising from the use or non-use of the standard.
The HSTLD group, by contrast, has a “clear majority in support of ICANN retaining a continued oversight role”, according to Palage. He wrote:
The ICANN Board’s unilateral actions also have a chilling effect on future bottom up consensus efforts because participants have no basis to know when the ICANN Board will take such unilateral actions in the future.
He’s not alone in worrying about recent top-level ICANN decisions that appear to put corporate legal liability ahead of the wishes of the community. I reported on the issue last week.