Latest news of the domain name industry

Recent Posts

Contention questions remain as ICANN reveals “last-resort” auction rules

Kevin Murphy, November 2, 2013, Domain Policy

ICANN has published a first draft of the rules for its “last resort” new gTLD auctions, but they do not yet address the contention created by controversial objection rulings.

The organization has hired Power Auctions to write the rules and manage the auctions.

They’ve agreed upon an “ascending clock” style, where the auctioneer sets upper and lower limits for each round of bidding. Applicants must bid within that range or withdraw — they cannot skip rounds.

A bid at the top of the round’s range is a “continue bid” that sees the applicant through to the next round. Lower, and it’s an “exit bid” that will count as a withdrawal if anyone else submits a higher bid.

When all but one applicants have withdrawn, the remaining applicant gets the gTLD, paying ICANN an amount equal to the highest exit bid submitted by a competitor in that round.

Unlike the private auctions that have been taking place for the last few months, losing applicants walk away empty-handed apart from a small application fee refund from ICANN.

Applicants’ bidding limits will be determined by their deposits. If your deposit is under $2 million, your bid ceiling is 10x your deposit, but if you put down $2 million deposit or more, there would be no upper limit.

It all seems fairly straightforward for direct, single-string contention sets.

Where it starts to get fuzzy is when you start thinking about “indirect” contention and multiple, connected auctions running simultaneously.

It’s a little tricky to explain indirect contention without diagrams, but let’s try an example, using .shop, instead.

There are nine applicants for .shop. These are all in direct contention with each other.

But one .shop applicant, Commercial Connect, won objections against applicants for “similar” strings — Amazon’s .通販 and Donuts’ .shopping.

Assuming ICANN upholds these objection findings, which seems increasingly likely given recent statements from generic domains president Akram Atallah, both .shopping and .通販 will be in direct contention with Commercial Connect’s .shop and in indirect contention with all the other .shop applications.

Complicating matters, while Amazon’s .通販 is uncontested, Donuts’ .shopping is also in direct contention with Uniregistry, which applied for the same string but did not lose an objection.

It will be quite possible for .shop, .shopping and .通販 to all be delegated, but only if Commercial Connect loses the auction for .shop or otherwise withdraws from the race.

The auction materials published by ICANN today are a bit fuzzy on what happens when indirect contention is in play. On the one hand it suggests that multiple applications can win an auction:

When a sufficient number of applications have exited the auction process, so that the remaining application(s) are no longer in contention with one another, and all the relevant string(s) can be delegated as gTLDs, the auction will be deemed concluded.

But the rules also say:

the rules set forth within this document will assume that there is direct contention only, a condition that holds for the substantial majority of Auctions. In the event that an Auction will include a Contention Set that does not satisfy this condition, ICANN or the Auction Manager may issue an Addendum to the Auction Rules to address indirect contention.

While it seems that the auctions for .shop, .shopping and .通販 would have to take place simultaneously due to the indirect contention, some weird edge cases have me confused.

ICANN’s list of indirect contention sets is currently empty.

It’s not at all clear to me yet whether, for example, Donuts’ .shopping application would be placed in the .shop auction or whether two separate auctions would be conducted.

That could be important because deposits — and therefore bidding limits — are specific to each auction.

Would Donuts have to stump up $4 million in deposits, rather than $2 million, just in order to win one string? Would Commercial Connect have to put down $6 million for three auctions for one string?

If the two .shopping applicants are placed in the .shop auction, and Commercial Connect withdraws first, would Donuts have to carry on bidding against the other eight .shop applicants, just to win .shopping?

I’m guessing not, but the rules don’t seem to envisage this scenario yet.

What about Uniregistry, which has an application for .shopping? Will ICANN force it into the .shop auction even though it’s not in direct contention with any .shop applicant?

If .shop and .shopping are two separate auctions, what happens if Commercial Connect withdraws from the .shop auction but not the .shopping auction? It would have little to gain — not being a .shopping applicant — but could it artificially bid up the .shopping set?

And could how these auctions play out have an impact on companies’ objection strategies in future rounds?

If Uniregistry, say, finds itself at a disadvantage because its .shopping competitor Donuts was objected to by Commercial Connect, maybe it would make sense for an entire direct contention set to cooperate to fight off an objection from an applicant for a similar string.

And if Commercial Connect finds itself financially hobbled by having to participate in three auctions rather than one, maybe that will discourage applicants from filing massive amounts of objections in future.

And another thing…

If you’re as confused as I am, ICANN is running a webinar November 7 at 2200 UTC in order to answer (hopefully) these kinds of questions.

ICANN compliance not broken, Ombudsman rules

Kevin Murphy, October 28, 2013, Domain Policy

Ombudsman Chris LaHatte has rejected a complaint from spam research firm KnujOn — and 173 of its supporters — claiming that ICANN’s compliance department is failing consumers.

