Latest news of the domain name industry

Recent Posts

Karklins beats LaHatte to chair ICANN’s Whois privacy team

Kevin Murphy, April 25, 2019, Domain Policy

Latvian diplomat and former senior WIPO member Janis Karklins has been appointed chair of the ICANN working group that will decide whether to start making private Whois records available to trademark owners.

Karklins’ appointment was approved by the GNSO Council last week. He beat a single rival applicant, New Zealand’s Chris LaHatte, the former ICANN Ombudsman.

He replaces Kurt Pritz, the former ICANN Org number two, who quit the chair after it finished its “phase one” work earlier this year.

Karklins has a varied resume, including a four-year stint as chair of ICANN’s Governmental Advisory Committee.

He’s currently Latvia’s ambassador to the United Nations in Geneva, as well as president of the Arms Trade Treaty.

Apparently fighting for Latvia’s interests at the UN and overseeing the international conventional weapons trade still gives him enough free time to now also chair the notoriously intense and tiring Expedited Policy Development Process on Whois, which has suffered significant burnout-related volunteer churn.

But it was Karklins’ one-year term as chair of the general assembly of WIPO, the World Intellectual Property Organization, that gave some GNSO Council members pause.

The EPDP is basically a big bloodless ruck between intellectual property lawyers and privacy advocates, so having a former WIPO bigwig in the neutral hot seat could be seen as a conflict.

This issue was raised by the pro-privacy Non-Commercial Stakeholders Group during GNSO Council discussions last week, who asked whether LaHatte could not also be brought on as a co-chair.

But it was pointed out that it would be difficult to find a qualified chair without some connection to some interested party, and that Karklins is replacing Pritz, who at the time worked for a new gTLD registry and could have had similar perception-of-conflict issues.

In the end, the vote to confirm Karklins was unanimous, NCSG and all.

The EPDP, having decided how to bring ICANN’s Whois policy into compliance with the General Data Protection Regulation, is now turning its attention to the far trickier issue of a “unified access model” for private Whois data.

It will basically decide who should be able to request access to this data and how such a system should be administered.

It will not be smooth sailing. If Karklins thinks international arms dealers are tricky customers, he ain’t seen nothing yet.

ICANN to approve new UDRP provider

Kevin Murphy, April 25, 2019, Domain Policy

ICANN is set to approve a new UDRP provider at a board of directors meeting next week.

May 3, the board will approve the Canadian International Internet Dispute Resolution Centre as its sixth approved provider and the second based in North America.

The resolution to approve its now year-old application is on the consent agenda for next week’s meeting, meaning the decision to approve has basically already been made.

CIIDRC is a division of the British Columbia International Commercial Arbitration Centre, a non-profit set up by the BC government in the 1980s.

It’s been exclusively handling cybersquatting disputes over .ca domain names since 2002, under a deal with local registry CIRA.

The organization reckons it will be ready to start accepting complaints within a few months of approval, and could handle up to 200 cases per month.

It had a roster of 26 panelists in rotation at the time it applied to ICANN for UDRP approval, many of whom also provide their expertise to other UDRP providers such as WIPO and NAF.

Amazon tells power-hungry governments to get stuffed

Kevin Murphy, April 23, 2019, Domain Policy

Amazon has rejected attempts by South American governments to make the would-be gTLD .amazon “jointly owned”.

In a letter to ICANN last week, Amazon VP of public policy Brian Huseman finally publicly revealed the price Amazon is willing to pay for its dot-brand, but said members of the Amazon Cooperation Treaty Organization are asking for way too much power.

It turns out three of ACTO’s eight national government members have proposed solutions to the current impasse, but Amazon has had to reject them all for commercial and security reasons. Huseman wrote (pdf):

Some member states require that we jointly own and manage the .AMAZON TLDs. Some require that we give the member states advance notice and veto authority over all domain names that we want to register and use—for both trademarked terms as well as generic words. Some suggest a Governance Committee can work only if it has governance that outweighs Amazon’s voice (i.e. the Governance Committee has a representative from one of each of the eight member states, while Amazon has one); and some want to use .AMAZON for their own commercial purposes.

