ICANN 71 is online-only, because of course it is

ICANN has called off plans to conduct its 71st public meeting in the Netherlands this June.

Blaming the ongoing coronavirus pandemic, the risk to safety and travel restrictions, ICANN confirmed last week that the venue will again be Zoom, rather than The Hague.

It will be the fifth consecutive meeting to go online-only.

The dates will remain the same — June 14 to June 17 — and the European time zone of course means that folks at ICANN HQ in Los Angeles will once again be working throughout the night.

ICANN 70, relocated from Cancun, begins next Monday.

ICANN 70 has virtual schwag, other new stuff

It may not make up for the lack of sun, sea, sand and sexual abstinence, but the ICANN 70 meeting, taking place this month on Zoom instead of Cancun, Mexico, does have a few new enticements that may tickle your fancy.

It’s also beginning to look like ICANN 70 won’t be the last of ICANN’s public meetings this year to be online-only.

At the trivial end of the spectrum, attendees get a virtual schwag bag containing unsponsored, printable collectibles including: two versions of a do-not-disturb door sign, a name badge, and two types of origami paper airplanes.

Equally trivially, ICANN appears to trying to foster a sense of remote community by encouraging attendees to take photographs of their food and post them to social media with the hashtag #icannchef. Because it’s 2009, apparently.

A bit more substance comes with the promise of private breakout rooms, which ICANN described in a blog post.

Apparently attendees will be able to create their own private rooms, containing multiple parties, whether it’s for social or business or policy-making purposes.

While ICANN 70 Prep Week started this week, that feature doesn’t appear to be live yet, or is so well-hidden that I couldn’t find it.

I can see this being potentially useful for meetings that take longer than the time allotment Zoom gives you for free, but I’m not sure I’d want to hold any super-sensitive meetings on a platform configured by ICANN, given its track record.

Other new features include the ability to listen in to live interpretation in the supported languages during the supported sessions, natively via the Zoom interface.

ICANN’s also turning on Zoom’s often hilarious, automated real-time transcription service, for sessions that don’t receive the usual human-assisted scribe service.

The Org has been adding features to its online platform bit-by-bit since the coronavirus pandemic forced the community into virtual mode a year ago.

It’s unlikely to be the last time ICANN meets in an online-only fashion. The board of directors is to meet tomorrow to consider the fate of ICANN 71, which is currently scheduled to take place in The Hague in June.

While some countries may well be approaching some level of pre-pandemic normality by then, ICANN is an international organization and the maxim “Nobody’s safe until we’re all safe” probably applies here.

Coronavirus has made ICANN $11 million richer than predicted so far this year

ICANN made a lot more money and spent a lot less money in the second half of 2020, compared to the predictions made in its current budget.

Funding for the six months from July 1 to December 31 (the first half of ICANN’s fiscal 2021) came in $6 million higher than expected, at $69 million, according to data released by ICANN tonight.

Over the same period, its outgoings came in at $55 million, which was $5 million less than its approved budget had anticipated, leading to a net gain of $11 million.

The reason for the variance appear to be mostly related to the unanticipated positive impacts of the coronavirus pandemic.

Last April, when the FY21 budget was being drafted, ICANN thought the economic impact of the disease would prove a serious blow to the industry that funds it.

But the opposite turned out to be true. ICANN failed to predict that the government-enforced lockdown of large parts of the high street in many countries would see a rush by small bricks-and-mortar businesses to the interwebs.

This boosted domain growth for many companies and led to an increase in ICANN transaction taxes fees, which are paid whenever a domain is registered, renewed or transferred.

ICANN’s revenue was up across all three main segments in H1 FY21, when compared to its budget expectations.

Registry transaction fees were $2 million over budget at $27 million, and registrar transaction fees were also over by $2 million at $18 million. Registry and registrar fixed fees were also up by $1 million each, suggesting fewer companies terminated their contracts than expected.

“Funding higher than Budget driven by higher than planned transaction fees”, an ICANN slide deck (pdf) states.

On the expenses side, ICANN of course spent less cash on its meetings because it wasn’t subsidizing international flights and expensive hotels for 500-odd staff and community members.

“Lower Travel & Meetings due to travel restrictions from the COVID-19 pandemic”, the slide deck states.

Travel expenses, rounded, accounted for 0% or $0 of its H1 expenditure.

When the budget was passed in June last year, ICANN still thought it was possible that the October meeting would go ahead in-person in Hamburg, so it put aside $4.2 million to pay for it.

As it turned out, the Org ended up spending $100,000 on Zoom and other audiovisual services and another $400,000 on translation and interpretation services. And that was all.

