Latest news of the domain name industry

Recent Posts

Could this be ICANN’s most important public comment period ever?

Kevin Murphy, April 24, 2013, Domain Policy

How much power should governments have over the domain name industry? Should the industry be held responsible for the actions of its customers? Are domain names the way to stop crime?

These are some of the questions likely to be addressed during ICANN’s latest public comment period, which could prove to be one of the most important consultations it’s ever launched.

ICANN wants comments on governmental advice issued during the Beijing meeting two weeks ago, which sought to impose a broad regulatory environment on new gTLD registries.

According to this morning’s announcement:

[ICANN’s Board New gTLD Committee] has directed staff to solicit comment on how it should address one element of the advice: safeguards applicable to broad categories of New gTLD strings. Accordingly, ICANN seeks public input on how the Board New gTLD Committee should address section IV.1.b and Annex I of the GAC Beijing Communiqué.

Annex 1 of the Beijing communique is the bit in which the GAC told ICANN to impose sweeping new rules on new gTLD registries. It’s only a few pages long, but that’s because it contains a shocking lack of detail.

For all new gTLDs, the GAC wants ICANN to:

  • Apply a set of abuse “safeguards” to all new gTLDs, including mandatory annual Whois accuracy audits. Domain names found to use false Whois would be suspended by the registry.
  • Force all registrants in new gTLDs to provide an abuse point of contact to the registry.
  • Make registries responsible for adjudicating complaints about copyright infringement and counterfeiting, suspending domains if they decide (how, it’s not clear) that laws are being broken.

For the 385 gTLD applications deemed to represent “regulated or professional sectors”, the GAC wants ICANN to:

  • Reject the application unless the applicant partners with an appropriate industry trade association. New gTLDs such as .game, .broadway and .town could only be approved if they had backing from “relevant regulatory, or industry self-­regulatory, bodies” for gaming, theater and towns, for example.
  • Make the registries responsible for policing registrants’ compliance with financial and healthcare data security laws.
  • Force registries to include references to organic farming legislation in their terms of service.

For gTLD strings related to “financial, gambling, professional services, environmental, health and fitness, corporate identifiers, and charity” the GAC wants even more restrictions.

Essentially, it’s told ICANN that a subset of the strings in those categories (it didn’t say which ones) should only be operated as restricted gTLDs, a little like .museum or .post are today.

It probably wouldn’t be possible for a poker hobbyist to register a .poker domain in order to blog about his victories and defeats, for example, unless they had a license from an appropriate gambling regulator.

Attempting to impose last-minute rules on applicants appears to reverse one of the GAC’s longstanding GAC Principles Regarding New gTLDs, dating back to 2007, which states:

All applicants for a new gTLD registry should therefore be evaluated against transparent and predictable criteria, fully available to the applicants prior to the initiation of the process. Normally, therefore, no subsequent addition selection criteria should be used in the selection process.

The Beijing communique also asks ICANN to reconsider allowing singular and plural versions of the same string to coexist, and says “closed generic” or “exclusive access” single-registrant gTLDs must serve a public interest purpose or be rejected.

There’s a lot of stuff to think about in the communique.

But ICANN’s post-Beijing problem isn’t whether it should accept the GAC’s advice, it’s to first figure out what the hell the GAC is actually asking for.

Take this bit, for example:

Registry operators will require that registrants who collect and maintain sensitive health and financial data implement reasonable and appropriate security measures commensurate with the offering of those services, as defined by applicable law and recognized industry standards.

This one paragraph alone raises a whole bunch of extremely difficult questions.

How would registry operators identify which registrants are handling sensitive data? If .book has a million domains, how would the registry know which are used to sell books and which are just reviewing them?

How would the registries “require” adherence to data security laws? Is it just a case of paying lip service in the terms of service, or do they have to be more proactive?

What’s a “reasonable and appropriate security measure”? Should a .doctor site that provides access to healthcare information have the same security as one that merely allows appointments to be booked? What about a .diet site that knows how fat all of its users are? How would a registry differentiate between these use cases?