From Huseman’s description, it sounds like the ACTO nations basically want majority control (at least in terms of policy) of .amazon and the Chinese and Japanese translations, applications for which have been essentially frozen by ICANN for years.

Huseman told ICANN that Amazon cannot comply.

If the company were to give eight South American governments advanced notice and veto power over .amazon domains it planned to register, it would make it virtually impossible to contain its business secrets prior to the launch of new services, he said.

The governments also want the right to block certain unspecified generic strings, unrelated to the Amazon region, he wrote. Amazon can’t allow that, because its range of businesses is broad and it may want to use those domains for its own commercial purposes.

Amazon has offered to block up to 1,500 strings per TLD that “represent the culture and heritage of the Amazonia region”.

Nine .amazon domains would be set aside for actual usage, one for ACTO and one each for its members, “that have primary and well-recognized significance to the culture and heritage of the region”, but they’d have to use those domains non-commercially.

The proposal seems to envisage that the countries would select their two-letter country code as their freebie domain. Brazil could get br.amazon, for example.

They could also select the names of Amazonian indigenous peoples’ groups or “the specific terms OTCA, culture, heritage, forest, river, and rainforest, in English, Dutch, Portuguese, and Spanish.”

They would not to be allowed to use third-level domains, other than “www”.

The governments would have up to two years to populate the list of 1,500 banned terms. The strings would have to have the same “culture and heritage” nexus, and Amazon would get veto power over whether the proposed strings actually meet that test.

As the whole policy would be enshrined as a Public Interest Commitment in the .amazon registry contract with ICANN, ACTO members would be able to protest such rejections using the PIC Dispute Resolution Policy.

Amazon would also get veto power over the content of the web sites at the domains used by the governments. They’d have to be basically static sites, and all user-generated content would be strictly verboten.

It’s a power struggle, with little evident common ground once you get down into the details, and it’s likely going to be up to ICANN to decide whether Amazon’s proposal is sufficient to overrule the ACTO and Governmental Advisory Committee concerns.

ICANN had set a deadline of April 21 to receive the proposal. The timetable it has previously set out would see its board of directors make a decision (or punt it back to Amazon) at the Marrakech public meeting in late June.

However, board chair Cherine Chalaby has told ACTO that if it wants to negotiate a joint proposal with Amazon, it can still do so. ICANN would need to receive this revised proposal by June 7, he said.

Oh, the irony! Banned anti-Islam activist shows up on “Turkish” new gTLD domain

Kevin Murphy, April 23, 2019, Domain Policy

Tommy Robinson, who has been banned from most major social media platforms due to his anti-Islam “hate speech”, is now conducting business via a domain name that some believe rightfully belongs to the Muslim-majority nation of Turkey.

The registration could add fuel to the fight between ICANN and its governmental advisers over whether certain domains should be blocked or restricted.

Robinson, the nom de guerre of the man born Stephen Yaxley-Lennon, is the founder and former leader of the far-right English Defence League and known primarily for stirring up anti-Muslim sentiment in the UK for the last decade.

He’s currently, controversially, an adviser to the UK Independence Party. Former UKIP leader Nigel Farage, also a thoroughly unpleasant bloke, considers Robinson so far to the right he quit the party in response to the appointment.

Over the last year, Robinson has been banned from Twitter, Facebook and Instagram, and had his YouTube account placed under serious restrictions. This month, he was also banned from SnapChat, and the EDL he used to lead was among a handful of far-right groups banned from Facebook.

Since his personal Facebook page went dark in February, he’s been promoting his new web site as the primary destination for his supporters.

It features news about his activities — mainly his ongoing fights against social media platforms and an overturned contempt of court conviction in the UK — as well as summaries of basically any sufficiently divisive anti-Islam, anti-immigration, or pro-Brexit stories his writers come across.

The domain he’s using is tr.news, a new gTLD domain in a Donuts-owned registry. It was registered in December via GoDaddy.

Given it’s a two-character domain, it will have been registry-reserved and would have commanded a premium price. Other two-character .news domains are currently available on GoDaddy for between $200 and $10,000 for the first year.

