Latest news of the domain name industry

Recent Posts

Lockdown bump was worth $600,000 to ICANN, but end of Club Med saves 10x as much

Kevin Murphy, October 19, 2020, Domain Policy

The coronavirus pandemic lockdowns and the resulting bump in domain name sales caused ICANN’s revenue to come out $600,000 ahead of expectations, up 4%, the org disclosed last week.

But ICANN saved almost 10 times as much by shifting two of its fiscal year 2020 public meetings to an online-only format, due to travel and gathering restrictions.

The organization’s FY20 revenue was $141 million, up by $5 million on FY19, against a rounded projection of $140 million. ICANN’s financial years end June 30.

ICANN said it is “uncertain if these market trends will continue”.

Back in April, the organization lowered its revenue forecast for FY21 by 8%, or $11 million.

Expenses were down $11.1 million at $126 million, 8% lower that expectations and $4 million lower than the 2019 number.

That was mostly due to a $6.2 million saving from having two public meetings online-only.

ICANN typically spends $2 million per meeting funding over 500 travelers, both ICANN staff and community members, but that was down to almost nothing for the first two meetings of this year.

Pre-pandemic, ICANN expected these meetings, slated for Cancun and Kuala Lumpur, to cost $4.2 million and $3.4 million respectively, but the switch to Zoom brought them in at $1.4 million and $0.4 million.

ICANN would have occurred some pre-meeting travel expenses for the Cancun gathering, which was cancelled at the last minute, as well as cancellation fees on flights and hotels.

The org has previously stated that the switch away from face-to-face meetings could save as much as $8 million this calendar year.

The rest of the savings ICANN chalked down to lower-than-expected personnel costs, with hiring slowing during the pandemic.

Incidentally, if you’re wondering about the headline above, it’s a reference to a notorious 2009 WSJ article, and outrage about ICANN’s then $12 million travel budget.

Eleven years later, the FY20 travel budget was $15.7 million.

Holy Scheisse! Did you know ICANN 69 starts TOMORROW?

Kevin Murphy, October 12, 2020, Domain Policy

ICANN is starting its ICANN 69 public annual general meeting four days earlier than originally planned, and it appears to have only publicly announced the date change 24 hours in advance.

How’s that for transparency?

Usually, ICANN AGMs kick off formally on the Monday morning and run through the Thursday afternoon, but meetings between community groups start taking place the previous Friday, leading to a seven-day continuous meeting.

For ICANN 69, originally planned for Hamburg but now of course an online-only experience, ICANN has removed the Friday and weekend sessions and split the week in two.

There’ll be three “Community Days” from October 13 (which is tomorrow when I’m posting this but possibly today by the time you read it), three days off, and then four days of “Plenary Sessions”, beginning with the opening ceremony on Monday morning.

The community days include stuff like policy working group meetings, but they also include the top-level interactions between each constituency group, including the Governmental Advisory Committee, and the ICANN board of directors.

These traditional airing of grievances, usually on “constituency day” Tuesday, are where the tensions and hot topics of interest for the whole community are raised, and always worth listening to.

The decision to shake up the schedule appears to have been made some time in September. Last time I checked ICANN’s meetings page, September 2, it still showed the old October 17 start date.

What I find utterly baffling is that ICANN does not seem have made a formal public announcement of the date change, despite having blogged or made announcements about various aspects of the meeting several times.

I genuinely only found out today, reading this blog post that ICANN put out today, just one day before the meeting starts.

It certainly seems that the information has filtered out to the parts of the community that actually need to participate in the various sessions.

But what about the rest of us? Unless you’ve registered and logged in to the ICANN 69 web site since the changes were made, I’m not sure how you were meant to know.

Did you know?

I had plans to get my toenails done tomorrow.

Peaceful transfer of power? GNSO’s next chair is a shoo-in

Kevin Murphy, October 5, 2020, Domain Policy

Unlike other upcoming democratic processes we could mention, it looks like the transition to a new chair of ICANN’s GNSO Council will be peaceful, non-controversial, and probably won’t result in widespread looting and arson.

