Latest news of the domain name industry

Recent Posts

Grogan hopeful of content policing clarity within “a few weeks”

ICANN may be able to provide registrars, intellectual property interests and others with clarity about when domain names should be suspended as early as next month, according to compliance chief Allen Grogan.

With ICANN 53 kicking off in Buenos Aires this weekend, Grogan said he intends to meet with a diverse set of constituents in order to figure out what the Registrar Accreditation Agreement requires registrars to do when they receive abuse complaints.

“I’m hopeful we can publish something in the next few weeks,” he told DI. “It depends to some extent on what direction the discussions take.”

The discussions center on whether registrars are doing enough to take down domains that are being used, for example, to host pirated content or to sell medicines across borders.

Specifically at issue is section 3.18 of the 2013 RAA.

It requires registrars to take “reasonable and prompt steps to investigate and respond appropriately” when they receive abuse reports.

The people who are noisiest about filing such reports — IP owners and pharmacy watchdogs such as LegitScript — reckon “appropriate action” means the domain in question should be suspended.

The US Congress heard these arguments in hearings last month, but there were no witnesses from the ICANN or registrar side to respond.

Registrars don’t think they should be put in the position of having to turn off what may be a perfectly legitimate web site due to a unilateral complaint that may be flawed or frivolous.

ICANN seems to be erring strongly towards the registrars’ view.

“Whatever the terms of the 2013 RAA mean, it can’t really be interpreted as a broad global commitment for ICANN to enforce all illegal activity or all laws on the internet,” Grogan told DI.

“I don’t think ICANN is capable of that, I don’t think we have the expertise or resources to do that, and I don’t think the ICANN multistakeholder community has ever had that discussion and delegated that authority to ICANN,” he said.

CEO Fadi Chehade recently told the Washington Post that it isn’t ICANN’s job to police web content, and Grogan has expanded on that view in a blog post last week.

Grogan notes that what kind of content violates the law varies wildly from country to country — some states will kill you for blasphemy, in some you can get jail time for denying the Holocaust, in others political dissent is a crime.

“Virtually everybody I’ve spoken with has said that is far outside the scope of ICANN’s remit,” he said.

However, he’s leaving some areas open for discussion,

“There are some constituents, including some participants in the [Congressional] hearing — from the intellectual property community and LegitScript — who think there’s a way to distinguish some kinds of illegal activities from others,” he said. “That’s a discussion I’m willing to have.”

The dividing line could be substantial risk to public health or activities that are broadly, globally deemed to be illegal. Child abuse material is the obvious one, but copyright infringement — where Grogan said treaties show “near unanimity” — could be too.

So is ICANN saying it’s not the content police except when it comes to pharmacies and intellectual property?

“No,” said Grogan. “I’m saying I’m willing to engage in that dialogue and have that conversation with the community to see if there’s consensus that some activities are different to others.”

“In a multistakeholder model I don’t think any one constituency should control,” he said.

In practical terms, this all boils down to 3.18 of the RAA, and what steps registrars must take to comply with it.

It’s a surprisingly tricky one even if, like Grogan, you’re talking about “minimum criteria” for compliance.

Should registrars, for example, be required to always check out the content of domains that are the subject of abuse reports? It seems like a no-brainer.

But Grogan points out that even though there could be broad consensus that child abuse material should be taken down immediately upon discovery, in many places it could be illegal for a registrar employee to even check the reported URL, lest they download unwanted child porn.

Similarly, it might seem obvious that abuse reports should be referred to the domain’s registrant for a response. But what of registrars owned by domain investors, where registrar and registrant are one and the same?

These and other topics will come up for discussion in various sessions next week, and Grogan said he’s hopeful that decisions can be made that do not need to involve formal policy development processes or ICANN board action.

Is the Defending Internet Freedom Act pro-crime?

The Defending Internet Freedom Act of 2015, introduced to the US Congress last month, contains a provision that could be interpreted as pro-pron, pro-piracy or even just pro-crime.

The act is designed to prevent the US giving up its oversight of ICANN/IANA unless certain quite strict conditions are met.

It’s a revised version of a bill that was introduced last year but didn’t make it through the legislative process.

Like the 2014 version, it says that the US cannot sever ties with ICANN until its bylaws have been amended in various ways, including:

ICANN is prohibited from engaging in activities unrelated to ICANN’s core mission or entering into an agreement or modifying an existing agreement to impose on a registrar or registry with which ICANN conducts business any condition (such as a condition relating to the regulation of content) that is unrelated to ICANN’s core mission.

It’s the “regulation of content” bit that caught my eye.

Presumably written as a fluffy, non-controversial protection against censorship, it ignores where the real content regulation conversations are happening within the ICANN community.

It’s a constant mantra of ICANN that is “doesn’t regulate content”, but the veracity of that assertion has been chipped away relentlessly over the last several years by law enforcement, governments and intellectual property interests.

Today, ICANN’s contracts are resplendent with examples of what could be argued is content regulation.

Take .sucks, for a timely example. Its Registry Agreement with ICANN contains provisions banning pornography, cyber-bulling and parked pages.