It will come as no surprise at all for you to learn that the domain was transferred out of GoDaddy, which occasionally kicks out customers with distasteful views, to Epik, now de facto home of those with far-right views, a couple of weeks after the web site launched.

The irony of the choice of domain is that many governments would claim that tr.news — indeed any two-character domain, in any gTLD, which matches any country-code — rightfully belongs to Turkey, a nation of about 80 million nominal Muslims.

TR is the ISO 3166-1 two-character code for Turkey, and until a couple of years ago new gTLD registries were banned from selling any of these ccTLD-match two-letter domains, due to complaints from ICANN’s Governmental Advisory Committee.

Many governments, including the UK and US, couldn’t care less who registers their matching domain. Others, such as France, Italy and Israel, want bans on specific domains such as it.pizza and il.army. Other countries have asked for blanket bans on their ccTLD-match being used at all, in any gTLD.

When new gTLDs initially launched in 2012, all ccTLD matches were banned by ICANN contract. In 2014, ICANN introduced a cumbersome government-approval system under which governments had to be consulted before their matches were released for registration.

Since December 2016, the policy (pdf) has been that registries can release any two-letter domains, subject to a provision that they not be used by registrants to falsely imply an affiliation with the country or registry with the matching ccTLD.

Robinson is certainly not making such an implication. I imagine he’d be as surprised as his readers to learn that his new domain has a Turkish connection. It’s likely the only people who noticed are ICANN nerds and the Turkish themselves.

Would the Turkish people look at tr.news and assume, from the domain alone, that it had some connection to Turkey? I think many would, though I have no idea whether they would assume it was endorsed by the government or the ccTLD registry.

Would Turkey — a government whose censorship regime makes Robinson’s social media plight look like unbounded liberalism — be happy to learn the domain matching its country code is being used primarily to deliver divisive content about the coreligionists of the vast majority of its citizens? Probably not.

But under current ICANN policy it does not appear there’s much that can be done about it. If Robinson is not attempting to pass himself of as an affiliate of the Turkish government or ccTLD registry, there’s no avenue for complaint.

However, after taking the cuffs off registries with its December 2016 pronouncement, allowing them to sell two-letter domains with barely any restrictions, ICANN has faced continued complaints from the GAC — complaints that have yet to be resolved.

The GAC has been telling ICANN for the last two years that some of its members believe the decision to release two-character names went against previous GAC advice, and ICANN has been patiently explaining the process it went through to arrive at the current policy, which included taking GAC advice and government comments into account.

In what appears to be a kind of peace offering, ICANN recently told the GAC (pdf) that it is developing an online tool that “will provide awareness of the registration of two-character domains and allow for governments to report concerns”.

The GAC, in its most-recent communique, told ICANN its members would test the tool and report back at the public meeting in Montreal this November.

The tool was not available in December, when tr.news was registered, so it’s not clear whether Turkey will have received a formal notification that its ccTLD-match domain is now registered, live, and being used to whip up mistrust of Muslims.

Update April 30: ICANN informs me that the tool has been available since February, but that it does not push notifications to governments. Rather, governments can search to see if their two-letter codes have been registered in which gTLDs.

auDA rejects domaining ban but approves second-level domains

Kevin Murphy, April 16, 2019, Domain Policy

Australian ccTLD registry auDA has rejected a proposal that would have essentially banned domainers from the .au space.

In response to recommendations of its Policy Review Panel, auDA management said that the PRP “has not provided any evidentiary material” that so-called “warehousing” is harmful.

It further concluded that the policies proposed for monitoring and rooting out suspected domainers would disproportionately increase compliance costs for both registrants and auDA itself.

In management’s response (pdf) to the PRP, auDA wrote that the ban would make investors second-class citizens when compared to powerful trademark owners:

The warehousing prohibition appears to disproportionately target domain investors as the licence portfolios or holdings of trademark and brand owners will be excluded under the PRP proposal. This proposal elevates the rights of trademark and other intellectual property owners over other licence holders in the .au domain, which may give rise to issues of market power and anti-competitive practices. Management believes that further information is required to assess whether the net benefit to the community of prohibiting warehousing in respect of a class of registrants outweighs the competition issues. For these reasons Management believes that there should be no change to the existing policy position.

