Locked-down .music could launch this year

One of the most heavily contested new gTLDs, .music, could launch this year after new registry DotMusic finally signed its Registry Agreement with ICANN.

The contract was signed over two years after DotMusic prevailed in an auction against Google, Amazon, Donuts, Radix, Far Further, Domain Venture Partners and MMX.

It seems the coronavirus pandemic, along with ICANN bureaucracy, was at least partly to blame for the long delay.

I speculated in April 2019 that .music could launch before year’s end, but this time DotMusic CEO Constantinos Roussos tells me a launch in 2021 is indeed a possibility.

The contract the company has signed with ICANN contains some of the most stringent restrictions, designed to protect intellectual property rights, of any I’ve seen.

First off, there’s going to be a Globally Protected Marks List, which reserves from registration the names of well-known music industry companies and organizations, and platinum-selling recording artists.

Second, registrants are going to have to apply for their domains, proving they are a member of one of the registry’s pre-approved “Music Community Member Organizations”, rather than simply enter their credit card and buy them.

DotMusic will verify both the email address and phone number of the registrant before approving applications.

There’s also going to be a unique dispute resolution process, a UDRP for copyright, administered by the National Arbitration Forum, called the .MUSIC Policy & Copyright Infringement Dispute Resolution Process (MPCIDRP).

Basically, any registrant found to be infringing .music’s content policies could be slung out.

The content policies cover intellectual property infringement as you’d expect, but they also appear to cover activities such as content scraping, a rule perhaps designed to capture those sites that aggregate links to infringing content without actually infringing themselves.

The registry is also going to ban second-level domains that have been used to infringe copyright in other TLDs, to prevent the kind of “TLD-hopping” outfits like The Pirate Bay have engaged in in the past.

In short, it’s going to be one of the least rock-n-roll TLDs out there.

Tightly controlled TLDs like this tend to be unpopular with registrars. Despite the incredibly strong string, my gut feeling is that .music is going to be quite a low-volume gTLD. There’s no word yet on pricing, but I’d err towards the higher end of the spectrum.

Universal Acceptance – making the internet work for everyone [Guest Post]

Editor’s note: this is a guest post written by Aman Masjide, head of compliance at new gTLD registry Radix.

Back in 2014, to foster innovation and to better the choice in domain names, ICANN introduced new generic top-level domains through its New gTLD Program. It was a monumental move that enabled businesses, individuals, and communities across the globe to mark their presence on the internet.

Allowing users to be present digitally in their chosen language (non-ASCII characters and scripts) gave opportunities to local businesses, civil societies, and governments to better serve their communities.

Analysys Mason conservatively estimates that there is scope of $9.8 billion growth in potential revenue from both; existing users who are using new domain names and from new internet users coming online through Internationalized Domain Names (IDNs).

To achieve this, Universal Acceptance of new gTLDs and IDNs is critical in making the Internet more accessible to the next billion users. Founded in February 2015, the Universal Acceptance Steering Group (UASG) undertakes activities to promote Universal Acceptance of all valid domain names and email addresses.

Through its ambassadorship and local Initiative programs, UASG promotes Universal Acceptance globally. Their efforts are divided and executed through five working groups that include:

• Technology Working Group
• Email Address Internationalization Working Group
• Communications Working Group
• Measurement Working Group
• Local Initiatives Working Group

Before we get into the acceptance of new domain extensions (nTLDs), we must first understand what acceptance means and how it’s measured.

The Universal Acceptance Steering Group’s mission sums up acceptance in one short statement: “All domain names and all email addresses work in all software applications.”

While this is a simple understanding of the concept, for an end user of an nTLD, this statement further branches out into multiple questions such as:

• Will my domain name work on all platforms/applications–online or offline?
• Will my email address on a new domain extension get accepted on all websites/platforms and pass all the validation tests?
• Will my emails on new domain extensions, once accepted, stop going into the junk folder?
• Will I be able to use all the features of a website/platform irrespective of my domain extensions? For example, will a social media platform accept a new domain extension in the bio, comments, posts, messenger, etc, and process it exactly like any other legacy TLD?

The Universal Acceptance (UA) of all domain names and email addresses requires that every piece of software is able to accept, validate, process, store, and display them correctly and consistently.

As a new domains registry, it was critical for us to understand what the gaps were and how to close them so that the internet operates the same for nTLD users as it does for the legacy TLD users.

