Latest news of the domain name industry

Recent Posts

Updated: More .amazon delay as governments cancel talks

Kevin Murphy, February 25, 2019, Domain Policy

The future of Amazon’s bid for .amazon has been cast into more doubt after South American governments cancelled talks with ICANN.

The new secretary general of the Amazon Cooperation Treaty Organization, Alexandra Moreira, wrote to ICANN CEO Göran Marby February 13 to call off a meeting that had been planned to take place in Brasilia, February 19.

She blamed unspecified “unavoidable circumstances” for the cancellation, but insisted it was unrelated to the .amazon issue.

“It is necessary to clarify that the above mentioned circumstances have no connection whatsoever with neither the substance nor the agenda of the postponed meeting,” she wrote.

I believe the cancellation is related to the ongoing political instability in ACTO member Venezuela, which has recently spilled onto its borders with fellow members Brazil and Colombia.

Moreira reiterated that ACTO remains committed to talks to get the .amazon impasse resolved.

The cancellation of the February 19 meeting causes timing issues for ICANN’s board of directors, which has promised to vote on the .amazon applications at its meetings in Kobe, Japan, at ICANN 64, which kicks off in less than two weeks.

Brazilian Governmental Advisory Committee representative Achilles Zaluar has meanwhile reached out to Marby to request a delay of this decision until ICANN 65, which takes place in June.

Eight-nation ACTO is unhappy with Amazon’s encroachment onto what it sees as its geographic name rights, even though the Amazon region is typically known as Amazonia locally.

Amazon has offered to protect culturally sensitive terms at the second level and to support future efforts to secure a .amazonia TLD.

But its latest offers have still not been formally presented to and discussed with ACTO.

This post was updated an hour after publication to provide additional context to the cancellation.

Expect more Whois accuracy emails under new ICANN policy

Kevin Murphy, February 25, 2019, Domain Policy

Registrars will be obliged to send out even more Whois accuracy emails, under a set of recommendations being considered in ICANN.

Assuming recent recommendations out of the Whois policy working group are accepted, every registrant of a gTLD domain with something listed in the “Organization” field will receive a one-off mail from their registrar asking them to confirm its accuracy.

It’s Recommendation 12 of the EPDP Team Final Report, which was published last week (pdf) by ICANN’s first Expedited Policy Development Process working group.

In general, the Organization field would be redacted in the public Whois under the proposed policy, but registrants will be proactively asked if they want to opt in to having it published.

While registrars can pick their own methods to conduct this outreach, email seem like the most likely medium in the vast majority of cases.

These mails would be sent out the registrants of the over 192 million gTLD domains (if they have something in their Org field) at some point between May 2019, when ICANN is likely to formally adopt the policy, and February 29, 2020, which is EPDP group’s recommended implementation deadline.

In theory, the Org field is perhaps the main indicator of whether a domain is registered to a natural person (and therefore subject to the General Data Protection Regulation) or a legal person (and therefore not).

But it’s not uncommon for registrants or registrars to simply populate the field with the name of the natural-person registrant, even when there’s no actual organization involved.

That’s a GDPR problem, as it means personally identifiable information could leak into the public Whois.

Under the EPDP’s recommendation, registrars would be obliged to reach out to their customers to confirm whether the contents of their Org field are correct, and to ask whether they want that information to be made public.

Opting in would mean the registrar would begin to publish Org data in the public Whois. Ignoring the email or actively refusing publication would mean your registrar would redact or delete this field.

After this mass outreach has finished, registrars would stop redacting the Org field, unless the registrant has not consented to its publication.

For new registrations, registrars would have to show you a prominent warning that the Org data will be published and get your consent for it to do so.

The recommendation is among 29 that were arrived at following over six months of intensive discussions in the EPDP group.

Others we’ve previously reported on include the total elimination of the Admin Contact, making the Technical Contact both smaller and completely optional, and the mandatory introduction of an anonymous means for Whois users to contact registrants.

The recommendations have been submitted to the GNSO Council, which will vote on them March 4.

