Latest news of the domain name industry

Recent Posts

Porn blocks could be worth millions to MMX

Minds + Machines could find itself making millions of dollars a year out of non-resolving defensive registrations in its recently acquired portfolio of porn-themed gTLDs.

The company recently announced the launch of AdultBlock and AdultBlock Plus, which will enable trademark owners to prevent anyone else registering their marks, and variants thereof, for up to 10 years.

Running the numbers, and taking into account MMX’s already substantial established client base for such services, AdultBlock could bring in as much as $11 million a year. But it’s almost certainly going to be much less than that.

The company won’t disclose it’s exact pricing for AdultBlock, or its revenue estimates, but it’s possible to do some back-of-the-envelope calculations and come to some ball-park guesses.

MMX has said that it’s pricing the service such that customers should be able to see a 35% saving compared to the cost of registering a single string across all four of its porn TLDs

The company acquired .xxx, .porn, .adult and .sex when it bought ICM Registry last year.

The wholesale fee for each of the four is believed to be about $68 a year. From this, we can calculate that the wholesale price of AdultBlock may well be around the $175-a-year mark.

There’s some room for error here, as MMX hasn’t revealed precisely how it came to its 35% number, but I think we can safely say we’re looking at $150 to $200 a year. For the purposes of this envelope, let’s split the difference and assume it’s $175.

It’s quite a high number, a bit like a recurring sunrise fee for a domain that you don’t even get to use.

But how many domains can MMX expect to be blocked?

A low-ball estimate could be modeled on the .porn/.adult/.sex sunrise periods.

.porn launched in 2015 and gathered 2,091 sunrise registrations, according to ICANN records, making it one of the largest new gTLD sunrise periods. The other two TLDs weren’t far behind.

If that’s a good guide for AdultBlock uptake, we’re talking about a piddling $360,000-a-year business.

But MMX has a secret weapon that it inherited from .xxx.

When .xxx launched back in 2011, it kicked off with two sunrise periods. Sunrise A was for trademark owners in the porn business who wanted to use their .xxx names. Sunrise B was for everyone else, who didn’t.

In Sunrise B, brand owners paid $162 (plus their registrar’s markup) to block their domains for a flat period of 10 years.

Customers couldn’t use their domains. They were registered to ICM and used specially designated ICM name servers to resolve to a standard, non-monetized placeholder page stating “This domain has been reserved from registration.”

There are over 80,000 domains using these name servers, but about 15,000 of those represent names of celebrities, cities, and religiously and culturally sensitive terms that ICM culled from Wikipedia and unilaterally reserved to help avoid a tabloid crucifixion if mileycyrus.xxx ever started bouncing children to something pornographic, such as one of her music videos.

(As an aside, I think it’s worth mentioning that the .xxx zone file only has 93,000 names in it. These means about nine out of 10 live .xxx domains are reserved by the registry.)

So we’ve got 65,000 trademarks that are currently blocked in .xxx, and they’re all going to expire in 2021 because ICM only sold blocks for the duration of its original 10-year ICANN contract.

If all 65,000 domains are upgraded to AdultBlock, the service would be worth over $11 million a year, to a company currently reporting annual revenue around $15 million.

But they won’t.

You don’t have to scroll too far down the .xxx zone file (and I didn’t) to discover some absolute garbage, no doubt the result of scaremongering around the 2011 .xxx launch.

I mean, seriously, look at some of this Sunrise B guff:

100percentwholewheatthatkidslovetoeat.xxx, 101waystoleaveagameshow.xxx, 1firstnationalmergersandacquisitions.xxx, 1stchoiceliquorsuperstore.xxx, 2bupushingalltherightbuttons.xxx, 247claimsservicethesupportyouneed30minutesguaranteed.xxx, 3pathpowerdeliverysystembypioneermagneticsinc.xxx

I think we’re going to be looking at a significant junk drop of blocked domains come 2021.

That said, I think MMX may have a psychological advantage here, when it comes to persuading Sunrise B users to “renew”.

Who hasn’t renewed a domain name they strongly suspect they will never use or sell, simply because they couldn’t bear the thought of somebody else owning “their” domain?

An additional consideration for brand owners is that these Sunrise B names are going to show up on drop-lists when they are eventually deleted from the .xxx zone file, perhaps giving inspiration to cybersquatters.