Initial research concluded that UA readiness issues occur when applications are not able to handle the following categories of a domains name or email addresses:

Domain Names

• New short top-level domain names: example.fun, example.site
• New long top-level domain names: example.berlin, example.space
• Internationalized Domain Names: παράδειγμα.ευ

Email Addresses

• ASCII@ASCII; new short or long TLD: ekrem@misal.istanbul
• ASCII@IDN: john@société.org
• Unicode@ASCII: 测试@example.com
• Unicode@IDN: ईमेल@उदाहरण.भारत
• Unicode@IDN; right to left scripts: لیم@لاثم.عقوم ای

For Universal Acceptance to succeed, it needs to be examined holistically.

Over the years, UASG working group members have conducted several gap analysis on programming languages and frameworks, networking command-line tools, web browsers, websites, and have made great strides in acceptance of new domain extensions.

According to UASG’s FY 2020 report, tests conducted on top websites showed that

• The acceptance rate of emails on short nTLDs has increased from 91% in 2017 to 98.3% in 2020.
• The acceptance rate of emails on long nTLDs has increased from 78% in 2017 to 84.8% in 2020.

Note: The table above compares the 2020 results to the earlier 2017 and 2019 testing results.

Two important caveats should be remembered in this case:

• Different email addresses were tested (but they were of the same type).
• The websites tested in 2020 were different from previous ones as they were the 50 most popular in the 20 countries rather than the 1,000 most popular globally.

However, these results may still be used to compare overall trends.

Universal Acceptance Readiness Report 2020 (pdf) also segregated test websites as per different categories such as eCommerce, government, education, etc and the results were promising.

Such studies help UASG ambassadors and advocates to identify and focus on websites of a specific category that require immediate attention. We conducted a similar study at Radix where we analysed top websites belonging to different categories. These were the results (click to enlarge):

While the acceptance rates for new short and new long cases is more than 80% under most categories, we see a drastic dip when a domain is on an IDN TLD. Such comparisons highlight problem areas and provide direction to ambassadors and members who are advocating for Universal Acceptance.

Radix’s contribution to UASG

UA is something that affects nTLD users the most. This is why it’s crucial to focus on the feedback that we receive from them. At Radix, we work closely with our users to ensure we have the first hand information on any UA related issues faced by the customer.

The feedback could be about linkification, validation or acceptance of emails on nTLDs on different websites and platforms. Radix also actively invests its resources in gap analysis by testing various websites and social media platforms. We are also part of the ambassadorship program promoting and supporting local and global UA initiatives.

Here are some of the UASG initiatives that Radix is part of:

• Participating in the Technical And Measurement working group
• Participating in workshops on Universal Acceptance such as:
  – India Internet Week 2020 Online Edition
  – FICCI – Bhashantara – Panel Discussions
• Sharing gaps and issues reported by customers to UASG

At Radix, our objective is to ensure that nTLDs are accepted across websites and platforms. To achieve this, we actively work with UASG and share as many issues and gaps noticed and reported by customers.

Contribution by other registries

A key objective for most registries is to ensure great customer experience when it comes to their nTLDs and I’ve always admired it when registry operators have actively taken initiative and participated in the five UASG groups mentioned above.

One of the ways to do this is to capture all the queries and complaints reported by their customers/registrar partners and share it with UASG. This will help their support team direct their resources in solving the problems and encouraging those websites to become UA compliant.

Contribution by registrars

When it comes to UA-related issues, registrars are the first in chain to receive a complaint or feedback from the user. Therefore, it’s crucial that their support teams have all the necessary information needed on how to best handle such complaints.

For now, they can:

• Inform the customer about the potential UA issue and raise a request on behalf of the customer with UASG. Issues can be logged at – https://uasg.tech/global-support-center/
• Report these instances to the Registry Operator so that they can connect and follow up with UASG.
• Join any of the five working groups and participate.

The path ahead

The UASG is consistently compiling and sharing all the important information needed for organizations and developers to become UA ready. This is not only about ensuring the readiness of a system to accept certain TLDs or emails, but also about realising the full potential of an organization by connecting with people and businesses that might not be even on it’s radar.

Every successful step taken by an organization towards UA readiness is also a step towards equality and inclusiveness on the internet.

Guest poster Aman Masjide leads compliance and abuse mitigation at Radix.

.hotel battle lands ICANN in court over accountability dodges

ICANN’s accountability mechanisms, or lack thereof, have landed the Org in court.

