Latest news of the domain name industry

Recent Posts

“Send registrars to jail!”, ICANN hears

Kevin Murphy, October 13, 2014, Domain Policy

ICANN is ramping up its focus on contractual compliance in the midst of calls for domain industry offenders to “go to jail”.

CEO Fadi Chehade yesterday revealed that he has has promoted chief contracting counsel Allen Grogan to the newly created role of chief contract compliance officer.

Grogan, who Chehade has worked with off and on since 1991, will report directly to him. Maguy Serad, who has been heading compliance under Chehade for the last couple of years, will now report to Grogan.

In a session with the GNSO Council at the ICANN 51 public meeting in Los Angeles yesterday, Chehade said the appointment was part of a new “strategic, analytical” approach to compliance.

It was hinted that the compliance focus may form part of Chehade’s address at the formal opening ceremony of ICANN 51 later today.

Ron Andruff of the Business Constituency made the “jail” comments in response.

“We need to see action, we need to see teeth,” he said. “We never see any really strong action taken and it’s time we did. It’s time we saw people go to jail for doing things, lose their contracts for doing things.”

“We’ve lived through 15 years of ICANN with all manner of transgressions, some very serious ones, but they all get slid off to the side and there’s never any mention of it,” he said.

“Should someone be the recipient of extremely strong actions — losing their contract, being thrown out the community — that would send a signal,” he said.

Andruff appeared to be relating comments made by the Intellectual Property Constituency’s Kristina Rosette, at a private Commercial Stakeholders Group meeting earlier that day.

However, Rosette was quick to take to Twitter to deny she’d said anything about jail time.

Chehade, in reply to Andruff, agreed with the need for action but clarified what he plans to do.

“It doesn’t mean to create a police force, that’s not what we need,” he said. “What we need is thoughtful, analytical analysis.”

“It doesn’t mean we’re going to take the job of all the global consumer protection agencies,” he said earlier in the session.

The notion of ICANN having the power to directly jail somebody is of course laughable — all of its power comes from its contracts with registrars and registries.

However, it’s not beyond the bounds of possibility that ICANN could refer registrars to law enforcement should it come across suspected illegality in the course of its compliance investigations.

ICANN Compliance currently employs 21 people and deals with 5,000 complaints per month, Chehade said.

In the last year, the number of breach, suspension and termination notices against registrars has been on the increase.

Notably, last November a registrar owned by “spam king” Scott Richter was terminated. Notorious domain “slammer” NameJuice faces possible termination this Friday based on a July suspension notice.

Second new gTLD round “possible” but not “probable” in 2016

Kevin Murphy, September 26, 2014, Domain Policy

If there are any companies clamoring to get on the new gTLD bandwagon, they’ve got some waiting to do.

Based on a sketchy timetable published by ICANN this week, it seems unlikely that a second application round will open before 2017, and even that might be optimistic.

While ICANN said that “based on current estimates, a subsequent application round is not expected to launch until 2016 at the earliest”, that date seems unlikely even to senior ICANN staffers.

“The possibility exists,” ICANN vice president Cyrus Namazi told DI, “but the probability, from my perspective, is not that high when you think about all the pieces that have to come together.”

Here’s an ICANN graphic illustrating these pieces:

As you can see, the two biggest time-eaters on the road-map, pushing it into 2017, are a GNSO Policy Development Process (green) and the Affirmation of Commitments Review (yellow).

The timetable envisages the PDP, which will focus on what changes need to be made to the program, lasting two and a half years, starting in the first quarter 2015 and running until mid-2017.

That could be a realistic time-frame, but the GNSO has been known to work quicker.

An ICANN study in 2012 found that 263 days is the absolute minimum amount of time a PDP has to last from start to finish, but 620 days — one year and nine months — is the average.

So the GNSO could, conceivably, wrap up in late 2016 rather than mid-2017. It will depend on how cooperative everybody is feeling and how tricky it is to find consensus on the issues.

The AoC review, which will focus on “competition, consumer trust and consumer choice” is a bit harder to gauge.

