Latest news of the domain name industry

Recent Posts

US and EU call for Whois to stay alive

Kevin Murphy, January 31, 2018, Domain Policy

Government officials from both sides of the Atlantic have this week called on ICANN to preserve Whois as it currently is, in the face of incoming EU privacy law, at least for a select few users.

The European Commission wrote to ICANN to ask for a “pragmatic and workable solution” to the apparent conflict between the General Data Protection Regulation and the desire of some folks to continue to access Whois as usual.

Three commissioners said in a letter (pdf) that special consideration should be given to “public interests” including “ensuring cybersecurity and the stability of the internet, preventing and fighting crime, protecting intellectual property and copyright, or enforcing consumer protection measures”.

David Redl, the new head of the US National Telecommunications and Information Administration, echoed these concerns in a speech at the State of the Net conference in Washington DC on Monday.

Redl said that the “preservation of the Whois service” is one of NTIA’s top two priorities at the moment. The other priority is pressing for US interests in the International Telecommunications Union, he said.

Calling Whois “a cornerstone of trust and accountability for the Internet”, Redl said the service “can, and should, retain its essential character while complying with national privacy laws, including the GDPR.”

“It is in the interests of all Internet stakeholders that it does,” he said. “And for anyone here in the US who may be persuaded by arguments calling for drastic change, please know that the US government expects this information to continue to be made easily available through the Whois service.”

He directly referred to the ability of regular internet users to access Whois for consumer protection purposes in his speech.

The European Commission appears to be looking at a more restrictive approach, but it did offer some concrete suggestions as to how GDPR compliance might be achieved.

For example, the commissioners’ letter appears to give tacit approval to the idea of “gated” access to Whois, but called for access by law enforcement to be streamlined and centralized.

It also suggests throttling as a mechanism to reduce abuse of Whois data, and makes it clear that registrants should always be clearly informed how their personal data will be used.

The deadline for GDPR compliance is May this year. That’s when the ability of EU countries to start to levy fines against non-compliant companies, which could run into millions of euros, kicks in.

While ICANN has been criticized by registries and registrars for moving too slowly to give them clarity on how to be GDPR-compliant while also sticking to the Whois provisions of their contracts, its pace has been picking up recently.

Two weeks ago it called for comments on three possible Whois models that could be used from May.

That comment period ended on Monday, and ICANN is expected to publish the model upon which further discussions will be based today.

EU guns for ICANN’s relationship with US

Kevin Murphy, February 12, 2014, Domain Policy

The European Union has made ICANN’s close relationship with the US one of the targets of a new platform on internet governance.

In a new communication on internet governance (pdf), the European Commission said it will “work with all stakeholders” to:

– identify how to globalise the IANA functions, whilst safeguarding the continued stability and security of the domain-name system;

– establish a clear timeline for the globalisation of ICANN, including its Affirmation of Commitments.

The policy is being characterized as being prompted by former NSA contractor Edward Snowden’s revelations about widespread US spying on internet users.

EC vice president Neelie Kroes issued a press release announcing the policy, saying:

Recent revelations of large-scale surveillance have called into question the stewardship of the US when it comes to Internet Governance. So given the US-centric model of Internet Governance currently in place, it is necessary to broker a smooth transition to a more global model while at the same time protecting the underlying values of open multi-stakeholder governance of the Internet.

Despite this, the document does not contain any allegations that link ICANN to spying, or indeed any justification for the logical leap from Snowden to domain names.

The EU position is not dissimilar to ICANN’s own. Last October CEO Fadi Chehade used Snowden as an excuse to talk about putting ICANN’s relationship with the US back in the spotlight.

As I noted at the time, it all looks very opportunistic.

Internationalizing ICANN is of course a noble objective — and one that has been envisaged since ICANN’s very creation 15 years ago — but what would it look like it practice?

I’d be very surprised if what the Commission has in mind isn’t a scenario in which the Commission always gets what it wants, even if other stakeholders disagree with it.

Right now, the Commission is demanding that ICANN rejects applications for .wine and .vin new gTLDs unless applicants agree to new rights protection mechanisms for geographic indicators such as “Champagne”.

That’s something that ICANN’s Governmental Advisory Committee could not reach consensus on, yet the EU wants ICANN to act based on its unilateral (insofar as the EU could be seen as a single entity) advice.

The new EC policy document makes lots of noise about its support for the “multi-stakeholder process”, but with hints that it might not be the “multi-equal-stakeholder process” championed by Chehade.

For example, it states on the one hand:

Those responsible for an inclusive process must make a reasonable effort to reach out to all parties impacted by a given topic, and offer fair and affordable opportunities to participate and contribute to all key stages of decision making, while avoiding capture of the process by any dominant stakeholder or vested interests.

