A Chinese registrar has been accused by ICANN of playing games to avoid complying with Whois policy.
In a breach notice from ICANN Compliance last week, Beijing-based 35 Technology is told that it has failed to verify Whois records as required by its accreditation agreement.
The domain in question was shoesbbalweb.com, which DomainTools’ archived screenshots show was once used to sell branded running shoes.
I understand that 35 is believed to have suspended the domain when ICANN first referred a Whois accuracy complaint to it.
It is then said to have un-suspended the domain, without any change to the Whois record, as soon as ICANN closed the complaint.
The breach notice (pdf) instructs 35 to:
Provide records and information demonstrating that 35 Technology took steps to verify and validate the Whois information of the domain name
since 23 March 2015, or provide ICANN with an explanation why the domain name suspension was removed without verifying and validation Whois information
The switcheroo appears to have been brief enough that its suspended state was not recorded by DomainTools.
ICANN has a monitoring program, however, that randomly spot-checks previously complained-about domains for ongoing compliance.
The registrar, which does business at 35.com, is not tiny. It had over 450,000 domains under management, in legacy gTLDs and a handful of Chinese-script new gTLDs, at the last count.
It has until the end of the month to explain itself or risk termination.
ICANN should resist attempts to turn the organization into a content regulator responsible for fighting piracy, counterfeiting and terrorism.
That’s according to CEO Fadi Chehade, speaking in Dublin yesterday at the opening ceremony of ICANN’s 54th public meeting.
His remarks have already solicited grumbles from members of the intellectual property community, which are eager for ICANN to take a more assertive role against registries and registrars.
Speaking to a packed auditorium, Chehade devoted a surprisingly large chunk of his opening address to the matter of content policing, which he said was firmly outside of ICANN’s remit.
He presented this diagram, breaking up the internet into three layers. ICANN plays in the central “logical” section but has no place in the top “societal” segment, he said.
“Where does ICANN’s role start and where does ICANN’s role stop?” Chehade posed. “It’s very clear Our remit starts and stops in this logical yellow layer. We do not have any responsibility in the upper layer.”
“The community has spoken, and it is important to underline that in every possible way, ICANN’s remit is not in the blue layer, it is not in the economic/societal layer,” he said. This is a technical organization.”
That basically means that ICANN has no responsibility to determine which web sites are good and which are bad. That’s best left to others such as the courts and governments.
Chehade recounted an anecdote about a meeting with a national president who demanded that ICANN shut down a list of terrorism-supporting web sites.
“We have no responsibility to render judgement about which sites are terrorists,” he said, “which sites are the good pharmacies, which sites are the bad pharmacies, which sites are comitting crimes, which sites are infringing copyrights…”
“When people ask us to render judgement on matters in the upper layer, we can’t.”
With that all said, Chehade added that ICANN should not shirk its duties as part of the ecosystem, whether through voluntary measures at registries and registrars or via contractual enforcement.
“Once determinations are made, how do we respond the these?” he said. “I hope, voluntarily.”
He gave the example of credit card companies that voluntarily stop doing business with web sites that have been reported to be involved in crime or spam.
The notion of registrars adhering to a set of voluntary principles was first floated by ICANN’s chief compliance officer, Allen Grogan, in a blog post earlier this month.
It was the one bone he threw to IP interests in a determination that otherwise came down firmly on the side of registrars.
Grogan had laid out a minimum set of actions registrars must carry out when they receive abuse reports, none of which contained a requirement to suspend or delete domain names.
The Intellectual Property Constituency appeared to greet Chehade’s speech with cautious optimism, but members are still pushing for ICANN to take a stricter approach to contract compliance.
In a session between the IPC and the ICANN board in Dublin this morning, ICANN was asked to make these hypothetical voluntary measures enforceable.
Marc Trachtenberg disagreed with Chehade’s credit card company example.
“The have an incentive to take action, which is the avoidance of future potential costs,” he said. “That similar incentive does not exist with respect to registries and registrars.”
“In order for any sort of voluntary standards to be successful or useful, there have to be incentives for the parties to actually comply with those voluntary standards,” he said.
“One possibility among many is a situation where those registries and registrars that don’t comply with the voluntary standards are potentially subject to an ICANN compliance action,” he said.
It’s pretty clear that this issue is an ongoing one.
Chehade warned in his address yesterday that calls for ICANN to increase its policing powers will only increase when and if its IANA contract is finally divorced from US government oversight.
Grogan will host a roundtable tomorrow at 10am Dublin time to discuss possible voluntary mechanisms that could be created to govern abuse.
In one of the ongoing battles between registrars and the intellectual property lobby, ICANN’s compliance department seems to have sided with the registrars, for now.
Registrars will not be forced to suspend domain names when people complain about abusive or illegal behavior on the associated web sites, according to chief contract compliance office Allen Grogan.
