Latest news of the domain name industry

Recent Posts

PwC wants to be your Whois gatekeeper

Kevin Murphy, June 11, 2019, Domain Services

PricewaterhouseCoopers has built a Whois access system that may help domain name companies and intellectual property interests call a truce in their ongoing battle over access to private Whois data.

Its new TieredAccess Platform will enable registries and registrars to “outsource the entire process of providing access to non-public domain registration data”.

That’s according to IP lawyer Bart Lieben, partner at the Belgian law firm ARTES, who devised the system and is working with PwC to develop it.

The offering is designed to give trademark lawyers access to the data they lust after, while also reducing costs and mitigating domain name industry liability under the General Data Protection Regulation.

TieredAccess would make PwC essentially the gatekeeper for all requests for private Whois data (at least, in the registries plugged into the platform) coming from the likes of trademark owners, security researchers, lawyers and law enforcement agencies.

At one end, these requestors would be pre-vetted by PwC, after which they’d be able to ask for unredacted Whois records using PwC as an intermediary.

They’d have to pick from one of 43 pre-written request scenarios (such as cybersquatting investigation, criminal probe or spam prevention) and assert that they will only use the data they obtain for the stated purposes.

At the other end, registries and registrars will have adopted a set of rules that specify how such requests should be responded to.

A ruleset could say that cops get more access to data than security researchers, for example, or that a criminal investigation is more important than a UDRP complaint.

PwC has created a bunch of templates, but registrars and registries would be able to adapt these policies to their own tastes.

Once the rules are put in place, and the up-front implementation work has been done to plug PwC into their Whois servers, they wouldn’t have to worry about dealing with Whois requests manually as most are today. The whole lot would be automated.

Not even PwC would have human eyes on the requests. The private data would only be stored temporarily.

One could argue that there’s the potential for abusive or non-compliant requests making it through, which may give liability-nervous companies pause.

But the requests and response metadata would be logged for audit and compliance, so abusive users could be fingered after the act.

Lieben says the whole system has been checked for GDPR compliance, assuming its prefabricated baseline scenarios and templates are adopted unadulterated.

He said that the PwC brand should give clients on both sides “peace of mind” that they’re not breaking privacy law.

If a registrar requires an affidavit before releasing data, the assertions requestors make to PwC should tick that box, he said.

Given that this is probably a harder sell to the domain name industry side of the equation, it’s perhaps not surprising that it’s the requestors that are likely to shoulder most of the cost burden of using the service.

Lieben said a pricing model has not yet been set, but that it could see fees paid by registrars subsidized by the fees paid by requestors.

There’s a chance registries could wind up paying nothing, he said.

The project has been in the works since September and is currently in the testing phase, with PwC trying to entice registries and registrars onto the platform.

Lieben said some companies have already agreed to test the service, but he could not name them yet.

The service was developed against the backdrop of ongoing community discussions within ICANN in the Expedited Policy Development Working group, which is trying to create a GDPR-compliant policy for access to private Whois records.

ICANN Org has also made it known that it is considering making itself the clearinghouse for Whois queries, to allow its contracted parties to offload some liability.

It’s quite possible that once the policies are in place, ICANN may well decide to outsource the gatekeeper function to the likes of PwC.

That appears to be what Lieben has in mind. After all, it’s what he did with the Trademark Clearinghouse almost a decade ago — building it independently with Deloitte while the new gTLD rules were still being written and then selling the service to ICANN when the time came.

The TieredAccess service is described in some detail here.

.CLUB to let brands block “trillions” of domains for $2,000

.CLUB Domains has launched a service for trademark owners that will enable them to block an essentially infinite number of potential cybersquats for a $2,000 payment every three years.

But the restrictions in place to avoid false positives mean that some of the world’s most recognizable brands would not be eligible to use it.

The service is called Trademark Sentry. In February, .CLUB asked ICANN for approval to launch it under the name Unlimited Name Blocking Service.

It’s cast by the registry roughly as a kind of clone of Donuts’ five-year-old Domain Protected Marks List, which enables brands to block their marks across Donuts’ entire portfolio of 242 gTLDs for far less than they would pay defensively registering 242 domains individually.

But while Donuts has a massive stable of TLDs, .CLUB is a one-horse town, so what’s going on?

Based on promotional materials .CLUB sent me, it appears that Trademark Sentry is primarily a way to reduce not defensive registration costs but rather UDRP costs.

Instead of blocking a single trademarked string across a broad portfolio of TLDs — for example google.ninja, google.bike, google.guru, google.charity… — the .CLUB service allows brands to block any domain that contains that string in a single TLD.

For example, Google could pay .CLUB $2,000, and for the next three years it would be impossible for anyone to register any .club domain that contained the substring “google”.

Any potential cybersquatter who went to a registrar and tried to register domains such as “mygooglesearch.club” or “googlefootball.club” or “bestgoogle.club” or “xreegtegooglefwrreed.club” would be told by the registrar that the domain was unavailable.