Three applicants for the .hotel new gTLD have sued in California’s Superior Court in LA, claiming ICANN has consistently failed to provide true accountability, refusing for over seven years to implement fundamental mechanisms required by its bylaws.

They want the court to force ICANN to stick to its bylaws and to also temporarily freeze an Independent Review Process case related to .hotel.

The registries in question are Fegistry, Domain Venture Partners and Radix. They filed their complaint at the end of October, but ICANN did not publish it until the end of January, after its terse reply, and an administrative ruling, had also been filed with the court.

While the endgame is presumably to get the .hotel contention set pushed to auction, the lawsuit barely mentions the gTLD at all. Rather, it’s a broad-ranging challenge to ICANN’s reluctance to submit to any kind of accountability at all.

The main beef is that ICANN has not created a so-called “Standing Panel” of judges to preside over IRP cases, something that its bylaws have required since 2013.

The Standing Panel is meant to comprise seven legal experts, trained up in all things ICANN, from which the three panelists presiding over each IRP would be selected.

It would also operate as a final appeals court for IRP rulings, with all seven panelists involved in such “en banc” challenges.

The idea is to have knowledgeable panelists on a retainer to expedite IRPs and ensure some degree of consistency in decision-making, something that has often been lacking in IRP decisions to date.

Despite this requirement being in the bylaws since 2013, ICANN has consistently dragged its feet on implementation and today there still is no Standing Panel.

The .hotel plaintiffs reckon ICANN has dodged $2.7 million in fees by refusing to pick a panel, all the while offloading certain fees onto complainants.

It didn’t get the ball rolling until January 2018, but the originally anticipated, rather streamlined, selection process quickly devolved into the usual mess of ICANN bureaucracy, red tape and circular community consultation.

The latest development was in November 2020, when ICANN announced that it was looking for volunteers for a cross-community “IRP Community Representatives Group”, a team similar to the Nominating Committee. which would be responsible for picking the Standing Panel members.

The deadline to apply was December 4, and we’ve not heard anything else about the process since.

The .hotel litigants also have beef with the “sham” Request for Reconsideration process, which is notorious for enabling the board to merely reinforce its original position, which was drafted by ICANN staff lawyers, based on advice provided by those same ICANN staff lawyers.

They also take aim at the fact that ICANN’s independent Ombudsman has recused himself from any involvement in Reconsideration related to the new gTLD program, for unclear reasons.

The lawsuit (pdf) reads:

ICANN promised to implement these Accountability Mechanisms as a condition of the United States government terminating its formal oversight of ICANN in 2016 — yet still has wholly failed to do so.

Unless this Court forces ICANN to comply with its bylaws in these critical respects, ICANN will continue to force Plaintiffs and any other complaining party into the current, sham “Reconsideration” and Independent Review processes that fall far short of the Accountability Mechanisms required in its bylaws.

The plaintiffs say that ICANN reckons it will take another six to 12 months to get the Standing Panel up and running. The plaintiffs say they’re prepared to wait, but that ICANN is refusing and forcing the IRP to continue in its absence.

They also claim that ICANN was last year preparing to delegate .hotel to HTLD, the successful applicant now owned by Donuts, which forced them to pay out for an emergency IRP panelist to get the equivalent of an injunction, which cost $18,000.

That panelist declined to force ICANN to immediately appoint a Standing Panel or independent Ombudsman, however.

The .hotel plaintiffs allege breach of contract, fraud, deceit, negligence and such among the eight counts listed in the complaint, and demand an injunction forcing ICANN to implement the accountability mechanisms enshrined in the bylaws.

They also want an unspecified amount of money in punitive damages.

ICANN’s response to the complaint (pdf) relies a lot on the fact that all new gTLD applicants, including the plaintiffs in this case, signed a covenant not to sue as part of their applications. ICANN says this means they lack standing, but courts have differed of whether the covenant is fully enforceable.

ICANN also claims that the .hotel applicants have failed to state a factual case for any of their eight counts.

It further says that the complaint is just an effort to relitigate what the plaintiffs failed to win in their emergency hearing in their IRP last year.

It wants the complaint dismissed.

The court said (pdf) at the end of January that it will hold a hearing on this motion on DECEMBER 9 this year.

Whether this ludicrous delay is related to the facts of the case or the coronavirus pandemic is unclear, but it certainly gives ICANN and the .hotel applicants plenty of time for their IRP to play out to conclusion, presumably without a Standing Panel in place.