It added:

Management does not support the PRP recommendation for a resale and warehousing prohibition for the reasons set out earlier. The proposed test for determining whether a registrant has contravened the resale and warehousing prohibition will increase compliance costs for registrants and administration, monitoring and enforcement costs for auDA. These costs may be disproportionate to the risk or severity of the harm to the community from warehousing and the cost of a licence in the .au domain.

Not only did it decide not to crack down on domainers, but auDA also plans to make their lives a little easier by updating current eligibility policy to explicitly state that parking, or “monetization”, is permitted.

To ensure there is no ambiguity or reliance on interpreting ‘content’, auDA management has recommended an additional allocation criteria can be applied to com.au and net.au which would include that a domain name could be used for the purpose of pay-per-click or affiliate web advertising/ lead generation, or electronic information services including email, file transfer protocol, cloud storage or managing Internet of Things (IoT) devices.

It’s a comprehensive win for domainers, such as those represented by the Internet Commerce Association, which had been outraged by the PRP’s findings.

It’s less good news when it comes to the perhaps more controversial plans to allow direct, second-level registrations under .au.

auDA has decided to go ahead with these longstanding plans, which domainers worry will promote confusion and dilute the value of their third-level .com.au portfolios.

The new draft plans (pdf) for the launch of 2LDs would see existing 3LD registrants given “priority status” to register the exact-match 2LD.

There would be a six-month application window for registrants to lodge their claims, beginning October 1 this year.

If the .com.au version and .org.au version, for example, were owned by different parties, the registrant with the earliest registration date would have priority.

After the application window closed, any unclaimed domains would be made available on a first-come, first-served basis.

These rules, and all the results of auDA’s response to the PRP, are open for public comment until May 10.

ICANN takes the reins again as .amazon talks fail

Kevin Murphy, April 10, 2019, Domain Policy

ICANN has re-involved itself in the fight over the .amazon gTLD, after Amazon and eight South American governments failed to reach agreement over the name.

ICANN chair Cherine Chalaby wrote this week to the Amazon Cooperation Treaty Organization to inform the group that it is now ICANN that will decide whether the proposed dot-brand domain is approved or not.

ICANN’s board had given Amazon and ACTO until April 7 to come to a mutual agreement that addressed ACTO’s sovereignty concerns, but they missed that deadline.

According to the BBC World Service, citing unnamed diplomats, ACTO wanted Amazon to create a kind of policy committee, with seats at the table for governments to veto second-level domains Amazon decides it wants to register in .amazon in future.

Amazon declined this demand, instead offering each of the eight ACTO countries its two-letter country-code under .amazon — br.amazon for Brazil, for example — the Beeb reported at the weekend.

Now that ICANN’s deadline has passed, ACTO appears to have lost its chance to negotiate with Amazon.

ICANN has now asked the company to submit a plan to address ACTO’s concerns directly to ICANN by April 21.

From that point, it could go either way. ICANN might approve the .amazon application, reject it, or push it back to Amazon for further work.

But .amazon may not necessarily be on the home straight yet. A straightforward approval or rejection will very likely provoke howls of anguish, and further appeals action, from the losing side.

ICA opposes Aussie domaining ban

Kevin Murphy, April 10, 2019, Domain Policy

The Internet Commerce Association has weighed in to the debate about whether domain investing should be effectively banned in Australia’s .au ccTLD.

Naturally enough, the domainer trade group opposes the ban, saying that investment is a natural part of any market, and very probably supplying the registry with millions of dollars of revenue.

The comments came in a letter to auDA (pdf) from ICA general counsel Zak Muscovitch in response to auDA’s latest policy review proposals, which I reported on two weeks ago, that propose to further crack down on “warehousing”.

auDA wants to ban the practice of registering domains “primarily” for resale or warehousing, clarifying the current rule that prohibits registering “solely” for resale (which is easily evaded by, for example, parking).

