Latest news of the domain name industry

Recent Posts

Does ICANN have a race problem?

Kevin Murphy, June 29, 2020, Domain Policy

In the wake of the killing of George Floyd, pretty much every corporation and institution in the US, and many elsewhere, have felt the need to make statements or enact changes in order to show how non-racist they are, and it seems ICANN is now no exception.

The org issued a statement from CEO Göran Marby late last week in which he denounced racism and said ICANN was committed to establishing a set of “guiding principles” to govern “diversity and inclusion”.

I found the statement rather odd. Does ICANN have a racism problem that needs addressing?

I don’t think it does. At least, I’ve never even heard so much as a rumor about such behavior, never mind a confirmed case.

I’ve been scratching my head to think of any examples of ICANN being accused of racism, and the only one I can come up with is a minor controversy 10 years ago when an early draft of the new gTLD Applicant Guidebook banned “terrorism”.

Some Muslim community members complained that the word could be perceived as “racist” and it was eventually removed.

Around the same time, a handful of community members (as well as yours truly) were accused by the head of unsuccessful .africa applicant DotConnectAfrica of being part of a racist conspiracy against the company, but to the best of my recollection we never invited ICANN staff to our meetings.

But that’s basically it.

ICANN already has diversity baked into its power hierarchies. Members of the board of directors and other committees have to be geographically diverse, which will usually lead to racial diversity, for example.

A great many of its senior leaders have been (at least under some definitions) “people of color”. There doesn’t appear to be a glass ceiling.

It’s also got its Expected Standards of Behavior, a system of codified politeness used in community interactions, which explicitly forbids racial discrimination.

The broader community is global, has no ethnic majority, and is self-selecting. Anyone with the means can show up to a public meeting, dial into a remote meeting, or join a working group, regardless of race or origin.

Statistics show that whenever an ICANN meeting is held in Africa or Asia, the largest groupings of participants are African or Asian.

Of course, maybe with such diversity comes problems. There are words that are considered offensive in some parts of the world that are perfectly acceptable in others, for example, but I’ve never heard of any instances of this kind of culture clash.

But is there actual racism going on at ICANN HQ? Marby’s post says:

We will open a facilitated dialogue to support our employees, to ensure that racial bias and discrimination, or bias of any kind, have no place in our workforce. We need to be comfortable having uncomfortable conversations so that we can address the unconscious and conscious ways in which systemic racism is perpetuated. We need to listen more to Black people and people of color to learn about how these issues impact them each and every day. And we need to continue to take meaningful actions to address inequality.

That suggests that either ICANN is aware of some sort of systemic racial bias among its staff, or that it wants to hunt it down and snuff it out before it becomes a bigger issue.

Or they could just be empty words designed to pay lip service to this stuff.

3 Comments Tagged: ,

As the world burns, ICANN gives its richest execs huge pay rises

Kevin Murphy, June 24, 2020, Domain Policy

ICANN has just given some of its highest-ranking and richest execs pay rises of up to 15%, even as the world stands on the brink of a global recession and ICANN is predicting its own budget is on the verge of huge shrinkage.

Its board of directors has approved a set of pay deals that would see the CFO, Xavier Calvez — a man who has, year-after-year, consistently failed to predict fluctuations in the domain name industry with any degree of accuracy — a pay rise of 15%.

John Jeffrey, the general counsel, is getting 3.5%, despite his record of losing legal cases and covering up incidents of sexual harassment among ICANN staff.

Theresa Swinehart, newly-minted senior vice president of the Global Domains Division, is getting a 10% pay increase on top of her base salary, which was $459,123 in FY19.

Not only that, but CEO Göran Marby has been granted broad discretion to increase salaries in the same range for other, non-officer ICANN employees.

Marby himself has been granted his second-half bonus, which amounts to over $100,000.

