The Governmental Advisory Committee has advised ICANN to do as it’s told and stop listening to the views of other stakeholders, on the issue of protection mechanisms for the Red Cross.
In a barely believable piece of formal advice to the ICANN board this morning, part of its London communique (pdf), the GAC said:
the protections due to the Red Cross and Red Crescent terms and names should not be subjected to, or conditioned upon, a policy development process
That’s the GAC telling the ICANN board to do what the GAC says without involving the rest of the ICANN community, specifically the multi-stakeholder Generic Names Supporting Organization.
Some in the GNSO have already informally expressed their anger about this. More, and more formal, responses are expected to follow.
It’s a baffling GAC move given that most governments have spent much of the ICANN 50 meeting this week professing how much they support the multi-stakeholder model of internet governance.
Now the GAC is explicitly telling ICANN to ignore anyone that isn’t the GAC, on this particular issue.
That’s unprecedented, though many would say that GAC statements often sound like the existence of other advisory committees and supporting organizations is little more than an annoyance to members.
During a meeting between the ICANN board and the GAC on Tuesday, UK GAC member Mark Carvell expressed some of that frustration, saying ICANN’s approach to the issue has been “completely unacceptable”.
we’re talking about names that are protected under international law and implemented in national legislation
So, for example, if you go down Pride Street around the corner, you won’t find Red Cross Burgers. You won’t find Patisserie Croix Rouge in Paris anywhere, or in London, indeed, because it’s against the law to use those names.
So the response that we’ve had from the Board is equating these names to trademarks by referring to the GNSO response, saying that this is a matter for incorporation of policy development that would use the trademark clearinghouse.
So I just wanted to make the point here that this is completely unacceptable to us. We’re in a position as governments and administrations in implementing national law. So our advice continues to be that these names need to be protected and not subject to some policy development process that equates these names to trademarks
That point of view seems to have translated directly into the GAC’s communique today.
The GAC statement is doubly baffling because the Red Cross and Red Crescent already enjoy protections in the new gTLD program, and the GNSO has voted to make these protections permanent.
The GAC has been pushing for protections for the Red Cross for years.
It’s a noble effort in principle, designed to help thwart fraudsters who would use the Red Cross brand to bilk money out of well-meaning internet users in the wake of human tragedies such as earthquakes and tsunamis.
The ICANN board of directors first agreed to adopt such protections in 2011, when it approved the new gTLD program.
Red Cross protections were added to the program rules then on a temporary basis, pending a formal GNSO policy on the matter.
The GNSO took a while to get there, but it formally passed a resolution in November last year that would protect a list of Red Cross organizations at both the top and second levels in the new gTLD program.
So what’s the GAC’s problem?
ICANN director Chris Disspain asked Carvell during the Tuesday GAC-board session. Carvell responded:
I’m talking about our advice with regard to protection of national entities at the second level. So, for example, British Red Cross dot whatever. That protection does not exist, and is not agreed as we understand it.
The original list of Red Cross/Red Crescent strings for which the GAC demanded protection includes strings like “redcross” and “croissant-rouge”, but it does not include strings such as “americanredcross”.
There are 189 national Red Cross organizations that are not currently protected, according to the GAC.
Why are these strings not on the list?
It appears to be because the GAC didn’t ask for such protections until March this year, six months after the GNSO concluded its PDP and close to three years after the temporary protections were originally implemented.
The GAC communique from the latest Singapore meeting (pdf) contains a request for national Red Cross organizations to be protected, but I can’t find any matching GAC advice that predates March 2014.
The GAC seems to have screwed up, in other words, by not asking for all the protections it wanted three years ago.
And now it’s apparently demanding that its new, very late demands for protection get implemented by ICANN without a PDP and with no input from any other area of the ICANN community.
The GAC spent a lot of time this week talking up the multistakeholder process, but now it seems prepared to throw the concept under a bus either in the name of expediency or to cover up the fact that it seriously dropped the ball.
Nobody can deny that its heart is in the right place, but is abandoning support for multistakeholderism really the best way to go about getting what it wants, at a time when everyone is claiming governments won’t control the newly liberated ICANN?
Over 800,000 domain names have been suspended since the beginning of the year as a result of Whois email verification rules in the new ICANN Registrar Accreditation Agreement.
That’s according to the Registrars Stakeholder Group, which collected suspension data from registrars representing about 75% of all registered gTLD domain names.
The actual number of suspended domains could be closer to a million.