A set of indicators would be used to zero in on offenders, such as observing the registrant’s history of selling or offering to sell domains, the existence of an auction listing for the domain, or the fact that the registrant owns more than 100 .au names.

But ICA reckons the effort is misguided and could even be damaging to auDA’s finances, pointing out that it and its registrars likely receive millions of dollars from the registration and renewal of speculative domain names.

Muscovitch’s letter goes on to question whether the policy review panel that came up with the proposals did any research into the potential economic impact of banning domain investment, pointing out that in some cases to seize domainers’ portfolios could wipe out a family’s life savings.

ICA also questions whether the panel has sufficiently thought through how enforceable its proposed rules would be, given the additional complexity introduced into the system.

The policy review paper is still open for comments, but if you want to chip in you’d better be quick. The comment period ends at 1700 AEST Friday, which is 0700 UTC.

“Just give up!” ICANN tells its most stubborn new gTLD applicant

Kevin Murphy, April 8, 2019, Domain Policy

ICANN has urged the company that wants to run .internet as new gTLD to just give up and go away.

The India-based company, Nameshop, actually applied for .idn — to stand for “internationalized domain name” — back in the 2012 application round.

It failed the Geographic Names Review portion of the application process because IDN is the International Standards Organization’s 3166-1 three-letter code for Indonesia, and those were all banned.

While one might question the logic of applying for a Latin-script string to represent IDNs, overlooking the ISO banned list was not an incredibly stupid move.

Even a company with Google’s brainpower resources overlooked this paragraph of the Applicant Guidebook and applied for three 3166-1 restricted strings: .and, .are and .est.

But rather than withdraw its .idn bid, like Google did with its failed applications, Nameshop decided to ask ICANN to change its applied-for string to .internet.

There was a small amount of precedent for this. ICANN had permitted a few applicants to correct typos in their applied-for strings, enabling DotConnectAfrica for example to correct its nutty application for “.dotafrica” to its intended “.africa”.

But swapping out .idn for .internet was obviously not a simple correction but rather looked a complete upgrade of its addressable market. Nobody else had applied for .internet, and Nameshop was well aware of this, so Nameshop’s bid would have been a shoo-in.

To allow the change would have opened the floodgates for every applicant that found itself in a tricky contention set to completely change their desired strings to something cheaper or more achievable.

But Nameshop principal Sivasubramanian Muthusamy did not take no for an answer. He’s been nagging ICANN to change its mind ever since.

There’s a lengthy, rather slick timeline of his lobbying efforts published on the Nameshop web site.

He filed a Request for Reconsideration back in 2013, which was swiftly rejected by the ICANN board of directors.

In July 2017, he wrote to ICANN to complain that Nameshop’s string change request should be treated the same as any other:

It seems that if ICANN can allow string changes from a relatively undesirable name to a more desireable name based on misspelling, then ICANN should allow a change from a desireable name in three characters(IDN) to longer name in eight characters (Internet) based on confusion with geographical names

Meetings with ICANN staff, the Ombudsman, the Governmental Advisory Committee and others to discuss his predicament several times over the last several years have proved fruitless.

Finally, today ICANN has published a letter (pdf) it sent to Muthusamy on Friday, urging him to ditch his Quixotic quest and get his money back. Christine Willett, VP of gTLD operations, wrote:

Given we are unable to take further action on Nameshop’s application, we encourage you to withdraw the application for a full refund of Nameshop’s application fee.

I doubt this is the first time ICANN has urged Nameshop to take its money and run, but it seems ICANN is now finally sick of talking about the issue.

Willett added that ICANN staff and directors “politely decline” his request for further in-person meetings to discuss the application, and encouraged him to apply for his desired string in the next application round, whenever that may be.

“Stringent” new online censorship law could affect domain companies

Kevin Murphy, April 8, 2019, Domain Policy

Blame Zuck.

The UK government is planning to introduce what it calls “stringent” new laws to tackle abusive behavior online, and there’s a chance it could wind up capturing domain name registries and registrars in its net.