The 2009 Affirmation of Commitments is ICANN’s deal with the US government that gives it some of its authority over the DNS. On the review, it states:

If and when new gTLDs (whether in ASCII or other language character sets) have been in operation for one year, ICANN will organize a review that will examine the extent to which the introduction or expansion of gTLDs has promoted competition, consumer trust and consumer choice, as well as effectiveness of (a) the application and evaluation process, and (b) safeguards put in place to mitigate issues involved in the introduction or expansion.

The AoC does not specify how long the review must last, just when it must begin, though it does say the ICANN board must react to it within six months.

That six-month window is a maximum, however, not a minimum. The board could easily take action on the review’s findings in a month or less.

ICANN’s timeline anticipates the review itself taking a year, starting in Q3 2015 and broken down like this:

Based on the timelines of previous Review Team processes, a rough estimate for this process is that the convening of the team occurs across 3-5 months, a draft report is issued within 6-9 months, and a final report is issued within 3-6 months from the draft.

Working from these estimates, it seems that the review could in fact take anywhere from 12 to 20 months. That would mean a final report would be delivered between September 2016 and July 2017.

If the review and board consideration of its report take the longest amount of time permitted or envisaged, the AoC process might not complete until early 2018, a little over three years from now.

Clearly there are a lot of variables to consider here.

Namazi is probably on safe ground by urging caution over the hypothetical launch of a second round in 2016.

Given than new gTLD evaluations were always seen as a “rolling” process, one of the things that the GNSO surely needs to look into is a mechanism to reduce the delay between rounds.

Amid Ukraine crisis, Russia scared ICANN might switch off its domains

Kevin Murphy, September 19, 2014, Domain Policy

Russia is reportedly worried that the current wave of Western sanctions against it may wind up including ICANN turning off its domain names.

According to a report in the local Vedomosti newspaper, the nation’s Security Council is to meet Monday to discuss contingency plans for the possibility of being hit by internet-based sanctions.

Part of the discussion is expected to relate to what would happen if the US government forced ICANN to remove the local ccTLDs — .ru, .рф, and the discontinued .su — from the DNS root, according to Vedomosti’s source.

The paper reports, citing a source, that “officials want to control the entire distribution system of domain names in RUnet entirely”. RUnet is an informal term for the Russian-language web.

The report goes on to explain that the government’s goal is not to isolate the Russian internet, but to ensure it remains functioning within the country if its ccTLDs are cut off in the rest of the world.

Russia has been hit by sanctions from the US and Europe in recent months due to its involvement in the Ukraine crisis, but so far these have been of the regular economic kind.

Frankly, I find the possibility of the US government asking ICANN to intervene in this way — and ICANN complying — unlikely in the extreme. It would go dead against the current US policy of removing itself almost entirely from the little influence it already has over the root system.

ICANN board getting three new directors

Kevin Murphy, September 12, 2014, Domain Policy

ICANN 51 next month in Los Angeles is also the organization’s formal annual general meeting, and that means changes at the top.

The board of directors is replacing three members in October, and renewing the terms of two others.

Long-time ICANN participant and internet governance expert Markus Kummer has been selected for a seat by the Non-Contracted Parties House of the Generic Names Supporting Organization.

Kummer is currently vice president of public policy at the Internet Society. Prior to that, he was at the United Nations with the primary responsibility for organizing the Internet Governance Forum.

He replaces independent consultant Bill Graham, who’s leaving the board after one three-year term. Graham, until going solo in 2011, also held a senior position at ISOC.

Rinalia Abdul Rahim is to join the board as the new representative of the At Large, having beaten incumbent Sebastien Bachollet in elections early this year.

Based in Malaysia, Rahim is managing director at Compass Rose, her self-founded management consultancy. Between 2011 and 2013, she was a NomCom appointee to the At-Large Advisory Committee.

The last addition is Asha Hemrajani, a Nokia alum and currently a partner at the small Singapore-based business consultancy Knight Griffin. She was selected by the Nominating Committee.

Hemrajani replaces Wolfgang Kleinwachter, who will leave the seat after less than a year. Kleinwachter stepped in to replace Judith Vazquez, who mysteriously quit two years into her three-year term.