Philippe Fouquart is the sole candidate, and he’ll be voted in with an open ballot at the ICANN AGM later this month.

As a senior techie for telecoms company Orange, he’s sat on the Council as a representative of the Internet Service Providers Constituency for the last three years. He hails from France.

Fouquart was nominated by the Non-Contracted Parties House. The Contracted Parties House, representing registries and registrars, did not field a candidate.

Unlike normal procedure, which calls for a secret paper ballot, the Council will vote via a simple, public roll-call at the AGM.

He’ll replace Verisign VP Keith Drazek, who’s chaired the Council for the last two years.

In terms of vice-chairs, the CPH has reappointed Pam Little of Chinese registrar Alibaba for another year and the NCPH has selected cybersecurity policy expert Tatiana Tropina to replace Rafik Dammak.

Two American women appointed to ICANN board

Kevin Murphy, October 5, 2020, Domain Policy

In a move that will surprise nobody, ICANN’s Nominating Committee has maintained the status quo on the ICANN board of directors by reappointing two of its previous selections.

NomCom’s two picks are Sarah Deutsch and Avri Doria, both of whom were selected in 2017 and have their first three-year term expiring later this month.

Deutsch is an intellectual property lawyer in private practice. She spent most of her career lawyering for Verizon. She’s also a director of the Electronic Frontier Foundation.

Doria is a consultant who has spent most of her time at ICANN on the non-commercial side of the house.

Both appointees are classified as North American under ICANN’s geographical diversity quotas.

As I’ve previously reported, the reappointments were very likely. Not only are both directors hugely experienced community members, but ICANN had given NomCom strong hints that it wants to increase gender diversity on the board.

That won’t actually happen this year. The other directors whose terms are up this month are all male, and they’ve all either been reappointed or replaced with other men by their respective constituency groups.

Currently, just five of the 16 voting directors are female. Including the four non-voting members, that number rises to seven. With the new NomCom appointees, those numbers will remain the same for at least a year.

UPDATE October 5, 2020: Deutsch tells me she has not been with the Winterfeldt IP Group for two years. Her official bio on ICANN’s web site says she is with that company, but apparently those bios are no longer reliable. She’s now working for herself. My apologies for the error.

Europe’s top dogs could decide the future of Whois

Kevin Murphy, October 5, 2020, Domain Policy

ICANN is pleading with the European Commission for legal clarity to help solve the two-year-old fight over the future of Whois in the age of GDPR.

CEO Göran Marby has written to three commissioners to ask for a definitive opinion on whether a centralized, mostly automated Whois system would free up registries and registrars from legal liability if their customers’ data is inappropriately disclosed.

It’s a question ICANN has been asking for years, but this time it comes after the ICANN community has come up with a set of policy recommendations that would create something called SSAD, for System for Standardized Access/Disclosure.

SSAD is supported by registries, registrars and non-commercial interests, but has been broadly criticized by governments, intellectual property interests, security experts and others as being not fit for purpose.

While it would create a centralized gateway for funneling Whois queries to contracted parties, and an accreditation system for those making the queries, the decision to accept or refuse the query would still lie with registries and registrars and be largely human-powered.

It’s been described as a glorified, $9 million-a-year ticketing system that will fail to provide better access to Whois to those who say they need it (largely the IP interests).

But registries and registrars say they cannot accept a solution that offloads decision-making to a centralized third party such as ICANN, unless that third party shoulders all the legal liability for mistakes, and whether that’s possible is far from clear this early in the life of GDPR.

As Marby told the commissioners:

Legal clarity could mean the difference between ICANN having a fragmented system that routes most requests for access to non-public registration data from requestors to thousands of individual registries and registrars for a decision, on the one hand, versus ultimately being able to implement a centralized, predictable solution in which decisions about whether or not to disclose non-public registration data in most or all cases could be made consistently, predictably, in a manner that is transparent and accountable to requestors and data subjects alike.