The 2013 RAA requires registrars to verify the email addresses listed in their customers’ Whois records. If they don’t receive the verification, they have to suspend the domain.
The RrSG told the ICANN board in March that these checks were doing more harm than good and today Tucows CEO Elliot Noss presented, as promised, data to back up the claim.
“There have been over 800,000 domains suspended,” Noss said. “We have stories of healthcare sites that have gone down, community groups whose sites have gone down.”
“I think we can safely say millions of internet users,” he said. “Those are real people just trying to use the internet. They are our great unrepresented core constituency.”
The RrSG wants to see contrasting data from law enforcement agencies and governments — which pushed hard for Whois verification — showing that the RAA requirement has had a demonstrable benefit.
Registrars asked at the Singapore meeting in March that law enforcement agencies (LEA) be put on notice that they can’t ask for more Whois controls until they’ve provided such data and ICANN CEO Fadi Chehade said “It shall be done by London.”
Noss implied that the majority of the 800,000 suspended names belong to innocent registrants, such as those who had simply changed email addresses since registering their names.
“What was a lovely political win that we said time and time again in discussion after discussion was impractical and would provide no benefit, has demonstrably has created harm,” Noss said.
He was received with cautious support by ICANN board members.
Chair Steve Crocker wonder aloud how many of the 800,000 suspended domains are owned by bad guys, and he noted that LEA don’t appear to gather data in the way that the registrars are demanding.
“We were subjected, all of us, to heavy-duty pressure from the law enforcement community over a long period of time. We finally said, ‘Okay, we hear you and we’ll help you get this stuff implemented,’”, he added. “That creates an obligation as far as I’m concerned on their part.”
“We’re in a — at least from a moral position — in a strong position to say, ‘You must help us understand this. Otherwise, you’re not doing your part of the job’”, he said.
Chehade also seemed to support the registrars’ position that LEA needs to justify its demands and offered to take their data and concerns to the LEA and the Governmental Advisory Committee.
“They put restrictions on us that are causing harm, according to these numbers,” he said. “Let’s take this back at them and say, hey, you ask for all these things, this is what happened.”
“If you can’t tell me what good this has done, be aware not to come back and ask for more,” he said. “I’m with you on this 100%. I’m saying let’s use the great findings you seem to have a found and well-package them in a case and I will be your advocate.”
Director Mike Silber also spoke in support of the RrSG’s position.
“My view is if what you are saying is correct, the LEA’s have blown their credibility,” he said. “They’re going to have to do a lot of work before we impose similar disproportional requirements on actors that are not proven to be bad actors.”
So what does this all mean for registrants?
I don’t think there’s any ongoing process right now to get the Whois verification requirements overturned — that would require a renegotiation of the RAA — but it does seem to mean demands from governments and police are going to have to be much more substantiated in future.
Noss attempted to link the problem to the recommendations of the Whois Expert Working Group (EWG), which propose a completely revamped, centralized Whois system with much more verification and not much to benefit registrants.
To paraphrase: if email verification causes so much harm, what harms could be caused by the EWG proposal?
The EWG was not stuffed with LEA or governments, however, so it couldn’t really be characterized as another set of unreasonable demands from the same entities.
Judging by DI’s traffic spike last night, there’s a lot of interest in Google Domains, Google’s forthcoming entry into the domain name registrar market.
And judging by some of the early commentary, it seems that many people are already assuming that the service will be an overnight success.
Some people already seem to be willing to write off market leader Go Daddy specifically, for some peculiar reason.
I’ve even heard speculation that Google timed its announcement to screw with Go Daddy’s imminent IPO, which strikes me as veering into conspiracy theory territory.
While I’ve no doubt Go Daddy and other mass-market retail registrars will be watching Google’s move with interest and concern — and there are some reasons to be worried — let’s not jump the gun here.
Let’s calm the hyperbole a little. Off the top of my head, here are a handful of reasons not to get excited just yet.
1. It could be a really shitty product
There seems to be an assumption in some quarters that whatever Google brings to market will be automatically incredible, but the company really doesn’t have the track record to support that assumption.
Sure, its search engine may be great and services such as Gmail and Adsense may be pretty good, but have you ever tried Blogger?
Do you actually use Google+, or do you only have an account because Google forced you?
The truth is that lots of Google products fail.
And we haven’t even seen Google Domains yet. Nobody has. Only Google employees and their buddies are going to get beta access, so it seems we’re going to be waiting a while before we can judge.
2. There’s no 24×7 support
Google Domains will launch with support via email and phone from 9am to 9pm US Eastern time, Monday to Friday.
