Latest news of the domain name industry

Recent Posts

Who are the five new ICANN directors?

Kevin Murphy, November 15, 2016, Domain Policy

Almost a quarter of ICANN’s board of directors were replaced at the organization’s annual general meeting in Hyderabad last week.

Five of the 21-strong board are fresh faces, though many will be familiar to regular ICANN and industry watchers.

They hail from five different countries in four of ICANN’s five regions. One is female.

They replace Bruce Tonkin, Erika Mann, Suzanne Woolf, Kuo-Wei Wu and Bruno Lanvin, each of whom have served terms between three and nine years.

The newcomers all get initial, renewable, three-year terms.

Here’s some abbreviated bios of the newly appointed directors.

Maarten Botterman

Appointed by the Nominating Committee, Botterman is an internet governance consultant with strong historic ties to the registry industry.

From the Netherlands, he was chairman of .org manager Public Interest Registry for eight years until July 2016 and served as its interim CEO for several months in 2010.

Prior to that, he held advisory roles in the Dutch and European Union governments.

Becky Burr

American Burr replaces term-limited Bruce Tonkin as the GNSO contracted parties representative to the board. Since 2012 she’s been chief privacy officer of Neustar. Before that, she was a lawyer in private practice.

There are very few people more intimately familiar with ICANN. In the late 1990s, while working at the US National Telecommunications and Information Administration, she was a key player in ICANN’s creation.

Khaled Koubaa

Koubaa, a Tunisian, is founder of the Arab World Internet Institute, a non-profit dedicated to improving internet knowledge in the Arab region, and until recently head of Middle-East and North Africa public policy at Google.

He was selected by the NomCom. He is also a former member of NomCom, having sat on it during its 2008/9 session. He’s also been a volunteer adviser to PIR in the past.

Akinori Maemura

Hailing from Japan, Maemura works for IP address registry JPNIC. He was selected for the ICANN board by the Address Supporting Organization.

Until recently, he was chair of the executive council of APNIC, which is responsible for distributing IP addresses in the Asia-Pacific region.

Kaveh Ranjbar

Iranian-born, Netherlands-based Ranjbar is chief information officer of RIPE NCC, the European IP address authority.

He was appointed to the ICANN board by the Root Server System Advisory Committee.

Nominet suspends over 8,000 “criminal” domains as IP complaints double

Kevin Murphy, November 15, 2016, Domain Policy

Police claims of intellectual property infringement led to the number of .uk domains suspended doubling in 2016, according to Nominet.

Statistics released today show that the .uk registry suspended 8,049 domains in the 12 months to October 31, compared to 3,889 in the year-ago period.

It’s an almost tenfold increase on 2014, when just 948 domains were taken down.

Nominet suspends domains when law enforcement agencies tell it the domains are being used in crime. No court order is required and Nominet rarely refuses a request.

Registrants can have the suspension lifted if they can show to law enforcement that the allegedly criminal behavior has stopped.

The vast majority of the complaints in 2016 again came from the Police Intellectual Property Crime Unit, which asked for and got 7,617 names suspended.

Just 13 suspensions were reversed, Nominet said. Most of these were due to sites selling so-called “legal highs” being slow to respond to a change in the law.

The controversial ban on “rape” domains resulted in just one suspension among the 2,407 domains automatically flagged for containing rapey substrings.

Nominet published the following infographic with more stats:

Nominet infographic

New policy would ban President Trump from ICANN meetings (probably)

Kevin Murphy, November 9, 2016, Domain Policy

Those who sexually harass fellow community members could be banned from ICANN meetings under a policy proposed this week.

ICANN capThe proposal greatly expands upon an earlier version, published for comment in May, which would have banned “unwelcome hostile or intimidating behavior”.