So, a win-by-default for ICANN?

UNR getting out of the registry business with $17 million no-reserve auctions on 23 new gTLDs

UNR, the former Uniregistry, plans to auction off its portfolio of 23 new gTLD contracts in April.

The company, owned by domain investor Frank Schilling, said on a new web site at auction.link:

In a move to completely dedicate the company and its resources to its backend registry and IP rights protection services, UNR has announced that 23 of its Top Level Domain assets will be sold in no-reserve auctions on April 28, 2021.

The TLDs will be sold individually, rather than as a package.

While they’re all no-reserve auctions, the published starting prices add up to $16,870,000. Some have minimum bids of zero, some are less than the price UNR paid ICANN for its application fee back in 2012.

Here’s a list of the TLDs, along with their starting prices.

[table id=63 /]

The prices appear to be based on the reg fee and volume of existing registrations, which range wildly from around 300 for .hiv to 159,000 for .link. The .country gTLD, aimed at country music makers and fans, currently has no starting bid listed.

The most-likely buyers of these gTLDs would be the rapidly dwindling list of fellow portfolio registries, such as Donuts and Radix.

While UNR’s exit from the registry business may be surprising — Schilling was a big fan of new gTLDs and Uniregistry applied for 54 of them, investing $69 million — it’s merely the latest stage of the business being dismantled.

Uniregistry sold its registrar and secondary market businesses to GoDaddy last year, and later sold its stake in three car-related gTLDs to business partner XYZ.com.

UNR said the April auctions will be managed over one day by Innovative Auctions, which is pretty much the de facto standard player in new gTLD auctions.

While the company says the auctions are open to “businesses and individuals”, I’m pretty sure ICANN rules forbid a gTLD being owned by individuals.

The company now plans to focus on being a pure-play back-end registry services provider, with a focus on dot-brand gTLDs, where it will continue to compete with the likes of GoDaddy, CentralNic, Donuts and Verisign.

GoDaddy has a secret weapon in its push into corporate domains

While GoDaddy has been focused for the last two decades on small and microbusiness customers, its entry this year into the corporate domains management space should not be dismissed — the company has one huge advantage.

Earlier this week, the company announced the launch of GoDaddy Corporate Domains, really just a rebranding of the company Brandsight, which it acquired back in February.

The move pits GoDaddy against industry leaders such as MarkMonitor, CSC, Com Laude, Safenames et al.

But the company has one huge advantage that its new competitors do not have: cybersquatters and criminals.

Buried at the bottom of this week’s press release is the announcement of a new service, the Verified Intellectual Property program, which “provides pre-vetted, well-known and famous brands an escalation path to address IP abuse”.

It sounds basically like a trusted notifier service not unlike those offered at the registry level by the likes of Donuts and Radix.

VIP clients will be able to get sites and domains hosted on GoDaddy taken down much quicker, via a special escalation email address, a spokesperson said. Takedown requests will still be subject to manual review, he said.

VIP is currently invitation-only, but I assume being a Corporate Domains customer would help expedite an invitation.

This kind of service is something GoDaddy’s new rivals cannot offer — they generally have no retail channel or hosting, so have no cyberquatters, pirates or counterfeiters as customers. If they want to take down a domain or web site, it’s not a simple matter of flipping a switch.

They also don’t have tens of millions of domains under management, many of which, through no fault of GoDaddy, will be maliciously registered.

This is potentially a pretty cool USP for GoDaddy, which could have rivals worried.

Radix premium renewals approach $1 million

New gTLD registry Radix made almost a million bucks in the first half of the year from renewal fees on its premium domains.

That’s one data point that jumps out from Radix’s latest premium sales report, released last night.

The company said that it made $1.96 million at the top line from premiums in the period, up 19% on the second half of 2019.

It added that $996,771 of that was from renewals, up from $903,687 in H2 2019.

Radix is one of the registries that charges a premium fee every year over the lifetime of the registration, a practice controversial among domain investors.

Still, it appears there is demand (or, at least, acceptance) among end users. Radix said it saw a 41% sequential increase in the number of premium sales in H1.

.tech, .online and .store were the biggest sellers, with the vast majority of sold names clustering in the $250 to $2,500 range.

The renewal rate after the first year was 63%, growing to 72% at the second renewal and a very respectable 78% thereafter.