That sounds fair enough, but the document immediately goes on to state:

the fact that a process is claimed to be multistakeholder does not per se guarantee outcomes that are widely seen to be legitimate

it should be recognised that different stages of decision making processes each have their own requirements and may involve different sets of stakeholders.

Sound multistakeholder processes remain essential for the future governance of the Internet. At the same time, they should not affect the ability of public authorities, deriving their powers and legitimacy from democratic processes, to fulfil their public policy responsibilities where those are compatible with universal human rights. This includes their right to intervene with regulation where required.

With that in mind, what would an “internationalized” IANA look like, if the European Commission gets its way?

Right now, IANA may be contractually tethered to the US Department of Commerce, but in practice Commerce has never refused to delegate a TLD (even when Kroes asked it to delay .xxx).

Compare that to Kroes statement last September that “under no circumstance can we agree having .wine and .vin on the internet, without sufficient safeguards”.

Today’s policy news from the EC looks fine at a high level, but in light of what the EC actually seems to want to achieve in practical terms, it looks more like an attempt at a power grab.

.eu registry contract up for grabs

The European Commission has opened up the .eu registry contract to competitive bidding.

The sort-of ccTLD has been managed by EurID since it launched 2004 but its contract, which has already been extended to its maximum term, is due to expire in October next year.

Would-be usurpers must be not-for-profit organizations based in the European Union, according to a Commission RFP, which should narrow the field quite a lot.

The .eu space has 3.7 million registered domain names, growing at 5.4% a year. Considering that the TLD is open to all in the EU, the numbers fare poorly compared to many European ccTLDs.

The deadline for submissions is June 20.

Massive internet policy database planned in Europe

Kevin Murphy, May 13, 2013, Domain Policy

The European Commission plans to build a massive web site and database of information related to global internet policy-making.

The Global Internet Policy Observatory, which is still in the planning stages, would be a “clearinghouse for monitoring Internet policy, regulatory and technological developments across the world”.

The idea appears to be to make it easier for people interested in this kind of thing to wade through information overload. According to a Commission press release, the site would:

  • automatically monitor Internet-related policy developments at the global level, making full use of “big data” technologies;
  • identify links between different fora and discussions, with the objective to overcome “policy silos”;
  • help contextualise information, for example by collecting existing academic information on a specific topic, highlighting the historical and current position of the main actors on a particular issue, identifying the interests of different actors in various policy fields;
  • identify policy trends, via quantitative and qualitative methods such as semantic and sentiment analysis;
  • provide easy-to-use briefings and reports by incorporating modern visualisation techniques;

GIPO (I’m choosing to pronounce it with a hard G) could get underway in 2014, pending the results of a feasibility study, the Commission said.

Brazil, the African Union, Switzerland, the Association for Progressive Communication, Diplo Foundation and the Internet Society are also all involved in the project.

Europe rejects ICANN’s authority as it warns of problems with 58 new gTLDs

Kevin Murphy, November 27, 2012, Domain Services

The European Commission has issued a list of 58 new gTLD applications it considers problematic, thumbing its nose at ICANN’s procedures for handling government objections to new gTLDs.

The list, sent to all applicants this afternoon, draws in several applications that were not already subject to Early Warnings from other GAC nations, including .sex, .sexy and .free.

Remarkably, the cover letter says that the gTLDs are not “Early Warnings” as described by the ICANN Applicant Guidebook and says the Commission may continue to work outside the established process in future:

The position outlined in this letter is without prejudice to any further action that the Commission might decide to undertake in order to safeguard the rights and interests of the European Union and of its citizens.

For the sake of clarity, the Commission does not consider itself legally bound to the processes, including the means of recourse, outlined in the new gTLD Applicant Guidebook and/or adopted by ICANN, unless a legal agreement between the latter and the Commission exists.

While that’s little more than a statement of fact — governments are of course free to do whatever they want in their own jurisdictions — it’s giving applicants much more reason to be nervous.

Even if they don’t receive GAC Advice against their applications, the EC may decide to take other action against them.

The fact that the letter also explicitly states that the warnings are definitely not official Early Warnings — meaning applicants on the list won’t even qualify for the extra refund if they drop out — sends a worrying signal that the EC is not in the mood to play by ICANN’s rules.

As for the list itself, the Commission’s letter states that it’s “non-exhaustive” and that it focuses on bids that “could possibly raise issues of compatibility with the existing legislations (the acquis) and/or with policy positions and objectives of the European Union”.

The fact that the list contains ICM Registry’s .adult and .sex applications, but not its identical .porn bid, seems to confirm that the list does not cover all the gTLDs the Commission has a problem with.

The letter (pdf) states that the Commission will attempt to enter into “further discussions” with the applicants on the list (pdf).