This is a fantastic opportunity for MMX and brand protection registrars to put the hard sell on its Sunrise B customers to “renew” their blocks by upgrading to the new and improved AdultBlock service, which could cost literally 10 times more than what they originally signed up for.

AdultBlock is of course more comprehensive than Sunrise B. It covers three additional TLDs, for starters, and customers can pay a little more for potentially thousands of potential homographs (non-Latin-script domains that look almost identical to the original) to also be blocked.

MMX isn’t waiting until 2021, however. It’s currently offering companies that buy a 10-year-block before the end of 2019 the AdultBlock+ service for the price of the vanilla, no-variants offering.

Existing Sunrise B customers have until the same deadline to purchase the new service without having to have their trademarks re-verified, which carries an additional fee.

For those that miss this early-bird offer, come December 2021, the holders of up 65,000 trademarks are going to face a stark choice: sign up to pay a couple hundred bucks a year, or risk their brands being snapped up by pornsquatters.

1 Comment Tagged: , , , , , , , ,

Cryptocurrency firms to be banned from .bank

The registry for the already heavily restricted .bank and .insurance gTLDs wants to change its policies to make it clear that cryptocurrency firms are not welcome.

fTLD Registry Services has opened up a public comment period on proposed changes to its eligibility policies for the two TLDs which would drop the “service provider” category of registrant.

It would also clarify that eligible entities have to be “retail” banks regulated by a proper government authority.

The elimination of “service providers” is an effort to clarify that .bank is for banks and not peer-to-peer or cryptocurrency payment providers.

Heather Diaz, senior director of compliance and policy at fTLD, told us that the service provider category was created to allow “banking core processors” and the like to register domains. She said in an email:

More recently, as the financial services arena has evolved, particularly as it relates to fintechs offering financial products/services (e.g., P2P payment providers, cryptocurrency companies), we have found that some prospective Registrants were seeking domains to enhance their legitimacy to market to regulated entities and/or consumers.

By eliminating the category, fTLD hopes to clarify that .bank is just for regulated banks.

Registrants that already own service provider domains (it sounds like there are only one or two) would be grandfathered under the proposed policy, so nobody’s going to lose their existing domains.

The proposed changes were boiled up by fTLD’s bank-led Advisory Committee and its board of directors.

Comments are being accepted until August 24, after which the company’s board will decide whether to implement the new policies.

4 Comments Tagged: , , , ,

Cybersquatting cases down a bit in the UK

The number of cybersquatting complaints filed with Nominet declined slightly in 2018, according to the registry.

Nominet’s Dispute Resolution Service, which is a bit like the UDRP, handled 671 cases last year, compared to 712 in 2017.

The number of domains at issue was down from 783 to 763.

The slight decline appears to be because fewer complaints were filed against .org.uk, .me.uk and plain .uk domains.

The number of .co.uk registrations challenged was flat between 2017 and 2018 at 617 domains.

Only 49% of cases resulted in the disputed domain being transferred, according to the registry’s annual report (pdf).

Comment Tagged: , , , , ,

Looks like .fans has a new Chinese owner

It appears that the struggling new gTLD .fans has changed ownership for the second time in a year.

According to ICANN’s web site, the .fans Registry Agreement was assigned to a company called ZDNS International on June 28.

Since August 2018, the contract had been in the hands of a CentralNic subsidiary called Fans TLD, having been originally operated by Asiamix Digital.

ZDNS International appears to be a newish Hong Kong subsidiary of major China-based DNS service provider ZDNS.

ZDNS provides DNS services for more than 20 TLDs, mostly Chinese-language, but as far as I can tell it is not the contracted party for any.

It’s also known for providing registry gateway services for non-Chinese registries that want to set up shop in the country.

CentralNic took over .fans last year after Asiamix failed to get the TLD’s sales to take off.

.fans had about 1,700 domains under management at the time, and it’s been pretty much flat ever since. I don’t think CentralNic has been promoting it.

Over the same period, singular competitor .fan, which Donuts acquired from Asiamix last year, has gone from 0 to almost 3,000 registrations.

If CentralNic, a public company, made a profit on the flip it does not appear to have been material enough to require disclosure to shareholders.

Comment Tagged: , , , , , , ,

Can NameCheap reverse .org price cap scrap?