The EPDP report will then be opened for 30 days of public comment, before being sent to the ICANN board of directors for a full, final vote.

The policy will replace the current Temporary Specification governing Whois, which the board rushed through on an emergency basis last May in order to make the DNS ecosystem as GDPR-compliant as possible when the EU law came into effect.

The EPDP group is expected to shortly enter “phase two” of its work, which will look at whether there should be a unified access mechanism for security and intellectual property interests to snoop on otherwise private Whois data.

Namazi named new GDD boss

Kevin Murphy, February 22, 2019, Domain Policy

Cyrus Namazi has been appointed as the new head of ICANN’s Global Domains Division.

He’s been in the role on an interim basis since November, when former GDD president Akram Atallah left to lead Donuts.

Namazi won’t be “president” though, his new job title is senior vice president. He was previously VP of DNS industry engagement, having joined ICANN in 2013.

He’ll be on the executive team and report to CEO Göran Marby, ICANN said.

Namazi and Atallah worked together in their pre-ICANN days at technology firm Conexant Systems.

The GDD basically overseas everything related to ICANN’s gTLD contracted parties.

Pritz quits Whois privacy group as work enters impossible second phase

Kevin Murphy, February 22, 2019, Domain Policy

Kurt Pritz has quit as chair of the ICANN group working on Whois policy for the GDPR era.

He informed the Whois Expedited Policy Development Process working group in a notice to its mailing list today, saying he was leaving for “a set of personal and professional reasons”.

He said he will stick around until his replacement is selected.

I understand three people had put themselves forward for the role when Pritz was originally selected last July, so there may be a couple of alternates already waiting in the wings.

The announcement comes at a pivotal time for the EPDP, and whoever takes over is going to have to have some seriously masochistic tendencies.

The 30-odd member group just this week put the finishing touches to its “phase one” initial report, which primarily sets out the formal legal purposes for which Whois data is collected and processed across the domain name ecosystem.

That’s going to be voted on by the GNSO Council in a vote delayed from this week to March 4 at the request of the Intellectual Property Constituency and Business Constituency, which want more time to review and comment on it.

For the EPDP WG, it’s soon time to move on to phase two, which will cover the creation (or not) of a unified access mechanism that trademark owners and the like could use to snoop on redacted Whois data.

Even the relatively easy tasks in phase one have been absolute murder on the volunteers and ICANN staff, who have been putting in four or more hours of teleconferences per week since August.

I’ve just been dipping in and out of the mailing list and listening to the odd teleconference, and the level of nitpicking over language has been agonizing to listen to.

Essentially, virtually every debate comes down to a face-off between the IP interests who want to insert as much language concerning access as possible, and those, such as non-commercial users, who oppose them. It sometimes comes across like a proxy war between Facebook and the Internet Governance Project.

More than once, naturally mild-mannered Pritz has had to delegate control to firm-handed mediators drafted in from a specialist outside agency.

Whoever takes over as chair has got his or her work cut out.

Surprise! Most private Whois look-ups come from Facebook

Kevin Murphy, February 20, 2019, Domain Policy

Facebook is behind almost two-thirds of requests for private Whois data, according to stats published by Tucows this week.

Tucows said that it has received 2,100 requests for Whois data since it started redacting records in the public database when the General Data Protection Regulation came into effect last May.

But 65% of these requests came from Facebook and its proxy, AppDetex, that has been hammering many registrars with Whois requests for months.

AppDetex is an ICANN-accredited brand-protection registrar, which counts Facebook as its primary client. It’s developed a workflow tool that allows it, or its clients, to semi-automatically send out Whois requests to registrars.

It sent at least 9,000 such requests between June and October, and has twice sent data to ICANN complaining about registrars not responding adequately to its requests.

Tucows has arguably been the registrar most vocally opposed to AppDetex’s campaign, accusing it of artificially inflating the number of Whois requests sent to registrars for political reasons.

