.radio’s new owners might have a fight on their hands

Should gTLD registries that avoid costly auctions by promising to serve special limited communities be allowed to later change their business models to improve sales?

That’s the question being asked of .radio, which recently was taken over by a new owner and might be on track to liberalize its registration policies in the near future.

.radio is what is called a “Community” or “Spec 12” gTLD, meaning it has Specification 12 — which imposes eligibility and content rules on registered domains — in its ICANN registry contract.

Four organizations applied for .radio in 2012, but the European Broadcasting Union prevailed, avoiding a potentially expensive auction, by filing a Community application and winning a Community Priority Evaluation.

Afilias, Donuts and BRS Media — all commercial, non-Community applicants — lost out on their chances to run .radio, or make money losing a private auction, because of this successful CPE.

While .radio launched in 2017, it’s never had more than about 3,000 domains under management and earlier this year the EBU sold its contract to Digity, an emerging registry operator with ties to Sav.com.

The suspicion is that Digity is planning to abandon .radio’s community roots and make it more of a mass-market proposition.

That concern was recently expressed by Craig Schwartz, president of fTLD Registry Services, which runs the Spec 12 gTLDs .bank and .insurance, in a letter (pdf) to ICANN’s chair.

Schwartz noted that Digity, unlike the EBU, “appears to have no existing relationship with the originally stated radio community” and said that registries should not be allowed “to game ICANN by preferentially acquiring these assets under one premise and then blindsiding Registrants at a later date.”

ICANN should audit Spec 12 registries for community compliance and open to public comment any attempt to transfer ownership of the contracts, he wrote.

Schwartz reiterated these concerns during a call of the ICANN At-Large community yesterday, adding that ICANN should come up with a way to “wind down” failing Spec 12 gTLDs, rather than transferring them to a liberalizing successor.

He — saying he is supported by other community registries — appears concerned that if ICANN allows registries to play fast and loose with their original commitments, it could not only enable gaming but also tarnish the reputation of other Spec 12s such as .bank.

Consultant Michael Palage, on the same At-Large call, said the the “cheat code” for registries is to get their Spec 12 removed during bilateral negotiations with ICANN Org at the time of contract renewal. He pointed to the liberalization of GoDaddy’s .xxx as an example.

Probably not coincidentally, the current 10-year .radio Registry Agreement is due to expire this July and is currently up for renewal.

ICANN has yet to publicly respond to Schwartz’s letter.

presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life

Celebrities, politicians, tech bros, and hundreds of household brands are among the registrants of roughly 30,000 dormant .xxx domains that have suddenly awoke and found themselves live on the internet.

The sudden explosion of newly live domains happened around May 20, when .xxx registry GoDaddy made some technical changes to its .xxx database as a result of the TLD’s move from “sponsored” to open.

The move means names such as presidenttrump.xxx, presidentobama.xxx, elonmusk.xxx, kanye.xxx, jeffbezos.xxx, adele.xxx and scarlettjohansson.xxx are all suddenly real, resolving domains that could be configured to host web sites for the first time in a decade or more.

If they are defensive registrations, that’s arguably no big deal. If they are registered to third parties, the registrants are now free to throw up any AI-generated Rule 34 mischief they wish.

The .xxx zone file popped from around 6,500 domains to almost 36,000 by May 22, as GoDaddy lifted serverHold status from each affected domain. In the vast majority of cases, these will be domains defensively registered by brand owners, some as far back as 2011, or attempted cybersquats.

From launch until this year, .xxx was considered a sponsored gTLD. Anyone could register a domain, but the registry would keep the names dormant, non-resolving, and out of the zone file until the registrant applied for “Membership” of the porn community and obtained a special software token that their registrar could use to activate the domain.

Because .xxx is no longer a sponsored gTLD, the registry is sunsetting the token system. The current phase of this process has seen GoDaddy remove the serverHold status for domains where the registrant never bothered to obtain their token.

This means that the defensive domains are now discoverable via the zone file for the first time, revealing which brands considered themselves particularly vulnerable to cybersquatting.