It presents a long list of activities considered harassment, including:

  • Sexually suggestive touching
  • Grabbing, groping, kissing, fondling, hugging, stroking someone’s hair, or brushing against another’s body
  • Touching that the actor may not have intended to be sexually suggestive but which constitutes uninvited touching, such as rubbing or massaging someone’s neck or shoulders
  • Violating someone’s “personal space” after being told you are doing so
  • Leering, stalking, or suggestive whistling
  • Gesturing in a sexually suggestive manner
  • Circulating or posting written or graphic materials that show hostility or disrespect toward or that demean individuals because of Specified Characteristics as set forth above
  • Lewd or graphic comments or jokes of a sexual nature

We’re unlikely to see new President-Elect Trump keynoting at an ICANN meeting any time soon, in other words.

It’s possible that even referring to his “pussy-grabbing” antics could fall foul of the policy.

Protected “Special Characteristics” would include:

age, ancestry, color, physical or mental disability, genetic information, medical condition (cancer and genetic characteristics), marital status, national origin, race, religion, sex (which includes pregnancy, childbirth, medical conditions related to pregnancy or childbirth, gender, gender identity and gender expression), sexual orientation, citizenship, primary language, or immigration status

Under the proposal (pdf), the ICANN Ombudsman (referred to here, unusually, as the “Ombudsperson”) would have powers to punish those who he determines have been harassing others.

The powers would include:

excusing any individual responsible for inappropriate behavior from further participation in the ICANN process for a specified period of time, limiting the individual’s participation in some manner, and/or requiring satisfaction of prerequisites such as a written apology as a condition of future participation

This would all be in the discretion of the Ombudsman. There would be no requirement for the accuser to provide any corroboration or evidence.

The policy was created following a controversy earlier this year, in which a female ICANN participant accused a male participant of making comments about sandwiches in a way she found “lecherous”.

No wrongdoing was found by the Ombudsman in that case.

The new proposed policy is now open for public comment until January 27.

Photo credit: Michele Neylon

Get ready for thousands of new two-letter domains

Kevin Murphy, November 9, 2016, Domain Policy

New gTLD registry operators have been given the right to start selling two-letter domains that match country codes.

Potentially thousands of names could start being released next year, resulting in a windfall for registries and possible opportunities for investors.

Some governments, however, appear to be unhappy with the move and how ICANN’s board of directors reached its decision.

The ICANN board yesterday passed a resolution that will unblock all two-letter domains that match country codes appearing on the ISO 3166 list, most of which are also ccTLDs.

While the resolution gives some protection to governments worried about abuse of “their” strings, it’s been watered down to virtually nothing.

In the first draft of the rules, published in July, ICANN said registries “must” offer an “Exclusive Availability Pre-registration Period” — a kind of mini-sunrise period limited to governments and ccTLD operators.

In the version approved by ICANN yesterday, the word “must” has been replaced by “may” and the word “voluntary” has been added.

In other words, registries won’t have to give any special privileges to governments when they start selling two-character names.

They will, however, have to get registrants to agree that they won’t pass themselves off as having affiliations with the relevant government. It looks like registries probably could get away with simply adding a paragraph to their terms of service to satisfy this requirement.

Registries will also have to “take reasonable steps to investigate and respond to any reports from governmental agencies and ccTLD operators of conduct that causes confusion with the corresponding country code in connection with the use of a letter/letter two-character ACSCII domain.”

This too is worded vaguely enough that it could wind up being worthless to governments, many of which are worried about domains matching their ccTLDs being passed off as government-approved.

The Governmental Advisory Committee is split on how worrisome this kind of thing is.

For examples, governments such as Spain and Italy have fought for the right to get to pre-approve the release of “es” and “it” domains, whereas the governments of the US and UK really could not care less.

The most-recent formal GAC advice on the subject, coming out of the July meeting in Helsinki, merely said ICANN should:

urge the relevant Registry or the Registrar to engage with the relevant GAC members when a risk is identified in order to come to an agreement on how to manage it or to have a third-party assessment of the situation if the name is already registered

“It is our belief that that our resolution is consistent with GAC advice,” outgoing ICANN board member Bruce Tonkin said yesterday, noting that nobody can claim exclusive rights over any string, regardless of length.

Before and after the resolution passed, the GAC expressed “serious concern” that the board had not formally responded to the Helsinki communique.

