Latest news of the domain name industry

Recent Posts

There’s one obvious pick for next year’s ICANN Community Excellence Award

Kevin Murphy, December 15, 2020, Domain Policy

ICANN has opened up nominations for its 2021 ICANN Community Excellence Award, and I don’t think it would be inappropriate of me to suggest that one likely nomination seems like a shoo-in: the late Marilyn Cade.

The award, now in its eighth year, is given to a community member who “deeply invested in consensus-based solutions and contributed substantively to the ICANN multistakeholder model”.

It’s judged by a cross-constituency panel of community leaders and awarded in June each year, using three criteria:

  • Demonstrated ability to work across community lines with both familiar and unfamiliar ICANN stakeholders with the aim of building consensus.
  • Facilitator of dialogue and open discussion in a fair and collegial manner, through the spirit of collaboration as shown through empathy, and demonstrating a sincere desire to engage with people from other backgrounds, cultures, and interests.
  • Demonstrated additional support for the ICANN multistakeholder model and its overall effectiveness through volunteer service via working groups or committees.

I believe Cade, who died last month at 73, fits easily into each of these.

She participated in ICANN’s formation in the late 1990s and participated in almost every public meeting since. She was a long-time member, and three-year chair, of the Business Constituency, and participated in several key volunteer working groups.

There’s a rather fascinating and lengthy audio interview with Cade, conducted by Ayden Férdeline shortly before her death, in which she discusses her involvement with the creation of ICANN, over here.

At the time of her death, ICANN CEO Göran Marby said: “Marilyn had strong views and opinions on many matters but always supported the multistakeholder model. She wanted people to be involved in ICANN and to maximize the potential of the Internet.”

While her views and positions may not have been universally loved, the hundreds of public tributes paid since her death reveal a consensus view that, regardless of competing affiliations, Cade was strongly active in community-building and mentoring new community members, particularly from underrepresented demographics.

It would not be the first time ICANN has given this award posthumously. In 2018, it was awarded to former GNSO Council chair Stéphane Van Gelder after his untimely death earlier that year.

It is of course easier to evaluate an individual’s contribution when their entire body of work is known.

From its inaugural 2014 round, the prize was known as the ICANN Ethos Award. The name was changed earlier this year, most probably to avoid alluding to the private equity firm Ethos Capital, which at the time was involved in a high-profile dispute with the org.

The winner will be announced at the ICANN 71 meeting, wherever that may be, next June.

Whois privacy group finds its new chair

Kevin Murphy, December 8, 2020, Domain Policy

Verisign’s top policy veep is set to become the third chair of the ICANN working group looking at Whois policy in the post-GDPR world.

Keith Drazek has been recommended to head the long-running group, known as the EPDP, and the GNSO Council is due to vote on his appointment next week. He’s likely to be a shoo-in.

He’s VP of policy and government relations at the .com registry, and a long-standing member of the ICANN policy-making community.

I recently opined that ICANN was looking for a “masochistic mug” to chair the group. Drazek was until October the chair of the GNSO Council, and is therefore perfectly qualified for the role.

The third phase of the EPDP process, which in typical ICANNese is denominated “phase 2a”, is likely to be slightly less controversial than the first two.

The EPDP has already decided that ICANN should probably create a Standardized System for Access and Disclosure — SSAD — that may enable law enforcement and intellectual property owners to get their hands on unredacted Whois records.

But governments, IP interests and others have already dismissed the plan as useless, and there’s still a big question mark over whether SSAD is too complex and expensive to be worth implementing.

In the third phase, EPDP members will be discussing rules on distinguishing between legal and natural persons when record-holders decide what info to make public, and whether there should be a standardized system of unique, anonymized email forwarders to contact domain registrants.

They’re both less divisive topics than have been previously addressed, but not without the potential for fireworks.

The email issue, for example, could theoretically enable people to harvest a registrant’s entire portfolio of domains, something very useful for law enforcement and IP lawyers but abhorrent to privacy advocates.

The previous two phases were chaired by Kurt Pritz and Janis Karklins, with Rafik Dammak acting as vice-chair.

