Demand Media has become the first new gTLD applicant to put its head above the parapet and tell ICANN that its latest batch of Governmental Advisory Committee advice is unworkable.
While its comment on the GAC’s Beijing communique is very diplomatically worded, it’s obvious that Demand reckons most of the “safeguard” advice it contains would be difficult, if not impossible, to implement.
The company has urged ICANN to refuse to adopt the advice, saying:
the spirit and actual letter of the GAC Advice related to these additional safeguards comes in a manner and form that is completely antithetical and contrary to ICANN’s bottom-up, multi-stakeholder, consensus-driven policy development process. Because the proposed safeguards, if implemented, would effectively change how new gTLDs are managed, sold, distributed, registered, operated, and used in the marketplace, the GAC Advice is tantamount to making “top-down,” dictatorial, non-consensus, policy which undermines the entire ICANN model. If ICANN chose to adopt any one of these three safeguards, ICANN itself would lose all legitimacy.
Demand seems to agree with many of the points raised in this DI post from a few weeks ago related to the GAC’s demand that hundreds of new gTLD registries should compel their registrants to stick to data security standards when they handle sensitive financial or healthcare data.
The GAC’s advice is extremely broad here and pays scant attention to the innumerable implementation questions raised. As such, Demand says in its comment (filed by applying subsidiary United TLD Holdco):
United TLD believes applicable laws and recognized industry standards should be developed and implemented by appropriate legislative, law enforcement and industry expert bodies and should not be developed by the registry operator.
It also takes issue with the GAC’s demand for registry operators to “establish a working relationship with the relevant regulatory body including developing a strategy to mitigate abuse.”
The company points out that many TLDs listed in the Beijing communique will have multiple uses, and even if there is a regulatory body for a subsection of registrants, it may not cover all.
For example, should a software engineer (an unregulated profession) have to agree to abide by rules developed for civil engineers when they register a .engineer domain name?
it would be inappropriate, and impossible, to find a “relevant regulatory body” with whom to establish a relationship related to the use of .ENGINEER. Additionally, what if the relevant regulatory body simply declined to work with a registry operator or does not respond to requests for collaboration?
The Demand comment is full of examples of problems such as this.
In broader terms, however, the registrar and applicant is utterly opposed to the GAC’s insistence that “certain” unspecified gTLDs representing regulated sectors should be forced, in effect, to transform into tightly restricted sponsored gTLDs.
The GAC wants these applicants to forge tight links with regulatory and self-regulatory bodies and vet each registrant’s credentials before allowing domains to be registered.
applicants, including United TLD, submitted their new gTLD applications believing that that they would be operating, managing and distributing generic TLDs. These three Safeguards completely change the nature of the new TLDs from being generic and widely available, to being “sponsored” TLDs restricted only to those individuals who must prove their status or credentials entitling them to register domain names with certain extensions. These three Safeguards are patently adverse to the core purpose of the new gTLD program and ICANN’s mission generally which is to promote consumer choice and competition.
While Demand is the first application to slam the GAC advice as a whole (a few others have submitted preliminary comments on specific subsets of advice), I’m certain it won’t be the last.
That said, .secure applicant Artemis Internet submitted what is possibly the most amusing example of “sucking up” I’ve ever seen in an ICANN public comment period.
The company actually requests to be added to the list of strings covered by the GAC advice on the grounds that its application was so gosh-darn wonderful it already planned to do all that stuff anyway.
I expect, by the time the comment period closes next Tuesday the prevailing mood from applicants will be more Demand and less Artemis.
How much power should governments have over the domain name industry? Should the industry be held responsible for the actions of its customers? Are domain names the way to stop crime?
These are some of the questions likely to be addressed during ICANN’s latest public comment period, which could prove to be one of the most important consultations it’s ever launched.
ICANN wants comments on governmental advice issued during the Beijing meeting two weeks ago, which sought to impose a broad regulatory environment on new gTLD registries.
According to this morning’s announcement:
[ICANN's Board New gTLD Committee] has directed staff to solicit comment on how it should address one element of the advice: safeguards applicable to broad categories of New gTLD strings. Accordingly, ICANN seeks public input on how the Board New gTLD Committee should address section IV.1.b and Annex I of the GAC Beijing Communiqué.
Annex 1 of the Beijing communique is the bit in which the GAC told ICANN to impose sweeping new rules on new gTLD registries. It’s only a few pages long, but that’s because it contains a shocking lack of detail.
For all new gTLDs, the GAC wants ICANN to:
- Apply a set of abuse “safeguards” to all new gTLDs, including mandatory annual Whois accuracy audits. Domain names found to use false Whois would be suspended by the registry.
- Force all registrants in new gTLDs to provide an abuse point of contact to the registry.
- Make registries responsible for adjudicating complaints about copyright infringement and counterfeiting, suspending domains if they decide (how, it’s not clear) that laws are being broken.