In a ruling posted online today, LaHatte said there was “no substance” to complaints that a small number of “bad” registrars, notably BizCN, have been allowed to run wild.

KnujOn’s Garth Bruen is a regular and vocal critic of ICANN compliance, often claiming that it ignores complaints about bad Whois data and fails to enforce the Registrar Accreditation Agreement, enabling fake pharma spamming operations to run from domains sponsored by ICANN-accredited registrars.

This CircleID blog post should give you a flavor.

The gist of the complaint was that ICANN regularly fails to enforce the RAA when registrars allow bad actors to own domain names using plainly fake contact data.

But LaHatte ruled, based on a close reading of the contracts, that the Bruen and KnujOn’s supporters have overestimated registrars’ responsibilities under the RAA. He wrote:

the problem is that the complainants have overstated the duties of the registrar, the registrant and the role of compliance in this matrix.

He further decided that allegations about ICANN compliance staff being fired for raising similar issues were unfounded.

It’s a detailed decision. Read the whole thing here.

Chehade talks up split from US oversight

Kevin Murphy, October 28, 2013, Domain Policy

ICANN CEO Fadi Chehade used his keynote address at the newdomains.org conference this morning to discuss his plans to divorce the organization from US governmental oversight.

With a split from the US recurring theme in his recent speeches, Chehade nevertheless warned that there were risks that such a move could create a dangerous governance vacuum.

“The current ICANN contract that gives the US government a unique role in the root management function is not sustainable,” he said. “It’s just not sustainable.”

That seems to be a reference to the IANA contract, in which the US has essentially a veto on ICANN’s decisions regarding root zone changes such as new gTLD delegations.

“I think we need to think together how we grow from that and how we globalize that contract,” he said. “But we need to be very careful about creating a vacuum or uninteded consequences that would destabilize the root of the internet.”

While Chehade noted that a split from the US has always been envisaged, he said that the revelations about US internet surveillance made by NSA defector Edward Snowden has provided a catalyst to speed it up.

When Brazilian president Dilma Rousseff recently called for a “multilateral” (read: inter-governmental, (read: ITU)) approach to internet governance, Chehade and an ICANN team traveled to Brazil to persuade her to instead focus on the creation of a “multistakeholder” model instead.

There’s now a “coalition” of the “I*” groups (ICANN, IETF, etc), big-name companies such as Disney, and governments such as Brazil, focused on creating multistakeholder solutions to problems — such as spam and cyber-bullying — that are not in ICANN’s purview Chehade said.

There’s a multistakeholder meeting planned for April or May next year (I’ve heard both dates), to be hosted by Brazil, that will look at internet governance post-Snowden.

This meeting is about “allowing ICANN to not expand its remit”, according to Chehade. He said: “We don’t want to expand our remit.”

What we seem to be looking at here is the creation for a new organization, of which ICANN could be a member, that will allow stakeholders to coordinate responses to tricky cross-border internet problems.

While ICANN seems to be taking the leading role in its creation, it doesn’t sound like ICANN is trying to get into issues beyond naming and addressing, judging by Chehade’s speech this morning

Chehade also talked up ICANN’s support for the domain name industry.

He admitted that ICANN has caused a lot of problems for new gTLD applicants over the course of the gTLD program, but promised that this will change, with ICANN taking a more “background” role.

“You need less risk and more stability from the ICANN side,” he said. “You have suffered for a long time from a lot of instability, a lot of unknowns.”

Increased automation, internationlization and professionalism from ICANN will serve this goal, he said.

ICANN’s compliance department, he added, should “not be the policeman for the industry but be customer service for the registrants”, he said.

First URS case decided with Facebook the victor

Kevin Murphy, October 25, 2013, Domain Policy

Facebook has become the first company to win a Uniform Rapid Suspension complaint.

The case, which dealt with the domain facebok.pw, took 37 days from start to finish.

This is what the suspended site now looks like:

The URS was designed for new gTLDs, but .PW Registry decided to adopt it too, to help it deal with some of the abuse it started to experience when it launched earlier this year.

Facebook was the first to file a complaint, on August 21. According to the decision, the case commenced about three weeks later, September 11, and was decided September 26.

I don’t know when the decision was published, but World Trademark Review appears to have been the first to spot it.

It was pretty much a slam-dunk, uncontroversial decision, as you might imagine given the domain. The standard is “clear and convincing evidence”, a heavier burden than UDRP.

The registrant did not respond to the complaint, but Facebook provided evidence showing he was a serial cybersquatter.

The decision was made by the National Arbitration Forum’s Darryl Wilson, who has over 100 UDRP cases under his belt. Here’s the meat of it:

IDENTICAL OR CONFUSINGLY SIMILAR

The only difference between the Domain Name, facebok.pw, and the Complainant’s FACEBOOK mark is the absence of one letter (“o”) in the Domain Name. In addition, it is well accepted that the top level domain is irrelevant in assessing identity or confusing similarity, thus the “.pw” is of no consequence here. The Examiner finds that the Domain Name is confusingly similar to Complainant’s FACEBOOK mark.