Which industry standards are applicable here? Which data security laws? From which country? What happens if the laws of different nations conflict with each other?

If a registry receives a complaint about non-compliance, how on earth does the registry figure out if the complaint is valid? Do they have to audit the registrant’s security practices?

What should happen if a registrant does not comply with these laws or industry standards? Does its domain get taken away? One would assume so, but the GAC, for some reason, doesn’t say.

The ICANN community could spend five years discussing these questions, trying to build a framework for registries to police security compliance, and not come to any consensus.

The easier answer is of course: it’s none of ICANN’s business.

Is it ICANN’s job to govern how web sites securely store and transmit healthcare data? I sure hope not.

And those are just the questions raised by one paragraph.

The Beijing communique as a whole is a perplexing, frustrating mess of ideas that seems to have been hastily cobbled together from a governmental wish-list of fixes for perceived problems with the internet.

It lacks detail, which suggests it lacks thought, and it’s going to take a long time for the community to discuss, even as many affected new gTLD applicants thought they were entering the home stretch.

Underlying everything, however, is the question of how much weight the GAC’s advice — which is almost always less informed than advice from any other stakeholder group — should carry.

ICANN CEO Fadi Chehade and chair Steve Crocker have made many references recently to the “multi-stakeholder model” actually being the “multi-equal-stakeholder model”.

This new comment period is the first opportunity the other stakeholders get to put this to the test.

ICANN starts the clock on new gTLD GAC advice

Kevin Murphy, April 19, 2013, Domain Policy

The over 500 new gTLD applicants affected by Governmental Advisory Committee advice on their bids have 21 days from today to file their responses officially with ICANN.

But there’s still some confusion about who exactly is expected to file responses, given the extraordinary breadth of the advice contained within the GAC’s Beijing communique.

ICANN today put applicants on formal notice of the publication of the Beijing communique, which actually came out a week ago, and said applicants have until May 10 to respond to the ICANN board.

What it didn’t do is say which applicants are affected. Technically, it could be all of them.

The Beijing communique contains six “safeguards” related to things such as abuse and security, which it said “should apply to all new gTLDs”.

On a more granular level, the GAC has called out, we believe, 517 individual applications that should not be approved or that should not be approved unless they do what the GAC says.

The Beijing communique, it could be argued, throws the whole new gTLD program into disarray, and this is the first chance applicants will get to put their views directly in writing to the ICANN board.

GAC Advice on new gTLDs “not the end of the story”

Kevin Murphy, April 15, 2013, Domain Policy

Governments may want new gTLD registries to become the internet’s police force, but ICANN doesn’t have to take it lying down.

ICANN is set to open up the shock Beijing communique to public comments, CEO Fadi Chehade said Friday, while chair Steve Crocker has already raised the possibility of not following the GAC’s advice.

“Advice from governments carries quite a bit of weight and equally it is not the end of the story,” Crocker said in a post-meeting interview with ICANN PR Brad White.

“We have a carefully constructed multi-stakeholder process,” he said. “We want very much to listen to governments, and we also want to make sure there’s a balance.”

The ICANN bylaws, he reminded us, give ICANN “a preference towards following advice from the GAC, but not an absolute requirement.”

That’s a reference the the part of the bylaws that enables ICANN’s board to overrule GAC advice, as long as it carries out consultation and provides sound reasoning.

It was invoked once before, when ICANN tried to get a handle on the GAC’s concerns about .xxx in 2011.

In this case, I’d be very surprised indeed if the GAC’s advice out of Beijing does not wind up in this bylaws process, if only because the document appears to be internally contradictory in parts.

It’s also vague and broad enough in parts that ICANN is going to need much more detail if it hopes to even begin to implement it.

It looks like at least 517 new gTLD applications will be affected by the GAC’s advice, but in the vast majority of cases it’s not clear what applicants are expected to do about it.

