Rules for the next new gTLD round near the final straight

The ICANN working group tasked with creating policies for the next round of new gTLDs is wrapping up its work this week, setting up the battle lines for the next phase of the program’s development.

Members of the cross-constituency Subsequent Procedures for new gTLDs group, known as SubPro, have until a minute before midnight UTC Friday night to declare whether they’re not happy with any parts of the 373-page document (pdf).

It’s expected that some groups and individuals will have beef with some of the SubPro recommendations, which will be included in the Final Report as dissenting minority statements before it is sent off to the GNSO Council later this month.

The report, the product of five years of discussions, will largely affirm that the next new gTLD round will proceed along roughly the same lines as the 2012 round, with some of ICANN staff’s historical ad-libs being codified and a few new big concepts introduced.

New additions include the idea of a pre-evaluation process for registry service providers, enabling applicants to pick from a menu of pre-approved back-ends and avoid the cost of having their technical prowess evaluated for every string they apply for.

The price of applying could be kept artificially high, however, to discourage gTLD stockpiling, and the report will also recommend banning the coexistence of single/plural variants of the same word.

One area where there was definitely no consensus was the issue of “closed generics” — a non-brand string reserved for the sole use of the registry — it’s going to be up to the GNSO Council and ICANN to muddle through this one.

While the consensus call marks the end of the working group phase of new gTLD policy development, there are still many substantial hurdles to leap before the next application round opens.

In the last round, the policy was approved by the GNSO Council in 2007, and ICANN didn’t start accepting applications until the start of 2012.

it may not take five years between policy and launch this time, if only because many of the new recommendations are merely affirmations of the status quo, but there are new mechanisms ICANN will have to implement before the next round opens, and we should probably expect more than one comment period on iterations of the next Applicant Guidebook.

The road between now and the next round is still likely measured in years.

Island demands return of its “naked” ccTLD

The Pacific island nation of Niue is loudly demanding that ICANN hand over control of its ccTLD, .nu, after two decades of bitter argument.

The government has taken the highly unusual move of filing a redelegation request with ICANN’s IANA unit publicly, forwarding it to other governments and the media.

The request is backed by UNR, the former Uniregistry, which is being put forward as the proposed back-end provider.

Niue claims, as it has since at least 2000, that the string was misappropriated by an American entrepreneur in the 1990s and has been used to generate tens of millions of dollars in revenue, with almost no benefit to the country.

The word “nu” is Swedish for “now”. It’s also the masculine form of “naked” in French, which enables lazy reporters to write click-baity headlines.

The Swedish meaning was first spotted by Massachusetts-based Bill Semich in 1997. Together with Niue-based Kiwi ex-pat Stafford Guest, he obtained the delegation for .nu from pre-ICANN root zone supremo Jon Postel.

They used the name Internet Users Society Niue (IUSN) and started selling .nu names to Swedes as a meaningful alternative to .se and .com.

As of today, there are about 264,000 registered .nu names, retailing for about $30 a year. Pre-2018 data is not available, but a couple of years ago, it had over 500,000 names under management.

That kind of money would be incredibly useful to Niue, which has a population of under 2,000 and few other natural resources to speak of. The country relies on hand-outs from New Zealand and, historically, dubious offshore banking schemes and the sale of postage stamps to collectors.

The government has said in the past that .nu cash would enable it to boost its internet infrastructure, thereby boosting its attractiveness as a tourist destination.

IUSN and Niue signed a memorandum of understanding in 1999, but a year later the government passed a law decreeing “.nu is a National resource for which the prime
authority is the Government of Niue”.

It’s been trying to get control of .nu ever since, but IUSN has consistently refused to recognize this law, Niue has always claimed, and has always refused to cooperate in a redelegation.

The company made headlines back in 2003 for claiming that it was rolling out free nationwide Wi-Fi in Niue, but there are serious questions about whether that ever actually happened.