Spare a thought for the registrant, presumably Big Three management consultancy Bain, which seems to have been spending north of four grand a year since 2012 sitting on this stash of domains:

bain-blows.xxx, bain-stinks.xxx, bain-sucks.xxx, bainbaingoaway.xxx, bainblows.xxx, baincapital-blows.xxx, baincapital-stinks.xxx, baincapital-sucks.xxx, baincapitalblows.xxx, baincapitaldestroysjobs.xxx, baincapitalfiredme.xxx, baincapitalhypocrisy.xxx, baincapitalkillsjobs.xxx, baincapitallies.xxx, baincapitalliesaboutjobs.xxx, baincapitallootsjobs.xxx, baincapitalscam.xxx, baincapitalscrewspeople.xxx, baincapitalscrewspoorpeople.xxx, baincapitalscrewsthepoor.xxx, baincapitalsteals.xxx, baincapitalstealsfrompoorpeople.xxx, baincapitalstealsfromtaxpayers.xxx, baincapitalstealsfromthepoor.xxx, baincapitalstealspensions.xxx, baincapitalstinks.xxx, baincapitalsucks.xxx, baincapitalventures.xxx, baincapitalvultures.xxx, baincausespain.xxx, baincrapital.xxx, baincrematesjobs.xxx, baindestroysjobs.xxx, bainfiredme.xxx, bainhypocrisy.xxx, bainkillsjobs.xxx, bainlies.xxx, bainliesaboutjobs.xxx, bainlootsjobs.xxx, bainscam.xxx, bainscrewedme.xxx, bainscrewspeople.xxx, bainscrewspoorpeople.xxx, bainscrewsthepoor.xxx, bainsteals.xxx, bainstealsfrompoorpeople.xxx, bainstealsfromtaxpayers.xxx, bainstealsfromthepoor.xxx, bainstealspensions.xxx, bainstinks.xxx, bainsucks.xxx, bainthepredator.xxx, bainvultures.xxx, bewareofbain.xxx, blamebain.xxx, boycotbain.xxx, boycotbaincapital.xxx, fuckbain.xxx, fuckbaincapital.xxx, gotohellbain.xxx, occupybain.xxx, occupybaincapital.xxx, puttheblameonbain.xxx, saynotobain.xxx, thehypocrisyofbain.xxx, thehypocrisyofbaincapital.xxx, therealbain.xxx, therealbaincapital.xxx

(In 2012, Bain was closely associated with Republican US Presidential candidate Mitt Romney, its former CEO.)

The newly visible .xxx domains do not paint the full picture of defensive registrations in the gTLD. There are another roughly 8,000 registered .xxx domains that do not yet appear in the zone files, according to registry transaction reports.

There are also an unknown number of brands being blocked there, which do not show up in public records, as a result of GoDaddy’s AdultBlock and GlobalBlock services.

.hot is for hookers? Amazon’s first premium regs revealed

Amazon Registry made three new gTLDs available to non-trademark-holders on Monday, and so far a handful registrants have taken up the offer of premium Early Access Period pricing.

The five-day EAPs for .free, .hot and .spot see prices start high and decrease each day until May 17, when they’ll settle at standard general availability pricing.

While the wholesale prices have not been published by Amazon, the registrar 101domain was retailing them for $6,299 on day one, $3,299 on day two, $1,399 on day three, $799 on day four, and $199 on day five.

GA pricing for .hot at 101domain will be $59.99, while .free will be $44.99 and .spot will be $29.99.

The early adopter(s) in .hot seem to be viewing it as a sex-related TLD along the lines of .xxx, .sex or .sexy. All the day-one registrations (in multiple languages) look set to be used for escort services.

The domains that popped up for the first time in the May 13 zone files were:

be.free
bible.free
sql.free

acompanhantes.hot
escort.hot
escorts.hot
incontri.hot
prepagos.hot
trans.hot

high.spot
hub.spot

The only new domain in the May 14 zones appears to be live.free. They’re not exactly flying off the shelves so far.

Because the zone files are generated at midnight UTC and Amazon’s EAP daily price-increase cut-off is 1259 UTC, it’s not possible to say for sure how much each registrant paid for their domain names.