Kevin Murphy, July 25, 2019, Domain Policy

NameCheap has taken it upon itself to fight ICANN’s decision to remove price increase caps on .org. But does it stand a snowball’s chance in hell of winning?

The registrar has filed a Request for Reconsideration with ICANN, appealing the organization’s signing of a Registry Agreement with Public Interest Registry that allows PIR to raise prices by however much it wants, more or less whenever that it wants.

NameCheap, which had over 390,000 .org domains under management at the last count, says it is fighting for 700-odd of its customers whose comments, filed with ICANN, were allegedly not taken into account when the decision was made, along with registrars and everyone else that may be adversely impacted by unfettered .org price increases.

NameCheap thinks its business could be harmed if price increases are uncapped, with customers perhaps letting their domains expire instead of renewing. It’s RfR states:

The decision by ICANN org to unilaterally remove the price caps when renewing legacy TLDs with little (if any) evidence to support the decision goes against ICANN’s Commitments and Core Values, and will result in harm to millions of internet users throughout the world.

Unrestricted price increases for legacy TLDs will stifle internet innovation, harm lesser served regions and groups, and significantly disrupt the internet ecosystem. An incredible variety of public comments was submitted to ICANN from all continents (except Antarctica) imploring ICANN to maintain the legacy TLD price caps — which were completely discounted and ignored by ICANN org.

Before the new contract was signed, PIR was limited to a 10% increase in its .org registry fee every year. It didn’t always exercise that right, and has said twice in recent months that it still has no plans to increase its prices.

The new contract — which has already been signed and is in effect — was subjected to a public comment period that attracted over 3,200 comments, almost all of them expressing support for maintaining the caps.

Despite not-for-profit PIR’s protestations, many commenters came from the position that giving PIR the power to increase its fee without limit would very possibly lead to price gouging.

That ICANN allegedly “ignored” these comments is the key pillar of NameCheap’s RfR case.

The public comment period was a “sham”, the registrar claims.

But is this enough to make ICANN change its mind and (somehow) unsign the .org contract?

There are three ways, under ICANN’s bylaws, to win an RfR.

Requestors can show that the board or staff did something that contradicts “ICANN’s Mission, Commitments, Core Values and/or established ICANN policy(ies)”

They also win if they can show the decision was was taken “without consideration of material information” or with “reliance on false or inaccurate relevant information”.

It’s quite a high bar, and most RfRs are rejected by the Board Accountability Mechanisms Committee, which is the court of first instance for reconsideration requests.

Requestors rarely show up with sufficient new information sufficiently persuasive to kick the legs from under ICANN’s original decision, and the question of something contradicting ICANN’s core principles is usually a matter of interpretation.

For example, in this case, NameCheap is arguing that failing to side with the commenters who disagreed with the removal of price caps amounts to a breach of ICANN’s Core Value to make all decisions in consultation with stakeholders:

The ICANN org will decide whether to accept or reject public comment, and will unilaterally make its own decisions — even if that ignores the public benefit or almost unanimous feedback to the contrary, and is based upon conclusory statements not supported by the evidence. This shows that the public comment process is basically a sham, and that ICANN org will do as it pleases in this and other matters.

But one of ICANN’s stated reasons for approving the contract was to abide by its Core Value to depend “on market mechanisms to promote and sustain a competitive environment in the DNS market”. It doesn’t want to be a price regulator, in other words.

So we have a clash of Core Values here. It will be pretty easy for ICANN’s lawyers — who drafted the contract and will draft the resolutions of the BAMC and the full board — to argue that the Core Values were respected.

I think NameCheap is going to have a hard time here.

Even if it were to win, how on earth does one unsign a contract? As far as I can tell, ICANN has no termination rights that would apply here.

Where the RfR will certainly succeed is to force the ICANN board itself to take ownership, on the record, of the .org contract decision.

As ICANN explained to DI earlier this month, while the board was very much kept in the loop on the state of negotiations, it was senior staff that made all the calls on the new contract.

But an RfR means that the BAMC, which comprises five directors, will first have to raise their hands to confirm the .org decision was kosher.

NameCheap will then get a chance to file a rebuttal before the BAMC decision is handed to the full ICANN board for a confirmatory vote.

While the first two board discussions of the .org contract were not minuted, the bylaws contain an interesting feature related to RfRs that I’d never noticed before today:

If the Requestor so requests, the Board shall post both a recording and a transcript of the substantive Board discussion from the meeting at which the Board considered the Board Accountability Mechanisms Committee’s recommendation.