An ICANN policy working group will soon begin to discuss whether companies such as Facebook, as well as security and law enforcement interests, should be able to get credentials enabling them to access private Whois data.

Tucows notes that it sees spikes in Whois requests coinciding with ICANN meetings.

Tucows said its data shows that 92% of the disclosure requests it has received so far come from “commercial interests”, mostly either trademark or copyright owners.

Of this 92%, 85% were identified as trademark interests, and 76% of those were Facebook.

Law enforcement accounted for 2% of requests, and security researchers 1%, Tucows said.

Claims UDRP has cost over $360 million so far

Kevin Murphy, February 13, 2019, Domain Policy

Trademark owners have splashed out over $360 million on UDRP cases over the 20 years the policy has been active, according to an intellectual property trade group.

Marques, a European body representing trademark owners, reckons $360 million is a “conservative” estimate.

It reached the figure by multiplying the number of UDRP complaints filed to the end of 2018 — 72,038 — by the $5,000 estimated total cost of each complaint.

The World Intellectual Property Organization, which handles well over half of all UDRP cases, charges at least $1,500 per case, but trademark owners have other fees, such as paying lawyers to draft the complaints.

WIPO, which basically designed and wrote the UDRP back in 1998, has been paid at least $63.8 million in filing fees to date, Marques calculates.

Across all UDRP providers, well over 100,000 individual domain names have been subject to UDRP. It’s likely much more, but the National Arbitration Forum does not publish data on unique domains.

The Marques claims were made in a letter (pdf) from council member (and Com Laude managing director) Nick Wood to ICANN last week, part of IP lobbying efforts in the face of UDRP reform efforts. He wrote:

This lowest-case estimate of $360m is a very significant financial burden. Registrants, on the other hand, pay only for their own defence, if any. They do not pay damages, or even contribute to the provider fees, if they lose – which across the five active panel providers appears to be majority of the time.

One proposal that has been put forward by IP owners is for registrants to pay a $500 fee when they are hit by a UDRP complaint, which would be refundable if they prevail.

I can see this idea going down like a cup of iced sick in the domainer community.

Rather than lobbying for any specific proposal, however, Marques is asking ICANN to create an “independent expert group” outside of the usual Policy Development Process, to highlight “priority issues and possible solutions” for the PDP to consider.

Marques thinks the group should comprise a small number of trademark interests, registries and registrars, and registrant rights groups. It wants WIPO to chair it.

It also wants ICANN to coordinate UDRP providers in the creation of a unified set of data on UDRP cases processed to date, to help with future reform discussions.

ICANN community volunteers have been working on the “PDP Review of All Rights Protection Mechanisms in All gTLDs” — the RPM WG — since March 2016.

The RPM WG expects to put out its “Phase One” initial report, comprising recommendations for reform of the Trademark Clearinghouse, Trademark Claims and Sunrise policies, in early June this year.

Only then will it turns its attention to UDRP, in “Phase Two”, with talks due to begin at the ICANN 65 meeting in Marrakech later that month.

The working group has been beset by all kinds of personal drama among volunteers recently, which continues to add friction to discussions.

Court rules generic dictionary domains CAN be trademarked

Kevin Murphy, February 11, 2019, Domain Policy

A US appeals court has ruled that generic, dictionary domain names can be trademarked.

The hotel-booking web site Booking.com was told last week that it is in fact eligible to have “Booking.com” registered as a trademark, over the objections of the US Patent and Trademark Office.

The ruling could have a chilling effect on domain name choices in the hotel-booking market.

USPTO had denied the company’s trademark application in 2012 because “Booking.com” was considered too generic.

Under US trademark law, you can’t register a trademark if it merely generically describes the product or service you offer rather than its source.

You couldn’t register “Beer” as a brand of beer, for example, though you might be able to register “Beer” as a brand of shoes.

Booking.com sued to have the USPTO ruling overturned in 2016, and in 2017 a district court judge ruled that “although ‘booking’ was a generic term for the services identified, BOOKING.COM as a whole was nevertheless a descriptive mark”.