WIPO handles 50,000th UDRP case as coronavirus drives complaints

Kevin Murphy, November 30, 2020, Domain Policy

The World Intellectual Property Organization handled its 50,000th UDPR case on November 20, the organization has announced.

It’s taken WIPO, which designed the policy and was the first to administer it back in 1999, over two decades to reach this milestone.

WIPO said that the 50,000 cases cover almost 91,000 domains, with complaints and respondents from over 180 countries.

The organization believes the coronavirus pandemic this year has driven growth, with an 11% increase in cases recorded between January and October. There were 3,405 cases over this period.

Erik Wilbers, director of the WIPO Arbitration and Mediation Center, said in a press release:

With a greater number of people spending more time online during the pandemic, cybersquatters are finding an increasingly target-rich environment. Rights owners, meantime, are stepping up their brand enforcement on the Internet as they further shift to marketing and selling online.

Masochistic mug urgently wanted for thankless, pay-free ICANN leadership role

Kevin Murphy, November 17, 2020, Domain Policy

ICANN still hasn’t found itself a volunteer to head up the next round of no-doubt contentious discussions about Whois policy.

Today it put out its second call for a chair of the Expedited Policy Development Process working group, which is continuing to square the circle of keeping Whois data compliant with data protection law whilst also allowing cops and IP lawyers access to the data.

The EPDP was supposed to have concluded a few months ago with the end of the second phase of talks, but a couple of issues were left unresolved, leading to the creation of a third phase, being spun as “Phase 2a”.

The first issue still to be discussed is if and how registries and registrars should be obliged to make a distinction between the data of private individuals, which is protected by law, and legal entities, which isn’t.

The second is whether it would be possible to have a uniform system of anonymized email addresses across Whois records.

They’re not exactly the most controversial of topics under the Whois umbrella, but they’re not easy asks either.

And the role of chair is time-consuming, uncompensated, with few perks.

ICANN wants somebody who is neutral and, unstated but perhaps more importantly, perceived to be neutral. The chairs of the previous two phases have been policy heavy-hitters Kurt Pritz and Janis Karklins.

It also wants somebody with “considerable experience in chairing working groups”, which immediately drains the pool of potential applicants.

If previous phases of the EPDP are any guide, the successful applicant will have to herd the cats through dozens of hours of teleconferences — the more-complex phase two had 74 meetings, most of which were two hours long.

For their efforts, the chair gets no money, and because of coronavirus travel restrictions they won’t even get paid junkets to international face-to-face meetings.

And if the output of the next phase is anywhere as near as divisive as phase two, they probably won’t win much praise either.

That’s perhaps why ICANN has extended the deadline for expressions of interest from last Friday to November 23.

Applicants go here.

ICANN made over $500k in secret lawyer payments over [REDACTED] legal dispute

Kevin Murphy, November 17, 2020, Domain Policy

ICANN has approved a payout of over half a million dollars to outside lawyers for work on a legal dispute it does not want you to know about.

The board of directors a week ago approved the disbursement of a “[Redacted – Privileged & Confidential]” sum to undisclosed parties in relation to “extensive activity in [Redacted – Privileged & Confidential]”.

Under ICANN policy, the fact that board approval was required means that the amount being paid is at least $500,000. The redacted resolution also authorizes additional payments up to $499,999.

ICANN isn’t providing any hints about what the payments concern, other than that it’s a legal dispute of some kind. The resolution states:

When required, ICANN must engage outside legal counsel to help prepare for and defend against all types of disputes that are brought against ICANN. When those disputes become highly contentious they often require significant involvement during a certain time period by outside counsel and that significant amount of time also results in significant fees and related expenses.

The words “related expenses” may be telling. We may not just be talking about lawyers’ fees here.

ICANN also does not state when the expenses were incurred, other than to note that the org’s budget for fiscal 2020, which ended June 30, “contemplated” the need for such payments.

So we’re talking about a legal issue that ICANN was aware of before May 2019, when the FY20 budget was approved, possibly as far back as December 2018, when earlier versions of that budget were published.

Known legal disputes that were active back then and have seen activity in the last few months include the Afilias Independent Review Process complaint about the .web auction and DotConnectAfrica’s court appeal over its .africa loss.

But both of those cases are matters of public record. ICANN even regularly publishes legal documentation on both. They’re not secret.