Radix said it saw .store premium sales grow by more than fivefold during the half, which it attributed to the coronavirus pandemic:

While premium registrations and revenue have grown steadily for five quarters since Q2 2019, the 2020 pandemic has led to significant demand in eCommerce and have urged businesses from all verticals to build a strong web presence.

This has led to a surge in the adoption of premium domain names on meaningful extensions that are most suited for these businesses such as .STORE. Premium registrations for .STORE in Q2 2020 was up by 5.5X compared to Q2 2019.

More stats can be found here.

ICANN ordered to freeze .hotel after “serious questions” about trade secrets “theft”

ICANN has been instructed to place the proposed .hotel gTLD in limbo after four applicants for the string raised “sufficiently serious questions” that ICANN may have whitewashed the “theft” of trade secrets.

The order was handed down last month by the emergency panelist in the Independent Review Process case against ICANN by claimants Fegistry, MMX, Radix and Domain Ventures Partners.

Christopher Gibson told ICANN to “maintain the status quo” with regards the .hotel contention set, meaning currently winning applicant Hotel Top Level Domain, which is now owned by Afilias, won’t get contracted or delegated until the IRP is resolved.

At the core of the decision (pdf) is Gibson’s view that the claimants raised “sufficiently serious questions related to the merits” in allegations that ICANN mishandled and acted less than transparently in its investigation into a series of data breaches several years ago.

You may recall that ICANN seriously screwed up its new gTLD application portal, configuring in such a way that any applicant was able to search for and view the confidential data, including financial information such as revenue projections, of any other competing applicant.

Basically, ICANN was accidentally publishing applicants’ trade secrets on its web site for years.

ICANN discovered the glitch in 2015 and conducted an audit, which initially fingered Dirk Krischenowski — who at time was the half-owner of a company that owned almost half of HTLD as well as a lead consultant on the bid — as the person who appeared to have accessed the vast majority of the confidential data in March and April 2014.

ICANN did not initially go public with his identity, but it did inform the affected applicants and I managed to get a copy of the email, which said he’d downloaded about 200 records he shouldn’t have been able to access.

It later came to light that Krischenowski was not the only HTLD employee to use the misconfiguration to access data — according to ICANN, then-CEO of HTLD Katrin Ohlmer and lawyer Oliver Süme had too.

HTLD execs have always denied any wrongdoing, and as far as I know there’s never been any action against them in the proper courts. Krischenowski has maintained that he had no idea the portal was glitched, and he was using it in good faith.

Also, neither Ohlmer nor Krischenowski are still involved with HTLD, having been bought out by Afilias after the hacking claims emerged.

These claims of trade secret “theft” are being raised again now because the losing .hotel applicants think ICANN screwed up its probe and basically tried to make it go away out of embarrassment.

Back in August 2016, the ICANN board decided that demands to cancel the HTLD application were “not warranted”. Ohlmer barely gets a mention in the resolution’s rationale.

The losing applicants challenged this decision in a Request for Reconsideration in 2016, known as Request 16-11 (pdf). In that request, they argued that the ICANN board had basically ignored Ohlmer’s role.

Request 16-11 was finally rejected by the ICANN board in January last year, with the board saying it had in fact considered Ohlmer when making its decision.

But the IRP claimants now point to a baffling part of ICANN’s rationale for doing so: that it found “no evidence that any of the confidential information that Ms. Ohlmer (or Mr. Krischenowski) improperly accessed was provided to HTLD”.

In other words, ICANN said that the CEO of the company did not provide the information that she had obtained to the company of which she was CEO. Clear?

Another reason for brushing off the hacking claims has been that HTLD could have seen no benefit during the application process by having access to its rivals’ confidential data.

HTLD won the contention set, avoiding the need for an auction, in a Community Priority Evaluation. ICANN says the CPE was wholly based on information provided in its 2012 application, so any data obtained in 2014 would have been worthless.

But the losing applicants say that doesn’t matter, as HTLD/Afilias still have access to their trade secrets, which could make the company a more effective competitor should .hotel be delegated.