The $2.2 million it expected to pay sending staff and community members to Hamburg came in at $0.

ICANN’s adopted budget for FY21 also anticipated the March 2021 meeting would go ahead in Cancun, Mexico, but that’s already been rescheduled for Zoom, which will save it a few million more bucks this year.

The Org hasn’t yet officially relocated its planned June 2021 in-person meeting from The Hague to Zoom, but I’m fairly confident it’s going to have to.

Its $12.2 million travel budget for FY21 is probably going to come in much closer to $2 million.

Lockdown bump sees GoDaddy double customer gains in 2020

GoDaddy almost doubled its rate of customer acquisition in 2020, compared to 2019, as pandemic-related lockdown measures pushed more small businesses online.

The company last week reported that it added 1.4 million customers last year, a 7% year-on-year growth but almost double the number it added the previous year.

It ended the year with 20.6 million customers, up from 19.3 million 12 months prior.

Recognizing that coronavirus restrictions in various parts of the world were increasing demand for domains, hosting and related services, the market-leading registrar upped its marketing spend to make sure it captured as many customers as possible.

It spent $438.5 million on marketing last year, up from $345.6 million in 2019.

Its full-year revenue from domains grew from $1.35 billion to $1,51 billion. Including its other segments, company revenue was up to $3.31 billion from $2.98 billion, an 11% increase.

Domains revenue for the fourth quarter was $402.2 million, up 14.2% on Q4 2019. Total revenue for the quarter was $873.9 million, up 12.0%.

ICANN axes Cancun again. Apparently there’s a pandemic

ICANN has formally confirmed that its seventieth public meeting will be online-only, disappointing restaurateurs and sex workers in Cancun, Mexico for the second year running.

The meeting will also be mercifully shorter, with two days cut from its running time. The new dates are March 22 to March 25. Thankfully, ICANN actually announced the date change this time around.

ICANN top brass had indicated as far back as October that Cancun was very unlikely to go ahead as an in-person meeting.

It will be the fourth consecutive meeting to be held via Zoom since the coronavirus pandemic began a year ago. My guess is it won’t be the last.

The next meeting this year is slated to take place in The Hague in late June, but I think only an strident optimist or denialist could imagine that actually happening.

It’s pandemic continuity versus gender diversity in ICANN’s board wish-list

ICANN’s Nominating Committee will be asked to pit two fundamentally opposed principles against each other when they pick three members of the organization’s board of directors this year.

Board chair Maarten Botterman has asked NomCom to prioritize continuity — keeping experienced directors in place — while also increasing gender diversity in the male-heavy current line-up.

Botterman this week sent a letter (pdf) to NomCom chair Ole Jacobsen, offering guidance virtually identical to that found in a December 2019 letter (pdf) to his predecessor.

The two most significant changes concern the impact on the board’s work of the coronavirus pandemic.

Noting that it typically takes a year or two for new directors to learn the ropes, and that it’s useful to have a staggered mix of tenures among the board, Botterman goes on to say:

Continuity is particularly important this year given the recent departure of the Board’s longest-serving, term- limited member and the ongoing challenges arising from the pandemic, including uncertainties about when the full Board may be next able to move from its current remote schedule to in-person meetings.

The long-serving member who left was presumably Chris Disspain, certainly one of the most active directors in recent years.

Later, Botterman’s letter contains an entirely new paragraph explaining what a time vampire ICANN directorship can be:

We underscore the significant time commitment required of Board members. Applicants must be able to devote weeks and long hours throughout the year to Board service, and even more because of the challenges caused by the pandemic. Among many other key initiatives, one focus in the upcoming year will be understanding and evaluating the expected recommendations from the policy development process on Subsequent Procedures regarding the next round of new gTLDs (as well as implementation of several Board-approved recommendations from community groups).

That, at least, should provide some comfort to those champing at the bit to get the next round of new gTLDs up and running — ICANN clearly expects it to happen at some point in the next four years.

So there’s a definite, newly emphasized focus on continuity at ICANN.

That’s good news for Lito Ibarra, Danko Jevtović and Tripti Sinha, the three NomCom appointees whose current terms end this coming October. Ibarra is on his second three-year term, the other two on their first. All are eligible for reselection.

The Botterman letter is less encouraging for Ibarra and Jevtović, who are men. ICANN is still seeking to increase gender diversity on its board, which only currently has five female voting members of 16 total directors.