Based on disclosed salaries for ICANN’s fiscal 2019, we can take a punt on how much money this will cost ICANN — and by “ICANN” I of course mean “you”, the domain-registering public, who pays for every cent of ICANN’s budget.

According to ICANN’s fiscal 2019 form 990, Calvez had “reportable compensation” of $445,964. That’s not including another $62,000 in additional compensation.

For him, a 15% pay raise on the base number is an extra almost $68,000 a year, making his salary (excluding extras) now comfortably over half a million dollars a year.

I’m sure there are many readers of this blog who would consider $68k a nice-enough base salary. But no, that’s his annual raise this year.

This is the guy who, for the better part of a decade, has had to wildly meddle with the revenue half of ICANN’s budget every six months because he couldn’t seem to get a grip on how the new gTLD market was playing out.

He’s also the guy predicting an 8% decline in revenue for ICANN’s next fiscal year due to coronavirus, even as he admits its current revenue has been so far unaffected and most of its biggest funders say everything is going really rather well.

Swinehart is going to get an extra $46,000 a year.

Jeffrey’s raise amounts to an extra $21,000 on top of his $604,648 FY19 base salary.

Remember, he’s the guy in charge of ICANN’s legal department, which is consistently beaten in Independent Review Panel cases, and who is ultimately responsible for the decision to not disclose the existence of the sexual harassment cases that have been filed against ICANN by its own employees in recent years.

The reason these three in particular have been given angry-laughable pay rises is the recently-announced executive reshuffle, which I blogged about earlier this month.

The three of them have had their jobs merged with those of two recent departures — COO Susanna Bennett, who’s leaving for undisclosed reasons shortly, and GDD president Cyrus Namazi, who quit following (but, you know, not necessarily because of) sexual harassment allegations earlier this year.

Combined, Namazi and Bennett were taking $860,000 a year out of the ICANN purse, so ICANN is still saving money by increasing the salaries of their replacements by about $134,000.

But the question has to be asked: how much extra work are these execs doing for this money? How many extra hours a day are they putting in to earn what to many people would be a whole year’s salary?

I expect the answer is: none.

I expect the answer is that ICANN didn’t need the number of six-figure execs it had previously, and now that’s it’s lost a couple of them it’s handing out your cash to those who chose to stick around mainly because it can and it hopes nobody will notice or care.

ICANN’s board resolution says that its decision to raise salaries is based on “independent market data provided by outside expert compensation consultants”.

ICANN has long had a “philosophy” of paying its top people in the “50th to 75th percentile for total cash compensation based on comparable market data for the respective positions”.

It’s never been entirely clear which entities ICANN compares itself to when making these judgements.

26 Comments Tagged: , , , ,

Web.com is kicking out a racist web site. How long before it winds up at Epik?

An American news site for white nationalists says it’s been given its goose-stepping orders by Web.com unit Network Solutions, and it’s looking for a new registrar.

VDare, named after Virginia Dare, a semi-mythological American folk hero, has been publishing anti-immigration material on vdare.com under NetSol’s wing for 20 years, but the site claims the registrar has given it 10 days, until June 25, to GTFO.

According to the site, NetSol told VDare that it was in violation of its acceptable use policy and “we consider your continued use of our services a serious issue and risk to our business and corporate reputation”.

That seems plausible, given how corporate America is currently bending over backwards to prove that they support the Black Lives Matter movement.

The move seems to have come due to pressure from the Lawyers’ Committee for Civil Rights Under Law, a campaigning group that persuaded NetSol to dump racist forum Stormfront as a customer a few years ago (it found its new home at Tucows).

The Committee has reportedly written to NetSol twice recently, urging the company to cut Vdare loose.

Vdare says it’s looking for a new registrar, but has also obtained a .onion domain in case it needs to retreat to the “Dark Web”. The .onion space is only accessible to users of the Tor browser.

Anyone care to place a bet on how long it will be before vdare.com winds up at Epik?