DotMusic has sold a lot of names, but not many are turned on

DotMusic, the company that started selling .music domains seven months ago, has had a relatively successful launch, but one in four domains sold have not yet gone live.

The latest registry transaction reports show that there were just over 30,000 registered .music domains at the end of January. Registry CEO Constantine Roussos tells us it’s over 31,000 today.

“We have more registrations than any community TLD and it is not even close,” Roussos said.

It’s certainly true that .music is already the largest generic-term Spec 12 Community gTLD from the 2012 application round.

But while 31,000 in six months is a good start for a 2012-round gTLD, there are currently only about 7,500 domains in the .music zone file, showing that about three quarters of names have not been activated.

It’s not the lowest unactivated domains rate in gTLDs — only about 15% of .xxx’s registered names are in its zone file, for example — but it’s pretty low. The similarly-sized .baby has about 84% utilization.

A low utilization rate usually means a high proportion of defensive registrations — registrants have no intention of ever using their domains but want to keep them out of the hands of others — but something different might be going on here.

As a Community gTLD, .music has extra hoops to jump through before registrants can activate their domains.

They have to have their identity and nexus to the music industry verified and obtain a special code called a Music ID from the registry, which can also be used for future registrations.

Roussos said that “the majority of the registrants have never owned a domain name before, which is great news for us”. He added: “My other guess is that most just wait until they are ready to use the domain to get verified”.

He said that many registrants are choosing to take advantage of a feature called SmartPage, which gives bands a template-driven profile page containing basic information and links to their socials and such.

.xxx founder Stuart Lawley has died

Stuart Lawley, who battled ICANN to launch the .xxx gTLD, has reportedly died of a heart attack aged 61.

AVN, a trade publication for the adult video industry, reported the news yesterday, citing his friend Greg Dumas.

While Lawley did not found ICM Registry, he took it over early in its fight for .xxx and ran it through its 2011 launch until its sale to MMX in 2018.

He was in charge during the protracted fight to get ICANN to approve .xxx over the objections of governments and some in the porn industry, which led to a precedent-setting Independent Review Process proceeding, which ICM won.

For the domain industry, Lawley arguably leaves two important legacies — a more accountable ICANN, and the now industry-standard concept of domain-blocking services, which ICM came up with with its “Sunrise B”.

I really liked Stu. I considered him a mate.

He was an extremely low-bullshit source, but our regular conversations back at the height of the .xxx controversy more often than not also diverged into our personal lives — everything from our love lives to our respective blood pressure scores — which doesn’t happen very often in my line of work.

Having sold his scratch-built fax machine company for $200 million in the 1990s, his life was considerably more interesting than mine. It’s because of Stu that, should the opportunity ever present itself, I know why it’s a bad idea to buy a private jet.

We hadn’t talked much since his son, Sabian, was killed by a hit-and-run driver a couple of years ago, a tragic and still-unsolved incident that caused him to retire from business.

GoDaddy’s .xxx contract renewed

GoDaddy’s .xxx gTLD will no longer be “sponsored”, following a vote of ICANN’s board of directors last week.

At its ICANN 81 AGM in Istanbul, the board approved the renewal of GoDaddy subsidiary ICM Registry’s Registry Agreement.

The new deal closely follows the text of the standard RA most other gTLDs use, scrapping restrictions that GoDaddy found onerous but which were vital in getting the deal approved in the first place back in 2011.

It means the end of IFFOR, the International Foundation For Online Responsibility, the largely toothless oversight body that had been tasked with creating policies and issuing grants to worth causes but arguably did neither.

It also means less friction for the .xxx registration process, as registrants will no longer have to affirm they are members of the “sponsored community”, which never existed in any real sense anyway.

Some elements of the original sponsorship agreement, such as strict prohibitions on child sexual abuse material and the suggestion thereof, have been moved to Public Interest Commitments that ICANN could in theory enforce.

In its resolution text, ICANN noted that the Governmental Advisory Committee, which almost got .xxx killed off a couple decades ago, had not felt strongly enough about the new deal to publicly comment on it one way or the other.