In its Hyderabad communique, issued after yesterday’s vote, the GAC advised the board to:

  • Clearly indicate whether the actions taken by the Board as referred to in the resolution adopted on 8 November 2016 are fully consistent with the GAC advice given in the Helsinki Communiqué.
  • Always communicate in future the position of the Board regarding GAC advice on any matter in due time before adopting any measure directly related to that advice.

ICANN staff are now tasked with coming up with a way to implement the two-character release.

My sense is that some kind of amendment to Registry Agreements might be required, so we’re probably looking at months before we start seeing two-letter domains being released.

“Shadow content policing” fears at ICANN 57

Kevin Murphy, November 7, 2016, Domain Policy

Fears that the domain name industry is becoming a stooge for “shadow regulation” of web content were raised, and greeted very skeptically, over the weekend at ICANN 57.

Attendees yesterday heard concerns from non-commercial stakeholders, notably the Electronic Frontier Foundation, that deals such as Donuts’ content-policing agreement with the US movie industry amount to regulation “by the back door”.

But the EFF, conspicuously absent from substantial participation in the ICANN community for many years, found itself walking into the lion’s den. Its worries were largely pooh-poohed by most of the rest of the community.

During a couple of sessions yesterday, EFF senior attorney Mitch Stoltz argued that the domain industry is being used by third parties bent on limiting internet freedoms.

He was not alone. The ICANN board and later the community at large heard support for the EFF’s views from other Non-Commercial User Constituency members, one of whom compared what’s going on to aborted US legislation SOPA, the Stop Online Piracy Act.

“Regulation of content through the DNS system, through ICANN institutions and through contracted parties is of great concern and I think should be of great concern to all of us here,” Stoltz said.

He talked about a “bright line” between making policies related to domain names and policies related to content.

“I hope that the bright line between names and content is maintained because I think once we get past it, there may be no other bright line,” he said.

“If we allow in copyright enforcement, if we allow in enforcement of professional or business licensing as a criterion for owning a domain name, it’s going to be very hard to hold that line,” he said.

ICANN has long maintained, though with varying degrees of vigor over the years, that it does not regulate content.

Chair Steve Crocker said yesterday: “It’s always been the case, from the inception. It’s now baked in deeply into the mission statement. We don’t police content. That’s not our job.”

That kind of statement became more fervent last year, as concerns started to be raised about ICANN’s powers over the internet in light of the US government’s decision to give up its unique ICANN oversight powers.

Now, a month after the IANA transition was finalized, ICANN has new bylaws that for the first time state prominently that ICANN is not the content cops.

Page one of the massive new ICANN bylaws says:

ICANN shall not regulate (i.e., impose rules and restrictions on) services that use the Internet’s unique identifiers or the content that such services carry or provide

It’s pretty explicit, but there’s a catch.

A “grandfather” clause immediately follows, which states that registries and registrars are not allowed to start challenging the terms of their existing contracts on the basis that they dabble too much with content regulation.

That’s mainly because new gTLD Registry Agreements all include Public Interest Commitments, which in many cases do actually give ICANN contractual authority over the content of web sites.

Content-related PICs are most prominent in “Community” gTLDs.

In the PICs for Japanese city gTLD .osaka, for example, the registry promises that “pornographic, vulgar and highly objectionable content” will be “adequately monitored and removed from the namespace”.

While ICANN does not actively go out looking for .osaka porn, if porn did start showing up in .osaka and the registry does not suspend the domains, it would be in breach of its RA and could lose its contract.

That PIC was voluntarily adopted by the .osaka registry and does not apply to other gTLDs, but it is binding.

So in a roundabout kind of way, ICANN does regulate content, in certain narrow circumstances.

Some NCUC members think this is a “loophole”.

Another back door they think could be abused are the bilateral “trusted notifier” relationships between registries and third parties such as the movie, music and pharmaceutical industries.

Donuts and Radix this year have announced that the Motion Picture Association of America is allowed to notify it about domains that it believes are being used for large-scale, egregious movie piracy.