The first part of dissecting the Beijing communique will be a public comment period, Chehade said during the interview Friday. He said:

The community wishes to participate in the discussion about the GAC communique. So, alongside the staff analysis that is starting right now on the GAC communique we have decided to put the GAC communique out for public comment, soliciting the entire community to give us their input to ensure that the GAC communique is taken seriously but also encompasses our response, encompasses the views of the whole community.

Watch the full video below.

Delay not certain as new gTLD contracts reopened

Kevin Murphy, April 12, 2013, Domain Policy

The launch window for new gTLDs may have just got pushed back another month or two, following the announcement of a new 42-day comment period on registry and registrar contracts.

But ICANN CEO Fadi Chehade said he’s looking at ways to streamline the process to offset the delays.

During the public forum in Beijing yesterday, ICANN CEO Fadi Chehade said that he’d cancelled a scheduled April 20 meeting of its board of directors, during which the new agreements were targeted for approval.

Instead, new versions of the 2013 Registrar Accreditation Agreement and new gTLDs base Registry Agreement will be posted for public comment next week.

As these are expected to be the final versions of both documents, they’re also expected to have full comment periods of 42 days — 21 for comments and 21 for replies.

“I believe that putting the last version of RAA for 2013 out for full public comment process is actually strengthening that agreement,” Chedhade said today. “It makes it an agreement of the community.”

For the Registry Agreement, Chehade said talks with registries are going well and that he hopes to have a version ready for public comment agreed with negotiators in less than a week.

Assuming an April 19 start, that puts the earliest possible date for ICANN board approval at May 31, assuming the board waits for the comment period to end before giving it the rubber stamp.

Before the contracts are approved, they can’t be signed by registries and registrars, and before they are signed new gTLD applicants cannot progress to the final pre-launch stages of the delegation process.

But Chehade is weighing an idea put forward during the public forum by Donuts’ Jon Nevett: why not allow applicants to complete pre-delegation technical testing before contract signing?

“We could potentially do something about advancing this step ahead of contracting, finding a way to start pre-delegation testing before contracting is done,” Chehade said.

GAC delivers sweeping advice that will delay scores of new gTLDs by months

Kevin Murphy, April 11, 2013, Domain Policy

ICANN’s Governmental Advisory Committee has issued the kiss of death to two new gTLD applications and sweeping advice that will delay many, many more.

In its Beijing communique, issued this hour, the GAC as expected delivered advice against whole categories of gTLDs and provided a lengthy but “non-exhaustive” list of affected bids.

First, the GAC said that the .africa bid filed by DotConnectAfrica and the .gcc bid filed by GCCIX WLL should be rejected. Those were full consensus objections.

Two gTLDs related to Islam: .islam and .halal, have non-consensus objections, and will now have to be considered by the ICANN board of directors directly.

The GAC also said it needed more time, until ICANN’s meeting in Durban this July, to consider delivering specific advice against 14 more:

the GAC advises the ICANN Board to: not proceed beyond Initial Evaluation with the following strings: .shenzhen (IDN in Chinese), .persiangulf, .guangzhou (IDN in Chinese), .amazon (and IDNs in Japanese and Chinese), .patagonia, .date, .spa, .yun, .thai, .zulu, .wine, .vin

On the issue of plurals versus singulars, the GAC said ICANN should “Reconsider its decision to allow singular and plural versions of the same strings.” This affects about 60 applications.

But it doesn’t end there.

As predicted, the GAC has also issued swathes of advice against scores of proposed gTLDs in 12 categories: children, environmental, health and fitness, financial, gambling, charity, education, intellectual property, professional services, corporate identifiers, generic geographical terms and inherently governmental functions.

A “non-exhaustive” list of applications has been provided for each category, covering well over 100, setting the stage for a fight over inclusion for any application that the GAC forgot about.

If the GAC gets its way, any application that falls into one of these categories will have to have enhanced regulations governing Whois, abuse mitigation, and security.

The GAC also has its say on “closed generics”, which it calls “exclusive registry access” strings. They should only be awarded if they serve a public interest purpose, the GAC said.

In short, the advice is extraordinarily broad and seems to delegate the considerable work of picking through the mess to ICANN.

More analysis later…