It would be blocked at the registry level, because it contained the blocked string “google”.

Customers will be able to add typos to the blocklist for a 50% discount.

To the best of my knowledge, this is not a service currently offered by any other gTLD registry.

It’s precisely the kind of thing that the IP lobby at ICANN was crying out for — albeit without the obligation to pay for it — prior to the 2012 application round.

.CLUB reckons it’s a money-saver for brand owners who find themselves filing lots of UDRP complaints.

UDRP complaints cost at least $1,500, just for the filing fees with outfits such as WIPO. They can cost many hundreds more in lawyers fees.

Basically, if you expect your brand will be hit by at least one UDRP in .club in the next three years, $2,000 might look like a decent investment.

.club domains have been subject to 279 UDRP complaints over the last five years, according to UDRPSearch.com.

But .CLUB has put in place a number of restrictions that are likely to seriously restrict its potential customer base.

First, the trademark will have to be “fanciful”. The registry says:

To qualify for Unlimited Name Blocking a trademark must be fanciful as defined by the USPTO and meet the .CLUB Registry’s additional requirements and subject to the .CLUB Registry’s discretion. Marks that are not fanciful but when combined with another word become sufficiently unique may be allowed.

“Apple” would not be permitted, but “AppleComputer” might be.

.CLUB told me that any trademark that, if blocked, would prevent non-infringing uses of the string would also not qualify for the service.

If you look at a UDRP-happy brand like Lego, which has already filed several complaints about alleged cybersquats in .club, it would certainly not qualify. Too many words end in “le” and begin with “go” for .CLUB to block every domain containing “lego”.

Similarly, Facebook would likely not qualify because one can imagine non-infringing uses such as facetofacebookmakers.club. Twitter is a dictionary word, as is Coke. Pepsi is a substring of dyspepsia. Amazon is primarily a geographic term. McDonald’s is derived from a common surname, as are Cartier and Heinz.

For at least half of the famous brands that pop into my head, I can think of a reason they will probably not be allowed to use this service.

.CLUB also won’t allow trademarks shorter than five characters.

Still, for those brands that do qualify, and do have an aggressive UDRP-based enforcement policy, the service seems to be priced at a point where an ROI case can be made.

Like Donuts’ DPML domains, anything blocked under Trademark Sentry is not going to show up in zone files, so we’re not going to have any objective data with which to monitor its success.

NamesCon names con speakers

Kevin Murphy, January 7, 2019, Domain Services

With NamesCon’s swansong Las Vegas show just a few weeks away, its agenda and speaker list is well on the way to being finalized.

Organizers recently announced Bhavin Turakhia, Haseeb Tariq and Richard Lau as speakers.

Turakhia, founder of Radix and several registrars, is perhaps best-known for selling Media.net for $900 million and for being one of India’s richest entrepreneurs. His Monday keynote has the tagline “Insights and Inspiration”.

Tariq recently join Fox, but his bread-and-butter has been founding and selling tech startups and high-end domain names. He’s speaking on portfolio pricing strategies.

Overall, the agenda seems to be heavy on speakers from .GLOBAL and affiliated business intelligence service provider RegistryOffice, which are sponsoring the conference.

I won’t be attending, sadly, this year, but these other sessions caught my eye on the agenda:

  • Akram Atallah is part of a panel discussion on data analysis on Tuesday. I believe it’s his first speaking engagement since leaving ICANN’s top brass to become Donuts CEO in mid-November. He’s outnumbered by the .GLOBAL/RegistryOffice posse, so if he has anything interesting to say it may be lost in the sales pitches. Turakhia is also on the panel.
  • Andrew Allemann (Domain Name Wire), Elliot Noss (Tucows) and Zak Muscovitch (Internet Commerce Association) are spending an hour discussing the forthcoming .com price increases after lunch on Tuesday. With no Verisign rep on stage, I’m not sure how balanced the discussion will be, but all three men are engaging speakers and the session may be worth a look.
  • Sessions on emerging technologies include a discussion of Domain Connect with speakers from GoDaddy, WP Engine and Microsoft, and a solo talk on the intersection of blockchain and DNS fromm MMX CEO Toby Hall.
  • Allemann is also hosting a yet-to-be-announced panel of domainers who chose to invest in new gTLDs, entitled “What Were They Thinking?” which may be worth a look-see.

NamesCon runs from Sunday January 26 to Wednesday January 30. Standard ticket prices are $999 or $1,349 for the VIP treatment, though I believe discounts are still available for pre-orders.

It’s the conference’s final year at the cheap-and-cheerful Tropicana hotel in Las Vegas. The organization announced last year that NamesCon Global, its annual North American event, would be moving cities.

While many regular attendees seem to think somewhere warm would be preferable — Florida or California, perhaps — I’ve also heard whispers that a Canadian relocation has not been ruled out.

Canada. In January. Time to buy shares in manufacturers of tuques, perhaps?

Radix now has China approval for whole TLD stable

Kevin Murphy, January 3, 2019, Domain Services

Radix’s entire portfolio of new gTLDs is now approved for sale and use in China, according to the company.

