Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
DENIC kicks out NCC as ICANN’s sole escrow agent
DENIC has won the contract to be the sole supplier of registrar data escrow services for ICANN, the Org has announced.
The German registry is replacing NCC Group, which acquired Iron Mountain’s escrow business two years ago. Iron Mountain has been ICANN’s chosen escrow agent since it started requiring registrars to escrow registrant data in 2007 in the wake of the RegisterFly scandal.
Under ICANN’s Registrar Accreditation Agreement, registrars have to deposit this data either daily or weekly, depending on how many domains under management they have, to mitigate the risk of domains being lost.
Registrars can choose to use ICANN’s chosen escrow agent, in which case ICANN pays, or they can choose another from an approved list, in which case the registrar pays.
Naturally enough, the vast majority of registrars choose to go with the free option. DENIC has been on the approved list since 2017. There are also one Russian and three Chinese companies approved to provide these services.
The change of contractor means escrow will now be provided by a EU-based company for the first time. UK-based NCC’s contract was via its US subsidiary, NCC Group Software Resilience (NA) LLC. ICANN said DENIC has opened up facilities in North America.
ICANN said NCC “will no longer be accepting new registrars with immediate effect and will no longer provide [Registrar Data Escrow] services starting 1 November 2024”, so registrars have some breathing space to migrate.
The deal was worth $800,000 a year to NCC, according to ICANN’s latest tax forms. One assumes DENIC is doing it cheaper.
Epik customer exodus started when Monster quit
Domain registrants started leaving Epik in droves when CEO Rob Monster quit last year and serious allegations of financial mismanagement emerged, an analysis of the numbers shows.
Epik’s total gTLD domains under management began to free-fall in September 2022, dropping by more than 70,000 by the end of the year, almost all as a result of customers transferring their domains to other registrars.
Data from registry transaction reports I compiled shows Epik peaking at around 808,000 domains across all gTLDs at the end of August, having gone up every month that year.
But DUM started tumbling when Monster quit and customers started reporting problems extracting funds from their accounts in mid-September. Epik dropped to 792,000 domains that month, with 780,000 in October, 767,000 in November and 733,000 at the end of the year.
Transfers from Epik to other registrars also went up in September, almost doubling from the 9,500 domains reported in August to 16,000, a level of customer bleed it maintained until December, when it rocketed up to almost 23,000.
Most of the losses were of course in .com, but .net, .org and .xyz also saw big downsides.
The drop in revenue won’t help the company extract itself from its current dire straits. It’s publicly admitted it’s having difficulty paying its customers, some of whom complain they’re owed tens or hundreds of thousands of dollars.
Epik is facing a customer lawsuit, the prospect of a probe by its local state attorney general over its unlicensed escrow service, and recently had to shut down its unlicensed “insurance” service after a settlement with the Washington state insurance regulator.
Whoever runs its Twitter account has been pointing the finger of blame at Monster, saying the company, which it refers to as “Epik 2.0” is trying to move “out of a monster’s shadow”.
In recent days it’s tweeted reassurances that customers will eventually be made whole, legal threats against Monster (believed to still be non-executive chair) and, yesterday, expressions of a desire to “connect” with Monster and explore “alternative paths”.
Domainers at risk as EnCirca takes over deadbeat registrar’s customer base
Customers of defunct registrar Pheenix risk losing their domains because the company was not properly escrowing its registrant data, according to the registrar taking over their domains.
EnCirca, which is taking over up to 6,000 domains previously registered with Pheenix, says the registrar’s shoddy escrow practices mean some of these domains may not be reunited with their rightful owners.
Pheenix “failed to properly escrow domain ownership information for many of the domains utilizing WHOIS proxy services”, EnCirca recently wrote, adding:
We anticipate that many domains will remain unclaimed due to bounced emails or inoperable proxy services. Locating rightful owners will be problematic since the data escrow is often devoid of any identifying ownership information.
To try to mitigate the problem, EnCirca is offering affected registrants the chance to prove ownership by filling out a form and uploading other evidence, such as Pheenix receipts or bank statements.
EnCirca added that because Pheenix disappeared still owing money to registries, the registries may be forcing renewal or restore fees that will then be passed on registrants.
