Latest news of the domain name industry

Recent Posts

Does Chehade agree with Donuts on .doctor?

Kevin Murphy, March 24, 2015, Domain Policy

Should governments have the right to force business-limiting restrictions on new gTLD operators, even though they don’t have the same rules in their own ccTLDs?

ICANN CEO Fadi Chehade evidently believes the answer to that question is “No”, but it’s what ICANN is controversially imposing on Donuts and two other .doctor applicants anyway.

Donuts recently filed a Request for Reconsideration appeal with ICANN over its decision to make the .doctor gTLD restricted to medical professionals only.

It was an unprecedented “Public Interest Commitment” demanded by ICANN staff in order to keep the Governmental Advisory Committee happy.

The GAC has been asking for almost two years for so-called “Category 1” gTLD strings — which could be seen to represent highly regulated sectors such as law or medicine — to see a commensurate amount of regulation from ICANN.

Governments wanted, for example, registrants to show professional credentials before being able to register a name.

In the vast majority of instances, ICANN creatively reinterpreted this advice to require registrants to merely assert that they possess such credentials.

These rules were put in registries’ contracts via PICs.

But for some reason in February the organization told Donuts that .doctor domains must be “ascribed exclusively to legitimate medical practitioners.”

According to Donuts, this came out of the blue, is completely unnecessary, an example of ICANN staff making up policy on the spot.

Donuts wants to be able to to sell .doctor names to doctors of any discipline, not just medical doctors. It also wants people to be able to use the names creatively, such as “computer.doctor” or “skateboard.doctor”.

What makes ICANN’s decision especially confusing is that CEO Fadi Chehade had the previous day passionately leaped to the defense of new gTLD registries in their fight against unnecessary GAC-imposed red tape.

The following video, in which Chehade uses .dentist as an example of a string that should not be subject to even more oversight, was taken February 11 at a Q&A with the Domain Name Assocation.

The New gTLD Program Committee meeting that authorized ICANN staff to add the new PIC took place February 12, the very next day. Chehade did not attend.

It’s quite remarkable how in line with registries Chehade seems to be.

It cuts to the heart of what many believe is wrong with the GAC — that governments demand of ICANN policies that they haven’t even bothered to implement in their own countries, just because it’s much easier to lean on ICANN than to pass regulations at home.

Here’s the entire text of his answer. He’s describing conversations he’d had with GAC members earlier in the week.

They’re saying stop all the Category 1 TLDs. Stop them. Freeze them!

And we said: Why do we need to freeze them? What’s the issue?

They said: It’s going to harm consumers.

How will it harm consumers? We started having a debate.

It turns out that they’re worried that if somebody got fadi.casino or fadi.dentist, to pick one of Statton’s [Statton Hammock, VP at Rightside, who was present], that this person is not a dentist and will pluck your ear instead of your teeth. How do you make sure they’re a dentist?

So I asked the European Commission: How do you make sure dentist.eu is a dentist?

They said: We don’t. They just get it.

I said: Okay, so why do these guys [new gTLD registries] have to do anything different?

And they said: The new gTLD program should be better or a model…

I said: Come on guys, do not apply rules that you’re not using today to these new folks simply because it’s easy, because you can come and raise flags here at ICANN. Let’s be fair. How do you do it at EU?

“Well, if somebody reports that fadi.dentist.eu is not a dentist, we remove them.”

Statton said: We do the same thing. It’s in our PICs. If fadi.dentist is not, and somebody reports them…

They said: But we can’t call compliance.

You can call compliance. Anyone can call compliance. Call us and we’ll follow up. With Statton, with the registrar.

What we have here is Chehade making a passionate case for the domain name industry’s right to sell medical-themed domain names without undue regulation — using many of the same arguments that Donuts is using in its Reconsideration appeal — then failing to show up for a board meeting the next day when that specific issue was addressed.

It’s impossible to know whether the NGPC would have reached a different decision had Chehade been at the February 12 meeting, because no formal vote was taken.

Rather, the committee merely passed along its “sense” that ICANN staff should carrying on what it was doing with regards implementing GAC advice on Category 1 strings.

While Chehade is but one voice on the NGPC, as CEO he is in charge of the ICANN staff, so one would imagine the decision to add the unprecedented new PIC to the .doctor contract falls into his area of responsibility.

That makes it all the more baffling that Donuts, and the other .doctor new gTLD applicants, are faced with this unique demand to restrict their registrant base to one subset of potential customers.