This all seems to have been important to Gibson’s determination. He wrote in his emergency ruling (pdf) last month:

The Emergency Panelist determines that Claimants have raised “sufficiently serious questions related to the merits” in in relation to the Board’s denial of Request 16-11, with respect to the allegations concerning the Portal Configuration issues in Request 16-11. This conclusion is made on the basis of all of the above information, and in view of Claimants’ IRP Request claim that ICANN subverted the investigation into HTLD’s alleged theft of trade secrets. In particular, Claimants claim that ICANN refused to produce key information underlying its reported conclusions in the investigation; that it violated the duty of transparency by withholding that information; that the Board’s action to ignore relevant facts and law was a violation of Bylaws; and further, to extent the BAMC and/or Board failed to have such information before deciding to disregard HTLD’s alleged breach, that violated their duty of due diligence upon reasonable investigation, and duty of independent judgment.

The Emergency Panelist echoes concerns that were raised initially by the Despegar IRP Panel regarding the Portal Configuration issues, where that Panel found that “serious allegations” had been made188 and referenced Article III(1) of ICANN’s Bylaws in effect at that time, but declined to make a finding on those issues, indicating “that it should remain open to be considered at a future IRP should one be commenced in respect of this issue.” Since that time, ICANN conducted an internal investigation of the Portal Configuration issues, as noted above; however, the alleged lack of disclosure, as well as certain inconsistencies in the decisions of the BAMC and the Board regarding the persons to whom the confidential information was disclosed and their relationship to, or position with HTLD, as well as ICANN’s decision to ultimately rely on a “no harm no foul” rationale when deciding to permit the HTLD application to proceed, all raise sufficiently serious questions related to the merits of whether the Board breached ICANN’s Article, Bylaws or other polices and commitments.

It’s important to note that this is not a final ruling that ICANN did anything wrong, it’s basically the ICANN equivalent of a ruling on a preliminary injunction and Gibson is saying the claimants’ allegations are worthy of further inquiry.

And the ruling did not go entirely the way of the claimants. Gibson in fact ruled against them on most of their demands.

For example, he said their was insufficient evidence to revisit claims that a review of the CPE process carried out by FTI Consulting was a whitewash, and he refused to order ICANN to preserve documentation relating to the case (though ICANN has said it will do so anyway).

He also ruled against the claimants on a few procedural issues, such as their demands for an Ombudsman review and for IRP administrator the International Center for Dispute Resolution to recuse itself.

Some of their claims were also time-barred under ICANN’s equivalent of the statute of limitations.

But ICANN will be prevented from contracting with HTLD/Afilias for now, which is a key strategic win.

ICANN reckons the claimants are just using the IRP to try to force deep-pocketed Afilias into a private auction they can be paid to lose, and I don’t doubt there’s more than a grain of truth in that claim.

But if it exposes another ICANN cover-up in the process, I for one can live with that.

The case continues…

Here’s what’s in the NamesCon Online schwag bag

NamesCon is fully online-only this year, due to the pandemic, but that hasn’t stopped the organizers sending out schwag bags to paid-up attendees. Mine arrived this morning in an A4 card envelope. Here’s what was inside.

• A totally unnecessary lanyard, sponsored by a web site security company called Sectigo.
• An equally unnecessary face mask, sponsored by a company I’d never heard of before called FlatSite. These guys appear to be in the business of providing a service that simplifies WordPress to be more suitable for managing large numbers of small static sites.
• An “I [heart] Domains” sticker sponsored by domain monetization company Bodis. I guess you’re supposed to slap this to your laptop.
• A larger “YOLO” sticker sponsored by Radix.
• A NamesCon pin/badge/button. Apparently if you post a selfie while wearing it to the NamesCon platform you’re entered into a draw for a $200 Amazon gift card.

NamesCon Online runs for three days from September 9. Prices range from free to newcomers to $399 if you want a year of DNAcademy thrown in. The standard price is $59.

NamesCon Online ticket prices and name change revealed

NamesCon has published the ticket price list for its upcoming virtual conference, and the first hit’s for free.

Standard tickets start at $59 — which includes a schwag bag delivered to your door if you register before the end of July — but the price is expected to go up after the end of August.

NamesCon has also entered into a promo deal with Michael Cyger’s DNAcademy, an educational service for domainers. If you buy a $399 annual subscription, the NamesCon ticket is free.

Finally, there’s a rather generous offer of a free ticket for those who have never attended a NamesCon event before.

Newcomers have to take a short survey, but there doesn’t appear to be any identity verification going on, so it seems to me there’s a possibility of its generosity being abused.

The conference also said last week that it’s changed its name from NamesCon 360° to NamesCon Online, after .online registry Radix became a sponsor. The domain is now namescon.online.

The conference will run 24/7 from September 9 to September 11 in your bedroom.