If your domains were at or near expiration, restoring them could be complex and pricey or impossible.
If you’re affected, you can find information here.
Most or all Pheenix customers are likely to be domain investors. It was a drop-catcher, which once had over 500 dummy registrars in its expansive dropnet, most of which it subsequently de-accredited.
But it went AWOL last May, not responding to ICANN or paying its dues, apparently disappearing from the face of the Earth.
ICANN terminated its accreditation in May this year, and initiated a bulk transfer to EnCirca a couple weeks ago (which it only disclosed this week).
EnCirca has experience handling this kind of problem, which is presumably why ICANN gifted it the bulk transfer. In 2018 it took on the domains 49 of Pheenix’s shell registrars, which it says were suffering from the same escrow problems.
Russian company approved as gTLD escrow provider
ICANN has approved Russian internet exchange point MSK-IX as its 10th gTLD data escrow provider.
The organization said that week that Joint Stock Company “Internet Exchange “MSK-IX” has been added to its roster of companies fighting for gTLD registries escrow business.
MSK-IX is mainly in the business of operating an internet peering hub — a location where ISPs can connect their networks to backbones and to each other — in Moscow.
It becomes the fourth escrow provider in Europe, and the only one in Europe outside of the EU.
There are also five approved providers in Asia and only one — original provider Iron Mountain — in North America.
ICANN says it is not currently looking for any more providers.
gTLD registries are contractually obliged to periodically put their domain and registrant data into escrow, on the off-chance they go out of business and domains need to be transferred to a different company.
DENIC gets approved for registry escrow
DENIC is now able to offer data escrow services to gTLD registries, in addition to registrars.
The non-profit company, which runs Germany’s .de, said it gained ICANN approval for the registry escrow function June 6.
Back in March, ICANN approved it for the registrar escrow services.
All ICANN-accredited registries and registrars are contractually obliged to deposit their registrant data with escrow agents in case they go out of business, go rogue, suffer catastrophic data loss, or otherwise screw up.
Nine companies have been approved by ICANN for registry data escrow so far.
Two of others are based in Europe, but DENIC claims to be the only one that offers full compliance with the more stringent German and European Union data protection regulations.
DENIC approved as ICANN escrow agent
German ccTLD registry DENIC has been given ICANN approval to provide data escrow services to registrars.
It becomes the seventh company to receive this accreditation, the second in Europe after the UK’s NCC Group.
The company said it signed its ICANN contract and first registrar, Global Village, at the ICANN meeting in Copenhagen last week.
DENIC said the ICANN contract is unique in that it is governed by German or Swiss law, rather than Californian.
It also said that it is in compliance with European Union data protection legislation, which is much stricter than the US equivalent, for the first time.
The deal with ICANN does not extend to data escrow services for gTLD registries, but DENIC said it is working on such a deal.
All registrars are required by their ICANN accreditation to escrow registrant data, to protect customers from catastrophic business failures or de-accreditation.
European privacy ruling could add to registrars’ costs
European domain registrars say they are facing increased costs of doing business due to a recent court ruling on privacy protection.
As a result, US data escrow giant Iron Mountain is likely to lose a lot of its ICANN business, as EU registrars defect to local alternatives such as UK-based NCC Group.
The ruling in question deals with the so-called “safe harbor” principles, under which European companies were able to transfer customers’ private data to US companies as long as the recipient promised to abide by EU privacy protection rules.
However, former spy Edward Snowden’s revelations of widespread privacy violations by the US government seemed to show that many US tech giants were complicit in handing over such data to US spooks.
And now the European Court of Justice has ruled the safe habor principles invalid.
This affects registrars because, under their ICANN contracts, they have to escrow registrant data on a weekly basis. That’s to prevent registrants losing their domains when registrars go out of business or turn out to be crooks.
While registrars have a choice of escrow agents, pretty much all of them use Iron Mountain, because ICANN subsidizes the service down to $0.
However, with the ECJ ruling, Euro-registrars have told ICANN that it would now be “illegal” to continue to use Iron Mountain.
In a recent letter (pdf) to ICANN, about 20 EU-based registrars said that non-European registrars would get a competitive advantage unless ICANN does something about it.