ICANN holds its ground on weaseled GAC advice

Kevin Murphy, September 11, 2014, Domain Policy

While many members of the community are getting upset about the plan to make it harder for ICANN’s board to overrule GAC advice, today we got a reminder that the board is not the GAC’s lapdog.

The New gTLD Program Committee is standing firm on the way it creatively reinterpreted Governmental Advisory Committee advice to make it less punishing on a few dozen new gTLD registries.

The NGPC passed a resolution on Monday approving an updated scorecard to send to the GAC. ICANN chair Steve Crocker delivered it to GAC chair Heather Dryden yesterday.

A “GAC scorecard” is a table of the GAC’s demands, taken from the formal advice it issues at the end of each public meeting, with the NGPC’s formal responses listed alongside.

The latest scorecard (pdf) addresses issues raised in the last five ICANN meetings, dating back to the Beijing meeting in April 2013.

The issues mainly relate to the GAC’s desire that certain new gTLDs, such as those related to regulated industries, be locked down much tighter than many of the actual applicants want.

One big point of contention has been the GAC’s demand that registrants in gTLDs such as .attorney, .bank and .doctor should be forced to provide a relevant licence or other credentials at point of sale.

The GAC’s exact words, from its Beijing communique (pdf), were:

At the time of registration, the registry operator must verify and validate the registrants’ authorisations, charters, licenses and/or other related credentials for participation in that sector.

However, when the NGPC came up with its first response, in November last year, it had substantially diluted the advice. The creative reinterpretation I mentioned earlier read:

Registry operators will include a provision in their Registry-Registrar Agreements that requires Registrars to include in their Registration Agreements a provision requiring a representation that the Registrant possesses any necessary authorisations, charters, licenses and/or other related credentials for participation in the sector associated with the Registry TLD string.

In other words, rather than presenting your medical licence to a registrar when buying a .doctor domain, registrants would merely assert they have such a licence on the understanding that they could lose their domain if they fail to present it on demand in future.

The GAC, which isn’t entirely stupid, spotted ICANN’s reimagining of the Beijing communique.

At the Singapore meeting this March, it issued a list of passive-aggressive questions (pdf) for the NGPC, noting that its Beijing advice had been “amended” by the board and wondering whether this would lead to “greater risks of fraud and deception” in new gTLDs.

ICANN’s response this week is quite lengthy.

The NGPC said it had “to balance many competing positions” when figuring out how to respond to the Beijing communique, and that it tried “to address all of the completing concerns in a way that respected the spirit and intent of the GAC’s advice.”

The committee gives a number of examples (starting on page 15 of this PDF) explaining why the GAC’s original demands would be unreasonably burdensome not only on registries and registrars but also on registrants.

Here’s one example:

consider a potential registrant that is a multinational insurance company seeking to register a domain name in the .insurance TLD. Suppose the multinational insurance company has locations in over 30 countries, including the United States and Kenya. If the potential registrant insurance company attempts to register a domain name in the .insurance TLD, would that trigger an obligation to verify and validate its credentials, licenses, charters, etc. in the location of its headquarters, or all of the places around the globe where it does business. Is it realistic for a Registry Operator or Registrar to have the knowledge and expertise to determine precisely what credentials or authorizations are required in every country around the world (and in every city, county or other political division if those political subdivisions also require credentials [e.g. in the United States, insurance is primarily regulated at the state level and require a license in each of the 50 states])?

The short version is that the NGPC isn’t budging on this particular issue.

Rather than backpedaling, it’s giving the GAC the reasons it disagreed with its advice and explaining how it attempted to at least comply with the spirit, if not the letter, of Beijing.

As far as I can tell, that seems to be the case in each of the 39 items in the new scorecard — explanation not capitulation. Read the full thing here.

ICANN approves reworked GAC advice over US concerns

Kevin Murphy, February 8, 2014, Domain Policy

No sooner had we reported on the US government’s complaint about ICANN’s reinterpretation of GAC advice on new gTLDs than it emerged that ICANN has already approved the plan.

The ICANN board’s New gTLD Program Committee on Wednesday approved a resolution on how to implement the so-called Category 1 advice the Governmental Advisory Committee came up with in Beijing last April. The resolution was published today.

The Category 1 advice calls for stronger regulation — stuff like forcing registrants to provide industry credentials at point of sale — in scores of new gTLDs the GAC considers particularly sensitive.

Despite US Department of Commerce assistant secretary Larry Strickling calling for more talks after ICANN substantially diluted some of the GAC’s Beijing communique, the NGPC has now formally approved its watered-down action plan.