.xxx makes most of its money from defensive registrations. It had almost 45,000 domains under management at the end of June, but barely 7,000 of those appeared in its zone file of the same date. That does not included domains blocked via the AdultBlock and GlobalBlock services, which are not counted in any public document but which I estimate are measured in five figures.

As customers flee legacy gTLDs, .org tops 11 million names

Almost every legacy gTLD is shrinking, but .org is thriving and recently hit a major milestone.

Public Interest Registry announced yesterday that it’s passed the 11 million registered names milestone, with CEO Jon Nevett calling it “a big moment for our organization”.

Looking at zone file records, it appears that the 11 million mark was passed some time last month. It’s added about 240,000 domains to its zone since the start of 2024.

The same records show that almost all legacy, pre-2012 gTLDs are shrinking, some by alarming numbers.

It will not be news to regular readers that .com and .net volumes have been suffering recently, with .com down about 3.4 million names since the start of the year and .net down about 477,000.

In percentage terms, .pro is by far the biggest loser over the same period. It started the year with 718,000 names in its zone and has just 484,000 today, losing about a third of its domains.

The larger legacies — .info, .biz, .asia and .mobi — have all gone down by tens of thousands. Meanwhile, the smaller gTLDs .name, .tel, .coop, .museum and .aero all suffered losses commensurate with their size.

It’s not really fair to judge .xxx by the size of its zone, as GoDaddy Registry mainly sells .xxx as defensive registrations that never see the zone, but it’s also down this year.

The only other legacy gTLDs that have grown this year are .jobs, .cat and .travel, which have all experienced modest growth measured in the hundreds of domains.

The lack of a profit motive is likely behind PIR’s success.

Despite having price caps removed from its ICANN contract and experiencing the same inflationary pressures as the rest of us, it has declined to increase its renewal fees, unlike the other legacy gTLDs with large customer bases.

GoDaddy likely to win relaxed .xxx deal

GoDaddy seems set to get a renewed and relaxed .xxx registry contract, after ICANN dismissed the concerns of critics of the deal.

In a much-delayed analysis of submissions to a recent public comment period, Org indicated that it is in favor of GoDaddy, via subsidiary ICM Registry, migrating to a Registry Agreement much more in line with sister gTLDs .porn, .adult and .sex.

That would mean an end to the “sponsored” status of .xxx, removing the largely pointless restrictions and streamlining the registration process, and the dissolution of IFFOR, the nominal sponsor, which was criticized by one commenter as a toothless “gravy train”.

Only nine comments were received, and views were mixed, but where commenters were critical of the proposed deal ICANN has stood firm.

Notably, Org dismissed the idea that a public comment period on a Registry Agreement renewal is an appropriate forum to question whether a signatory to that Registry Agreement has historically complied with its terms.

At least two commenters had raised issues, some of which I have reported, about whether ICM had stuck to promises related to funding IFFOR and whether IFFOR had stuck to promises to issue cash grants to worthy causes.

Commenters also said that ICM has already stopped verifying the identities of registrants in its made-up “sponsored community”, which would have enabled it to more easily tackle repeatedly abusive registrants.

But ICANN doesn’t think that kind of thing — which it files under “Misconceptions, assumptions, and allegations and claims” — is suitable for discussion in Public Comments.

“If there are concerns regarding ICM’s compliance with the .XXX RA, such concerns (if any) should be raised with ICANN Compliance for investigation and are considered outside of the scope of this Public Comment proceeding,” the analysis reads.

There’s also no need to replace ICM’s sponsorship commitments with Public Interest Commitments along the lines of those found in most post-2012 gTLDs, according to the Org analysis.

“ICANN has not identified a need to add further, new obligations for the operation of .XXX or to treat .XXX differently than other adult-themed gTLDs, particularly in light of the similar PICs that the .ADULT, .PORN, and .SEX gTLDs have utilized for approximately the last decade,” it reads.

The .xxx agreement was due to expire in early 2021, but its term has been repeatedly extended as negotiations continued behind the scenes. Likewise, the public comment analysis was originally due to be published in late May but was repeatedly delayed.

