Crunch time, again, for Whois access policy

Talks seeking to craft a new policy for allowing access to private Whois data have hit another nodal point, with the community now pressuring the ICANN board of directors for action.

The Whois working group has more or less decided that a centralized model for data access, with ICANN perhaps acting as a clearinghouse, is the best way forward, but it needs to know whether ICANN is prepared to take on this role and all the potential liabilities that come with it.

Acronym time! The group is known as the Whois EPDP WG (for Expedited Policy Development Process Working Group) and it’s come up with a rough Whois access framework it’s decided to call the Standardized System for Access and Disclosure (SSAD).

Its goal is to figure out a way to minimize the harms that Europe’s General Data Protection Regulation allegedly caused to law enforcement, IP owners, security researchers and others by hiding basically all gTLD registration data by default.

The SSAD, which is intended to be as automated as possible, is the working group’s proposed way of handling this.

The “hamburger model” the EPDP has come up with sees registries/registrars and data requestors as the top and bottom of the sandwich (or vice versa) with some yet-to-be-decided organizational patty filling acting as an interface between the two.

The patty would handle access control for the data requests and be responsible for credentialing requestors. It could either be ICANN acting alone, or ICANN coordinating several different interface bodies (the likes of WIPO have been suggested).

Should the burger be made only of mashed-up cow eyelids, or should it incorporate the eyelids of other species too? That’s now the question that ICANN’s board is essentially being posed.

Since this “phase two” work kicked off, it’s taken about five months, 24 two-hour teleconferences, and a three-day face-to-face meeting to get to this still pretty raw, uncooked state.

The problem the working group is facing now is that everyone wants ICANN to play a hands-on role in running a centralized SSAD system, but it has little idea just how much ICANN is prepared to get involved.

The cost of running such a system aside, legislation such as GDPR allows for pretty hefty fines in cases of privacy breaches, so there’s potentially a big liability ask of notoriously risk-averse ICANN.

So the WG has written to ICANN’s board of directors in an attempt to get a firm answer one way or the other.

If the board decided ICANN should steer clear, the WG may have to go back more or less to square one and focus on adapting the current Whois model, which is distributed among registrars and registries, for the post-GDPR world.

How much risk and responsibility ICANN is willing to absorb could also dictate which specific SSAD models the WG pursues in future.

There’s also a view that, with no clarity from ICANN, the chance of the WG reaching consensus is unlikely.

This will be a hot topic at ICANN 66 in Montreal next month.

Expect the Governmental Advisory Committee, which had asked for “considerable and demonstrable progress, if not completion” of the access model by Montreal, to be disappointed.

1 Comment Tagged: burger, epdp, gdpr, ICANN, icann 66, law enforcement, montreal, privacy, security, ssad, trademarks, whois

Google quietly launches .new domains sunrise

Google Registry will allow trademark owners to register domains matching their marks in the .new gTLD from tomorrow.

While the company hasn’t made a big public announcement about the launch, the startup dates it has filed with ICANN show that its latest sunrise period will run from October 15 to January 14.

As previously reported, .new is a bit of a odd one. Google plans to place usage restrictions that require registrants to use the domains in the pursuit of “action generation or online contention creation”.

In other words, it wants registrants to use .new in much the same way as Google is today, with domains such as docs.new, which automatically opens up a fresh Google Docs word processing document when typed into a browser address bar.

From January 14, all the way to July 14, Google wants to run a Limited Registration Period, which will require wannabe registrants to apply to Google directly for the right to register a name.

During that period, registrants will have to that they’re going to use their names in compliance with .new’s modus operandi. It’s Google’s hope that it can seed the space with enough third-party content for .new’s value proposition to become more widely known.

If you’re wanting to pick up a .new domain in general availability, it looks like you’ve got at least nine more months to wait.

Comment Tagged: .new, google, google registry, ICANN, launch, limited registration period, new gTLDs, sunrise

After .org price outrage, ICANN says it has NOT scrapped public comments

ICANN this evening said that it will continue to open up gTLD registry contract amendments for public comment periods, despite posting information yesterday suggesting that it would stop doing so.

The organization recently formalized what it calls “internal guidelines” on when public comment periods are required, and provided a summary in a blog post yesterday.