Now, Niue claims:

The Wi-Fi has been continuously unstable and exceedingly limited. As of today, the ccTLD.NU administration and local presence of the IUSN in Niue consists of a motel with a PO Box and the Wi-Fi is covering a [n]egligible are[a] surrounding the motel. There is no operational management of the ccTLD.NU by the IUSN present in Niue.

I believe the motel in question is Coral Gardens, north of capital Alofi, which is or was run by Guest.

While IUSN is still the official ccTLD manager for .nu, according to IANA records, the business operations and technical back-end were transferred to Swedish ccTLD manager IIS in 2013.

IIS agreed to pay IUSN a minimum of $14.7 million over 15 years for the license to .nu, but the domain remains delegated to IUSN.

Niue, represented by its Swedish special envoy Pär Brumark (who until recently was also vice-chair of ICANN’s Governmental Advisory Committee, representing Niue) sued IIS in late 2018 in an attempt to gain control of the ccTLD.

The government argues that under Swedish control, profits from .nu can only be earmarked for the development of the Swedish internet, at the expense of Niue.

Brumark tells us the case is currently being delayed due to the coronavirus pandemic.

The problem Niue has now is pretty much the same as it always has been — IANA rules state that the losing party in a redelegation has to consent to the change of control, and IUSN really has no incentive to do so.

Niue’s best chance appears to be either the Swedish lawsuit or the possibility that it can get the GAC on board to support its request.

In-progress redelegation requests are also exempt by convention from ICANN’s transparency rules, so we’re not going to hear anything other than what Niue releases or the GAC can publicly squeeze out of ICANN leadership.

You can read the redelegation request (pdf) here.

US sneaks public Whois demands into pandemic relief bill

Outgoing US president Donald Trump has signed into law a coronavirus relief bill and spending package that contains a surprise instruction for the government to pursue open access to Whois records.

The Consolidated Appropriations Act of 2021 is focused on federal spending for fiscal 2021, with billions set aside for pandemic-related economic stimulus. It’s the bill you may recall Trump refused to sign for several days on the purported basis that it only provided Americans with a piddling $600 check.

An accompanying document contains encouragement for the National Telecommunications and Information Administration to “to require registrars and registries based in the United States to collect and make public accurate domain name registration information”.

It also asks the NTIA to continue to work within ICANN’s Governmental Advisory Committee to help create “a global access model that provides law enforcement, intellectual property rights holders, and third parties with timely access to accurate domain name registration information”.

The text can be found in a joint explanatory statement (pdf) accompanying the act. It’s not on the statute books as such, but it does tell NTIA how to spend the money it’s been allocated.

The full text relevant to the domain name industry reads:

NTIA is directed, through its position within the Governmental Advisory Committee o work with I CANN to expedite the establishment of a global access model that provides law enforcement, intellectual property rights holders, and third parties with timely access to accurate domain name registration information for legitimate purposes. NTIA is encouraged, as appropriate, to require registrars and registries based in the United States to collect and make public accurate domain name registration information.

As ICANN notes in its analysis, the first sentence is not telling NTIA to do anything it hasn’t been doing since the European Union’s General Data Protection Regulation came into effect two and a half years ago.

The NTIA and GAC have been involved in efforts to create a privacy workaround for rights holders and law enforcement, which in September came up with the widely panned SSAD proposals. ICANN is currently pleading with the EU for clarity on whether it would even be legal.

The second sentence is perhaps a bit more worrying, dangling as it does the possibility of American registries and registrars having to either break EU law or implement a much more complex Whois infrastructure.

But, as ICANN notes, the words “encouraged, as appropriate” are doing a lot of heavy lifting in that sentence, saying “encouragement is aspirational; it is not a mandate”.

However, ICANN appears to be treating it as a warning shot, with head of compliance Jamie Hedlund writing:

It appears to hint that if NTIA and the ICANN community can’t develop a robust access model, Congress could entertain more forceful measures that would impose requirements on U.S.-based registries and registrars to collect and publish domain name registration information.

It seems the NTIA has the wink to cause mischief, should ICANN not deliver what intellectual property lobbyists want.