NomCom has, unsurprisingly, selected ICANN chair Steve Crocker for a board seat again. Under the ICANN bylaws, it will be Crocker’s third and final three-year term.

Chris Disspain of auDA will also begin his second term, having stood unopposed for one of the two ccNSO seats.

The changes take effect at the end of the LA meeting, which runs from October 12 to 16.

ICANN holds its ground on weaseled GAC advice

Kevin Murphy, September 11, 2014, Domain Policy

While many members of the community are getting upset about the plan to make it harder for ICANN’s board to overrule GAC advice, today we got a reminder that the board is not the GAC’s lapdog.

The New gTLD Program Committee is standing firm on the way it creatively reinterpreted Governmental Advisory Committee advice to make it less punishing on a few dozen new gTLD registries.

The NGPC passed a resolution on Monday approving an updated scorecard to send to the GAC. ICANN chair Steve Crocker delivered it to GAC chair Heather Dryden yesterday.

A “GAC scorecard” is a table of the GAC’s demands, taken from the formal advice it issues at the end of each public meeting, with the NGPC’s formal responses listed alongside.

The latest scorecard (pdf) addresses issues raised in the last five ICANN meetings, dating back to the Beijing meeting in April 2013.

The issues mainly relate to the GAC’s desire that certain new gTLDs, such as those related to regulated industries, be locked down much tighter than many of the actual applicants want.

One big point of contention has been the GAC’s demand that registrants in gTLDs such as .attorney, .bank and .doctor should be forced to provide a relevant licence or other credentials at point of sale.

The GAC’s exact words, from its Beijing communique (pdf), were:

At the time of registration, the registry operator must verify and validate the registrants’ authorisations, charters, licenses and/or other related credentials for participation in that sector.

However, when the NGPC came up with its first response, in November last year, it had substantially diluted the advice. The creative reinterpretation I mentioned earlier read:

Registry operators will include a provision in their Registry-Registrar Agreements that requires Registrars to include in their Registration Agreements a provision requiring a representation that the Registrant possesses any necessary authorisations, charters, licenses and/or other related credentials for participation in the sector associated with the Registry TLD string.

In other words, rather than presenting your medical licence to a registrar when buying a .doctor domain, registrants would merely assert they have such a licence on the understanding that they could lose their domain if they fail to present it on demand in future.

The GAC, which isn’t entirely stupid, spotted ICANN’s reimagining of the Beijing communique.

At the Singapore meeting this March, it issued a list of passive-aggressive questions (pdf) for the NGPC, noting that its Beijing advice had been “amended” by the board and wondering whether this would lead to “greater risks of fraud and deception” in new gTLDs.

ICANN’s response this week is quite lengthy.

The NGPC said it had “to balance many competing positions” when figuring out how to respond to the Beijing communique, and that it tried “to address all of the completing concerns in a way that respected the spirit and intent of the GAC’s advice.”

The committee gives a number of examples (starting on page 15 of this PDF) explaining why the GAC’s original demands would be unreasonably burdensome not only on registries and registrars but also on registrants.

Here’s one example:

consider a potential registrant that is a multinational insurance company seeking to register a domain name in the .insurance TLD. Suppose the multinational insurance company has locations in over 30 countries, including the United States and Kenya. If the potential registrant insurance company attempts to register a domain name in the .insurance TLD, would that trigger an obligation to verify and validate its credentials, licenses, charters, etc. in the location of its headquarters, or all of the places around the globe where it does business. Is it realistic for a Registry Operator or Registrar to have the knowledge and expertise to determine precisely what credentials or authorizations are required in every country around the world (and in every city, county or other political division if those political subdivisions also require credentials [e.g. in the United States, insurance is primarily regulated at the state level and require a license in each of the 50 states])?

The short version is that the NGPC isn’t budging on this particular issue.

Rather than backpedaling, it’s giving the GAC the reasons it disagreed with its advice and explaining how it attempted to at least comply with the spirit, if not the letter, of Beijing.

As far as I can tell, that seems to be the case in each of the 39 items in the new scorecard — explanation not capitulation. Read the full thing here.