In GDPR lingo, the question is who becomes the “controller” of the data in a centralized system. The controller is the one that could get slapped with huge fines in the event of a privacy breach.

There’s a concept of “successive controllers”, where data is passed through a chain of handlers. ICANN wants clarity on whether, should a registrar send data to an ICANN central gateway, its liability ends there, before the final disclosure decision is made.

It’s asking the European Commission to exercise its authority under the GDPR to force the European Data Protection Board to issue a blanket opinion clarifying these issues, with the expectation that SSAD as currently envisaged could evolve over time to be something more like what the IP folk want.

For ICANN, such a ruling could help quell criticism from its influential advisory bodies, notably the Governmental Advisory Committee, which have come out strongly against the SSAD proposals.

If ICANN chooses to wait for the European Commission and EDPB responses to its new request, it’s highly unlikely we’re going to see the ICANN board fully approve SSAD at its annual general meeting later this month.

ICANN playing ping-pong on closed generics controversy

Kevin Murphy, October 1, 2020, Domain Policy

ICANN’s board of directors has refused to comment on the issue of “closed generic” gTLDs, bouncing the thorny issue back to the community.

In its response to the SubPro working group’s draft final report this week, the board declined to be drawn on whether it thinks closed generics should be allowed in future application rounds, and urged the GNSO to figure it out, writing:

the Board is not in a position to request policy outcomes… we will base our decision on whether we reasonably believe that the policy proposal is or is not in the best interests of the ICANN community or ICANN

A closed generic is a gTLD representing a non-trademark dictionary word, where the registry is the only eligible registrant. Dozens of companies tried to snap up such TLDs in 2012

ICANN changed the rules to disallow them, based largely on government advice, before punting the issue to the community, in the form of the GNSO, back in 2015.

But despite five years of thinking, the GNSO’s SubPro working group was unable to reach a consensus on whether closed generics should be allowed or not, or whether they should be allowed, but only when there’s a “public interest” purpose.

As I noted last month, it presented three possible ways closed generics could be permitted, none of which have consensus support.

So it asked the board for guidance, and the board’s response is basically “not our problem, figure it out yourselves”.

It would be churlish to criticize the board for refusing to make policy from the top-down, of course.

Much better to wait for the next time it does make policy from the top-down, and criticize it then.

Has ICANN cut off its regulatory hands?

Kevin Murphy, October 1, 2020, Domain Policy

ICANN may have voluntarily cut off its power to enforce bans on things like cyberbullying, pornography and copyright infringement in future new gTLDs.

Its board of directors yesterday informed the chairs of SubPro, the community group working on new gTLD policy for the next round, that its ability to enforce so-called Public Interest Commitments may be curtailed in future.

A PIC is a contractual promise to act in the public interest, enforceable by ICANN through a PIC Dispute Resolution Process. All 2012 new gTLDs have them, but some have additional PICs due to the gTLD’s sensitive nature.

They were created because ICANN’s Governmental Advisory Committee didn’t like the look of some applications for gTLD strings it considered potentially problematic.

.sucks is a good example — registry Vox Populi has specific commitments to ban cyberbullying, porn, and parking in its registry agreement.

Should ICANN receive complaints about bullying in .sucks, it would be able to invoke the PICDRP and, at least in theory, terminate Vox Pop’s registry contract.

But these are all restrictions on content, and ICANN is singularly focused on not being a content regulator.

It’s so focused on staying away from content that four years ago, during the IANA transition, it amended its bylaws to specifically handcuff itself. The bylaws now state, front and center:

ICANN shall not regulate (i.e., impose rules and restrictions on) services that use the Internet’s unique identifiers or the content that such services carry or provide… For the avoidance of doubt, ICANN does not hold any governmentally authorized regulatory authority.

There’s a specific carve-out grandfathering contracts inked before October 1, 2016, so PICs agreed to by 2012-round applicants are still enforceable.

But it’s doubtful that any PICs not related to the security and stability of the DNS will be enforceable in future, the board told SubPro.

