Latest news of the domain name industry

Recent Posts

US and EU call for Whois to stay alive

Kevin Murphy, January 31, 2018, Domain Policy

Government officials from both sides of the Atlantic have this week called on ICANN to preserve Whois as it currently is, in the face of incoming EU privacy law, at least for a select few users.

The European Commission wrote to ICANN to ask for a “pragmatic and workable solution” to the apparent conflict between the General Data Protection Regulation and the desire of some folks to continue to access Whois as usual.

Three commissioners said in a letter (pdf) that special consideration should be given to “public interests” including “ensuring cybersecurity and the stability of the internet, preventing and fighting crime, protecting intellectual property and copyright, or enforcing consumer protection measures”.

David Redl, the new head of the US National Telecommunications and Information Administration, echoed these concerns in a speech at the State of the Net conference in Washington DC on Monday.

Redl said that the “preservation of the Whois service” is one of NTIA’s top two priorities at the moment. The other priority is pressing for US interests in the International Telecommunications Union, he said.

Calling Whois “a cornerstone of trust and accountability for the Internet”, Redl said the service “can, and should, retain its essential character while complying with national privacy laws, including the GDPR.”

“It is in the interests of all Internet stakeholders that it does,” he said. “And for anyone here in the US who may be persuaded by arguments calling for drastic change, please know that the US government expects this information to continue to be made easily available through the Whois service.”

He directly referred to the ability of regular internet users to access Whois for consumer protection purposes in his speech.

The European Commission appears to be looking at a more restrictive approach, but it did offer some concrete suggestions as to how GDPR compliance might be achieved.

For example, the commissioners’ letter appears to give tacit approval to the idea of “gated” access to Whois, but called for access by law enforcement to be streamlined and centralized.

It also suggests throttling as a mechanism to reduce abuse of Whois data, and makes it clear that registrants should always be clearly informed how their personal data will be used.

The deadline for GDPR compliance is May this year. That’s when the ability of EU countries to start to levy fines against non-compliant companies, which could run into millions of euros, kicks in.

While ICANN has been criticized by registries and registrars for moving too slowly to give them clarity on how to be GDPR-compliant while also sticking to the Whois provisions of their contracts, its pace has been picking up recently.

Two weeks ago it called for comments on three possible Whois models that could be used from May.

That comment period ended on Monday, and ICANN is expected to publish the model upon which further discussions will be based today.

What next for new TLDs? Part 4 – GAC Concerns

Kevin Murphy, December 15, 2010, Domain Policy

Like or loathe the decision, ICANN’s new top-level domains program appears to have been delayed again.

But for how long? And what has to happen now before ICANN starts accepting applications?

In short, what the heck happened in Cartagena last week?

In this four-part post, I will attempt an analysis of the various things I think need to happen before the Applicant Guidebook (AGB) is approved.

In this fourth post, I will look at areas of the AGB that the Governmental Advisory Committee is still concerned about.

GAC Concerns

The GAC’s laundry list of objections and concerns has grown with every official Communique it has released during an ICANN public meeting over the last few years.

While it has not yet published its official “scorecard” of demands for the home-stretch negotiations, it has released a list of 11 points (pdf) it wants to discuss with the board.

These 11 points can be grouped into a smaller number of buckets: objections and disputes procedures, trademark protection, registry-registrar separation, and the treatment of geographical names.

I wrote about the trademark issue in part one of this post.

The GAC appears to have adopted many of the arguments of the IP lobby – it thinks the AGB does not currently do enough to ensure the costs to business of new TLDs will be minimized – so we might expect that to be a major topic of discussion at the GAC-Board retreat in February.

I’ll be interested to hear what it has to say about registry-registrar separation.

The GAC has been pushing for some looser cross-ownership restrictions, in order to foster competition, since 2007, and most recently in September.

It has previously been in favor of restrictions on “insider” companies with market power, but for a more relaxed environment for new entrants (such as “community” TLDs that may largely operate under agreements with their local governments).

This position looks quite compatible with ICANN’s new vertical integration policy, to me, so I’m not sure where the GAC’s concerns currently lie.

The issue of disputes and objections may be the trickiest one.

The GAC basically wants a way for its members to block “controversial” TLD applications on public policy grounds, without having to pay fees.

The “Rec6” policy, previously known as “morality and public order objections” is one of the issues the ICANN board has specifically acknowledged is Not Closed.

This is from its Cartagena resolution:

Discussions will continue on (1) the roles of the Board, GAC, and ALAC in the objection process, (2) the incitement to discrimination criterion, and (3) fees for GAC and ALAC-instigated objections. ICANN will take into account public comment including the advice of the GAC, and looks forward to receiving further input from the working group in an attempt to close this issue.

GAC members on the Rec6 working group repeatedly highlighted objection fees as a deal-breaker – governments don’t want to have to pay to object to TLD applications.