The Department for Culture, Media and Sport this morning published what it calls the Online Harms White Paper, an initial 12-week consultation document that could lead to legislation being drafted at a later date.

The paper calls for the creation of a new independent regulator, charged with overseeing social media companies’ efforts to reduce the availability of content such as incitements to violence, self-harm, suicide, child abuse, “hate crime” and even “fake news”.

It basically would increase the amount of liability that companies have for user-generated content hosted on their services, even when that content is not necessarily illegal but is nevertheless considered “harmful”.

The regulator would have to create a code of conduct for companies the legislation covers to abide by.

When the code is breached, the regulator would have the authority to issue fines — possibly comparable to the 4% of profits that can be fined under GDPR — against not only the companies themselves but also their senior management.

The paper seems to most directly address ongoing tabloid scandals related to Facebook and its ilk, such as the suicide of Molly Russell, a 14-year-old who viewed material related to self-harm on Instagram before her death.

While it does not mention domain names once, the government clearly anticipates casting a wide net. The paper states:

The scope will include companies from a range of sectors, including social media companies, public discussion forums, retailers that allow users to review products online, along with non-profit organisations, file sharing sites and cloud hosting providers.

That’s a broad enough definition such that it could even cover blogs, including this one, that allow users to post comments.

The paper also discusses asking search engines to remove sites from their indexes, and compelling ISPs to block abusive sites as a “last resort” measure.

There’s a short mental hop from ISP blocking to domain name takedowns, in my view.

The paper also discusses steps the regulator could take to ensure companies with no UK legal presence are still covered by the rules.

While the paper, as I say, does not mention the domain name industry once, subsidiary services provided by registrars, such as hosting, could be directly affected.

There’s no guarantee that the paper will become a bill. There’s already a backlash from those who believe it constitutes unacceptable censorship, comparable to regimes such as in China.

There’s also no guarantee such a bill would eventually become law. The UK government is arguably currently the weakest it has ever been, with a propped-up minority in Parliament and many MPs in open revolt over Brexit.

With talk of an early general election incessant recently, it’s also possible the government may not last long enough to bring its plans to fruition.

Still, it’s probably something the domain industry, including ICANN, should probably keep an eye on.

The full 100-page white paper can be found here (pdf) and an executive summary can be read here.

ICANN waves goodbye to Adobe Connect over security, pricing

Kevin Murphy, April 4, 2019, Domain Policy

ICANN has decided to dump its longstanding web conferencing service provider, Adobe Connect, in favor of rival Zoom.

The organization reckons it could save as much as $100,000 a year, and mitigate some security fears, by making the switch.

Adobe has been the standard remote participation tool for not only ICANN’s public meetings, but also its policy-development working groups, for at least seven or eight years.

It enables video, audio, screen-sharing, public and private chat, voting and so on. ICANN says that Zoom has “nearly all of the same features”.

But some of ICANN’s more secretive bodies — including the Security and Stability Advisory Committee and Board Operations — have been using Zoom for a little over a year, after an SSAC member discovered a vulnerability in Adobe that allowed potentially sensitive information to be stolen.

A clincher appears to be Zoom’s voice over IP functionality, which ICANN says will enable it to drop Premiere Global Services Inc (PGi), its current, $500,000-a-year teleconferencing provider, which participants use if they dial in from on the road.

“Based on feedback, Zoom’s voice connectivity and overall experience seem to be superior to equivalent Adobe Connect experiences,” ICANN said.

As somebody who has lurked on more than his fair share of Adobe Connect rooms, I’ve noticed that people losing their voice connection is a very common occurrence, which can delay and break the flow of discussions, though it’s not usually clear where the blame lies.

According to a Zoom feature list (pdf) provided by ICANN, Zoom currently lacks many features on its web client, but updates are expected to bring the feature set in line with the mobile apps and PC/Mac executables by the end of the year.

ICANN expects to use Zoom exclusively by ICANN 65, in Marrakech this June. In the meantime, it will provide training to community members.

The cynic in me wants to say “expect teething troubles”, but the ICANN meetings team runs a pretty tight ship. The switch might be surprisingly smooth.