The issue is being raised now because SubPro is proposing a continuation of the PICs program, baking it into policy in what it calls Registry Voluntary Commitments.

Its draft final report acknowledges that ICANN’s not in the content regulation business, but most of the group were in favor of maintaining the status quo.

But the board evidently is more concerned. It told SubPro’s chairs:

The language of the Bylaws, however, could preclude ICANN from entering into future registry agreements (that materially differ in form from the 2012 round version currently in force) that include PICs that reach outside of ICANN’s technical mission as stated in the Bylaws. The language of the Bylaws specifically limits ICANN’s negotiating and contracting power to PICs that are “in service of its Mission.” The Board is concerned, therefore, that the current Bylaws language would create issues for ICANN to enter and enforce any content-related issue regarding PICs or Registry Voluntary Commitments (RVCs)

There’s a possibility that it could now be more difficult for future applicants to get their applications past GAC concerns or other complaints, particularly if their chosen string addresses a “highly sensitive or regulated industry”.

There was a “chuck it in the PICs” attitude to many controversies in the 2012 round, but with that option perhaps not available in future, it may lead to an increase in withdrawn applications.

Could .sucks get approved in future, without a cast-iron, enforceable commitment to ban bullying?

This ICANN comment period is a Kafkaesque nightmare

Kevin Murphy, September 29, 2020, Domain Policy

With the deadline for commenting on draft new gTLD program rules rapidly approaching, you may be tempted to visit the ICANN web site to peruse the comments that have already been submitted by others. Good bloody luck.

The way ICANN has chosen to present the comments is so bafflingly opaque, confusing and confounding that I can’t help but conclude it must have been deliberately designed to be as soul-crushing as possible.

Regular comment periods are pretty straightforward: you email your comments as prose to ICANN, ICANN publishes the email and any attachments for others to read. Everyone knows where everyone stands. Job done.

But recently there’s been a worrying trend towards a questionnaire and spreadsheet model based around Google Docs, and that’s the model being used for comments on the final draft report of the new gTLD program working group, known as SubPro.

You can check out the spreadsheet here.

The first thing you’ll notice is that the spreadsheet is 215 columns wide, with each respondent given one row for their responses.

You’ll also notice that the spreadsheet doesn’t seem to understand line breaks. Where the respondent has provided some textual commentary, it’s spread across multiple columns in some cases and not in others.

And then there’s the column headings.

While stumbling randomly through the spreadsheet, I discovered an interesting nugget of information — it seems the new gTLD registry MMX wants the next application round delayed until all of the 2012 round have been launched, which I found a bit surprising.

This nugget can be found under the column heading “Enter your response here”, a heading that is helpfully shared by 90 (ninety) other columns on the same damn page.

The heading “Do you want to save your progress and quit for now? You will be able to return to the form to complete it at a later time” appears 10 times in the document.

No information in adjacent columns sheds any light on what triggered MMX to make its comment.

In order to figure out the question for pretty much any response, the only option appears to be to cross-reference the spreadsheet with the original form questionnaire, which can be found as a PDF here.

But the questionnaire has 234 questions and there’s no straightforward correlation between the question number and the columns on the spreadsheet, which are addressed as AA through IG.

So when you see that European industry group CENTR went to the trouble to “Support Output(s) as written” in column DI, under the heading “If you choose one of the following responses, there is no need to submit comments”, it’s virtually impossible to figure out what it actually supports.

If you are able to figure out which question it was answering, that probably won’t help you much either.

The form merely contains brief summaries of changes the working group has made. To see the “Output(s) as written” you’d have to cross-reference with the 363-page draft final report (pdf).

A lot of you are probably thinking that I should just export the spreadsheet into Excel or OpenOffice and clean it up a bit. But, no, you can’t. ICANN has disabled exporting, downloading, and even copy-pasting.

It’s enough to make one feel like going out and licking the floor on public transport.

Way to go on the transparency, ICANN!

I have to believe that the ICANN staffer responsible for compiling all these comments into the official ICANN summary has some tools at his or her disposal to render this mess decipherable, because otherwise they’ve got a huge, hair-ripping job on their hands.