It was very easy to infer from the wording of the post that ICANN, in the wake of the controversy over the renegotiation of Public Interest Registry’s .org contract, had decided to no longer ask for public comments on future legacy gTLD contract amendments.

I inferred as much, as did another domain news blogger and a few other interested parties I pinged today.

I asked ICANN if that was a correct inference and Cyrus Namazi, head of ICANN’s Global Domains Division, replied:

No, that is not correct. All Registry contract amendments will continue to be posted for public comment same as before.

He went on to say that contract changes that come about as a result of Registry Service Evaluation Process requests or stuff like change of ownership will continue to not be subject to full public comment periods (though RSEP does have its own, less-publicized comment system).

The ICANN blog post lists several scenarios in which ICANN is required to open a public comment period. On the list is this:

ICANN org base agreements with registry operators and registrars.

The word “base” raised at least eight eyebrows of people who read the post, including my two.

The “base” agreements ICANN has with registries and registrars are the 2013 Registrar Accreditation Agreement and the 2012/2017 Registry Agreement.

The RAA applies to all accredited registrars and the base RA applies to all new gTLD registries that applied in the 2012 round.

Registries that applied for, or were already running, gTLDs prior to 2012 all have bespoke contracts that have been gradually brought more — but not necessarily fully — into line with the 2012/17 RA in renewal renegotiations over the last several years.

In all cases, the renegotiated legacy contracts have been subject to public comment, but in no cases have the comments had any meaningful impact on their ultimate approval by ICANN.

The most recent such renewal was Public Interest Registry’s .org contract.

Among the changes were the introduction of the Uniform Rapid Suspension anti-cybersquatting policy, and the removal of price caps that had limited PIR to a 10% increase per year.

The comment period on this contract attracted over 3,200 comments, almost all of which objected to the price regulation changes or the URS.

But the contract was signed regardless, unaffected by the comments, which caused one registrar, NameCheap, to describe the process as a “sham”.

With this apparently specific reference to “base” agreements coming so soon thereafter, it’s easy to see how we could have assumed ICANN had decided to cut off public comment on these contentious issues altogether, but that appears to not be the case.

What this seems to mean is that when .com next comes up for renewal, it will be open for comment.

4 Comments Tagged: .com, .org, gdd, ICANN, pir, price caps, pricing, public comment, public interest registry, ra, raa, rsep, verisign

Hindu god smites Chrysler gTLD

Car-maker Chrysler has withdrawn its application for the .ram dot-brand gTLD more than six years after receiving a government objection on religious grounds.

Ram is a brand of pickup trucks manufactured by Chrysler, but it’s also a variant spelling of Rama, an important deity in the Hindu pantheon.

Back in 2013, ICANN’s Governmental Advisory Committee forwarded an objection from majority-Hindu India, later saying: “The application for .ram is a matter of extreme sensitivity for the Government of India on political and religious considerations.”

In a 19-page response (pdf), Chrysler said that Ram vehicles had been around for 75 years without offending Hindus, and that .ram was to be a restricted dot-brand that could not be used by third parties to post offensive content.

The objection appeared at a time when the GAC was not obliged to show its thinking and often deliberately obfuscated its advice. But ICANN placed .ram on hold anyway, where it has remained ever since.

Over the intervening time, Chrysler has rethought its dot-brand strategy, and last month called on ICANN to cancel five of the six gTLDs it already owns (but does not use) — .chrysler, .dodge, .mopar, .srt and .uconnect.

It’s still contracted to run .jeep, weirdly.

Comment Tagged: .chrysler, .ram, dot-brands, gac, ICANN, india, new gTLDs, religion

Top ICANN advisor Tarek Kamel dies at 57

Tarek Kamel, a senior advisor to the ICANN CEO and one-time shortlisted candidate for the top job, died yesterday, according to ICANN. He was 57.

His cause of death was not released, but he apparently had been suffering from health challenges for some time.

At ICANN, Kamel was senior advisor to the president and senior vice president for government and IGO engagement, a role he was appointed to in 2012 by then-incoming CEO Fadi Chehadé.

Kamel had been one of three shortlisted candidates for the CEO role and was hired immediately after Chehadé took over.

Born in Egypt, Kamel was considered locally as an internet pioneer, helping to found, then deregulate and reform the sector in his country.