The only cases I’m aware of that ICANN has actively tried to keep secret involve allegations of sexual discrimination and harassment made against at least one former senior staffer. One such lawsuit was filed late February 2019.

But the hundreds of thousands doled out by ICANN last week could be related to just about anything.

ICANN’s bylaws give the board a broad brush when it comes to redacting information from published resolutions:

any actions relating to personnel or employment matters, legal matters (to the extent the Board determines it is necessary or appropriate to protect the interests of ICANN), matters that ICANN is prohibited by law or contract from disclosing publicly, and other matters that the Board determines, by a three-quarters (3/4) vote of Directors present at the meeting and voting, are not appropriate for public distribution

Usually, when ICANN redacts information, it’s related to personnel matters such as management bonuses.

Whatever it was ICANN just spent your money on, ICANN ain’t saying.

Tributes as “great mentor” Marilyn Cade dies

Kevin Murphy, November 5, 2020, Domain Policy

Social media was flooded with tributes today after it was sadly announced that one of ICANN’s elder statespeople, Marilyn Cade, has died.

CadeCade, who participated in ICANN and the wider internet governance community for decades, was widely admired not only for her dedication to fighting her corner, but also her habit of taking the time to bring newcomers, particularly women, the young, and those from under-served regions, into the community.

Reading through tributes on social media and elsewhere today, the word “mentor” appears over and over again.

“She was incredibly dedicated and always trying to bring new people into the multi-stakeholder Internet Governance world. Every time I saw her at an ICANN meeting she would be introducing me to someone new,” wrote one community member.

“What meeting have I been to where Marilyn have not been? She was a mentor, a fighter, lots of energy, but also with attitude,” wrote another.

I myself recall being schooled, and charmed, by Cade over drinks in Mar Del Plata, when I was still a little green, over 15 years ago.

In the ICANN context, Cade was long a member of the Business Constituency of the GNSO, which she chaired for three years from 2010.

She was such a fixture at ICANN, reliably showing up to the open mic during Public Forum sessions at almost every meeting, that the simple introductory sentence “My name is Marilyn Cade” became something of a catchphrase and a source of friendly ribbing.

The phrase regularly showed up on Public Forum Bingo cards, and I once caught an ICANN technician using it to test the audio on a public webcast before the meeting went live.

But she is also fondly remembered in the wider internet governance governance community for many of the same reasons. At the Internet Governance Forum USA, she held the role of “Chief Catalyst”, a job title that perhaps speaks volumes.

The Internet Governance Forum, which kicks off its 2020 meeting online today, announced that it will hold a special session in Cade’s remembrance tomorrow, via Zoom.

“She was a staunch supporter and advocate of the IGF and Internet governance in general,” IGF wrote. “Her energy, enthusiasm and dedication, in particular to the meaningful inclusion of communities from developing countries resulted in dozens of countries establishing their National, Regional and Youth initiatives (NRIs).”

“We were blessed by her passion, her will and her immense love for IGF and the NRI community. I know many of you will be as shocked as us tonight; your pain and anguish is shared,” IGF-USA wrote.

The IGF has opened a comment forum for tributes. Details of the remembrance session can be found at the same link.

Free speech, or bad faith? UDRP panels split on Everything.sucks domains

Kevin Murphy, October 22, 2020, Domain Policy

The first wave of UDPR cases targeting domains used by Everything.suck have seen split decisions by the panels.

At least four .sucks domains, all owned by the same Turks and Caicos company, have been hit by UDRP complaints recently, and two have already been decided.

One case, over the domain miraplex.sucks, resulted in victory for the registrant while the other, over bioderma.sucks, led to defeat and a transfer.

Both domains are owned by Honey Salt Ltd, and both redirect to a page on Everything.sucks, a Wikipedia-style site that uses content scraped from third-party sites and social media to present a scrappy form of gripe microsite.

In both UDRP cases, Honey Salt chose to mount a “free speech” defense, claiming that it had rights to the names because they were being used to publish criticism of the brands in question.

As I noted last week, UDRP panels have historically been divided on when this defense should be successful. WIPO guidance suggests that gripe sites should be permitted as long as the criticism is genuine and non-commercial.