4 Comments Tagged: , , , , , ,

Over 660,000 “coronavirus” domains registered

There have been hundreds of thousands of domains that appear to refer to coronavirus registered since the start of the outbreak, but the domain industry reckons only a tiny portion of them have been used maliciously.

Speaking on a recent webinar, ICANN security specialist Sion Lloyd said that up until the end of May, ICANN had found 662,111 domains that at first glance appeared to be related to the pandemic.

ICANN had cast a wide net, parsing the zone files for all of the gTLDs and a handful of ccTLDs for strings such as “covid”, “corona”, “mask”, “quarantine” and “lockdown” in multiple languages.

But it also searched for homoglyph variants, such as replacing the O in Covid with a 0, and this brought in hundreds of thousands of false positives.

The actual number of domains that appear to refer to the virus and its impact is more like 170,000, Lloyd said.

The word “mask” was more commonly found than “corona”, but less frequently than “covid”.

The research was done as part of ICANN’s attempt to provide registries and registrars with data they could use to mitigate abuse, such as the sale of fake vaccines, fraud or phishing attacks.

But ICANN said that after it ran thousands of daily registrations through various public threat lists, it found a few hundred per day were potentially suspicious. At the peak, roughly 10 per day were considered serious enough to refer to registrars. That’s now down to three or four a day, Lloyd said.

His research was backed up by similar studies, albeit using slightly different methodologies and different-sized nets, by registries and registrars.

Tucows’ Graeme Bunton showed data reflecting that the registrar was seeing about 300 coronavirus-related regs per day at its peak in March.

The company had its compliance team manually check each domain, and found that only 0.5% were being used for clearly malicious purposes. The large majority — around 70% — were parked or not resolving, he said.

Jim Galvin from Afilias said that at the March peak the registry was seeing almost 900 coronavirus domains across its 25 gTLDs every week. That had dropped to under 100 by the end of March.

Brian Cimbolic of Public Interest Registry said that there had been 14,700 total registrations by the end of May, with the early April peak seeing over 500 in a single day.

While all this work is an example of ICANN and the industry getting involved to some extent in content regulation, Tucows’ Bunton said that it was an “exceptional” circumstance that was unsustainable and of limited use.

More data and the webinar recording can be found here.

3 Comments Tagged: ,

Watch three members of the ICANN community get assassinated

Kevin Murphy, June 22, 2020, Gossip

Three members of the ICANN community got killed by an assassin in a 2012 movie, now available on Amazon Prime, I inexplicably had never heard about until today.

The film’s called Rogue Hunter, and it’s produced and directed by prominent community member Jonathan Zuck, who’s been involved in ICANN representing intellectual property interests for the last 15 years.

It’s about… 55 minutes long.

It’s about… I dunno. A foxy female assassin or something? Maybe. The audio during the exposition scenes was pretty ropey. My feeling was that it’s drawing a lot from The Bourne Identity.

Zuck himself, alongside Steve DelBianco and Andrew Mack, both former chairs of the ICANN Business Constituency, all have cameos in which they get killed.

Here’s the trailer for the film, featuring DelBianco getting offed near the Taj Mahal (presumably shortly after the 2008 ICANN 31 meeting in New Delhi).

But is it any good?

No. The movie is fucking terrible.

But it’s firmly in the “So Bad It’s Good” zone.

And I laughed my balls off.

It’s not quite a classic of the genre — it’s no The Room — because it seems pretty clear that Zuck and his colleagues knew they were making a terrible film. There’s deliberate humor in the script and the direction.

The film was released in 2012, and somehow got on to Amazon Prime two years ago, where it has one one-star review:

Poor camera work, poor lighting, poor story line, poor acting just really all round dreadful.

I don’t think that reviewer really “got” what the makers were going for. Maybe, if you choose to watch the movie and review it, you could help redress the balance.