Donuts said it has suspended a dozen domains — sites that were TLD-hopping to evade suspension — since the policy came into force.

EFF’s Stoltz calls this kind of thing “shadow regulation”.

“Shadow regulation to us is the regulation of content… through private agreements or through unaccountable means that were not developed through the bottom-up process or through a democratic process,” he told the ICANN board yesterday.

While the EFF and NCUC thinks this is a cause for concern, they picked up little support from elsewhere in the community.

Speakers from registries, registrars, senior ICANN staff, intellectual property and business interests all seemed to think it was no big deal.

In a different session on the same topic later in the day, outgoing ICANN head of compliance Allen Grogan addressed these kinds of deals. He said:

From ICANN’s point of view, if there are agreements that are entered into between two private parties, one of whom happens to be a registry or a registrar, I don’t see that ICANN has any role to play in deciding what kinds of agreements those parties can enter into. That clearly is outside the scope of our mission and remit.

We can’t compel a registrar or a registry to even tell us what those agreements are. They’re free to enter into whatever contracts they want to enter into.

To the extent that they become embodied in the contracts as PICs, that may be a different question, or to the extent that the agreements violate those contracts or violate consensus policies, that may be a different question.

But if a registrar or registry decides to enter into an agreement to trust the MPAA or law enforcement or anyone else in deciding what actions to take, I think they’re free to do that and it would be far beyond the scope of ICANN’s power or authority to do anything about that.

In the same session, Donuts VP Jon Nevett cast doubt on the idea that there is an uncrossable “bright line” between domains and content by pointing out that the MPAA deal is not dissimilar to registries’ relationships with the bodies that monitor online child abuse material.

“We have someone that’s an expert in this industry that we have a relationship with saying there is child imagery abuse going on in a name, we’re not going to make that victim go get a court order,” he said.

Steve DelBianco of the NetChoice Coalition, a member of the Business Constituency, had similar doubts.

“Mitch [Stoltz] cited as an example that UK internet service providers were blocking child porn and since that might be cited as an example for trademark and copyright that we should, therefore, not block child porn at all,” he said. “I can’t conceive that’s really what EFF is thinking.”

Nevett gave a “real-life example” of a rape.[tld] domain that was registered in a Donuts gTLD.

“[The site] was a how-to guide. Talk about horrific,” he said. “We got a complaint. I’m not going to wait till someone goes and gets a court order. We’re a private company and we agreed to suspend that name immediately and that’s fine. There was no due process. And I’m cool with that because that was the right thing to do.”

“Just like a restaurant could determine that they don’t want people with shorts and flip-flops in the restaurant, we don’t want illegal behavior and if they want to move somewhere else, let them move somewhere else,” he said.

In alleged copyright infringement cases, registrants get the chance to respond before their names are suspended, he said.

Stoltz argued that the Donuts-MPAA deal had been immediately held up, when it was announced back in February, as a model that the entire industry should be following, which was dangerous.

“If everyone is subject to the same policies, then they are effectively laws and that’s effectively law-making by other means,” he said.

He and other NCUC members are also worried about the Domain Name Association’s Healthy Domains Initiative, which is working on voluntary best practices governing when registries and registrars should suspend domain names.

Lawyer Kathy Kleiman of the NCUC said the HDI was basically “SOPA behind closed doors”.

SOPA was the hugely controversial proposed US federal legislation that would have expanded law enforcement powers to suspend domains in cases of alleged copyright infringement.

Stoltz and others said that the HDI appeared to be operating under ICANN’s “umbrella”, giving it an air of having multistakeholder legitimacy, pointing out that the DNA has sessions scheduled on the official ICANN 57 agenda and “on ICANN’s dime”.

DNA members disagreed with that characterization.

It seems to me that the EFF’s arguments are very much of the “slippery slope” variety. While that may be considered a logical fallacy, it does not mean that its concerns are not valid.

But if there was a ever a “bright line” between domain policy and content regulation, it was traversed many years ago.

The EFF and supporters perhaps should just acknowledge that what they’re really concerned about is copyright owners abusing their powers, and target that problem instead.

The line has moved.