NO RIGHTS OR LEGITIMATE INTERESTS

To the best of the Complainant’s knowledge, the Respondent does not have any rights in the name FACEBOOK or “facebok” nor is the Respondent commonly known by either name. Complainant has not authorized Respondent’s use of its mark and has no affiliation with Respondent. The Domain Name points to a web page listing links for popular search topics which Respondent appears to use to generate click through fees for Respondent’s personal financial gain. Such use does not constitute a bona fide offering of goods or services and wrongfully misappropriates Complainant’s mark’s goodwill. The Examiner finds that the Respondent has established no rights or legitimate interests in the Domain Name.

BAD FAITH REGISTRATION AND USE
The Domain Name was registered and is being used in bad faith.

The Domain Name was registered on or about March 26, 2013, nine years after the Complainant’s FACEBOOK marks were first used and began gaining global notoriety.

The Examiner finds that the Respondent has engaged in a pattern of illegitimate domain name registrations (See Complainant’s exhibit URS Site Screenshot) whereby Respondent has either altered letters in, or added new letters to, well-known trademarks. Such behavior supports a conclusion of Respondent’s bad faith registration and use. Furthermore, the Complainant submits that the Respondent is using the Domain Name in order to attract for commercial gain Internet users to its parking website by creating a likelihood of confusion as to the source, sponsorship or affiliation of the website. The Examiner finds such behavior to further evidence Respondent’s bad faith registration and use.

The only remedy for URS is suspension of the domain. According to Whois, it still belongs to the respondent.

Read the decision in full here.

ICANN helps bust Russian child porn ring

Kevin Murphy, October 24, 2013, Domain Policy

ICANN recently helped break up a Russian child pornography ring.

That’s according to a remarkable anecdote from CEO Fadi Chehade, speaking during a session at the Internet Governance Forum in Bali, Indonesia today.

The “investigative effort” took “months” and seems to have entailed ICANN staff sifting through company records and liaising with law enforcement and domain name companies on three continents.

Here’s the anecdote in full:

We participated in a global effort to break down a child pornography ring.

You think: what is ICANN doing with a child pornography ring? Well, simple answer: where does child pornography get put up? On a web site. Where’s that web site hosted? Well, probably at some hosting company that was given the web site name by a registrar that is hopefully a registrar or reseller in the ICANN network.

We have a public responsibility to help with that.

We have some of the smartest people in the world in that space.

It took us months to nail the child pornography ring.

It took us through LA to Panama. We had to work with the attorney general of Panama to find the roots of that company. One of our team members who speaks Spanish went into public company records until he found, connected — these are investigative efforts that we do with law enforcement — then we brought in the registrars, the registries… and it turned out that this ring was actually in Russia and then we had to involve the Russian authorities.

ICANN does all of this work quietly, in the background, for the public interest.

Wow.

At first I wasn’t sure what to make of this. On the one hand: this obviously excellent news for abused kids and ICANN should be congratulated for whatever role it took in bringing the perpetrators to justice.

On the other hand: is it really ICANN’s job to take a leading role in covert criminal investigations? Why are ICANN staffers needed to trawl through Panamanian company records? Isn’t this what the police are for?

ICANN is, after all, a technical coordination body that repeatedly professes to not want to involve itself in “content” issues.

Session moderator Bertrand de La Chappelle, currently serving out his last month on the ICANN board of directors, addressed this apparent disconnect directly, asking Chehade to clarify that ICANN is not trying to expand its role.

In response, Chehade seemed to characterize ICANN as something of an ad hoc coordinator in these kinds of circumstances:

There are many topics that there is no home for them to be addressed, so ICANN gets the pressure. People come to us and say: “Well you solve this, aren’t you running the internet?”

We are not running the internet. We do names and numbers. We’re a technical community, that’s what we do.

But the pressure is mounting on us. So it’s part of our goal to address the larger issues that we’re not part of, is to frankly keep us focused on our remit. In fact, ICANN should become smaller, not bigger. It should focus on what it does. The only area we should get bigger in is involving more people so we can truly say we’re legitimate and inclusive.

The bigger issues and the other issues of content and how the internet is used and who does what, we should be very much in the background. If there is a legal issue, if we are approached legally by an edict of a court or… if it’s a process we have to respond to it.

We don’t want to be instigating or participating or leading… we don’t, we really don’t.

A desire to make ICANN smaller doesn’t seem to tally with the rapid expansion of its global footprint of hubs and branch offices and the planned doubling of its staff count.

Indeed, the very next person to speak on today’s panel was Chehade’s senior advisor and head of communications Sally Costerton, who talked about her team doubling in size this year.

I don’t personally subscribe to the idea that ICANN should be shrinking — too much is being asked of it, even if it does stick to its original remit — but I’m also not convinced that it’s the right place to be be carrying out criminal investigations. That’s what the cops are for.