I sincerely hope NameCheap invokes this right, as I think it’s pretty important that we get some additional clarity on ICANN’s thinking here.

3 Comments Tagged: , , , , , , ,

Neustar to keep .us for another decade

Neustar has secured a renewal of its contract to run the United States’ ccTLD until up to 2029.

The company and the National Telecommunications and Information Administration announced the new contract last week.

The initial term of the deal runs until August 2021, but there are four two-year renewal options after that.

Neustar has been running .us since 2001. It doesn’t pay NTIA for the privilege, nor does the NTIA pay Neustar.

There are currently around two million registered .us domain names. The TLD appears to be still growing, but not especially fast.

Comment Tagged: , , ,

MMX to pay $5.1 million to get out of terrible .london deal

Minds + Machines will pay its partner on .london roughly $5.1 million in order to put the catastrophic deal to bed for good.

That’s a reduction from the $7.9 million liability it had previously estimated.

The company said last week that it will pay an unspecified partner the $5.1 million “as full and final settlement for any further liability or contractual spend” after renegotiating the contract.

In April, MMX said that the deal had cost it $13.7 million since the outset.

While MMX has never publicly fingered the contract in question, which has been a pair of concrete boots for years, its deal with .london’s London & Partners is the only one that fits the bill.

The registry secured L&P, the marketing arm of the London Mayor’s office, as a client during the mayoral reign of Boris Johnson, the man set to be anointed the UK’s next prime minister this week.

It agreed to make millions of dollars in guaranteed payments over the duration of the contract, because it expected to sell a shedload of .london domains.

That never happened. The gTLD peaked at 86,000 names in March 2018 and was down to 54,000 a year later, evidently a fraction of what MMX had planned for.

The renegotiated deal — I believe at least the second time the deal has been amended — is “in principle” for now, with formal approval expected soon.

In its trading statement last week, MMX also said that the first half of the year ended with a 19% increase in regs, ending June at about 1.82 million.

It said it has “stabilised” declining billings in its acquired ICM Registry portfolio of porn-themed TLDs at $2.8 million, and that it has a “clear pathway” to growth from the four zones.

It’s hoping “further new initiatives” — likely a reference to a new trademark-blocking service — will help out in the current half.

MMX also said that it’s spending $1 million of its cash reserves on a stock buyback.

Comment Tagged: , , , , , ,

ZADNA boss canned for “misconduct”

The CEO of South African ccTLD manager ZADNA has been fired after a “misconduct” investigation lasting over half a year.

Vika Mpisane had been suspended from the role since early December, according to local reports, with Peter Madavhu taking his place.

Madavhu will continue as acting CEO until further notice, ZADNA told its members last week. A July 17 letter from chair Motlatjo Ralefatane, seen by DI, said:

Members would recall that Mr Vika Mpisane was on suspension pending the disciplinary hearing, which has been concluded.

Stemming from those disciplinary actions, Mr Vika Mpisane’s employment as the Chief Executive Officer of ZADNA has been terminated with effect from 16 July 2019.

The specifics of Mpisane’s alleged wrongdoings are not known. The fact that he had been suspended was not even public knowledge until MyBroadband scooped the story in May.

It has previously been reported that he was suspended for “for serious hybrid acts of misconduct including mismanagement of ZADNA funds”.

A disciplinary process that kicked off in January has reportedly been delayed multiple times, during which time Mpisane continued to draw a salary.

Comment Tagged: , ,

ICANN’s new conferencing software has a webcam security bug

Kevin Murphy, July 10, 2019, Domain Tech

ICANN can’t catch a break when it comes to remote participation security, it seems.

Having just recently made the community-wide switch away from Adobe Connect to Zoom, partly for security reasons, now Zoom has been hit by what many consider to be a critical zero-day vulnerability.

Zoom (which, irrelevantly, uses a .us domain) pushed out an emergency patch for the vulnerability yesterday, which would have allowed malicious web sites to automatically turn on visitors’ webcams without their consent.

Only users of the installable Mac client were affected.

According to security researcher Jonathan Leitschuh, who discovered the problem, Zoom’s Mac client was installing a web server on users’ machines in order to bypass an Apple security feature that requires a confirmatory click before the webcam turns on.