Mixed messages from ICANN on pandemic travel in 2021

ICANN still hasn’t formally cancelled its public meeting in Cancun, Mexico next March, but it appears to be planning for scheduled in-person gatherings to not resume until the fourth quarter of next year.

While nobody in their right mind seems to believe ICANN 70 will go ahead anywhere other than virtually — and ICANN’s top brass acknowledged in October that a face-to-face community forum appeared highly unlikely — the Org has still not announced that it will be the fourth consecutive meeting to be held via Zoom.

But two recently published documents show that ICANN doesn’t see travel getting back to normal any time soon, though its expected timing is ambiguous.

First, the proposed budget for fiscal 2022, which was published on Friday, envisages pandemic-related travel restrictions for only “the first nine months” of its current FY21, which ends June 30 next year.

That means that ICANN, at least in its travel budget, still thinks there’s a chance that international travel may be an option as early as April next year. Its travel budget for this year is $4.7 million, which certainly suggests one normal public meeting.

That would rule out Cancun, but leaves open the possibility that June 14-17 public meeting in The Hague could actually go ahead.

The budget also assumes a normal level of travel spending for the whole of FY22, which would mean ICANN 72 in Seattle — a mere domestic flight for most ICANN staff and a good portion of the domain industry — would also take place in-person next October.

But a resolution passed by the ICANN board of directors last Thursday appears to have a more pessimistic outlook.

The board at that meeting approved the continuation of contingency plans for signing the cryptographic keys at the root of the DNS that would eliminate the need for travel until the fourth quarter of calendar 2021.

Normal, quarterly root Key-Signing Key ceremonies require a small number of trusted “secret key holders” to be flown from around the world into facilities in the US, carrying physical keys, to ensure the integrity of the process.

But those rules were tweaked under coronavirus lockdown last April to allow IANA employees to sub in for these key-holders.

Understanding that the pandemic wasn’t going away any time soon, but perhaps with hindsight on the optimistic side, the KSK ceremony in April generated three quarters’ worth of keys in advance, enabling root DNSSEC until the end of March 2021.

Last Thursday, the ICANN board resolved to again bulk-generate keys during its next ceremony, to be held some time in the first quarter. The plan states:

The coronavirus pandemic is expected to continue to significantly impact operations well into 2021. To limit the impact on the ability to hold quarterly key ceremonies, the plan again provides for generating signatures for an extended nine-month period. This relieves the need to hold a subsequent key signing ceremony until the fourth quarter of 2021.

So, while the proposed budget thinks travel could return to normal by April, the KSK plans are thinking October could be the best-case scenario.

Vaccines appear to be the key, as you might expect:

Staff will continue to monitor the pandemic and prepare for all possible scenarios for this ceremony in accordance with the graduated approach. Should widespread vaccination programs prove to be successful, and international travel limitations be relaxed, it is conceivable a late-2021 ceremony could be conducted in its normal format with international in-person participation.

I’m going to go out on a limb and suggest that the chances of a normal in-person ICANN meeting going ahead before Seattle are pretty slim.

For vaccination programs to be successful, we’re going to need a combination of competent governments capable of handling an unprecedented logistical challenge and a largely sane, rationale populace willing to go under the needle en masse. I’m afraid I don’t have that much faith in humanity.

Even if everything goes smoothly, we’re still looking at the vaccine rollout taking a long time indeed. I live in the UK, the first country to roll out vaccinations at scale, and I don’t anticipate getting the jab for six months or more.

An unofficial calculator tool estimates that a middle-aged Brit with no diagnosed preexisting conditions cannot reasonably expect to get a vaccine until July 2021, assuming the UK manages to quickly ramp up to one million vaccinations per week and 70% of those eligible choose to take the shot.

If that’s true elsewhere in the world, and vaccination becomes a passport to travel, then any hypothetical June face-to-face ICANN meeting could resemble a senior care home or retirement village even more than usual.

Not so much Club Med as a Saga Holiday.

And none of this takes into account the potential impact of the super-spreadable new coronavirus strain discovered to be hugely prevalent in the UK last week.