He trained as an electrical engineer in Egypt and Germany, and is said to have established Egypt’s first connection to the internet in the mid-1990s, a period in which he also founded the local chapter of the Internet Society.

But Kamel spend much of his career in government, acting as Egypt’s minister for information and communication technology between 2004 and 2011.

His tenure ended in January 2011, as a result of the revolution which ousted President Hosni Mubarak.

During the final weeks of Mubarak’s regime, the government attempted to disrupt popular resistance by shutting down internet access across the country, causing pleas from Kamel’s friends for him to restore connectivity and preserve his legacy.

But Chehadé later defended Kamel’s actions during the revolution, telling DI in 2012 that he was not responsible for the shutdown and that he showed “near-heroism”, putting himself and his family at great personal risk, in order to restore services as quickly as possible.

Kamel was described yesterday by current CEO Göran Marby as a “dear friend” with a “big heart” and a “great sense of humor” who helped open diplomatic doors for ICANN in the Middle East.

Former ICANN chair and father of the internet Vint Cerf said “our Internet community has lost a kindred spirit so devoted to the idea of a global Internet to hold and use in common”.

He added, “if heaven does not have broadband yet, Tarek will make it so.”

Kamel is survived by his wife and two children.

Marby yesterday encouraged friends and colleagues to leave a memorial in the comments section of this blog post, assuring commenters that their words will reach Kamel’s family.

His family and friends have my condolences.

Comment Tagged: ICANN, obituary, tarek kamel

Three big changes could be coming to .uk

Nominet wants to know what you thinking about three significant policy changes that could be implemented in the next year or so.

The .uk registry today published a consultation document covering two security-related changes and one related to expired domains.

First, Nominet wants to know if it should be allowed to preemptively block resolution on newly registered domains where it has “identified a high risk the domain will be used for phishing”.

It looks like more of a cosmetic policy change, given that the company is already blocking suspected phishing domains where the registrant fails to adequately verify their identity.

About 1,500 domains were blocked like this in the 12 months ending July 2019, Nominet says, on the basis of its Domain Watch program, which combines technical and manual oversight to identify phishy-looking names.

Second, Nominet want to know if it should display an standard informational web page when it blocks a domain on the basis of fraud, copyright infringement, and counterfeiting.

Currently, the company takes down tens of thousands of names every year on this basis, but the names are simply removed from the zone file and refuse to resolve.

Nominet’s friends in law enforcement reckon that allowing the the domains to instead resolve to a standard web page instead could help victims of fraudulent sites help with police investigations, and Nominet wants to know if you agree.

A side-effect of this would be that the names would remain in the zone, so we’d be able to see for the first time which names get suspended for fraud.

Third, Nominet wants to know whether it should start openly publishing drop-lists, the list of domains that have expired registrations and are about to become available.

This appears to be bad news for those registrars currently “excessively” pinging the registry to compile their own lists and get the jump on competitors when it comes to drop-catching valuable names for resale.

Nominet seems to want to see fewer dropped domains winding up in the hands of domainers, saying currently “not all dropping domains are registered and actively used by the new registrant, reducing the vibrancy of .UK domains”.

It’s proposing to give drop-lists just to registrars, or to publish them openly.

All three questions are open for comment until December 15.

Comment Tagged: .uk, copyright, dropcatching, fraud, nominet, phishing

Introducing… the DI Leaders Roundtable

Today, I’m introducing what I hope to be the first of several regular features, the DI Leaders Roundtable.

Every week or two, I’ll be putting a single question to a collection of domain industry and ICANN community leaders and compiling their responses in order to gain some insight into current thoughts on hot topics or broader industry trends from some of the space’s top thinkers.

I’ve tried to reflect a broad cross-section of the industry, with a mix of business, policy and technical expertise from registries, registrars, back-ends, new gTLDs, legacy gTLDs, investors, etc.

The initial line-up for the panel, which will likely evolve as time goes by, is, in alphabetical order.

Ben Crawford, CEO, CentralNic

Crawford is CEO of CentralNic, a triple-play domain company based in London and listed on the Alternative Investment Market. Initially a vendor of pseudo-gTLDs such as uk.com and gb.com, CentralNic has over the course of the last seven years evolved into a company that sells both its own self-managed TLDs, such as .sk, as well as acting as a back-end for the likes of .xyz, .site and .online. Describing itself as a consolidator, the company nowadays makes most of its money via the registrar side of the house as a result of a series of mergers and acquisitions, particularly the merger with KeyDrive last year.