I should point out that there’s a bit of nudity and a somewhat explicit sex scene in the film, so you probably shouldn’t watch it with your boss or your kids watching over your shoulder.

4 Comments Tagged: ,

“Horrifying” Zoombombing attack on ICANN meeting, again

Kevin Murphy, June 22, 2020, Domain Policy

ICANN’s eleventh-hour decision to remove password requirements for ICANN 68 was proved wrong almost immediately after the meeting got underway on Zoom today.

According to participants and ICANN itself, several sessions were “zoombombed” this morning, with apparently pornographic content.

Zoombombing is where trolls disrupt public, open Zoom meetings with content designed to offend.

ICANN 68 is taking place on Zoom, but on Kuala Lumpur time. I was asleep during the attacks and ICANN has yet to post the recordings of any of today’s sessions, so I can’t give you any of the details first-hand.

But judging by a handful of social media posts that reference the attack, it seems to have been pornographic in nature. ICANN said it comprised “audio, images and video”.

One participant described it as “funny at first…until it was not”, while another said it was “horrifying” and left her feeling “completely vulnerable”.

ICANN said in a blog post that the trolls were swiftly removed from the sessions.

It added that it has changed the format of the remainder of ICANN 68, unplugging certain interactive components and requiring passwords to be entered before access is granted.

This means you’re going to have to register for each session and click emailed confirmation links, it appears.

Only the Governmental Advisory Committee is staying on the platform with its original vulnerable configuration.

ICANN had been planning to require passwords since a similar attack at an inter-sessional meeting in March, but changed its mind last week after security upgrades made by Zoom gave leaders a greater sense of confidence in the platform.

It appears that confidence was misplaced.

Comment Tagged: , , , , , ,

Coronavirus is saving ICANN millions of your money, but will it use the cash wisely?

Kevin Murphy, June 21, 2020, Domain Policy

ICANN is saving millions this year due to the coronavirus-related shift to online-only public meetings.

But it’s thinking about using some of the cash to do things like pay for broadband upgrades and hotel rooms for some of its community volunteers.

During a conference call on Thursday, CFO Xavier Calvez gave out figures suggesting that the switch from in-person to Zoom meetings could save as much as $8 million of your money in 2020.

Calvez said that ICANN meetings usually cost an average of $4 million, but that the virtual ICANN 67 in March only cost the org $1.5 million to $2 million.

Because the face-to-face component was canceled only at the last minute, ICANN had already incurred some costs associated with a physical meeting.

The ICANN 68 meeting, which begins tomorrow, is expected to cost $1 million to $1.5 million, Calvez said.

If we assume that October’s ICANN 69, recently moved from Hamburg to Zoom, will see similar savings, then the total 2020 meetings bill could be down by between $6 million and $8 million.

Calvez added that ICANN’s funding during the coronavirus crisis has so far been holding steady.

No sooner had Calvez finished speaking than a pre-submitted community member question was read out wondering whether some of this cash could be redistributed to participants who are usually travel-subsidized.

Intellectual property expert Jonathan Zuck said that money could be handed out to volunteers in order to pay for things such as broadband upgrades and “finding quiet places to participate in the middle of the night”.

Perhaps surprisingly, Calvez and senior VP of global stakeholder engagement Sally Costerton did not rule this out.

In fact, she said such ideas are currently under active discussion and may be floated for public comment after ICANN 68.

One idea, I suggest, might be to compensate the 200-odd people who tuned into Thursday’s “Q&A” session for their time.

The session was scheduled to be an hour long, but the first 45 minutes were devoted to the 12 members of the ICANN executive team introducing themselves and patting themselves on the back for all the awesome work they’ve been doing.

5 Comments Tagged: , , , , ,

Half as many women apply for ICANN leadership jobs

Kevin Murphy, June 19, 2020, Domain Policy

This year’s ICANN Nominating Committee has released data showing a drop in the number of applicants for ICANN leadership positions, with a noticeable decline in the number of female applicants.