While it’s early days, it seems there’s a significant possibility that what I’m calling the limeyvirus (because what goes better with Corona than lime?) is going to significantly impact travel worldwide in the coming months.

ICANN predicts rosy post-pandemic domain industry — time to start panicking?

Having totally misjudged the impact of the coronavirus pandemic on the domain name industry and its own budget, ICANN is now forecasting a rosy (post-pandemic?) fiscal 2022.

The Org has just published its proposed budget for the 12 months beginning July 1, 2021, predicting decent growth in transactions for new and legacy gTLDs, along with a modest increase in new registrars.

It’s also predicting that international travel will be back to normal, with three full in-person public meetings going ahead as usual.

ICANN is planning to receive $144.4 million in FY22, up slightly from the $140 million it expects to receive in the current financial year.

The FY22 number is boosted by a $4 million bung from Verisign, negotiated as part of the .com contract renewal, which lifted the price freeze.

It’s predicting a 3% increase in legacy gTLD registry transaction fees to $52.8 million and a 6% increase in legacy gTLD registry transaction fees to $5.1 million.

Registrar transaction fees for legacy gTLDs is expected to be up 4% to $33.4 million, with registrar fees for new gTLDs is predicted to rise 5% to $4.2 million.

Altogether, that’s $3 million extra in transaction fees — paid whenever a domain is registered, renewed or transferred — compared to its expected FY21 performance.

But that’s offset by a $600,000 predicted decline in fixed registry fees, due to an expected loss of 15 new gTLD registries (most likely dormant dot-brands) in the period. It expects to end the year with 1,141 fee-paying registries.

ICANN expects its pool of accredited registrars to bounce back a little, adding 28 in FY22 having lost an expected 121 in FY21. It expects to end FY22 with 2,356 registrars on its books.

The proposed budget also sheds light on how ICANN expects the remainder of coronavirus-afflicted FY21 playing out.

It currently expects its top line for the year to June 30, 2021 to be $140 million, compared to the $129.3 million it predicted in the FY21 budget approved in May this year.

But that budget had been slashed in April by 8% from its original draft, published a year ago. It had planned for $140.4 million, but reduced expectations by $11.1 million due to the coronavirus pandemic.

In April, before the extent of the lockdown bump experienced by many registries and registrars became clear, ICANN said:

ICANN org funding may be impacted because the economic crisis stemming from the pandemic has the potential to impact the funding from domain name registrations and contracted parties through the end of FY20 and into the first months of FY21.

Today, it’s saying the impact from coronavirus was “less than expected” and generally forecasting “stable” and more or less business as usual in FY22.

ICANN had budgeted for $85.5 million in transaction fees from all sources in the current year, but now it expects that to come in at $92.6 million, much closer to its December 2019 estimate of $94.7 million.

It had expected to see transaction fees from new gTLDs at both registry and registrar levels to be down by a third, at $8 million, but that number’s now expected to come in at $8.9 million. Likewise, the budget predicted a legacy gTLDs dip of 2.3% to $77.5 million, rather than the $86.2 million it now thinks is heading its way.

I should probably point out for future reference that the proposed budget for FY22 was published Friday, the day before the new strain of ultra-infectious coronavirus was discovered in the UK. Who knows what the impact of that might be.

The budget is open for public comment for two months here.

There’s one obvious pick for next year’s ICANN Community Excellence Award

ICANN has opened up nominations for its 2021 ICANN Community Excellence Award, and I don’t think it would be inappropriate of me to suggest that one likely nomination seems like a shoo-in: the late Marilyn Cade.

The award, now in its eighth year, is given to a community member who “deeply invested in consensus-based solutions and contributed substantively to the ICANN multistakeholder model”.

It’s judged by a cross-constituency panel of community leaders and awarded in June each year, using three criteria:

• Demonstrated ability to work across community lines with both familiar and unfamiliar ICANN stakeholders with the aim of building consensus.
• Facilitator of dialogue and open discussion in a fair and collegial manner, through the spirit of collaboration as shown through empathy, and demonstrating a sincere desire to engage with people from other backgrounds, cultures, and interests.
• Demonstrated additional support for the ICANN multistakeholder model and its overall effectiveness through volunteer service via working groups or committees.