This appears to been cast as some kind of sovereignty-based matter of principle, although I suppose it could just as easily be an “in this economic climate” budgeting concern.

ICANN’s position is that the GAC as a whole can object for free, but that individual governments have to pay. Fees for some objection procedures will run into tens of thousands of dollars.

The GAC also has beef with the AGB’s treatment of geographic strings.

This is an area where ICANN says the AGB already “substantially reflects the views of the ICANN community” but intends to take GAC comments into account.

ICANN has already made substantial concessions on the geographic names issue, but there may still be a few loopholes through which territory names could slip through the net and be approved without the endorsement of their local governments.

Finally, the GAC wants to include amendments to the Registrar Accreditation Agreement, previously recommended by law enforcement agencies, in the AGB discussion.

The appears to have come completely out of the blue, without any direct relevance to the new TLD program.

It’s a long list covering a lot of issues, and it could get longer when the GAC publishes its official “scorecard”. We’ll have to wait and see.

Is ICANN too scared of lawsuits?

Kevin Murphy, November 17, 2010, Domain Registries

Arguments about the new top-level domain Applicant Guidebook kicked off with a jolt this week, when ICANN was accused of abdicating its responsibilities and being too risk-averse.

In what I think was the first case of a top ICANN staff member publicly discussing the AGB, senior veep Kurt Pritz fielded questions about “morality and public order objections” on a packed and occasionally passionate conference call (mp3).

On the call, Robin Gross of IPJustice accused ICANN’s of shirking its duties by proposing to “fob off” decisions on whether to reject controversial TLDs onto third-party experts.

She said:

I’m concerned that there’s a new policy goal – a new primary policy goal – which is the risk mitigation strategy for ICANN. I don’t remember us ever deciding that that was going to be a policy goal. But it seems that now what is in the best interest for the Internet is irrelevant. The policy goal that rules is what is in the best interest for ICANN the corporation

A cross-constituency working group (CWG) had said that controversial TLDs should be rejected only after a final nod from the ICANN board, rather than leaving the decision entirely in the hands of outside dispute resolution providers.

There was a concern that third parties would be less accountable than the ICANN board, and possibly more open to abuse or capture.

But ICANN rejected that recommendation, and others, on “risk mitigation” grounds. Explanatory notes accompanying the new AGB (pdf) say:

Independent dispute resolution is a cornerstone of the risk mitigation strategy. Without outside dispute resolution, ICANN would have to re-evaluate risks and program costs overall.

Almost a third of every new TLD application fee – $60,000 of every $185,000 – will go into a pool set aside for ICANN’s “risk costs”.

These costs were based on an estimate that there will be 500 applications, and that ICANN will need $30 million to cover risks.

These are often thought to be primarily risks relating to litigation.

There’s a fear, I suspect, that ICANN could become embroiled in more interminable .xxx-style disputes if it allows the board to make subjective calls on TLD applications, rather than hiring independent experts to make decisions based on uniform criteria.

On Monday’s conference call, Gross said that ICANN’s treatment of the CWG’s recommendations was a “really big shock”. She added:

clearly here this is just a fobbing off of that responsibility, trying to again avoid litigation, avoid responsibility rather than take responsibility and take accountability

But ICANN says that the risk mitigation strategy benefits TLD applicants by removing uncertainty from the program, as well making ICANN more credible.

Pritz said on the call:

the risk to the program is in creating a process or procedure that isn’t transparent and predictable for applicants. By what standard can a TLD be kicked out? It’s got to be: here’s the standards, here’s the decision maker and here’s the process.

When I talk about risk, it’s risk to this process.

If this process attracts a lot of litigation, and ICANN published the process and then did not follow it, or that the process wasn’t clear so that the applicant had no way of predicting what was going to happen to its application, the risk is then litigation would halt the process and undermine the ICANN model.

So it doesn’t really have anything to do with the people that are the directors or the people that are the staff; it has to do with the credibility of ICANN as a model for Internet governance.

In other words, if TLD applicants pay their fees and go into the process knowing what the rules are, and knowing that there’s little chance of being jerked around by the ICANN board, there’s less chance of the program as whole being disrupted by lawsuits.

Seems fair enough, no?

Will the new TLD guidebook provide answers?

Kevin Murphy, November 8, 2010, Domain Registries

ICANN is due to publish an Applicant Guidebook for new top-level domain registries tomorrow, and there are still big question marks over its contents.

Judging from a preliminary report from the ICANN board’s most-recent official meeting, some key decisions may not have yet been taken.

Perhaps the biggest unresolved issue is whether to permit the “vertical integration” of registry and registrar functions.

Which way ICANN swings on this problem will determine which companies are eligible to apply for new TLDs, how their business models will be structured, and how realistic “.brand” TLDs will be.

