ICANN is ramping up its focus on contractual compliance in the midst of calls for domain industry offenders to “go to jail”.
CEO Fadi Chehade yesterday revealed that he has has promoted chief contracting counsel Allen Grogan to the newly created role of chief contract compliance officer.
Grogan, who Chehade has worked with off and on since 1991, will report directly to him. Maguy Serad, who has been heading compliance under Chehade for the last couple of years, will now report to Grogan.
In a session with the GNSO Council at the ICANN 51 public meeting in Los Angeles yesterday, Chehade said the appointment was part of a new “strategic, analytical” approach to compliance.
It was hinted that the compliance focus may form part of Chehade’s address at the formal opening ceremony of ICANN 51 later today.
Ron Andruff of the Business Constituency made the “jail” comments in response.
“We need to see action, we need to see teeth,” he said. “We never see any really strong action taken and it’s time we did. It’s time we saw people go to jail for doing things, lose their contracts for doing things.”
“We’ve lived through 15 years of ICANN with all manner of transgressions, some very serious ones, but they all get slid off to the side and there’s never any mention of it,” he said.
“Should someone be the recipient of extremely strong actions — losing their contract, being thrown out the community — that would send a signal,” he said.
Andruff appeared to be relating comments made by the Intellectual Property Constituency’s Kristina Rosette, at a private Commercial Stakeholders Group meeting earlier that day.
However, Rosette was quick to take to Twitter to deny she’d said anything about jail time.
Um, I never said anything about people going to jail for compliance breaches. Yikes.
— Kristina Rosette (@kristinarosette) October 12, 2014
Chehade, in reply to Andruff, agreed with the need for action but clarified what he plans to do.
“It doesn’t mean to create a police force, that’s not what we need,” he said. “What we need is thoughtful, analytical analysis.”
“It doesn’t mean we’re going to take the job of all the global consumer protection agencies,” he said earlier in the session.
The notion of ICANN having the power to directly jail somebody is of course laughable — all of its power comes from its contracts with registrars and registries.
However, it’s not beyond the bounds of possibility that ICANN could refer registrars to law enforcement should it come across suspected illegality in the course of its compliance investigations.
ICANN Compliance currently employs 21 people and deals with 5,000 complaints per month, Chehade said.
In the last year, the number of breach, suspension and termination notices against registrars has been on the increase.
ICANN has suspended the accreditation of Korean registrar Dotname Korea over failures to comply with Whois accuracy rules.
The company was told this week that it will lose the ability to sell names for three months.
“No new registrations or inbound transfers will be accepted from 7 October 2014 through 5 January 2015,” ICANN compliance chief Maguy Serad told the company (pdf).
The suspension follows breach notices earlier in the year pertaining to Dotname’s failure to show that it was responding adequately to Whois inaccuracy complaints.
Other breaches of the Whois-related parts of the 2013 Registrar Accreditation Agreement were also alleged.
The company has until December 16 to show compliance of face the possibility of termination.
Telefonica Brasil, part of the massive Telefonica group of telecoms companies, has lost its registrar accreditation after failing to pay its ICANN fees.
The company, which had revenue last year of $14.6 billion, is facing termination of its Registrar Accreditation Agreement over the pitiful sum of $3,082.12.
It’s also embarrassing because Telefonica is applying for the new gTLD .vivo, its consumer brand in Brasil, which will require it to sign a Registry Agreement with ICANN.
I don’t think the loss of the RAA affects the company’s ability to get its gTLD contracted and delegated.
According to ICANN (pdf), Telefonica also failed to comply with the Registrar Information Specification, a pretty basic rule in the 2013 Registrar Accreditation Agreement requiring registrars to provide their address and names of officers and any parent companies.
The company has no gTLD names under management, so registrants will not be affected by the termination, which will take effect September 25.
ICANN sent its initial breach notice in July, but Telefonica did not comply before the August deadline. It also received a breach notice over an unpaid $10,000 bill a year ago.
The beneficiary of the long-running Domain Registry of America scam is finally at risk of losing its ICANN accreditation.
ICANN has suspended Brandon Gray Internet Services, which does business as NameJuice.com, due to the “deceptive” marketing practices carried out by its “resellers”.
The company won’t be able to register any gTLD names or receive transfers for 90 days.
If NameJuice hasn’t sorted out its act by October 17, it faces the risk of losing its accreditation permanently.
The company, you will recall, is the primary beneficiary of the “slamming” scam, which tricks customers of other registrars into transferring their names with confusing, invoice-style junk mail.
Slammers have been operating under various names including Domain Registry of America, Domain Registry of Europe and Domain Registry of Canada for close to 15 years.
I received one in 2011 from the “Domain Renewal Group”, which I blogged about here.
It was sued by Register.com in 2002 over the practice, was forced into a settlement with the US Federal Trade Commission in 2003, and has been involved in tangles with regulators all over the world for the last decade.
But it seems ICANN’s hands were tied until Brandon Gray signed the new 2013 Registrar Accreditation Agreement, which gives ICANN’s compliance department more power over resellers.
Since at least 2009, ICANN has received numerous complaints from Registered Name Holders, registrars, and various ICANN Supporting Organizations and Advisory Committees regarding the business solicitation practices of Brandon Gray’s resellers. Such practices were not specifically prohibited under the 2001 and 2009 RAAs. Section 3.12 of the 2013 RAA, however, requires registrars to ensure its reseller’s actions comply with the RAA, as well as the Registrants’ Benefits and Responsibilities Specification, which protects Registered Name Holders from false or deceptive practices.
ICANN fingered “reseller” Registration Services Inc as the party behind DROA and the other slamming scams.
In order to cure the latest breach, NameJuice has until August 8 to provide a tonne of information about Registration Services, including its certificate of incorporation, samples of its mailshots, and details of how a sample of specific domains came to be transferred.
In order to avoid losing its accreditation by October 10, the company will also have to promise to force its reseller to stop its deceptive marketing and provide ICANN with samples of future mailings.
NameJuice has 13 tasks in total to comply with to avoid termination proceedings; it’s looking promising that ICANN will finally shut down this blight on the industry just a few months from now.
The irony is, of course, if NameJuice loses its accreditation, all of the names that were obtained under false pretenses will not revert naturally to their original registrar. Instead, if ICANN follows its standard practice, they’ll be transferred in bulk to a third registrar.
Almost half of accredited domain name registrars were found “deficient” during a recent ICANN compliance survey.
Results of an audit published today show that 146 of 322 registrars (45%) picked at random for the September 2013 to May 2014 study had to carry out some form of remediation in order to comply with their contracts.
The report comes at the end of the second year of ICANN’s audit program, which aims to bring all accredited registrars and gTLD registries into compliance over three years.
The deficiencies noted at 146 registrars cover areas ranging from compliance with ICANN consensus policies to the availability of Whois services over the web and port 43.
In almost every instance the numbers were down on last year.
For example, ICANN documented 86 registrars who could not initially show compliance with requirements on the retention of registrant data, down from 105 a year ago.
Only 15 registrars of the 322 (4.6%) flunked the audit and will be re-tested. The others were all able to bring their systems into line with ICANN’s requirements during the course of the audit.
Three registrars were terminated as a result of deficiencies identified during this phase of the program.
The full report, along with the list of participating registrars, can be found here.