Of course, since there doesn’t appear to be a way for the rest of us to verify the summary report’s accuracy, they can probably just write whatever they want.

ICANN 69 returning to YouTube

Kevin Murphy, September 25, 2020, Domain Policy

ICANN is to make its annual general meeting next month available streaming on YouTube, the org has announced.

That’s in addition to the Zoom rooms that have been used exclusively for meetings since the coronavirus pandemic hit at the start of the year.

The YouTube streams will be listen/view only and will have up to 30 seconds delay compared to the live Zoom rooms, which will of course continue to have interactivity.

The move will be a welcome return for those of us who need to listen in to sessions and not necessarily engage.

Unfortunately, only five “high-interest” sessions will be available, and there won’t be any live interpretation for the non-English speakers.

For the Zoom rooms, they’ll be mandatory registration before you can even view the meeting schedule. The links will be hidden behind a login screen.

This is largely due to repeated incidents of “Zoom-bombing”, where trolls interrupt proceedings with inflammatory off-topic material.

Whois plan approved, but it may be a waste of money

Kevin Murphy, September 24, 2020, Domain Policy

ICANN’s GNSO Council has approved a plan to overhaul Whois and sent it to the ICANN board for the royal assent, alongside a warning that it may be a huge waste of money.

All seven members of the Contracted Parties House voted in favor of the plan, created by the so-called EPDP working group, which would create a centralized System for Standardized Access/Disclosure for Whois records.

In the Non-Contracted Parties House, only the two members of the Intellectual Property Constituency and the two members of the Business Constituency voted against the headline resolution, with the remaining nine voting in favor.

This was sufficient to count as a supermajority, which was the threshold required.

But the board will be receiving the SSAD recommendations alongside a request for a consultation on “whether a further cost-benefit analysis should be conducted”:

Noting some of the questions surrounding the financial sustainability of SSAD and some of the concerns expressed within the different minority statements, the GNSO Council requests a consultation with the ICANN Board as part of the delivery of the GNSO Council Recommendations Report to the ICANN Board to discuss these issues, including whether a further cost-benefit analysis should be conducted before the ICANN Board considers all SSAD-related recommendations for adoption.

The cost of SSAD is currently estimated by ICANN loosely at $9 million to build and $8.9 million a year to run. Under the approved recommendations, it would be paid for by accreditation fees paid by end-user data requestors.

And the benefits?

Well, to listen to the IPC, BC, governments and security experts — collectively the expected customers of SSAD — the system will be a bit rubbish and maybe not even worth using.

They complain that SSAD still leaves ultimate responsibility for deciding whether to grant access to Whois records to trained humans at individual registries and registrars. They’d prefer a centralized structure, with much more automation, more closely resembling the pre-GDPR universe.

Contracted parties counter that if GDPR is going to hold them legally responsible for disclosures, they can’t risk offloading decision-making to a third party.

But this could prove a deterrent to adoption, and if fewer companies want to use SSAD that could mean less revenue to fund it which in turn could lead to even higher prices or the need for subsidies out of ICANN’s budget.

The IPC called the recommendations “an outcome that will not meet the needs of, and therefore will not be used by, stakeholders”.

It’s a tricky balancing act for ICANN, and it could further extend the runway to implementation.

The most likely first chance the ICANN board will get to vote on the recommendations would be the AGM, October 22, but if the GNSO consultation concludes another cost/benefit analysis is due, that would likely push the vote out into 2021.

There’s the additional wrinkle that three of ICANN’s four advisory committees, including the governments, have expressed their displeasure with the EPDP outcome, which is likely to add complexity and delay to the roadmap.

And the GNSO’s work on Whois is not even over yet.

Also during today’s meeting, the Council started early talks on whether to reopen the EPDP to address the issues of data accuracy, whether registrars should be obliged to distinguish between legal and natural persons, and whether it’s feasible to have a uniform system of anonymized email addresses in Whois records.