The ICANN community failed to reach consensus on this issue, largely due to differing business interests and a few consumer protection concerns.

But it looks like the ICANN board did not even discuss the matter at its October 28 meeting. The preliminary report has this to say:

2. Vertical Integration

In the interests of time, the Chair adjourned this item of discussion to a later date.

That “later date” may have been last Thursday and Friday, when the board held its rescheduled “retreat”, which is not designated as an official meeting.

On “Rec6”, previously known as the “morality and public order” objections process, the board passed no resolution October 28, but seems to have endorsed further discussions with the community.

The preliminary report states:

The Board discussed staff presentation and, in conformance with staff recommendation, directed staff to provide a briefing paper to the working group and to coordinate a call with the working group to further discuss the issues.

If the Rec6 working group mailing list and the GNSO calendar are any guides, that meeting has not yet been called (at least not publically).

The report also addresses geographic domains and issues that need to be taken into account given what ICANN’s Affirmation of Commitments with the US government says about new TLDs.

The Board agreed that staff provide a paper on geographic names to the GAC, the Chair of the GAC would check on the scope of issues still requiring discussion, and then the Chairs of the GAC and the Board would discuss the process for resolution to move this issue forward prior to Cartagena.

The Board discussed a paper regarding the adherence to the conditions set out in the Affirmation of Commitments in launching New gTLDs, and the need for identifying objective metrics to measure ICANN’s performance. The Board asked staff to consider what known performance indicators for the New gTLD program may be, what the adequacy scale is for measuring, and try to set that out for future conversation.

With all this in mind, it seems to me that while we may have a timeline for the launch of the new TLD program, there’s still much more to do than merely cross t’s and dot i’s.

Can we expect more placeholder text in tomorrow’s Applicant Guidebook?

.XXX debate could test GAC powers

Kevin Murphy, November 1, 2010, Domain Policy

The long-running .xxx top-level domain saga has tested ICANN processes to their limits over the last decade, and it looks like it may do so at least one more time.

Digging a little deeper into the board’s decision to consult with its Governmental Advisory Committee before approving the TLD, it looks like the discussion will be quite broad-based.

The .xxx consultation could in fact have consequences for the board/GAC power balance, helping define the parameters of their future interactions.

This PDF, published at the same time as last week’s board resolution on .xxx, outlines three GAC positions that could have a bearing on the matter.

The first is its communiqué from the Wellington meeting in 2007, which noted that several GAC members were “emphatically opposed” to the introduction of .xxx.

The GAC operates on a consensus basis. When it can’t find consensus, its communiqués also reflect minority positions. So ICANN now wants to know whether the Wellington letter constitutes GAC “advice”.

The question remains whether a position taken by “several members of the GAC” can be equated with GAC advice on public policy matters. If it is not GAC advice, then the concern of inconsistency [of the .xxx contract with GAC advice] diminishes.

Some may be surprised to discover that, after over a decade, there’s no broad agreement about when something the GAC says constitutes official “advice” that ICANN, under its bylaws, must consider.

Attendees to the Brussels meeting this June will recall that the joint board-GAC meeting, transcribed here, spent most of its time labouring on this apparent oversight.

In consulting with the GAC on .xxx, there’s an outside chance that some answers with regards the definition of “advice” may be found.

It wouldn’t be the first time ICM Registry’s controversial application has forced ICANN to address shortcomings in its own accountability procedures.

Notably, the Independent Review Process, promised in the bylaws for years, was eventually implemented to allow ICM’s appeal after it had pushed the Reconsideration Request process to its limit.

ICANN’s latest resolution on .xxx also refers to a letter (pdf) GAC chair Heather Dryden sent to the board in August, which expressed a desire that no “controversial” TLDs should be added to the root.

While ostensibly addressing future TLD applications, rather than TLDs applied for under previous rounds, the letter did say that “objection procedures should apply to all pending and future TLDs”, which was widely interpreted as referring directly to .xxx.

Last week’s ICANN board documents say:

If the “pending” TLD refers to .XXX, the approval of the .XXX sTLD Registry Agreement without allowing for these types of objections would be inconsistent with GAC advice.

I’ve reason to believe that the “pending” language may have been inserted quite late into the drafting of the Dryden letter, and may not enjoy the unanimous support of GAC members.

Regardless, the letter implies that whatever “morality and public order” or “Rec6” objections process winds up in the new TLD Applicant Guidebook should also apply, retroactively, to ICM.

If ICANN were to agree on this point, a precedent would presumably be set that would allow the GAC to issue thirteenth-hour “advice” that moves the goal-posts for future new TLD applicants, removing a significant amount of predictability from the process.

For that reason, I think it’s unlikely that ICM will be told it is subject to the Rec6 process (whatever that may ultimately look like).

The consultation, however, may result in some clarity around where the GAC’s powers of “advice” begin and end, which is probably a good thing.