It’s now up to ICANN’s board of directors, which has already been briefed on the analysis contents, to approve the renegotiated deal.

GoDaddy getting a free pass from porn jail?

ICANN has shirked its compliance duties and is handing GoDaddy a “Get Out of Jail Free” card with proposed changes to their .xxx registry agreement, according to critics.

A recently closed public comment period saw a mixed response from the community on whether GoDaddy should be allowed to throw out inconvenient and costly terms of its 10-year-old registry contract and operate .xxx more of less like any other open gTLD.

While the deal’s chief critic, consultant and former ICANN director Michael Palage, has made a detailed case explaining why he thinks the amendments should not go ahead, other commenters agree with GoDaddy that some of its stricter registration policies are no longer needed.

Tucows said that the current .xxx rules, which require registrants to verify their identities, are “cumbersome or non-transparent”, not only adding unnecessary friction to the registration path but also amounting to the “surveillance of sex workers”.

Palage managed to persuade the At-Large Advisory Committee to submit its own comments, in which ALAC claims that GoDaddy has already “walked away” from three important contractual commitments on registrant verification and abuse reporting “unilaterally and without consequence from ICANN Contractual Compliance”.

According to Palage, when GoDaddy acquired ICM Registry from MMX a few years ago it unilaterally decided to stop verifying the identities of its registrants and did away with the unique community membership IDs that enabled it to deactivate a registrant’s entire portfolio if it was found to be in breach of the rules by, for example, publishing child sexual abuse material.

ICM also stopped donating $10 for every registration to its oversight body, IFFOR, which in turn spent the money it did receive on director salaries rather than making cash grants to child protection causes, Palage says. I’ve previously gone into some depth on this.

“I am concerned that instead of ICANN compliance holding ICM Registry accountable to these representations, they’re essentially giving them a get out of jail card free and potentially removing the ability for third parties to hold ICM Registry accountable to those representations,” Palage said during a March presentation to the ALAC.

His draft comments for the ALAC were subsequently submitted under his own name; ALAC submitted a shorter, somewhat watered down version drafted by chair Jonathan Zuck.

But ALAC and Palage are in agreement that GoDaddy should have gone through the usual Registry Services Evaluation Process if it wanted to change the terms of its contract, and that the proposed amendments set a terrible precedent. ALAC wrote:

ALAC believes that commitments made in order to operate a TLD by a Registry Operator should be enforceable, subsequently implemented by the Registry Operator, and enforced by ICANN Contractual Compliance… The ALAC is concerned that the removal of commitments, through a contract renewal, could set a precarious precedent for non-compliance without repercussion for existing Registry Operators

The Business Constituency echoed ALAC’s concerns in its own comments, as did registry operator CORE Association.

Comments in favor of the .xxx amendments came from two veteran, dissenting voices from the At-Large community, Evan Leibovitch and Carlton Samuels. They said removing the extra requirements from the .xxx contract would reduce confusion and were worthless anyway:

Given the benefit of hindsight, the “Sponsored gTLD” program and designation have not on the whole provided any significant benefit to the Internet-using public. As such, we welcome the removal of this designation — and any associated extra contract requirements — from all applicable Registry Agreements going forward.

Tucows’ support for the amendments are based largely on what a pain in the neck it can be — for registrant and registrar — to register a .xxx domain. Its comments explain:

Currently, to register a .xxx domain, one must become a member of the Sponsored Community, which involves a separate application process to verify eligibility. This extra step is a barrier for those looking to quickly secure a domain. Additionally, the domain cannot resolve—meaning it cannot be used to host a website—without a valid Membership ID, which is only issued after this verification process… This activation involves additional interactions between the registry, the registrant, and the registrar. Additional steps in the registration process can be a significant deterrent as they introduce complexity and time delays.

I’m not really buying the “surveillance of sex workers” claim. Porn producers in many jurisdictions, including the US, already routinely verify the identities of their performers, and keep copies of their identity documents on file, as a legal requirement to ensure their employees are not underage.

ICANN is due to publish its summary of the public comment period by May 20.