Hacking claims resurface as .hotel losers force ICANN to lawyer up again

The fight over .hotel has been escalated, with four unsuccessful applicants for the gTLD whacking ICANN with a second Independent Review Process appeal.
The complaint resurrects old claims that a former lead on the successful application, now belonging to Afilias, stole trade secrets from competing applicants via a glitched ICANN web site.
It also revives allegations that ICANN improperly colluded with the consultant hired to carry out reviews of “community” applications and then whitewashed an “independent” investigation into the same.
The four companies filing the complaint are new gTLD portfolio applicants MMX (Minds + Machines), Radix, Fegistry, and Domain Venture Partners (what we used to call Famous Four).
The IRP was filed November 18 and published by ICANN December 16, but I did not spot it until more recently. Sorry.
There’s a lot of back-story to the complaint, and it’s been a few years since I got into any depth on this topic, so I’m going to get into a loooong, repetitive, soporific, borderline unreadable recap here.
This post could quite easily be subtitled “How ICANN takes a decade to decide a gTLD’s fate”.
There were seven applicants for .hotel back in 2012, but only one of them purported to represent the “hotel community”. That applicant, HOTEL Top Level Domain, was mostly owned by Afilias.
HTLD had managed to get letters of support from a large number of hotel chains and trade groups, to create a semblance of a community that could help it win a Community Priority Evaluation, enabling it to skip to the finish line and avoid a potentially costly auction against its rival applicants.
CPEs were carried out by the Economist Intelligence Unit, an independent ICANN contractor.
Surprisingly to some (including yours truly), back in 2014 it actually managed to win its CPE, scoring 15 out of the 16 available points, surpassing the 14-point winning threshold and consigning its competing bidders’ applications to the scrap heap.
There would be no auction, and no redistribution of wealth between applicants that customarily follows a new gTLD auction.
Naturally, the remaining applicants were not happy about this, and started to fight back.
The first port of call was a Request for Reconsideration, which all six losers filed jointly in June 2014. It accused the EIU of failing to follow proper procedure when it evaluated the HTLD community application.
That RfR was rejected by ICANN, so a request for information under ICANN’s Documentary Information Disclosure Policy followed. The losing applicants reckoned the EIU evaluator had screwed up, perhaps due to poor training, and they wanted to see all the communications between ICANN and the EIU panel.
The DIDP was also rejected by ICANN on commercial confidentiality grounds, so the group of six filed another RfR, asking for the DIDP to be reconsidered.
Guess what? That got rejected too.
So the applicants then filed an IRP case, known as Despegar v ICANN, in March 2015. Despegar is one of the .hotel applicants, and the only one that directly plays in the hotel reservation space already.
The IRP claimed that ICANN shirked its duties by failing to properly oversee and verify the work of the EIU, failing to ensure the CPE criteria were being consistently applied between contention sets, and failing in its transparency obligations by failing to hand over information related to the CPE process.
While this IRP was in its very early stages, it emerged that one of HTLD’s principals and owners, Dirk Krischenowski, had accessed confidential information about the other applicants via an ICANN web site.
ICANN had misconfigured its applicant portal in such a way that any user could very access any attachment on any application belonging to any applicant. This meant sensitive corporate information, such as worst-case-scenario financial planning, was easily viewable via a simple search for over a year.
Krischenowski appears to have been the only person to have noticed this glitch and used it in earnest. ICANN told applicants in May 2015 that he had carried out 60 searches and accessed 200 records using the glitch.
Krischenowski has always denied any wrongdoing and told DI in 2016 that he had always “relied on the proper functioning of ICANN’s technical infrastructure while working with ICANN’s CSC portal.”
The applicants filed another DIDP, but no additional information about the data glitch was forthcoming.
When the first IRP concluded, in February 2016, ICANN prevailed, but the three-person IRP panel expressed concern that neither the EIU nor ICANN had any process in place to ensure that community evaluations carried out by different evaluators were consistently applying the CPE rules.
The IRP panel also expressed concern about the “very serious issues” raised by the ICANN portal glitch and Krischenowski’s data access.
But the loss of the IRP did not stop the six losing applicants from ploughing on. Their lawyer wrote to ICANN in March 2016 to denounce Krischenowski’s actions as “criminal acts” amounting to “HTLD stealing trade secrets of competing applicants”, and as such HTLD’s application for .hotel should be thrown out.