While the wording is slightly different to the 2020 guidance, the essence is the same:

The ICANN community has also expressed strong support for efforts to increase diversity along several axes, especially including gender diversity, across the ICANN eco-system. Without compromising the fundamental requirement to have Board members with the necessary integrity, skills, experience, the Board would find it helpful to have greater gender diversity on the Board.

NomCom may find this pressure is relieved slightly by the fact that current ccNSO representative to the board, Nigel Roberts, is being replaced by Katrina Sataki of the Latvian ccTLD registry this October, following an election last month.

The Address Supporting Organization’s rep, Ron Da Silva, is also ending his current term this year. He’s up for reselection against nine other candidates, three of whom are female.

GoDaddy pranks employees with “insensitive” phishing test

GoDaddy has apologized to its staff after teasing them with a $650 Christmas bonus that turned out to be nothing but a test of whether they could be duped into handing over their sensitive personal info.

Employees worldwide reportedly received emails promising the bonus December 14 from an official-looking but presumably spoofed address.

Those who clicked through and filled out a form with their personal data received a second email a few days later informing them they’d actually just failed a “phishing test” and would “need to retake the Security Awareness Social Engineering training.”

Around 500 staff reportedly failed the test.

But many were pissed off that the company would dangle a bonus, only to snatch it away, just a week before Christmas and at a time when the coronavirus pandemic has caused many to fear for their livelihoods.

While GoDaddy rode out the pandemic just fine, it laid off hundreds, regardless.

After the prank last week attracted media attention, the company apologized to its employees, saying in a statement sent to the AFP:

GoDaddy takes the security of our platform extremely seriously. We understand some employees were upset by the phishing attempt and felt it was insensitive, for which we have apologised. While the test mimicked real attempts in play today, we need to do better and be more sensitive to our employees.

I sincerely hope nobody spent their illusory $650 in the days before the test was revealed.

US sneaks public Whois demands into pandemic relief bill

Outgoing US president Donald Trump has signed into law a coronavirus relief bill and spending package that contains a surprise instruction for the government to pursue open access to Whois records.

The Consolidated Appropriations Act of 2021 is focused on federal spending for fiscal 2021, with billions set aside for pandemic-related economic stimulus. It’s the bill you may recall Trump refused to sign for several days on the purported basis that it only provided Americans with a piddling $600 check.

An accompanying document contains encouragement for the National Telecommunications and Information Administration to “to require registrars and registries based in the United States to collect and make public accurate domain name registration information”.

It also asks the NTIA to continue to work within ICANN’s Governmental Advisory Committee to help create “a global access model that provides law enforcement, intellectual property rights holders, and third parties with timely access to accurate domain name registration information”.

The text can be found in a joint explanatory statement (pdf) accompanying the act. It’s not on the statute books as such, but it does tell NTIA how to spend the money it’s been allocated.

The full text relevant to the domain name industry reads:

NTIA is directed, through its position within the Governmental Advisory Committee o work with I CANN to expedite the establishment of a global access model that provides law enforcement, intellectual property rights holders, and third parties with timely access to accurate domain name registration information for legitimate purposes. NTIA is encouraged, as appropriate, to require registrars and registries based in the United States to collect and make public accurate domain name registration information.

As ICANN notes in its analysis, the first sentence is not telling NTIA to do anything it hasn’t been doing since the European Union’s General Data Protection Regulation came into effect two and a half years ago.

The NTIA and GAC have been involved in efforts to create a privacy workaround for rights holders and law enforcement, which in September came up with the widely panned SSAD proposals. ICANN is currently pleading with the EU for clarity on whether it would even be legal.

The second sentence is perhaps a bit more worrying, dangling as it does the possibility of American registries and registrars having to either break EU law or implement a much more complex Whois infrastructure.

But, as ICANN notes, the words “encouraged, as appropriate” are doing a lot of heavy lifting in that sentence, saying “encouragement is aspirational; it is not a mandate”.

However, ICANN appears to be treating it as a warning shot, with head of compliance Jamie Hedlund writing:

It appears to hint that if NTIA and the ICANN community can’t develop a robust access model, Congress could entertain more forceful measures that would impose requirements on U.S.-based registries and registrars to collect and publish domain name registration information.

It seems the NTIA has the wink to cause mischief, should ICANN not deliver what intellectual property lobbyists want.

Verisign drops half a mill on pandemic relief

Verisign has donated over half a million dollars to pandemic-related causes, the company announced last week.

The donations are aimed at relieving economic side-effects of the pandemic such as food poverty and unemployment.

The .com registry operator said in a blog post it has given $275,000 to food banks in Washington DC, Maryland, Virginia, and Delaware where most of its US operations are based, and in Fribourg, Switzerland, its European HQ.