That’s three specific types of content that must not be allowed in any web site using a .sucks domain.

It’s one of the Public Interest Commitments that were voluntarily put forward by .sucks registry Vox Populi, but they’re still enforceable contract provisions.

Using a dispute resolution process (PICDRP), ICANN would be able to levy fines against Vox Pop, or terminate its contract entirely, if it repeatedly allows porn in .sucks web sites.

This sounds quite a lot like content regulation to me.

It’s not just .sucks, of course. Other registries have PICs that regulate the content of their gTLDs.

And every contracted new gTLD registry operator has to agree to this PIC:

Registry Operator will include a provision in its Registry-Registrar Agreement that requires Registrars to include in their Registration Agreements a provision prohibiting Registered Name Holders from distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law, and providing (consistent with applicable law and any related procedures) consequences for such activities including suspension of the domain name.

It’s convoluted, but it basically indirectly forces (via registrars) new gTLD domain registrants to, for example, agree to not infringe copyright.

The PIC is paired with a provision (3.18) of the 2013 Registrar Accreditation Agreement that requires all registrars to investigate and “take necessary and appropriate actions” in response to abuse reports within 24 hours of receipt.

Section 3.18 is essentially the RAA mechanism through which ICANN can enforce the PIC from the RA.

This is currently one of the most divisive issues in the ICANN community, as we witnessed during the recent Congressional hearings into ICANN oversight.

On the one hand, big copyright owners and online pharmacy watchdogs want ICANN to act much more ruthlessly against registrars that fail to immediately take down sites that they have identified as abusive.

On the other hand, some registrars say that they should not have to engage in regulating what content their customers publish, at least without court orders, in areas that can sometimes be amorphously grey and fuzzy.

Steve Metalitz, from a trade group that represents the movie and music industies at ICANN, told the US Congress that registrars are dismissing piracy reports without investigating them, and that “unless registrars comply in good faith, and ICANN undertakes meaningful and substantive action against those who will not, these provisions will simply languish as empty words”.

John Horton from pharmacy watchdog used the same Congressional hearing to out several registrars he said were refusing to comply with 3.18.

One Canadian registrar named in Horton’s testimony told DI that every complaint it has received from LegitScript has been about a web site that is perfectly legal in Canada.

In at least some cases, it seems that those pushing for ICANN to more stringently regulate content may have “internet freedom” as the least of their concerns.

If the Defending Internet Freedom Act becomes law in the US, perhaps it could prove a boon to registries and registrars upset with constant meddling from rights owners and others.

On the other hand, perhaps it could also prove a boon for those operating outside the law.

.sucks and ICANN not invited to Congressional hearing on .sucks and ICANN

Kevin Murphy, May 8, 2015, Domain Policy

The witness list in next week’s US Congressional hearing into .sucks and ICANN accountability does not feature .sucks or ICANN.

The eight witnesses are largely drawn from outspoken critics of both ICANN and Vox Populi, either companies or trade associations and lobby groups. It’s stacked heavily in favor of intellectual property interests.

The hearing is titled “Stakeholder Perspectives on ICANN: The .sucks Domain and Essential Steps to Guarantee Trust and Accountability in the Internet’s Operation”.

With hindsight, the “Stakeholder Perspectives” bit gives away the fact that the judiciary subcommittee holding the hearing is more concerned with listening to ICANN’s critics than ICANN itself.

Mei-lan Stark, a senior intellectual property lawyer from Fox and 2014 president of the International Trademark Association, tops the list.

A critic of the new gTLD program, in 2011 Stark told Congress that the first round of new gTLDs would cost Fox “conservatively” $12 million in defensive registration fees.

It will be interesting to see if any Congresspeople confront Stark about that claim, which appeared like a gross overstatement even at the time.

One company that has been enthusiastically embracing new gTLDs — as an applicant, registry, defensive and non-defensive registrant — is Amazon, which has VP of global public policy Paul Misener on the panel.

Amazon has beef with ICANN for siding with the Governmental Advisory Committee over the battle for .amazon, which Amazon has been banned from obtaining, so it’s difficult to see the company as an overly friendly witness.

Next up is John Horton, president of LegitScript, the company that certifies legitimate online pharmacies and backs the .pharmacy new gTLD.

LegitScript is in favor of greater regulation of the domain name industry in order to make it easier to shut down potentially dangerous web sites (though opponents say it’s more often more interested in protecting Big Pharma’s profit margins). This month it called for a ban on Whois privacy for e-commerce sites.

Steve Metalitz, counsel for the Coalition for Online Accountability (a lobbyist for the movie and music industries) and six-term president of the ICANN Intellectual Property Constituency, is also on the list.

Jonathan Zuck, president of ACT The App Association (aka the Association for Competitive Technology, backed by Verisign and other tech firms) is on the list.

NetChoice director Steve DelBianco is also showing up again. He’s an ICANN hearing mainstay and I gather with this appearance he’ll be getting the final stamp on his Rayburn Building Starbucks loyalty card. That means a free latte, which is always nice.