Jothan Frakes, Executive Director, Domain Name Association

A long-time industry jack-of-all-trades, Frakes is currently executive director of the Domain Name Association, the prominent industry trade group. Frakes has acted in a number of roles at domain name companies, as well as co-founding the popular NamesCon conference back in 2014. His technical credentials can be exemplified by, among other activities, his participation in Mozilla’s Public Suffix List, while his policy nous could be vouched for by many who have worked with him during his 20 years of ICANN participation.

Richard Kirkendall, CEO, NameCheap

Kirkendall founded leading budget registrar NameCheap in 2000 and has occupied the office of CEO ever since. A long-time Enom reseller, NameCheap’s popularity was for many years shrouded in mystery. It finally transferred the last of its Enom names over to its own accreditation in January 2018, revealing it to have 7.5 million gTLD names under management. It added a further two million over the next 18 months, and says it has over 10 million names in total. NameCheap is known for its low prices and for its occasional support for pro-freedom political causes such as the Electronic Frontier Foundation.

Milton Mueller, Professor, Georgia Tech

Mueller is an academic and among the most prominent voices in ICANN’s Non-Commercial Stakeholder Group. Based at the School of Public Policy at the Georgia Institute of Technology, he founded the Internet Governance Project, an independent policy research outfit, in 2004. He’s the author of several books on the topic, and very active in ICANN policy development, including the current effort to balance privacy rights with commercial interests in the Whois system.

Jeff Neuman, Senior VP, Com Laude

Neuman is senior vice president of brand-protection registrar Com Laude and sister company Valideus, which provides new gTLD consultancy services to brand owners. From 2000 until 2015, he worked in senior policy and registry business roles at Neustar, helping to apply for and launch .biz in 2001. A noted ICANN policy expert, Neuman has sat on various ICANN working groups and currently co-chairs the New gTLD Subsequent Procedures Policy Development Process, which is developing the rules for the next round of new gTLDs.

Jon Nevett, CEO, Public Interest Registry

Nevett is CEO of Public Interest Registry, which manages the 10-million-domain-strong legacy gTLD .org and a handful of new gTLDs. Prior to PIR, he was executive vice president of Donuts, and one of its four co-founders. He’s been in the domain business since 2004, when he joined Network Solutions as a senior VP on the policy side of the house. Nevett has also been involved in ICANN policy-making, including a stint as chair of the Registrars Constituency.

Michele Neylon, CEO, Blacknight

Neylon is CEO and co-founder of Blacknight Internet Solutions, a smaller registrar based in Ireland. Known for his “often outspoken” policy views, he’s a member of several ICANN working groups, sits on the GNSO Council representing registrars, and is a member of stakeholder group committees for various ccTLD registries including .eu, .ie and .us. Blacknight has almost 60,000 gTLD registrations to its name but also specializes in serving its local ccTLD market.

Dave Piscitello, Partner, Interisle Consulting Group

Piscitello is currently a partner at security consultancy Interisle Consulting Group, having retired from his role as vice president of security and ICT coordination at ICANN last year. With over 40 years in the security business, he’s also a board member of the Coalition Against Unsolicited Commercial Email (CAUCE) and the Anti-Phishing Working Group (APWG). Interisle is an occasional ICANN security contractor.

Sandeep Ramchamdani, CEO, Radix Registry

Ramchandani is CEO of Mumbai-based new gTLD registry Radix, which currently has a portfolio of 10 gTLDs and one ccTLD. It’s known primarily for its low-cost, high-volume, pure-generic business model, which has seen its two best performers, .online and .site, rack up almost three million domains between them. Radix is a unit of Directi Group, which is where Ramchandani cut his teeth for almost a decade before taking the reins of Radix in 2012.

Frank Schilling, CEO, Uniregistry

Schilling started off as a domain investor at the second level, 19 years ago, eventually managing hundreds of thousands of secondary-market domains with his company Name Administration, before founding Uniregistry in order to invest in new gTLDs in 2012. As a registry, Uniregisty has about a quarter of a million names spread across its 22-TLD portfolio; as a registrar it has over 1.2 million domains under management. Schilling is widely considered one of the most successful domain investment pioneers.