I believe Cade, who died last month at 73, fits easily into each of these.

She participated in ICANN’s formation in the late 1990s and participated in almost every public meeting since. She was a long-time member, and three-year chair, of the Business Constituency, and participated in several key volunteer working groups.

There’s a rather fascinating and lengthy audio interview with Cade, conducted by Ayden Férdeline shortly before her death, in which she discusses her involvement with the creation of ICANN, over here.

At the time of her death, ICANN CEO Göran Marby said: “Marilyn had strong views and opinions on many matters but always supported the multistakeholder model. She wanted people to be involved in ICANN and to maximize the potential of the Internet.”

While her views and positions may not have been universally loved, the hundreds of public tributes paid since her death reveal a consensus view that, regardless of competing affiliations, Cade was strongly active in community-building and mentoring new community members, particularly from underrepresented demographics.

It would not be the first time ICANN has given this award posthumously. In 2018, it was awarded to former GNSO Council chair Stéphane Van Gelder after his untimely death earlier that year.

It is of course easier to evaluate an individual’s contribution when their entire body of work is known.

From its inaugural 2014 round, the prize was known as the ICANN Ethos Award. The name was changed earlier this year, most probably to avoid alluding to the private equity firm Ethos Capital, which at the time was involved in a high-profile dispute with the org.

The winner will be announced at the ICANN 71 meeting, wherever that may be, next June.

Whois privacy group finds its new chair

Verisign’s top policy veep is set to become the third chair of the ICANN working group looking at Whois policy in the post-GDPR world.

Keith Drazek has been recommended to head the long-running group, known as the EPDP, and the GNSO Council is due to vote on his appointment next week. He’s likely to be a shoo-in.

He’s VP of policy and government relations at the .com registry, and a long-standing member of the ICANN policy-making community.

I recently opined that ICANN was looking for a “masochistic mug” to chair the group. Drazek was until October the chair of the GNSO Council, and is therefore perfectly qualified for the role.

The third phase of the EPDP process, which in typical ICANNese is denominated “phase 2a”, is likely to be slightly less controversial than the first two.

The EPDP has already decided that ICANN should probably create a Standardized System for Access and Disclosure — SSAD — that may enable law enforcement and intellectual property owners to get their hands on unredacted Whois records.

But governments, IP interests and others have already dismissed the plan as useless, and there’s still a big question mark over whether SSAD is too complex and expensive to be worth implementing.

In the third phase, EPDP members will be discussing rules on distinguishing between legal and natural persons when record-holders decide what info to make public, and whether there should be a standardized system of unique, anonymized email forwarders to contact domain registrants.

They’re both less divisive topics than have been previously addressed, but not without the potential for fireworks.

The email issue, for example, could theoretically enable people to harvest a registrant’s entire portfolio of domains, something very useful for law enforcement and IP lawyers but abhorrent to privacy advocates.

The previous two phases were chaired by Kurt Pritz and Janis Karklins, with Rafik Dammak acting as vice-chair.

WIPO handles 50,000th UDRP case as coronavirus drives complaints

The World Intellectual Property Organization handled its 50,000th UDPR case on November 20, the organization has announced.

It’s taken WIPO, which designed the policy and was the first to administer it back in 1999, over two decades to reach this milestone.

WIPO said that the 50,000 cases cover almost 91,000 domains, with complaints and respondents from over 180 countries.

The organization believes the coronavirus pandemic this year has driven growth, with an 11% increase in cases recorded between January and October. There were 3,405 cases over this period.

Erik Wilbers, director of the WIPO Arbitration and Mediation Center, said in a press release:

With a greater number of people spending more time online during the pandemic, cybersquatters are finding an increasingly target-rich environment. Rights owners, meantime, are stepping up their brand enforcement on the Internet as they further shift to marketing and selling online.

Masochistic mug urgently wanted for thankless, pay-free ICANN leadership role

ICANN still hasn’t found itself a volunteer to head up the next round of no-doubt contentious discussions about Whois policy.