Would you switch to a registrar that doesn’t have round-the-clock support seven days a week? As a small business owner who makes his living from his web site, I sure wouldn’t.
If Google Domains gains traction you can expect support hours to be expanded pretty quickly, but a lack of 24×7 support at launch will keep many customers away.
3. It’s not free
Some people seem to be obsessed with the notion that Google is going to give away free domains, and that kind of commentary is continuing even though we know Google Domains will charge $12 for a .com.
Its email service may come at no additional cost, but its email service is Gmail, and that’s already free. Google could hardly start charging an add-on fee for something that’s always been free.
Google Domains may offer free privacy too, but so do lots of other registrars.
In future, Google registry arm Charleston Road Registry may give away free names in some of its new gTLDs, but if it does so that price will have to be available to all registrars, not just Google Domains.
Google Domains isn’t free. It’s not even the cheapest registrar on the market.
4. Go Daddy is gigantic
According to its recent regulatory filings, Go Daddy has 57 million domains under management and 12 million customers.
How many of those do you think will make the switch to Google? How many will even know that such a switch is possible?
Switching registrars may be relatively straightforward if everything you own is parked, but it becomes more complex when you’re running your web site, email and so forth on your registrar’s platform.
These kinds of small business owners are the customers being targeted by Google and Go Daddy, and if they already have web sites they’re likely already experiencing registrar lock-in.
According to its announcement, Google is targeting greenfield opportunities — the 55% of small businesses it estimates don’t have an online presence today — rather than grabbing market share from rivals.
The “small businesses need to get online” story is common to every press release issued by every web host and domain registrar with a price promotion to plug.
When Google teamed up with Blacknight to give away domains for free — for FREE, so it is, so it is — to Irish small businesses, it managed to sign up 10,000 in one year.
How long do you think it will take Google to get to 57 million names under management?
Google has announced its first foray into the domain name registrar business with Google Domains.
The company tells me that the upcoming service will allow customers to buy or transfer domains for $12 a year.
Privacy protection, up to 100 email addresses and up to 100 subdomains — things existing leading registrars charge extra for — will be included at no additional cost.
Right now, the service is in an invitation-only beta. The first beta users are not expected to get access for a couple of weeks and the beta will likely last a couple of months.
Google says it wants to make domain registration a “simple and transparent experience”.
It’s not entirely clear which TLDs will be supported at first — .com, .net and .eu seem to be three of them — but the company plans to support “many” new gTLDs in future.
The service is unfinished, according to the company, but beta users will be able to buy and transfer domain names.
They’ll also be able to use web site creation tools supplied by the likes of Squarespace, Wix, Weebly and Shopify, which will carry an additional cost.
The $12 a year fee is comparable to market-leader Go Daddy’s annual rate for a .com, but Go Daddy charges about $8 extra per year for privacy and about $5 a month for email.
Google joins the likes of Minds + Machines and Uniregistry as new gTLD registries that have made the move into the registrar side of the business, hoping to bring a fresh approach to the market.
Google has actually been accredited by ICANN as a registrar for years — over a decade if memory serves — but to date has never used its accreditation to sell domains.
With its Google Apps service, the company refers domain buyers to Go Daddy and eNom. While there’s no confirmation from Google yet, I suspect those relationships may be in jeopardy in future.
The forthcoming .london gTLD didn’t get a look in during the opening ceremony of ICANN 50, held this morning in London.
The host city gTLD’s complete absence from the two-hour event — it wasn’t mentioned once — would have escaped notice had it not been for the abundance of plugs for .wales and .cymru attendees received instead.
.cymru is the Welsh name for Wales. The gTLDs are to be launched simultaneously.
Welsh First Minister Carwyn Jones was given stage time to announce, in between anti-English quips, that the Welsh government is to dump .gov.uk in favor of the two new Welsh gTLDs.
Later, a Welsh male voice choir (presumably a famous one) took to the stage to sing a couple of songs and announce that they too are planning to use .wales and .cymru for their web sites.
Nominet chair Rennie Fritchie also plugged the upcoming launches during her five-minute slot.
You’d have been forgiven for wondering if you’d accidentally got off the plane in Cardiff.
Where was .london?
Did Dot London Domains seriously drop the ball here?
Or did .london’s absence have something to do with the fact that the host ccTLD and meeting sponsor, Nominet, is the registry for .wales and .cymru but was beaten to the .london back-end contract by Minds + Machines?