The NomCom is responsible for picking members of the ICANN board, GNSO Council, PTI board, ALAC and ccNSO Council.

There were 96 applicants this year, down from 127 in the 2019 round, including only 18 women, down from 42 a year ago.

I can think of two possible reasons for this apparent decline.

First, applicants this year got the option not to disclose their gender for the first time. The “did not disclose” box was checked by 13 people.

Second, both of the director positions opening up this October are currently occupied by women who are not term-limited — Avri Doria and Sarah Deutsch.

There’s a reasonable chance both of them could be reappointed.

ICANN’s board has told NomCom that it can use gender as a criterion when appointing directors, saying last December:

Without compromising the fundamental requirement to have Board members with the necessary integrity, skills, experience, the Board would find it helpful to have greater gender diversity on the Board.

It appears that’s not going to happen this year.

The other three ICANN directors whose current terms end in October are Chris Disspain, Matthew Shears and León Sánchez. Disspain is being replaced by the ccNSO with a man and Sánchez and Shears have been confirmed for second terms by ALAC and GNSO respectively.

Comment Tagged: ,

ICANN decision to cancel Hamburg was NOT unanimous

Kevin Murphy, June 19, 2020, Domain Policy

Surprisingly, ICANN’s decision last week to cancel its Hamburg annual general meeting in favor of Zoom did not receive the unanimous support of its board of directors.

Two directors — Ihab Osman and Ron da Silva — voted against the majority in the June 11 resolution, minutes published last night show.

The resolution noted that the global path of the coronavirus pandemic is currently too unpredictable to ensure that an in-person ICANN 69 could go ahead safely or legally in October.

But the two directors dissented, pushing instead for a “hybrid” model meeting, with a greatly reduced in-person attendance propped up with online participation.

According to the minutes:

Ron expressed concerns that the decision to conduct ICANN69 as a purely virtual meeting is premature and indicated a preference for the President and CEO to explore with the SO and AC leadership the implications, costs and logistics around a hybrid approach for ICANN69. Ihab expressed concerns that the proposed resolution does not allow for the possibility of some sort of physical hybrid model for ICANN69.

Osman went further, arguing that ICANN should set an example by going ahead with Hamburg:

Ihab Osman pointed out that large parts of the world are moving towards opening up, and that ICANN, as global community and global player, has a responsibility to do its part to bring the world back to some level of normalcy.

While CEO Göran Marby came back with a bunch of reasons a physical meeting would be impractical and potentially unsafe, both directors were unconvinced and voted against the 13-person majority anyway.

Notes released alongside the minutes reveal that ICANN stands to save a lot of money by remaining online-only.

Not only will it not have to pay for hundreds of flights and hotel rooms for staff and subsidized community members, but it had not yet signed contracts with the venue or local hotels, so it won’t be losing any deposits either.

1 Comment Tagged: , , , , ,

NamesCon goes virtual with intriguing 24-hour conference concept

Kevin Murphy, June 19, 2020, Domain Services

NamesCon has announced that it is going to host an online-only conference this year, with sessions running around the clock for three days straight.

It will run from September 9 to September 11 in a “custom online venue” and is being called NamesCon 360°.

Organizers are promising the usual “keynotes, panels, breakout sessions, and partner events” but with intriguing additions such as “intuitive matchmaking” and “gamification”.

The schedule is being split into a daily main track, running from 1500 UTC to 1900 UTC, and regional tracks targeting the Americas and South Asia regions, timed to be more convenient for American and Indian domainers.

There’ll also be 24-hour on-demand content, and sponsor content and networking rooms will be open for the duration of the conference.

It’s early days, and the agenda has not yet been fleshed out with information on specific sessions or speakers.

Registration is not yet open, and there’s no word on pricing. One assumes a lower ticket price than the usual in-person meetings.

NamesCon is promising a demo of its platform soon.

Comment Tagged: ,