Under the plan, registrants in gTLDs such as .lawyer and .doctor will have to “represent” that they are credentialed professionals in those verticals when they register a domain.

That’s as opposed to actually providing those credentials at point of registration, which, as Strickling reiterated in his letter, is what the GAC asked for in its Beijing communique.

The full list of eight approved “safeguards” (as interpreted from GAC advice by ICANN) along with the list of the gTLDs that they will apply to, can be found in this PDF.

US unhappy with ICANN, urges more delay to many new gTLDs

Kevin Murphy, February 8, 2014, Domain Policy

The US government is not pleased with ICANN’s rather liberal interpretation of Governmental Advisory Committee advice on new gTLDs and wants more talks about “safeguards”.

Not only that, but it wants to start talking to ICANN about extending safeguards applicable to new gTLDs to old gTLDs, presumably including the likes of .com, too.

A letter to ICANN from Department of Commerce assistant secretary Larry Strickling, obtained by DI today, calls for more talks before ICANN finalizes its handling of the GAC’s Beijing communique.

Strickling notes, as DI has previously, that ICANN softened the meaning of the advice in order to smooth its implementation.

as can be the case when translating GAC Advice to contractual provisions, the NGPC [the ICANN board’s New gTLD Program Committee] made adjustments to the GAC Advice that the United States believes could cause enforcement problems and as such merits further discussion. The National Telecommunications and Information Administration (NTIA), on behalf of the United States, is planning to raise these concerns for discussion at the March GAC meeting in Singapore and requests that ICANN take this fact into account before moving forward with applications for strings impacted by the relevant portions of GAC advice

The letter (pdf) was sent February 4, just a day before the NGPC held a meeting — the results of which we do not yet know — that had the GAC Advice on its agenda.

The New gTLD Applicants Group had urged the NGPC to finally put the GAC Advice to rest, highlighting the “heavy burden that the delay in the implementation of GAC Category 1 Advice has imposed upon affected applicants” in a letter last week.

The Category 1 advice, you may recall, comprised eight “safeguards” mandating policies such as industry engagement and registrant authentication, applicable to at least 386 gTLD applications.

Back in November, ICANN announced how it planned to handle this advice, but changed its meaning to make it more palatable to ICANN and applicants.

Those changes are what Strickling is not happy with.

He’s particularly unhappy with changes made to the GAC’s demand for many gTLDs to be restricted to only card-carrying members of the industries the strings seem to represent.

The GAC said in Beijing:

At the time of registration, the registry operator must verify and validate the registrants’ authorisations, charters, licenses and/or other related credentials for participation in that sector.

In other words, you’d have to provide your doctor license before you could register a .doctor domain.

But ICANN proposed to implement it like this:

Registry operators will include a provision in their Registry-Registrar Agreements that requires Registrars to include in their Registration Agreements a provision requiring a representation that the Registrant possesses any necessary authorisations, charters, licenses and/or other related credentials for participation in the sector associated with the Registry TLD string.

The doctor under this policy would only require the doctor to check a box confirming she’s a doctor. As Strickling said:

The NGPC has changed the GAC-coveyed concept of “verification and validation” to “representation”

Requirements for registries to mandate adherence to government regulations on the protection of financial and healthcare data are also his targets for further discussion.

What all this boils down to is that, assuming ICANN paid heed to Strickling’s letter, it seems unlikely that NTAG will get closure it so desperately wants until the Singapore meeting in late March — a year after the original Beijing communique — at the earliest.

In other words, lots of new gTLD applicants are probably going to be in limbo for a bit longer yet.

But Strickling also has another bombshell to drop in the final sentence of the letter, writing:

In addition, we will recommend that cross community discussion begin in earnest on how the safeguards that are being applied to new gTLDs can be applied to existing gTLDs.

So it seems the GAC is likely to start pressing to retroactively apply its new gTLDs advice to legacy gTLDs too.

Registrant verification in .com? Stricter Whois checks and enforcement? That conversation has now started, it seems.

ICANN makes GAC’s Category 1 new gTLD advice less stupid

Kevin Murphy, November 6, 2013, Domain Policy

After six months, ICANN is finally giving its Governmental Advisory Committee what it wants. Kinda.

The New gTLD Program Committee has quietly sent its plan to implement the GAC’s so-called “Category 1” advice on new gTLDs, which called for regulated gTLDs where applicants had applied for open namespaces.