How ICANN handles the renewal of and amendments to the .xxx contract will be interesting to watch. Will the Governmental Advisory Committee get a chance to weigh in before the deal is signed? Will the board pass a resolution, or will we see a repeat of the .org renewal debacle?

GoDaddy’s next .xxx contract may not be a done deal

ICANN has published what could be the next version of GoDaddy’s .xxx registry contract, and is framing it as very much open to challenge.

The proposed Registry Agreement would scrap the “sponsored” designation from .xxx, substantially reduce GoDaddy’s ICANN fees, and implement the strictest child-protection measures of any gTLD, as well as make ICANN Compliance’s job a lot easier by standardizing terms on the new gTLD program’s Base RA.

But, as eager as ICANN usually is to shift legacy, pre-2012 gTLDs to the Base RA, this time it’s published the contract for public comment as if it’s something GoDaddy is unilaterally proposing.

It’s “ICM’s proposal”, according to ICANN’s public comment announcement, referring to GoDaddy subsidiary ICM Registry, and “ICM has requested to use the Base Registry Agreement form, as well as to remove the sponsorship designation of the .XXX TLD”.

This is not the language ICANN usually uses when it publishes RA renewals for public comment. Normally, the proposed contracts are presented as the result of bilateral negotiations. In this case, ICANN and ICM have been in renewal discussions for at least three years, but the contract is being presented as something GoDaddy alone has asked for.

The new RA would remove almost all references to sponsorship and to IFFOR, the pretty much toothless “sponsor” organization ICM created to get its .xxx application over the line under the rules of the Sponsored TLD application round that kicked off back in 2003.

Instead, it loads a bunch of Public Interest Commitments, aimed at replicating some of the safeguards IFFOR oversight was supposed to provide, into the Base RA.

GoDaddy would have to ban and proactively seek out and report child sexual abuse material. It would also prohibit practices that suggest the presence of CSAM, such as the inclusion of certain unspecified keywords in .xxx domains or in the corresponding web site’s content or meta-content.

(ICANN notes that these PICs may become unenforceable, depending on the outcome of current discussions about its ability to enforce content-related terms of its contracts).

GoDaddy and IFFOR have both submitted letters arguing that sponsorship is no longer required. The existence of sister gTLDs .adult, .sex, and .porn as unsponsored gTLDs, also in the GoDaddy Registry stable, proves the extra oversight is not needed, they say. Registrants polled do not object to the changes, they say.

GoDaddy’s cost structure would also change under the new deal. Not only would it save $100,000 a year by cutting off IFFOR, but it would also inherit the Base RA’s 50,000-domain threshold for paying ICANN transaction fees.

This likely means it won’t pay the $0.25 transaction fee for a while — .xxx was at about 47,500 domains under management and shrinking at the last count. It hasn’t reported DUM over 50,000 since January 2023.

While the renewal terms may seem pragmatic and not especially unreasonable, they’ve already received at least one public objection.

Consultant Michael Palage, who was on the ICANN board for the first three years of .xxx’s agonizing eight-year path to approval, took to the mic at the ICANN 79 Public Forum earlier this month to urge the board to reject GoDaddy’s request.

Palage said there have been “material violations of the Registry Agreement” that he planned to inform ICANN Compliance about. He added that approving the new deal would set a bad precedent for all the other “community” registries ICANN has contracts with.

The situation has some things in common with the controversy over the proposed acquisition of Public Internet Registry and .org a few years ago, in that the proposal entails ignoring promises made by a registry two decades ago.

Whether .xxx will attract the same level of outrage is debatable — this deal doesn’t involve nearly as many domains and does not talk to the price registrants pay — but it could attract noise from those who believe ICANN should not throw out its principles for the sake of a quieter life.

One place we might look for comment is the Governmental Advisory Committee, which was the biggest reason .xxx took so long to get approved in the first place.

But the timing of the comment period opening is interesting, coming a week after ICANN 79 closed. It will end April 29, about six weeks before the full GAC next meets en masse, at ICANN 80.

It’s not impossible that the new contract could be approved and signed before the governments get a chance to publicly haul ICANN’s board over the coals.