USPTO appealed, saying that “Booking.com” is too generic to be trademarked, but last week it lost.

In a 2-1 majority decision, the appeals court ruled:

We hold that the district court, in weighing the evidence before it, did not err in finding that the USPTO failed to satisfy its burden of proving that the relevant public understood BOOKING.COM, taken as a whole, to refer to general online hotel reservation services rather than Booking.com the company… we reject the USPTO’s contention that adding the
top-level domain (a “TLD”) .com to a generic second-level domain (an “SLD”) like booking can never yield a non-generic mark.

Key evidence was a survey Booking.com had submitted that indicated that almost three quarters of consumers understood “Booking.com” to be a brand name, rather than a generic term to describe hotel-booking web sites.

Here are some other extracts of the appeals court majority’s thinking, as they relate to domain names:

Merely appending .com to an SLD does not render the resulting domain name non-generic because the inquiry is whether the public primarily understands the term as a whole to refer to the source or the proffered service.

We… conclude that when “.com” is combined with an SLD, even a generic SLD, the resulting composite may be non-generic where evidence demonstrates that the mark’s primary significance to the public as a whole is the source, not the product

because trademarks only protect the relevant service — here, the district court granted protection as to hotel reservation services but not travel agency services — protection over BOOKING.COM would not necessarily preclude another company from using, for example, carbooking.com or flightbooking.com

In sum, adding “.com” to an SLD can result in a non-generic, descriptive mark upon a showing of primary significance to the relevant public. This is one such case.

The ruling does not appear to protect all uses of a generic dictionary word combined with a TLD, but rather only “rare circumstances” where there’s evidence of a secondary, non-generic meaning.

One judge on the case, James Wynn, was not convinced by the majority’s thinking. He warned that the ruling goes against years of legal precedent and could enable Booking.com to subject competitors to expensive litigation.

In his dissenting opinion, he wrote:

BOOKING.COM is a run-of-the-mill combination of a generic term with a Top Level Domain that creates a composite mark concerning the subject or business encompassed by the generic term—precisely the type of mark that the courts in Hotels.com, Reed Elsevier Properties, 1800Mattress.com, and Advertise.com found did not amount to the “rare circumstance” that warranted affording the domain name trademark protection.

Presumptively allowing protection of domain names composed of a generic Secondary Level Domain and Top Level Domain conflicts with the law’s longstanding refusal to permit registration of generic terms as trademark

Wynn added that he was “not convinced” that Booking.com’s competitors that use the word “booking” in their domains will be protected by the “fair use” defense, and that the existence of such a defense will not prevent Booking.com from suing them out of business regardless.

Put simply, putative competitors may — and likely will — choose not to operate under domain names that include the word “booking” — even if that term best describes the service they offer — because they do not want to incur the expense and risk of defending an infringement action.

The full ruling can be read here (pdf).

After ICANN knockback, Amazon countries agree to .amazon talks

Kevin Murphy, February 4, 2019, Domain Policy

Talks that could lead to Amazon finally getting its long-sought .amazon gTLD are back on, after a dispute between ICANN and eight South American governments.

The Amazon Cooperation Treaty Organization last week invited ICANN CEO Goran Marby to meet ACTO members in Brasilia, any day next week.

It’s not clear whether Amazon representatives have also been invited.

The outreach came despite, or possibly because of, ICANN’s recent rejection of an ACTO demand that the .amazon gTLD applications be returned to their old “Will Not Proceed” status.

In rejecting ACTO’s Request for Reconsideration, ICANN’s board of directors had stressed that putting .amazon back in the evaluation stream was necessary in order to negotiate contractual concessions that would benefit ACTO.

Amazon is said to have agreed to some Public Interest Commitments that ACTO would be able to enforce via ICANN’s PIC Dispute Resolution Process.

The e-commerce giant is also known to have offered ACTO cultural safeguards and financial sweeteners.

ACTO’s decision to return to the negotiating table may have been made politically less uncomfortable due to a recent change in its leadership.