But Everything.sucks was decidedly commercial at the time these two complaints were filed. Each site featured a banner leading to a page on Sedo or Uniregistry where the domain could be purchased (usually at registry wholesale prices).

Miraplex is a brand of Parkinson’s disease medicine. In this case, the panel decided that the complainant, a pharmaceuticals company, failed to make the case that Honey Salt had no legitimate interests in the domain, writing:

the Complainant argues that the website linked to the disputed domain name displays information about the Complainant and its MIRAPEX medicines, but failed to explain (let alone substantiate) why this should be regarded as a lack of rights or legitimate interests in the disputed domain name (which seems to have a criticism purpose). Also, the Panel finds that the offering for sale of a domain name is not by itself a proof of lack of rights or legitimate interests.

The panel seems to have given special consideration to the fact that it’s a .sucks domain, where one might expect to see criticism.

Given the nature of the “.sucks” domain name gTLD, and given the evidence (or lack of evidence) submitted by the parties, the Panel finds that the Complainant did not prove that the Respondent lacks rights or legitimate interests in the disputed domain name. In particular, the Panel would have expected the Complainant to target its arguments and evidence to the specific criticism-nature of “.sucks” domain names (which the Complainant failed to do).

The decision is written in such a way as to suggest that it is the complainant’s lack of substantiating evidence, rather than the panel’s gullibility, that is to blame for the complaint failing.

The Panel finds that the Respondent’s claim that the website available through the disputed domain name has a criticism purpose is not devoid of credibility. The Panel would have expected the Complainant to argue (and corroborate) why it considers this “.sucks” domain name and its purported free expression character as a “smoke screen” and why it is of the opinion that the predominant purpose of the Respondent is to sell this domain name rather than to provide a forum for discussion and criticism. The Complainant did not explain nor substantiate why it considers the criticism character of this website as a pretext. The Panel also finds that the offering of a domain name for sale is not by itself evidence of bad faith.

The bioderma.sucks case is an entirely different story, with the panel writing that Honey Salt’s “entire endeavour seems to the Panel to be a pretext for commercial activity”.

Honey Salt’s “pretext” is that it registers domain names on behalf of a non-profit entity called Everything Sucks Inc, which appears to have been formed in Delaware this April. It told the Miraplex panel that whenever a wiki page is created at Everything.sucks, it registers the corresponding domain name.

Given that over two thousand .sucks domains were registered in June in the space of a couple days, that seems unlikely to me.

The Bioderma panel wasn’t buying it either.

The process by which the disputed domain name was registered seems to be automatic and, importantly, took place before any criticism whatsoever was even present on the website (as may be inferred from the Parties’ evidence, namely the Complainant’s screenshot of June 24, 2020). The alleged criticism seems to have been added as an afterthought between that date and the date when the Response was filed, further calling its genuineness into question.

It also noted that the content of the site comes from third parties, rather than the registrant, again calling its genuineness into question. The panel added:

Even assuming a third party generated the page on the Respondent’s website in order to engage in non-commercial criticism, rather than the Respondent itself, the Respondent immediately proceeds to exploit the position commercially by registering and offering the disputed domain name for sale.

This blatant commercial use was important to the panel in establishing a lack of legitimate interests and also bad faith.

Respondent’s approach was to take unfair commercial advantage of the Complainant’s name and trademark while having no actual criticism or free speech of its own in which to engage. It looked to sell the disputed domain name on the open market before any criticism had even been published. The fact that the disputed domain name is used for a web page not containing genuine criticism content but only automatically generated links loosely related to the Complainant’s product (as demonstrated by the Complainant’s screenshot dating from before the filing of the present Complaint) constitutes further evidence of bad faith. The fact that the disputed domain name is used in a page containing links to other companies and where the relevant domain names (to which the links point) are systematically put on sale by the Respondent is additional evidence of cybersquatting.

The panel ordered bioderma.sucks transferred.

Two cases, two very different outcomes.

Both complaints were filed at the Czech Arbitration Court by the same lawyer within a few days of each other, and were decided within a week of each other, but by different three-person panels.

With this in mind, it seems likely that both panels were presented with a very similar set of facts and evidence, and that the make-up of the panel was important to which party emerged victorious.