The company said today that .host, .press, .space and .website recently received the nod from the Ministry of Industry and Information Technology, which regulates the domain name space in China.

.fun, .site, .online, .tech and .store have all previously received approval.

Across the three-million-domain portfolio, over 700,000 are registered in China, according to Radix.

It saw growth in China over over 30% in 2018 in terms of new domain adds, the company said in a press release.

CEO Sandeep Ramchandani said that Radix has partnered with local registrar Xinnet to give free domains to university students to “host their academic projects and business prototypes.”

The most-read stories of 2018

Kevin Murphy, January 3, 2019, Domain Services

Happy 2019!

As we crawl, dark-eyed and slurring, from our festive hibernation, I thought now would be a good time to do a quick reminder of 2018, in the form of a top-10 list of the most-read stories published by DI over the last 12 months.

If not today, then when?

I’ve excluded, as usual, articles that seem to show up prominently in my traffic logs every single day simply because Google seems to think they’ve got porn in them.

Stéphane Van Gelder dies after motorcycle accident

Stéphane Van Gelder was a registrar industry pioneer and long-time ICANN community leader, and his untimely death in a vehicle accident in March came as a great shock to many. The fact that this post was the most-read of the year is not surprising. He is missed by many, and was subsequently posthumously awarded ICANN’s Multistakeholder Ethos Award.

Has the world’s biggest new gTLD registry gone bankrupt?

This speculative post from June came about after I discovered that a court-appointed administrator had taken over ownership of all TLDs in the Famous Four Media portfolio. It later turned out that FFM had in fact been removed by investors in true portfolio owner Domain Venture Partners, which created a new company, GRS Domains, to take over. The full details of this evidently bitter boardroom fight have yet to emerge.

Donuts freezes .place gTLD ahead of new geofencing rules

Perhaps a surprising entry on the list, this story detailed how Donuts had essentially taken .place off the market in preparation for a planned repurposing of the gTLD to tie into the emerging “geofencing” infrastructure. The freeze happened in May, and as far as I can tell .place is still in limbo as the technology back-end is finalized, which may account for this post’s popularity.

ICANN number two Atallah is new CEO of Donuts

Not long after Donuts was acquired by a private equity fund partly controlled by former ICANN CEO Fadi Chehade, I received a tip-off that his former number two, Global Domains Division president Akram Atallah, had been headhunted to be the registry’s new CEO. It was officially confirmed a few hours later, but not before the unwashed hordes (that’s you) had given the DI server something to think about. The perception of a revolving door between ICANN and industry raised eyebrows, including from the US government.

Google’s .app gTLD beats .porn to biggest sunrise yet

Google’s eagerly anticipated .app gTLD hit the market mid-year, and got off to a strong start with a sunrise period beaten only by defensive-heavy .porn. It’s very likely the strongest sunrise period of the 2012 round so far. The TLD has something like 350,000 domains under management today, which for new gTLDs is pretty much a success story.

GoDaddy and DomainTools scrap over Whois access

This story about GoDaddy and DomainTools fighting about whether the latter could get unmitigated access to the former’s Whois database was published in January, long before the full impact of GDPR on Whois privacy was known, and therefore now, with the benefit of hindsight, feels hopelessly naive.

How all 33 European ccTLDs are handling GDPR

Good grief, did I write a “listicle”? To mark the day GDPR came into full effect, I trawled through the web sites, news releases and policy documents of 33 European ccTLDs to see how each registry was planning to comply with the strict new privacy legislation, so you didn’t have to. The results were surprisingly diverse.

Google’s $25 million .app domain finally has a launch date

Remember how I said .app was “eagerly anticipated”? The fact that this post, merely noting the TLD’s launch timetable, hit the top 10 most-read stories for the year is perhaps proof of that.

Facebook clashes with registrars after massive private data request

Many big brands were unhappy with how ICANN and the industry turned off their unfettered Whois access following GDPR, none more so than Facebook, which has been piling pressure on ICANN to force registrars to acquiesce to its data requests. This July story revealed how it had started using a close intermediary called AppDetex to bombard registrars with over-broad disclosure requests. Registrars subsequently fought back, and AppDetex later gave me a demo of its early-stage software. The fight, no doubt, continues.

These 33 people will decide the future of Whois

Another GDPR listicle? In this July post I prepared brief bios of the volunteers selected to work on ICANN’s first Expedited Policy Development Process working group, which is challenged with coming up with a permanent policy solution to GDPR, amenable to all sections of the community. Needless to say, they’re still working on it…

That’s the top 10 most-read articles on DI in 2018. Honorable mentions go to Fight breaks out as Afilias eats Neustar’s Aussie baby, How a single Whois complaint got this registrar shitcanned and Some men at ICANN meetings really are assholes, simply because I like the headlines.

Happy new year to all DI readers. I don’t tell you this nearly regularly enough, but I really do love you all more than words could possibly describe.