The decision will please registrars but will come as a blow to the likes of music and movie studios and those who fight to shut down dodgy internet pharmacies.
Grogan yesterday published his interpretation of the 2013 Registrar Accreditation Agreement, specifically the section (3.18) that obliges registrars to “investigate and respond appropriately” abuse reports.
The IP crowd take this to mean that if they submit an abuse report claiming, for example, that a web site sells medicines across borders without an appropriate license, the registrar should check out the site then turn off the domain.
Registrars, on the other hand, claim they’re in no position to make a judgment call about the legality of a site unless presented with a proper court order.
Grogan appears to have taken this view also, though he indicated that his work is not yet done. He wrote:
Sometimes a complaining party takes the position that that there is only one appropriate response to a report of abuse or illegal activity, namely to suspend or terminate the domain name registration. In the same circumstances, a registrar may take the position that it is not qualified to make a determination regarding whether the activity in question is illegal and that the registrar is unwilling to suspend or terminate the domain name registration absent an order from a court of competent jurisdiction. I am continuing to work toward finding ways to bridge these gaps.
It’s a testament to how little agreement there is on this issue that, when we asked Grogan back in June how long it would take to provide clarity, he estimated it would take “a few weeks”. Yet it’s still not fully resolved.
His blog post last night contains a seven-point checklist that abuse reporters must conform to in order to give registrars enough detail to with with.
They must, for example, be specific about who they are, where the allegedly abusive content can be found, whose rights are being infringed, and which laws are being broken in which jurisdiction.
It also contains a six-point checklist for how registrars must respond.
Registrars are only obliged to investigate the URL in question (unless they fear exposure to malware or child abuse material), inform the registrant about the complaint, and inform the reporter what, if anything, they’ve done to remediate the situation.
There’s no obligation to suspend domains, and registrars seem to have great leeway in how they treat the report.
In short, Grogan has interpreted RAA 3.18 in a way that does not seem to place any substantial additional burden on registrars.
He’s convening a roundtable discussion for the forthcoming ICANN meeting in Dublin with a view to getting registrars to agree to some non-binding “voluntary self-regulatory” best practices.
ICANN has suspended OpenTLD’s ability to sell gTLD domain names for the second time, following an arbitration ruling yesterday.
OpenTLD, part of the Freenom group, will not be able to sell gTLD names or accept inbound transfers from tomorrow — about two hours from now — to November 24, according to ICANN’s web site.
That doesn’t give the company much time to make the required changes to its web site and registrar systems.
As reported earlier today, OpenTLD lost its battle to have the suspension frozen in arbitration with ICANN.
The arbitrator agreed with ICANN Compliance that the registrar cybersquatted its competitors and has not yet done enough to ensure that it does not do the same again in future.
Free domains provider OpenTLD has been dealt a crushing blow in its fight against the suspension of its Registrar Accreditation Agreement.
ICANN is now free to suspend OpenTLD’s RAA, due to the company’s “pattern of cybersquatting”, following a decision by an independent arbitrator.
The arbitrator ruled yesterday that OpenTLD’s suspension should go ahead, because “OpenTLD’s continued operation could potentially harm consumers and the public interest.”
The 90-day suspension was imposed by ICANN Compliance in June, after it became aware that OpenTLD had lost two UDRP cases filed by competing registrars.
WIPO panelists found in both cases that the company had infringed its competitors’ trademarks in order to entice resellers over to its platform.
The suspension was put on hold voluntarily by ICANN, pending the arbitrator’s ruling on OpenTLD’s request for emergency stay. That request was conclusively rejected yesterday.
The arbitrator wrote:
the Arbitrator has little doubt that the multiple abusive name registrations made by OpenTLD, each of which included the registered mark of a competing domain name registrar and OpenTLD’s subsequent use of those domains… formed part of a broad concerted effort by OpenTLD calculated to deliberately divert name registration business, otherwise destined for competing domain name registrars… away from those registrars to OpenTLD instead.
He wrote that OpenTLD needs to put a process in place to prevent similarly cybersquatty behavior in future, rather than just making a commitment to changing its ways.
It’s pretty harsh stuff.
OpenTLD said recently that a suspension would “devastate” and “decimate” its business, due to the intertwining of its massive ccTLD business and rather smaller gTLD platform, but the arbitrator thought a technology workaround would be rather simple to implement.
No RAA means no gTLD sales and no inbound transfers.
OpenTLD is part of Freenom, which runs .tk and other free-to-register ccTLDs.
The company’s only ray of sunlight in the ruling is that the arbitrator said the costs of the proceeding should be split equally, not all falling on OpenTLD’s shoulders.
ICANN has not yet re-instituted the suspension, but it could come soon.
The full ruling can be read here.