Two additional cases, bfgoodrich.sucks and mandmdirect.sucks, both Honey Salt domains, are currently active at WIPO. It’s unclear whether they were filed before or after Everything.sucks removed its banner ads, which happened about a week ago.

ICANN may not meet again for a looong time

Kevin Murphy, October 21, 2020, Domain Policy

The grim reality of the ongoing coronavirus pandemic seems to be sinking in at ICANN.

Management and board all but confirmed yesterday that ICANN 70, currently still scheduled for Cancun, Mexico next March, will instead take place online via Zoom.

“We would all like to get back to face-to-face, but at this moment Cancun is not looking good for now,” chair Maarten Botterman said during a community discussion about meetings at ICANN 69, also online-only.

CEO Goran Marby said that there’s a “high probability” that Cancun will be virtual.

The session, “Board/Community Focus on ICANN Meetings” was notable for being extremely depressing rather than merely boring.

Several participants spoke in terms of ICANN meetings being virtual “for the foreseeable future”.

“With the world as it is right now, it’s very hard to say when we come back to full-fledged physical meetings,” CEO Göran Marby said.

He said there’s a possibility of “hybrid” meetings, where a face-to-face gathering could take place in a part of the world where the pandemic was under control, but he noted that this would put online participants at a disadvantage.

The overall vibe of the session was that things probably aren’t going to be back to “normal” for some time.

Even though coronavirus vaccines are already reportedly rolling off the presses right now and will be in the hands of governments by the start of 2021, many experts say the logistical problem of distributing vaccine widely enough to ensure herd immunity is tough enough that the “return to normal” is still a long way off.

Meeting participant Susan Anthony predicted that airline fares will be sky-high next year, limiting the ability of many would-be participants, particularly the smaller, less well-funded ones, to show up in person.

She said virtual or hybrid meetings could be around for “the indefinite future”.

Afilias director Jonathan Robinson concurred, saying “the world may have changed immeasurably and somewhat permanently”.

ICANN director Tripti Sinha later compared the post-pandemic world to the aftermath of the 9/11 terrorist attacks.

There was lots of talk about dumping 2020’s practice of holding the meetings during the time zone of the originally planned host country — the Hamburg time zone has been particularly tough on those in the Americas, who have to start their working day at about midnight — in favor of a utilitarian approach that is least inconvenient for the largest number of participants.

It seems to me that one reason that ICANN has yet to formally cancel Cancun — it’s not even on the board’s agenda this week — is that it’s toying with longer-term plan that may mean standard face-to-face ICANN meetings are a long way off indeed.

It’s difficult to believe that it was only June when some ICANN directors thought Hamburg would be sufficiently safe to return to face-to-face meetings this week.

ICANN denies Whois policy “failure” as Marby issues EU warning

Kevin Murphy, October 19, 2020, Domain Policy

ICANN directors have denied that recently delivered Whois policy recommendations represent a “failure” of the multistakeholder model.

You’ll recall that the GNSO Council last month approved a set of controversial recommendations, put forward by the community’s EPDP working group, to create a semi-centralized system for requesting access to private Whois data called SSAD.

The proposed policy still has to be ratified by the ICANN board of directors, but it’s not on the agenda for this week’s work-from-home ICANN 69 conference.

That has not stopped there being some robust discussion, of course, with the board talking for hours about the recommendations with its various stakeholder groups.

The EPDP’s policy has been criticized not only for failing to address the needs of law enforcement and intellectual property owners, but also as a failure of the multistakeholder model itself.

One of the sharpest public criticisms came in a CircleID article by Fabricio Vayra, IP lawyer are Perkins Coie, who tore into ICANN last month for defending a system that he says will be worse than the status quo.

But ICANN director Becky Burr told registries and registrars at a joint ICANN 69 session last week: “We don’t think that the EPDP represents a failure of the multistakeholder model, we actually think it’s a success.”

“The limits on what could be done in terms of policy development were established by law, by GDPR and other data protection laws in particular,” she added.

In other words, it’s not possible for an ICANN working group to create policy that supersedes the law, and the EPDP did what it could with what it was given.