Secretary-general Jacqueline Mendoza, who had held the pen on a series of hard-line letters to Marby, was in January replaced by Bolivian politician Alexandra Moreira after her three-year term naturally came to an end.

ICANN’s board has said it will look at .amazon again at its meetings in Kobe, Japan, in March.

ICANN picks Seattle for public meeting

Kevin Murphy, January 30, 2019, Domain Policy

ICANN will hold one of its 2021 public meetings in Seattle, Washington.

The organization’s board of directors directed the CEO to start talks with the yet-unnamed venue at its meeting at the weekend.

The meeting, ICANN 72, will be the 2021 Annual General meeting and will be held from October 23 to 28.

Believe it or not, it will be the first time a public ICANN meeting has been held on the mainland United States since the LA meeting in 2014.

That’s quite a feat, given that ICANN’s definition of “North America” basically only has two countries in it.

Brexit won’t just affect Brits, .eu registry says

Kevin Murphy, January 25, 2019, Domain Policy

European Union citizens living in the UK could find their .eu domain names shut off in the next few months, EURid has said.

In a just-published update to its Brexit guidance, the registry has told Brits that they stand to lose their domains on May 30, should the UK leave the EU with no transition deal.

That would give them just two months to transfer their domains to an entity in one of the remaining 27 member states.

On May 30, affected domains will be removed from the .eu zone file and will stop resolving, technically entering “withdrawn” status.

It will be no longer be possible to renew these domains, nor to transfer any domains to a UK-based registrant.

All affected domains — over 273,000 at the last-published count — will be deleted and released back into the available pool, in batches, following March 30, 2020.

This could be good news for domainers in the EU27, given that the deleted domains may include potentially valuable generics.

But EU27 citizens currently residing in the UK, who for whatever reason are unable to transfer their names to an address in their home country, will be treated at first in the same way as Brits. EURid said:

There may be situations of EU citizens, who at present are residing in the UK and have registered a .eu domain name. These citizens would become ineligible as a result of the UK withdrawal and would, therefore lose their eligibility for a .eu domain name, but might become eligible again when the new .eu regulatory framework comes into force later this year. At present, such individuals will experience a disruption of service from 30 May 2019, as a result of the withdrawal of the name.

The registry said last month that new regulations are coming that would allow EU citizens to register .eu domains no matter in which country they live.

Before these regulations kick in, these EU registrants will find their names unresolvable.

By May 30, starving Brits will be far too preoccupied with beating each other to death in the streets for scraps of the country’s last remaining baguette, trading sexual favors for insulin, and so on, so .eu domains will likely be among the least of their no-deal Brexit concerns.

The situation for registrants if the UK leaves the EU with a deal is less urgent. Their domains will stop functioning March 2, 2021, and from January 1, 2022, will be released back into the pool for registration.

Brits would be able to register new .eu domains all the way through the transition period, until the end of December 2020.

It’s not beyond the bounds of possibility that Brits could be grandfathered in to .eu eligibility, should the UK leave on terms similar to European Economic Area members such as Norway, which are eligible under the existing rules.

Currently, it’s anyone’s guess whether we’re leaving with a deal or without. The government’s proposed transition plan was defeated earlier this month in an unprecedented revolt by members of parliament, which leaves no-deal enshrined in the statute books as the default option.

The government is currently attempting to talk its MPs into switching sides, but many suspect it’s just attempting to run down the clock to the March 29 Brexit deadline, compelling MPs to vote for the transition at the eleventh hour as the lesser of two evils.

The opposition is currently urging the government to rule out a no-deal scenario, to discourage British businesses from executing potentially irreversible and damaging exit plans, but the government is reluctant to do so, fearing it could weaken its negotiating hand with the EU27.

The far more-sensible option — giving British voters the opportunity to change their minds with a referendum — appears to be gaining support among MPs but still seems like a pipe dream.

There’s some evidence that the UK is now officially a demographically Remain country, simply due to the number of elderly racists who have died, and the number of youthful idealists who have reached voting age, since the original 2016 referendum.