They want ICANN to start subsidizing one or more EU-based escrow agents, enabling them to switch without adding to costs.
the service fees of those [alternative] providers are not being supported by ICANN. Thus, the only solution for EU based registrars to comply with their local laws is to support this extra cost.
We are sure, you will agree this clearly constitutes an unfair disadvantage to a given category of a registrars.
This is why we ask ICANN to offer the same terms as it currently does to Iron Mountain to other RDE [Registrar Data Escrow] providers established in the European Economical Area to ensure a level playing field for registrars globally.
According to the registrars, they have until January to switch, so ICANN may have to move quickly to avoid unrest.
.secure applicant claims NCC stole her idea
Domain Security Company CEO Mary Iqbal claims that NCC Group took many of her ideas for a high-security .secure top-level domain following unproductive investment talks.
Iqbal is also hinting at “potential future litigation” over the issue.
The surprising claims, made in emails to DI today, follow the announcement last week that a new NCC subsidiary, Artemis Internet, will also apply to ICANN for .secure.
“NCC Group has taken many of the security measures outlined in the Domain Security Company LLC security plan and incorporated them into the NCC Group’s proposed security measures,” Iqbal said.
Artemis chief technology officer Alex Stamos, a veteran security industry technologist, has dismissed the allegations as “completely ridiculous”.
“The only reason I know she is applying is because we did some Google searches when we were putting together our announcement,” he said.
Iqbal claims she was first contacted by NCC in January this year to talk about signing up for data escrow services – one of the technical services all new gTLD applicants need.
However, she says these talks escalated into discussions about a possible NCC investment in Domain Security Company, during which she shared the company’s security and business plans.
She said in an email:
These disclosures were made based on assurances from the NCC Group that the NCC Group was not then involved with any other applications for a secure Top Level Domain. Specific assurances were also given that the NCC Group was not involved with any other potential application for a .SECURE Top Level Domain.
But Stamos said that he’s been working on .secure at NCC since late last year, and he has no knowledge of any talks about investing in Iqbal’s company.
“All I know is that she talked to one of our salespeople about escrow,” he said. “I’ve never seen a business plan or security plan.”
Emails from an NCC executive sent to Iqbal in January and forwarded to DI by Iqbal today appear to be completely consistent with a sales call.
Iqbal said she has emails demonstrating that the talks went further, but she declined to provide them “since I may have to use it in any potential future litigation”.
Stamos pointed out that if NCC was in the habit with competing with its escrow clients, it would have applied for considerably more gTLDs than just .secure.
Artemis is proposing a significant technology development as part of its .secure bid, he said: the Domain Policy Framework, which he outlines on his personal blog here.
He added that Artemis is happy to compete with other .secure applicants – he evidently expects more to emerge – but on the merits of the application rather than “spurious claims”.
Domain Security Company “already has a very troubling history of using the legal process to overcome problems that should be based on merit”, he said.
That’s a reference to the company’s almost-successful attempt to secure US trademarks on .secure and .bank, in spite of the US trademark office’s rules against granting trademarks on TLDs.
Expect more stories like this to emerge about other gTLDs after ICANN’s Big Reveal of the applicant list next month.
Whether her claims have any merit or not, Iqbal’s not the first to claim that another applicant stole her idea, and she certainly won’t be the last.
Another registrar on the ICANN naughty step
ICANN has threatened to terminate the accreditation of Samjung Data Service, a South Korean domain name registrar.
The threat, the 13th ICANN’s compliance department has issued to a registrar this year, is notable because it’s a rare example where money does not appear to be an issue.
Samjung’s failing, according to ICANN’s termination letter, is its inability to escrow registrant data with Iron Mountain on the agreed schedule and in the required format.
The tiny registrar has also failed to make the technical contacts in its customers’ Whois records available online, and has been apparently ignoring ICANN’s calls and emails.
What ICANN does not do is accuse Samjung of not paying its accreditation fees, which in the past has been a notable feature of compliance actions.
Delinquent payments tend to alert ICANN that there may be other problems at a registrar, but this has led to criticisms that the organization is only concerned about its revenue.
Could the Samjung case be another example of the newly staffed-up ICANN compliance department taking the more proactive stance that was promised?
Recent Comments