ICANN CEO Göran Marby doubled down, not only agreeing with Burr but passing blame to EU bureaucrats who so far have failed to give a straight answer on important liability issues related to the GDPR privacy regulation.

“I think the EPDP came as far as it could,” he said during the same session. “Some of the people now criticizing it are rightly disappointed, but their disappointment is channeled in the wrong direction.”

He then referred to his recent outreach to three European Commission heads, in which he pleaded for clarity on whether a more centralized Whois model, with more liability shifted away from registrars to ICANN, would be legal.

A failure to provide such clarity would be to acknowledge that the EPDP’s policy proposals are all just fine and dandy, despite what law enforcement and some governments believe, he suggested.

“If the European Union, the European Commission, member states in Europe, or the data protection authorities don’t want to do anything, they’re happy with the situation,” he told registrars and registries.

“If they don’t take actions now, or answer our questions, they’re happy with the way people or organizations get access to the Whois data… it seems that if they don’t change or do anything, they’re happy, and then were are where we are,” he said.

He reiterated similar thoughts at sessions with other stakeholders last week.

But he faced some pushback from members of the pro-privacy Non-Commercial Stakeholders Group, particularly during an entertaing exchange with EPDP member Milton Mueller, who’s unhappy with how Marby has been characterizing the group’s output to the EU.

He specifically unhappy with Marby telling the commissioners: “Should the ICANN Board approve the SSAD recommendations and direct ICANN org to implement it, the community has recommended that the SSAD should become more centralized in response to increased legal clarity.”

Mueller reckons this has no basis in what the EPDP recommended and the GNSO Council approved. It is what the IP interests and governments want, however.

In response, Marby talked around the issue and seemed to characterize it as a matter of interpretation, adding that he’s only trying to provide the ICANN community with the legal clarity it needs to make decisions.

These eight companies account for more than half of ICANN’s revenue

Kevin Murphy, October 19, 2020, Domain Policy

While 3,207 companies contributed to ICANN’s $141 million of revenue in its last fiscal year, just eight of them were responsible for more than half of it, according to figures just released by ICANN.

The first two entries on the list will come as no surprise to anyone — they’re .com money-mill Verisign and runaway registrar market-leader GoDaddy, together accounting for more than $56 million of revenue.

Registries and registrars pay ICANN a mixture of fixed fees and transaction fees, so the greater the number of adds, renews and transfers, the more money gets funneled into ICANN’s coffers.

It’s perhaps interesting that this top-contributors list sees a few companies that are paying far more in fixed, per-gTLD fees than they are in transaction fees.

Binky Moon, the vehicle that holds 197 of Donuts’ 242 gTLD contracts, is the third-largest contributor at $5.2 million. But $4.9 million of that comes from the annual $25,000 fixed registry fee.

Only 14 of Binky’s gTLDs pass the 50,000-name threshold where transaction fees kick in.

It’s pretty much the same story at Google Registry, formally known as Charleston Road Registry.

Google has 46 gTLDs, so is paying about $1.1 million a year in fixed fees, but only three of them have enough regs (combined, about one million names) to pass the transaction fees threshold. Google’s total funding was almost $1.4 million.

Not quite on the list is Amazon, which has 55 mostly unlaunched gTLDs and almost zero registrations. It paid ICANN $1.3 million last year, just to sit on its portfolio of dormant strings.

The second and third-largest registrars, Namecheap and Tucows respectively, each paid about $1.7 million last year.

The only essentially single-TLD company on the list is Public Interest Registry, which runs .org. Despite having 10 million domains under management, it paid ICANN less than half of Binky’s total last year.

The anomaly, which may be temporary, is ShortDot, the company that runs .icu, .cyou and .bond. It paid ICANN $1.6 million, which would have been almost all transaction fees for .icu, which peaked at about 6.5 million names earlier this year.

Here’s the list:

VeriSign, Inc.$45,565,544
GoDaddy.com, LLC$10,678,376
Binky Moon, LLC$5,231,898
Public Interest Registry$2,515,416
NameCheap, Inc.$1,755,932
Tucows Domains Inc.$1,747,648
ShortDot SA$1,643,103
Charleston Road Registry Inc.$1,385,356

Combined, the total is over $70.5 million.

The full spreadsheet of all 3,000+ contributors can be found over here.