Rick Schwartz, aka the “Domain King”

Schwartz is viewed by domain investors as one of the most successful domainers of all time, and is known for his forthright, blunt criticisms of both new gTLDs and poor domain investment strategies. He’s been buying and selling domain names since 1995, and has sold several category-killer .com domains for seven-figure sums. Schwartz also founded the T.R.A.F.F.I.C. domainer conference in 2004, and it ran for 10 years.

26 Comments Tagged: di leaders roundtable

After killing the cows, what does the new Tucows logo remind you of?

Tucows has launched a refreshed corporate web site that features a new cow-free logo.

Judging by a video posted on the Tucows.com home page over the weekend, the redesign is largely intended to make the company more appealing to prospective employees, many of whom were confused about what exactly Tucows does.

It is of course the second-largest domain registrar by volume, via its Enom, OpenSRS, EPAG and Hover brands, as well as a virtual mobile phone operator in North America under the brand Ting.

There was a time when the site was a cluttered storefront, but all the customer-facing stuff has long since been devolved to the company’s various branded web sites.

Here are the two logos side by side.

You’ll notice the cows no longer feature. In much the same way as GoDaddy killed off its cartoon “daddy” character last year, Tucows appears to be maturing out of its quirkier roots into a more professional-looking outfit.

But what does the new logo remind you of? I was immediately put in mind of the Warner Music logo, which is basically a flipped version of the Tucows’ stylized W. They even have a similar color scheme.

It’s sufficiently different to avoid confusion, of course, but the similarities are very striking, I thought.

4 Comments Tagged: rebrand, tucows

Radix acquires another gTLD

Radix has added the 10th new gTLD to its portfolio with an acquisition last month, bringing its total TLD stable to 11.

The company has acquired .uno from Missouri-based Dot Latin LLC for an undisclosed amount.

.uno, which of course means “one” in Spanish, has been around for over five years but has struggled to grow.

It’s current ranked as the 131st largest new gTLD, with 16,271 domains in its zone file. It peaked at about 22,000 about three years ago.

That said, it appears to have rather strong renewals, at least by Radix standards, with no evidence of relying on discounts or throwaway one-year registrations for growth.

.uno names can currently be obtained for roughly $12 to $20 per year.

Radix said its expects to migrate the TLD off its current Neustar back-end onto long-time registry partner CentralNic by “early 2020”.

The company appears to be excited that its only the second three-letter TLD in its portfolio.

It already runs .fun, along with the likes of .website, .tech and .online. It also runs .pw, the repurposed ccTLD for Palau.

.uno was Dot Latin’s only gTLD, though affiliated entity Dot Registry LLC signed its ICANN registry agreement for .llp (for “Limited Liability Partnership”) in August. That TLD has yet to launch.

Comment Tagged: .llp, .uno, centralnic, dot latin, dot registry, ICANN, neustar, new gTLDs, radix

.whoswho survives!

The registry running the failing new gTLD .whoswho has managed to avoid having its contract terminated by ICANN.

According to an update on the ICANN web site, Who’s Who Registry came back into compliance with its obligations earlier this week, meaning it can continue operating.

It had been under a cloud of uncertainty since January, when ICANN Compliance sent off a breach notice saying the company was overdue with its $25,000-a-year fees.

Who’s Who originally had until a date in February to pay up, but this deadline has been extended repeatedly over the course of the year.

Registry CEO John McCabe had told ICANN last November that the fee is “onerous” and “the single largest item in .whoswho’s budget”.

ICANN later rejected his request for a fee reduction.

.whoswho, which seeks to replicate the once-popular biography compilation books of the same name, has fewer than 100 real registrations to its name, most of which appear to be defensive, despite being live for five years.

At about $70 a pop, that’s still not nearly enough to cover ICANN fees, never mind other operating costs.

It sold barely a dozen names in the first half of this year.

I thought it was a goner for sure.

But it looks like it’s been saved from the axe for now, so maybe there’s time to turn things around.

1 Comment Tagged: .whoswho, breach, compliance, fees, ICANN, new gTLDs, who's who registry