Latest news of the domain name industry

Recent Posts

Registries reject lower fees for anti-abuse prowess

Kevin Murphy, February 16, 2018, Domain Policy

Registries have largely rejected a proposal for them to be offered financial incentives to lower the amount of abuse in their gTLDs.

That’s despite the idea gaining broad support from governments, intellectual property interests and restricted-registration registries.

The concept of ICANN offering discounted fees to registries that proactively fight abuse was floated by the Competition, Consumer Trust, and Consumer Choice Review Team (CCT) back in November.

It recommended in its draft report, among other things:

Consider directing ICANN org, in its discussions with registries, to negotiate amendments to existing Registry Agreements, or in negotiations of new Registry Agreements associated with subsequent rounds of new gTLDs to include provisions in the agreements providing incentives, including financial incentives for registries, especially open registries, to adopt proactive anti-abuse measures.

“Proactive” in this case would mean measures such as preventing known bad actors from registering domains, rather than just waiting for complaints to be filed.

Given that registries have been calling for lower ICANN fees in other instances, one might expect to see support from that constituency.

However, the Registries Stakeholder Group said in a document filed to ICANN’s public comment period on the CCT’s latest recommendations that, it “opposes” the idea of such financial incentives. It said:

The RySG supports recognizing and supporting the many [registry operators] that take steps to discourage abuse, but opposes amending the RA as recommended, to mandate or incentivize ‘proactive’ anti-abuse measures.

The RySG complained that such a system would require lots of complex work to arrive at a definition of abuse and what kinds of measures would qualify as “proactive”.

Even if such definitions could be found, and amendments to the standard RA successfully negotiated, there’s still no guarantee that bad registries would sign up for the incentives or stick to their promises, “resulting in no net improvement to the current situation”, the RySG said.

The group is also concerned that adding more anti-abuse clauses to the RA could increase registries’ risk of liability should they be sued over abuse carried out by their customers.

Not all registries agreed with the RySG position, however.

The informal Verified Top-Level Domains Consortium, which comprises the two registries behind .bank, .insurance and .pharmacy, filed comments supporting the proposal.

It said that gTLDs with vetted eligibility requirements see no abuse but have lower registration volumes and therefore pay higher ICANN fees on a per-domain basis. It said:

ICANN should help to offset these costs to create a more level playing field with high-volume unrestricted registries, i.e., to enhance competition as well as consumer trust. If ICANN made it more financially advantageous to verify eligibility, other registries may be encouraged to adopt this model. The outcome would be the elimination of abuse in these verified TLDs.

Outside of the industry itself, the Governmental Advisory Committee and IP interests such as the Intellectual Property Constituency and INTA, filed comments supporting anti-abuse incentives.

The IPC “strongly” supported the recommendation, but added that the finer details would need to be worked out to ensure that lower ICANN fees did not translate automatically to lower registration fees and therefore more abuse.

Shocking nobody, it added that “abuse” should include intellectual property infringements.

Conversely, the Non-Commercial Stakeholders Group said it “strongly” opposes the recommendation, on the basis that it would push ICANN into a “content policeman” role in violation of its technical mandate:

ICANN is not a US Federal Trade Commission or an anti-fraud unit or regulatory unit of any government. Providing guidance, negotiation and worse yet, financial incentives to ICANN-contracted registries for anti-abuse measures is completely outside of our competence, goals and mandates. Such acts would bring ICANN straight into the very content issues that passionately divide countries — including speech laws, competition laws, content laws of all types. It would invalidate ICANN commitments to ourselves and the global community. It would make ICANN the policemen of the Internet, not the guardians of the infrastructure. It is a role we have sworn not to undertake; a role beyond our technical expertise; and a recommendation we must not accept.

Also opposed to incentivizing anti-abuse measures was the Messaging, Malware and Mobile Anti-Abuse Working Group (an independent entity, not an ICANN working group), which said there’s no data to support such a recommendation.

The reports provide no data that showcase what the implications of altering the economic underpinnings of a highly competitive market may entail, including inadvertent side effects such as registries that already sell low price domains being rewarded with lower ICANN fees. In fact, it may ultimately result in a race to the bottom and higher rates of domain abuse.

Instead, M3AAWG said that ICANN should concentrate is contractual compliance efforts on those registries that the data shows already have large amounts of abuse — presumably meaning the likes of .top, .gdn and the Famous Four Media stable.