Internet Commerce Association counsel Phil Corwin is a surprise invitee. ICA represents big domainers and is not a natural ally of the IP side of the house.

Bill Woodcock, executive director of Packet Clearing House, rounds off the list. PCH might not have instant name recognition but it provides Anycast DNS infrastructure services for scores of ccTLDs and gTLDs.

The committee hearing will take place at 10am local time next Wednesday.

A second hearing, entitled “Stakeholder Perspectives on the IANA Transition” will be held four hours later by a subcommittee of the House Energy & Commerce committee. The witnesses for that one have not yet been announced.

It’s going to be a busy day for ICANN bods on Capitol Hill.

Congress to put .sucks on trial

Kevin Murphy, May 6, 2015, Domain Policy

The US Congress is to hold a hearing to look into the .sucks gTLD and ICANN accountability.

A hearing entitled “Stakeholder Perspectives on ICANN: The .sucks Domain and Essential Steps to Guarantee Trust and Accountability in the Internet’s Operation” has been scheduled by the House Subcommittee on Courts, Intellectual Property, and the Internet

It will take place in Washington DC next Wednesday, May 13.

The list of witnesses does not yet appear to have been published.

I would guess we’d be looking at, at the very least, somebody senior from ICANN, somebody senior from .sucks registry Vox Populi, and an intellectual property lawyer.

It was ICANN’s Intellectual Property Constituency that complained about .sucks’ sunrise policies and fees, causing ICANN to refer the matter to US and Canadian trade regulators.

The title of the House hearing suggests that the .sucks controversy will be inextricably tied to the broader issue of ICANN accountability, which is currently undergoing a significant review as ICANN seeks to split permanently from US government oversight.

That’s not great optics for ICANN; I’m sure the organization would rather not have its performance judged on what is quite an unusual edge case emerging from the new gTLD program.

Chehade to face Congressional grilling this week

Kevin Murphy, February 23, 2015, Domain Policy

ICANN CEO Fadi Chehade is heading to Washington DC this week to defend plans to decouple the organization from formal US oversight in front of a potentially hostile committee of Congresspeople.

The Senate Committee on Commerce, Science, and Transportation will meet this Wednesday at 1000 local time to grill Chehade and others on the plan to remove the US government from the current triumvirate responsible for managing changes to the DNS root zone under the IANA arrangements.

He will be joined by Larry Strickling, who as head of the National Telecommunications and Information Administration is the US government’s point person on the transition, and Ambassador David Gross, a top DC lawyer formerly with the Department of State.

All three men are pro-transition, while the Republican-tilted committee is likely to be much more skeptical.

The blurb for the Wednesday hearing reads:

As the U.S. government considers relinquishing control over certain aspects of Internet governance to the private sector, concerns remain that the loss of U.S. involvement over the Internet Assigned Numbers Authority (IANA) could empower foreign powers — acting through intergovernmental institutions or other surrogates — to gain increased control over critical Internet functions.

Republicans and right-leaning media commentators have warned that handing over IANA oversight to a multistakeholder body risks giving too much power to governments the US doesn’t like, such as Russia and China.

Several bills introduced in the House and Senate over the last year would have given Congress much more power to delay or deny the transition.

An amendment to an appropriations bill approved in December prevents the NTIA from spending any taxpayer money on relinquishing its DNS root oversight role until after September 30 this year, the same day that the current IANA contract expires.

This effectively prevents a transition during the current IANA contract’s run. Strickling recently said that the NTIA is complying with this legislation, but noted that it does not prevent the agency participating in the development of the transition proposal.

ICANN community working groups are currently working on plans for ICANN oversight post-NTIA and for addressing ICANN accountability.

These documents are hoped to be ready to sent to the NTIA by July, so the NTIA will have enough time to consider them before September 30.

Strickling recently addressed this date in a speech at the State of the Net conference in Washington, saying:

I want to reiterate again that there is no hard and fast deadline for this transition. September 2015 has been a target date because that is when the base period of our contract with ICANN expires. But this should not be seen as a deadline. If the community needs more time, we have the ability to extend the IANA functions contract for up to four years. It is up to the community to determine a timeline that works best for stakeholders as they develop a proposal that meets NTIA’s conditions, but also works.

Opponents of the transition say that because the NTIA is prevented from terminating the IANA contract before October 1, the NTIA will have no choice but to extend it until September 30, 2017.

Given that 2016 is a presidential election year in the US, Barack Obama would be a private citizen again by the time the next opportunity to transition comes around, they say.

Which presidential hopeful — from either party — would not buckle if asked whether he supports a plan to let Iran run the internet? That’s the political logic at work here.

Chehade himself told the AFP news agency earlier this month that the transition would have to happen before the 2016 elections, to avoid political distractions.

I’m not so sure I agree with the premise that, due to the restraints imposed by the appropriation bill, the transition now has to happen under the next president’s administration.

In my layman’s reading of the current IANA contract, the NTIA is able to terminate it for the “convenience of the government” pretty much whenever it wants.

There’s also an option to extend the contract by up to six months. The NTIA exercised this option in March 2012 when it did not approve of ICANN’s first renewal proposals.