Again, to the best of my knowledge, Krischenowski has never been charged with, let alone convicted of, any criminal act.
Afilias wrote to ICANN not many weeks later, April 2016, to say that it had bought out Krischenowski’s 48.8% stake in HTLD and that he was no longer involved in the company or its .hotel application.
And ICANN’s board of directors decided in August 2016 that Krischenowski may well have accessed documents he was not supposed to, but that it would have happened after the .hotel CPE had been concluded, so there was no real advantage to HTLD.
A second, parallel battle against ICANN by an unrelated new gTLD applicant had been unfolding over the same period.
A company called Dot Registry had failed in its CPE efforts for the strings .llc, .llp and .inc, and in 2014 had filed its own IRP against ICANN, claiming that the EIU had “bungled” the community evaluations, applying “inconsistent” scoring criteria and “harassing” its supporters.
In July 2016, almost two years later, the IRP panel in that case ruled that Dot Registry had prevailed, and launched a withering attack on the transparency and fairness of the ICANN process.
The panel found that, far from being independent, the EIU had actually incorporated notes from ICANN staff into its CPE evaluations during drafting.
It was as a result of this IRP decision, and the ICANN board’s decision that Krischenowski’s actions could not have benefited HTLD, that the losing .hotel applicants filed yet another RfR.
This one lasted two and a half years before being resolved, because in the meantime ICANN launched a review of the CPE process.
It hired a company called FTI Consulting to dig through EIU and ICANN documentation, including thousands of emails that passed between the two, to see if there was any evidence of impropriety. It covered .hotel, .music, .gay and other gTLD contention sets, all of which were put on hold while FTI did its work.
FTI eventually concluded, at the end of 2017, that there was “no evidence that ICANN organization had any undue influence on the CPE reports or engaged in any impropriety in the CPE process”, which affected applicants promptly dismissed as a “whitewash”.
They began lobbying for more information, unsuccessfully, and hit ICANN with yet another RfR in April 2018. Guess what? That one was rejected too.
The .hotel applicants then entered into a Cooperative Engagement Process — basically pre-IRP talks — from October 2018 to November 2019, before this latest IRP was filed.
It’s tempting to characterize it as a bit of a fishing expedition, albeit not a baseless one — any allegations of ICANN’s wrongdoing pertaining the .hotel CPE are dwarfed by the applicants’ outraged claims that ICANN appears to be covering up both its interactions with the EIU and its probe of the Krischenowski incident, partly out of embarrassment.
The claimants want ICANN to be forced to hand over documentation refused them on previous occasions, relating to: “ICANN subversion of the .HOTEL CPE and first IRP (Despegar), ICANN subversion of FTI’s CPE Process Review, ICANN subversion of investigation into HTLD theft of trade secrets, and ICANN allowing a domain registry conglomerate to takeover the ‘community-based’ applicant HTLD.”
“The falsely ‘independent’ CPE processes were in fact subverted by ICANN in violation of Bylaws, HTLD stole trade secrets from at least one competing applicant, and Afilias is not a representative of the purported community,” the IRP states.
“HTLD’s application should be denied, or at least its purported Community Priority relinquished, as a consequence not only for HTLD’s spying on its competitors’ secret information, but also because HTLD is no longer the same company that applied for the .HOTEL TLD. It is now just a registry conglomerate with no ties to the purported, contrived ‘Community’ that it claims entitled to serve,” it goes on.
ICANN is yet to file its response to the complaint.
Whether the IRP will be successful is anyone’s guess, but what’s beyond doubt is that if it runs its course it’s going to add at least a year, probably closer to two, to the delay that .hotel has been languishing under since the applications were filed in 2012.
Potentially lengthening the duration of the case is the claimants’ demand that ICANN “appoint and train” a “Standing Panel” of at least seven IRP panelists from which each three-person IRP panel would be selected.
The standing panel is something that’s been talked about in ICANN’s bylaws for at least six or seven years, but ICANN has never quite got around to creating it.
ICANN pinged the community for comments on how it should go about creating this panel last year, but doesn’t seemed to have provided a progress report for the last nine months.
The .hotel applicants do not appear to be in any hurry to get this issue resolved. The goal is clearly to force the contention set to auction, which presumably could happen at Afilias’ unilateral whim. Time-to-market is only a relevant consideration for the winner.
With .hotel, and Afilias’ lawsuit attempting to block the .web sale to Verisign, the last round of new gTLD program, it seems, is going to take at least a decade from beginning to end.