ICANN itself filed a comment on the proposal, pointing out that it is not able to unilaterally impose anti-abuse measures into registry agreements.

One imagines that lowering fees at a time when its own budget is under a lot of pressure would probably not be something ICANN would be eager to implement.

These comments and more were summarized in ICANN’s report on the CCT public comment period, published yesterday. The comments themselves can be found here.

The comments feed back into the CCT review team’s work ahead of its final report, which is due to be published some time during Q1.

Under its bylaws, the CCT review is one of the things that ICANN has to complete before it opens the next round of new gTLD applications.

ICANN urged to crack down on new gTLD abuse

Kevin Murphy, November 29, 2017, Domain Registries

Registries selling dirt-cheap new gTLD domains should be rewarded with lower ICANN fees when they get proactive about abuse, while registrars that turn a blind eye to spammers should be suspended, an ICANN working group will recommend.

In its second batch of findings, the Competition, Consumer Trust, and Consumer Choice Review Team (CCT) said that financial incentives and a new complaints procedure should be used to persuade registries and registrars to fight DNS abuse.

The CCT said it “proposes the development of incentives to reward best practices preventing technical DNS abuse and strengthening the consequences for culpable or complacent conduits of technical DNS abuse” in a paper published today.

The review, which drew on multiple sources of market and abuse data, original research, and analysis of third-party research, is probably the most comprehensive study into the impact of the new gTLD program to date.

It concluded that overall rates of DNS abuse did not increase as a result of the program, but that bad actors are increasingly migrating away from legacy gTLDs such as .com to 2012-round TLDs such as .top, .gdn and Famous Four Media’s stable.

Indeed, much of the paper appears to be a veiled critique of FFM’s practices.

The registrar AlpNames, known to be affiliated with FFM and responsible for most of its retail sales, is singled out as the currently accredited registrar particularly favored by abusers.

The CCT report notes that AlpNames regularly sells domains for under $1, or gives them away for free, and offered a tool allowing registrants to randomly generate up to 2,000 available domains in 27 different gTLDs, pretty much inviting abuse.

“Certain registries and registrars appear to either positively encourage or at the very least willfully ignore DNS abuse. Such behavior needs to be identified rapidly and action
must be taken by ICANN compliance as deemed necessary,” the paper says.

The review found that gTLDs with no registration restrictions and the lowest prices had the most abuse. Duh.

“Generally, the DNS Abuse Study indicates that the introduction of new gTLDs did not increase the total amount of abuse for all gTLDs,” its report says. “[F]actors such as registration restrictions, price, and registrar-specific practices seem more likely to affect abuse rates.”

Drawing on data provided by 11 domain block-lists (SURBL, SpamHaus, etc), the paper states that at least one TLD (FFM’s .science) had an abuse rate excess of 50%.

Using SpamHaus data, the paper identities FFM’s .science, .stream, .trade, .review, .download and .accountant as having over 10% abuse during the period of its study. Also on that list: Uniregistry’s low-price .click and the China-based .top and .gdn.

One thing they all have in common is that AlpNames is a leading registrar, usually accounting for at least a quarter of domains under management.

There’s no way AlpNames/FFM is not aware of the amount of bad actors in its customer base, the question is what can ICANN do about it?

The CCT team recommends that registries and registrars with over 10% of their names used for abusive purposes should be tasked by ICANN with proactively cleaning up their zones. Those that fail to do so should be subject to a new Domain Abuse Dispute Resolution Process, it said.

These companies should have their contracts suspended when they’re “associated with unabated, abnormal and extremely high rates of technical abuse”, the report recommends.

There’s a big boilerplate specifying, tellingly, that registry operators that control registrars are affected by this recommendation too.

It should be noted that there was not a full consensus of support for the idea of a DADRP. Half a dozen working group members filed minority statements opposing it.

It’s not all stick in the report, however. There’s some carrot, too.

The CCT report recommends financial incentives such as fee reductions for registries that have “proactive anti-abuse measures” in place.

It noted that there is precedent for ICANN doing this kind of thing when it implemented an anti-tasting policy that seriously restricted registrars’ ability to get registry refunds.

The CCT Review Team was formed to figure out what impacts the 2012 new gTLD round had on the domain name market.

The completion of its work is one of several gating factors to the next new gTLD application round under ICANN’s new bylaws and the old Affirmation of Commitments with the US government.

It published initial recommendations earlier this year. This new set of recommendations is now open for public comment until January 8.