Today it put out its second call for a chair of the Expedited Policy Development Process working group, which is continuing to square the circle of keeping Whois data compliant with data protection law whilst also allowing cops and IP lawyers access to the data.

The EPDP was supposed to have concluded a few months ago with the end of the second phase of talks, but a couple of issues were left unresolved, leading to the creation of a third phase, being spun as “Phase 2a”.

The first issue still to be discussed is if and how registries and registrars should be obliged to make a distinction between the data of private individuals, which is protected by law, and legal entities, which isn’t.

The second is whether it would be possible to have a uniform system of anonymized email addresses across Whois records.

They’re not exactly the most controversial of topics under the Whois umbrella, but they’re not easy asks either.

And the role of chair is time-consuming, uncompensated, with few perks.

ICANN wants somebody who is neutral and, unstated but perhaps more importantly, perceived to be neutral. The chairs of the previous two phases have been policy heavy-hitters Kurt Pritz and Janis Karklins.

It also wants somebody with “considerable experience in chairing working groups”, which immediately drains the pool of potential applicants.

If previous phases of the EPDP are any guide, the successful applicant will have to herd the cats through dozens of hours of teleconferences — the more-complex phase two had 74 meetings, most of which were two hours long.

For their efforts, the chair gets no money, and because of coronavirus travel restrictions they won’t even get paid junkets to international face-to-face meetings.

And if the output of the next phase is anywhere as near as divisive as phase two, they probably won’t win much praise either.

That’s perhaps why ICANN has extended the deadline for expressions of interest from last Friday to November 23.

Applicants go here.

ICANN made over $500k in secret lawyer payments over [REDACTED] legal dispute

ICANN has approved a payout of over half a million dollars to outside lawyers for work on a legal dispute it does not want you to know about.

The board of directors a week ago approved the disbursement of a “[Redacted – Privileged & Confidential]” sum to undisclosed parties in relation to “extensive activity in [Redacted – Privileged & Confidential]”.

Under ICANN policy, the fact that board approval was required means that the amount being paid is at least $500,000. The redacted resolution also authorizes additional payments up to $499,999.

ICANN isn’t providing any hints about what the payments concern, other than that it’s a legal dispute of some kind. The resolution states:

When required, ICANN must engage outside legal counsel to help prepare for and defend against all types of disputes that are brought against ICANN. When those disputes become highly contentious they often require significant involvement during a certain time period by outside counsel and that significant amount of time also results in significant fees and related expenses.

The words “related expenses” may be telling. We may not just be talking about lawyers’ fees here.

ICANN also does not state when the expenses were incurred, other than to note that the org’s budget for fiscal 2020, which ended June 30, “contemplated” the need for such payments.

So we’re talking about a legal issue that ICANN was aware of before May 2019, when the FY20 budget was approved, possibly as far back as December 2018, when earlier versions of that budget were published.

Known legal disputes that were active back then and have seen activity in the last few months include the Afilias Independent Review Process complaint about the .web auction and DotConnectAfrica’s court appeal over its .africa loss.

But both of those cases are matters of public record. ICANN even regularly publishes legal documentation on both. They’re not secret.

The only cases I’m aware of that ICANN has actively tried to keep secret involve allegations of sexual discrimination and harassment made against at least one former senior staffer. One such lawsuit was filed late February 2019.

But the hundreds of thousands doled out by ICANN last week could be related to just about anything.

ICANN’s bylaws give the board a broad brush when it comes to redacting information from published resolutions:

any actions relating to personnel or employment matters, legal matters (to the extent the Board determines it is necessary or appropriate to protect the interests of ICANN), matters that ICANN is prohibited by law or contract from disclosing publicly, and other matters that the Board determines, by a three-quarters (3/4) vote of Directors present at the meeting and voting, are not appropriate for public distribution

Usually, when ICANN redacts information, it’s related to personnel matters such as management bonuses.

Whatever it was ICANN just spent your money on, ICANN ain’t saying.