This meant a web site owner could trick a user into a Zoom session, with their camera turned on by default, without their knowledge or consent.

If you’re in the habit of keeping your webcam lens uncovered, that’s potentially a big privacy problem, especially if you do most of your remote coverage of ICANN meetings from the toilet.

It appears that Leitschuh, who reported the problem to Zoom three months ago, took issue with what he saw as the company’s ambivalent attitude to fixing it in a timely fashion.

When he finally blogged about it on Monday, after giving Zoom a 90-day “responsible disclosure” period to issue a patch, the problem still hadn’t been fully resolved, he wrote.

But, following media coverage, Zoom’s new patch apparently removes the covert web server completely. This removes the vulnerability but means Apple users will have to click a confirmation button before joining Zoom meetings in future.

Zoom is used now for all of ICANN’s remote participation, from sessions of its public meetings to discussions of its policy-making working groups.

I really like it. It feels a lot less clunky than Adobe, and it’s got some nifty extra features such as the ability to skip around in recordings based on an often-hilarious machine-transcription sidebar, which makes my life much easier.

One of the reasons ICANN made the switch was due to a bug found in Adobe Connect last year that could have been used to steal confidential information from closed meetings.

ICANN actually turned off Adobe Rooms for remote participants halfway through its public meeting in Puerto Rico due to the bug.

The switch to Zoom was hoped to save ICANN $100,000 a year.

Comment Tagged: , , , ,

ICANN explains how .org pricing decision was made

ICANN has responded to questions about how its decision to lift price caps on .org, along with .biz and .info, was made.

The buck stops with CEO Göran Marby, it seems, according to an ICANN statement, sent to DI last night.

ICANN confirmed that was no formal vote of the board of directors, though there were two “consultations” between staff and board and the board did not object to the staff’s plans.

The removal of price caps on .org — which had been limited to a 10% increase per year — proved controversial.

ICANN approved the changes to Public Interest Registry’s contract despite receiving over opposing messages from 3,200 people and organizations during its open public comment period.

Given that the board of directors had not voted, it was not at all clear how the decision to disregard these comments had been made and by whom.

The Internet Commerce Association, which coordinated much of the response to the comment period, has since written to ICANN to ask for clarity on this and other points.

ICANN’s response to DI may shed a little light.

ICANN staff first briefed the board about the RA changes at its retreat in Los Angeles from January 25 to 28 this year, according to the statement.

That briefing covered the reasons ICANN thinks it is desirable to migrate legacy gTLD Registry Agreements to the 2012-round’s base RA, which has no pricing controls.

The base RA “provides additional safeguards and security and stability requirements compared to legacy agreements” and “creates efficiencies for ICANN org in administration and compliance enforcement”, ICANN said.

Migrating old gTLDs to the standardized new contract complies with ICANN’s bylaws commitment “to introduce and promote competition in the registration of domain names and, where feasible and appropriate, depend upon market mechanisms to promote and sustain a competitive environment in the DNS market”, ICANN said.

They also contain provisions forcing the registry to give advance notice of price changes and to give registrants the chance to lock-in prices for 10 years by renewing during the notice period, the board was told.

After the January briefing, Marby made the call to continue negotiations. The statement says:

After consultation with the Board at the Los Angeles workshop, and with the Board’s support, the CEO decided to continue the plan to complete the renewal negotiations utilizing the Base RA. The Board has delegated the authority to sign contracts to the CEO or his designee.

A second board briefing took place after the public comment periods, at the board’s workshop in Marrakech last month.

The board was presented with ICANN’s staff summary of the public comments (pdf), along with other briefing documents, then Marby made the call to move forward with signing.

Following the discussion with the Board in Marrakech, and consistent with the Board’s support, the CEO made the decision for ICANN org to continue with renewal agreements as proposed, using the Base gTLD Registry Agreement.

Both LA and Marrakech briefings “were closed sessions and are not minuted”, ICANN said.

But it appears that the board of directors, while not voting, had at least two opportunities to object to the new contracts but chose not to stand in staff’s way.

At the root of the decision appears to be ICANN Org’s unswerving, doctrinal mission to make its life easier and stay out of price regulation to the greatest extent possible.

Reasonable people can disagree, I think, on whether this is a worthy goal. I’m on the fence.

But it does beg the question: what’s going to happen to .com?

4 Comments Tagged: , , , , , , , , ,