But it’s rewritten the advice in such a way that it’s unlikely to win many fans in either camp, causing headaches for applicants while also falling short of giving the GAC everything it wanted.

In a letter to GAC chair Heather Dryden, ICANN chair Steve Crocker laid out the NGPC’s plan.

The Category 1 advice, which comprised eight “safeguards” applicable to at least 386 gTLD applications for 174 unique strings, has been rewritten, making it a little more palatable to the majority of applicants.

The list of strings has also been cut in two, with the 42 strings considered most often linked to highly regulated industries taking the brunt of the regulation.

These 42 may or may not find their business models killed off, but are certainly facing more friction as a result of the NGPC’s decision:

.abogado, .attorney, .autoinsurance, .bank, .banque, .bet, .bingo, .carinsurance, .casino, .charity (and Chinese IDN), .corp, .cpa, .creditcard, .creditunion, .dds, .dentist, .gmbh, .hospital, .inc, .insurance, .ira, .lawyer., .lifeinsurance, .llc, .llp, .lotto, .ltd, .ltda, .medical, .mutualfunds, .mutuelle, .pharmacy, .poker, .sal, .sarl, .spreadbetting, .srl, .surgery, .university, .vermogensberater, .versicherung

Each of these registries is going to have to sign up to eight new mandatory Public Interest Commitments, obliging them to engage with the industries associated with their strings, among other things.

And while the GAC wanted these strings to be limited to credential-holding members of those industries, ICANN seems to be giving the applicants much more implementation wiggle room.

The GAC had originally called for all 386 Category 1 registries to:

Establish a working relationship with the relevant regulatory, or industry self-regulatory, bodies, including developing a strategy to mitigate as much as possible the risks of fraudulent, and other illegal, activities.

But ICANN has reinterpreted the advice to make it a bit less onerous on applicants. It will also only affect 42 strings. The advice, now rewritten as a PIC, reads:

Registry operators will proactively create a clear pathway for the creation of a working relationship with the relevant regulatory or industry self-regulatory bodies by publicizing a point of contact and inviting such bodies to establish a channel of communication, including for the purpose of facilitating the development of a strategy to mitigate the risks of fraudulent and other illegal activities.

Does that PIC mean registries will actually be obliged to listen to or give policy-making power to the relevant industries on a formal basis? It’s ambiguous enough that the answer might easily be no.

The GAC had also called for some Category 1 gTLDs to become restricted to card-carrying members of the industry or industries the strings relate to, saying in Beijing:

At the time of registration, the registry operator must verify and validate the registrants’ authorisations, charters, licenses and/or other related credentials for participation in that sector.

ICANN has basically rejected that advice, replacing it instead with the much more agreeable (to registries) text:

Registry operators will include a provision in their Registry-Registrar Agreements that requires Registrars to include in their Registration Agreements a provision requiring a representation that the Registrant possesses any necessary authorisations, charters, licenses and/or other related credentials for participation in the sector associated with the Registry TLD string.

You’ll notice that the ICANN version does not require credentials to be provided at the point of registration. In fact, the PIC seems to require nothing more than a check-box that the registrant must click.

This is obviously tolerably good news for applicants that had proposed unrestricted policies for their gTLDs — they no longer face the kiss of death in the registrar channel that the GAC’s version would have created — but let’s not pretend it’s what the GAC had asked for.

Again, it only applies to the 42 strings ICANN has identified as particularly broadly regulated.

These registries are not getting an easy ride, however. They will have to enforce a post-registration regime of verifying credentials in response to complaints. The new ICANN PIC reads:

If a Registry Operator receives a complaint expressing doubt with regard to the authenticity of licenses or credentials, Registry Operators should consult with relevant national supervisory authorities, or their equivalents regarding the authenticity.

It’s implied, but not stated, that uncredentialed registrants should lose their domains. Again, the ICANN version of the GAC advice may be less of a nightmare to implement, but it’s still very vague indeed.

For any Category 1 applicant that is not on the sub-list of 42 sensitive strings, there will be three new PICs to adopt.

These all instruct the registry to require registrars to get registrants to agree to abide by “all applicable laws”. It’s the kind of stuff that you usually find in registration agreements anyway, and doesn’t appear at first look to present any hugely problems for registries or registrars.

Overall, ICANN seems to have done a pretty good job of making the Category 1 advice less onerous, and applicable to fewer applicants, than the GAC originally wanted.

But applicants for the 42 strings most heavily affected still face some vague contractual language and the very real possibility of industry complaints in future.

  • Page 1 of 2
  • 1
  • 2
  • >