It’s also given $250,000 to Virginia Cares, an initiative dedicated to retraining unemployed Virginians for in-demand jobs in the tech sector.

Verisign was of course an inadvertent beneficiary of the pandemic, as lockdown regimes worldwide led to a boost in domain registrations as businesses such as bars and cafes moved online.

Mixed messages from ICANN on pandemic travel in 2021

ICANN still hasn’t formally cancelled its public meeting in Cancun, Mexico next March, but it appears to be planning for scheduled in-person gatherings to not resume until the fourth quarter of next year.

While nobody in their right mind seems to believe ICANN 70 will go ahead anywhere other than virtually — and ICANN’s top brass acknowledged in October that a face-to-face community forum appeared highly unlikely — the Org has still not announced that it will be the fourth consecutive meeting to be held via Zoom.

But two recently published documents show that ICANN doesn’t see travel getting back to normal any time soon, though its expected timing is ambiguous.

First, the proposed budget for fiscal 2022, which was published on Friday, envisages pandemic-related travel restrictions for only “the first nine months” of its current FY21, which ends June 30 next year.

That means that ICANN, at least in its travel budget, still thinks there’s a chance that international travel may be an option as early as April next year. Its travel budget for this year is $4.7 million, which certainly suggests one normal public meeting.

That would rule out Cancun, but leaves open the possibility that June 14-17 public meeting in The Hague could actually go ahead.

The budget also assumes a normal level of travel spending for the whole of FY22, which would mean ICANN 72 in Seattle — a mere domestic flight for most ICANN staff and a good portion of the domain industry — would also take place in-person next October.

But a resolution passed by the ICANN board of directors last Thursday appears to have a more pessimistic outlook.

The board at that meeting approved the continuation of contingency plans for signing the cryptographic keys at the root of the DNS that would eliminate the need for travel until the fourth quarter of calendar 2021.

Normal, quarterly root Key-Signing Key ceremonies require a small number of trusted “secret key holders” to be flown from around the world into facilities in the US, carrying physical keys, to ensure the integrity of the process.

But those rules were tweaked under coronavirus lockdown last April to allow IANA employees to sub in for these key-holders.

Understanding that the pandemic wasn’t going away any time soon, but perhaps with hindsight on the optimistic side, the KSK ceremony in April generated three quarters’ worth of keys in advance, enabling root DNSSEC until the end of March 2021.

Last Thursday, the ICANN board resolved to again bulk-generate keys during its next ceremony, to be held some time in the first quarter. The plan states:

The coronavirus pandemic is expected to continue to significantly impact operations well into 2021. To limit the impact on the ability to hold quarterly key ceremonies, the plan again provides for generating signatures for an extended nine-month period. This relieves the need to hold a subsequent key signing ceremony until the fourth quarter of 2021.

So, while the proposed budget thinks travel could return to normal by April, the KSK plans are thinking October could be the best-case scenario.

Vaccines appear to be the key, as you might expect:

Staff will continue to monitor the pandemic and prepare for all possible scenarios for this ceremony in accordance with the graduated approach. Should widespread vaccination programs prove to be successful, and international travel limitations be relaxed, it is conceivable a late-2021 ceremony could be conducted in its normal format with international in-person participation.

I’m going to go out on a limb and suggest that the chances of a normal in-person ICANN meeting going ahead before Seattle are pretty slim.

For vaccination programs to be successful, we’re going to need a combination of competent governments capable of handling an unprecedented logistical challenge and a largely sane, rationale populace willing to go under the needle en masse. I’m afraid I don’t have that much faith in humanity.

Even if everything goes smoothly, we’re still looking at the vaccine rollout taking a long time indeed. I live in the UK, the first country to roll out vaccinations at scale, and I don’t anticipate getting the jab for six months or more.

An unofficial calculator tool estimates that a middle-aged Brit with no diagnosed preexisting conditions cannot reasonably expect to get a vaccine until July 2021, assuming the UK manages to quickly ramp up to one million vaccinations per week and 70% of those eligible choose to take the shot.

If that’s true elsewhere in the world, and vaccination becomes a passport to travel, then any hypothetical June face-to-face ICANN meeting could resemble a senior care home or retirement village even more than usual.

Not so much Club Med as a Saga Holiday.

And none of this takes into account the potential impact of the super-spreadable new coronavirus strain discovered to be hugely prevalent in the UK last week.

While it’s early days, it seems there’s a significant possibility that what I’m calling the limeyvirus (because what goes better with Corona than lime?) is going to significantly impact travel worldwide in the coming months.