For the 385 gTLD applications deemed to represent “regulated or professional sectors”, the GAC wants ICANN to:
- Reject the application unless the applicant partners with an appropriate industry trade association. New gTLDs such as .game, .broadway and .town could only be approved if they had backing from “relevant regulatory, or industry self-regulatory, bodies” for gaming, theater and towns, for example.
- Make the registries responsible for policing registrants’ compliance with financial and healthcare data security laws.
- Force registries to include references to organic farming legislation in their terms of service.
For gTLD strings related to “financial, gambling, professional services, environmental, health and fitness, corporate identifiers, and charity” the GAC wants even more restrictions.
Essentially, it’s told ICANN that a subset of the strings in those categories (it didn’t say which ones) should only be operated as restricted gTLDs, a little like .museum or .post are today.
It probably wouldn’t be possible for a poker hobbyist to register a .poker domain in order to blog about his victories and defeats, for example, unless they had a license from an appropriate gambling regulator.
Attempting to impose last-minute rules on applicants appears to reverse one of the GAC’s longstanding GAC Principles Regarding New gTLDs, dating back to 2007, which states:
All applicants for a new gTLD registry should therefore be evaluated against transparent and predictable criteria, fully available to the applicants prior to the initiation of the process. Normally, therefore, no subsequent addition selection criteria should be used in the selection process.
The Beijing communique also asks ICANN to reconsider allowing singular and plural versions of the same string to coexist, and says “closed generic” or “exclusive access” single-registrant gTLDs must serve a public interest purpose or be rejected.
There’s a lot of stuff to think about in the communique.
But ICANN’s post-Beijing problem isn’t whether it should accept the GAC’s advice, it’s to first figure out what the hell the GAC is actually asking for.
Take this bit, for example:
Registry operators will require that registrants who collect and maintain sensitive health and financial data implement reasonable and appropriate security measures commensurate with the offering of those services, as defined by applicable law and recognized industry standards.
This one paragraph alone raises a whole bunch of extremely difficult questions.
How would registry operators identify which registrants are handling sensitive data? If .book has a million domains, how would the registry know which are used to sell books and which are just reviewing them?
How would the registries “require” adherence to data security laws? Is it just a case of paying lip service in the terms of service, or do they have to be more proactive?
What’s a “reasonable and appropriate security measure”? Should a .doctor site that provides access to healthcare information have the same security as one that merely allows appointments to be booked? What about a .diet site that knows how fat all of its users are? How would a registry differentiate between these use cases?
Which industry standards are applicable here? Which data security laws? From which country? What happens if the laws of different nations conflict with each other?
If a registry receives a complaint about non-compliance, how on earth does the registry figure out if the complaint is valid? Do they have to audit the registrant’s security practices?
What should happen if a registrant does not comply with these laws or industry standards? Does its domain get taken away? One would assume so, but the GAC, for some reason, doesn’t say.
The ICANN community could spend five years discussing these questions, trying to build a framework for registries to police security compliance, and not come to any consensus.
The easier answer is of course: it’s none of ICANN’s business.
Is it ICANN’s job to govern how web sites securely store and transmit healthcare data? I sure hope not.
And those are just the questions raised by one paragraph.
The Beijing communique as a whole is a perplexing, frustrating mess of ideas that seems to have been hastily cobbled together from a governmental wish-list of fixes for perceived problems with the internet.
It lacks detail, which suggests it lacks thought, and it’s going to take a long time for the community to discuss, even as many affected new gTLD applicants thought they were entering the home stretch.
Underlying everything, however, is the question of how much weight the GAC’s advice — which is almost always less informed than advice from any other stakeholder group — should carry.
ICANN CEO Fadi Chehade and chair Steve Crocker have made many references recently to the “multi-stakeholder model” actually being the “multi-equal-stakeholder model”.
This new comment period is the first opportunity the other stakeholders get to put this to the test.
The over 500 new gTLD applicants affected by Governmental Advisory Committee advice on their bids have 21 days from today to file their responses officially with ICANN.
But there’s still some confusion about who exactly is expected to file responses, given the extraordinary breadth of the advice contained within the GAC’s Beijing communique.
ICANN today put applicants on formal notice of the publication of the Beijing communique, which actually came out a week ago, and said applicants have until May 10 to respond to the ICANN board.
What it didn’t do is say which applicants are affected. Technically, it could be all of them.
The Beijing communique contains six “safeguards” related to things such as abuse and security, which it said “should apply to all new gTLDs”.
On a more granular level, the GAC has called out, we believe, 517 individual applications that should not be approved or that should not be approved unless they do what the GAC says.
The Beijing communique, it could be argued, throws the whole new gTLD program into disarray, and this is the first chance applicants will get to put their views directly in writing to the ICANN board.
How the Governmental Advisory Committee handles its advice on new gTLD applications seems to be a big worry at the ICANN public meeting in Beijing this week.
During a session yesterday, new gTLD program vice president Christine Willett was peppered with questions about the approval process going forward, many of which related to the GAC.
There’s also a lot of gossiping about which applications the GAC is thinking about delivering the kiss of death to, and what its advice will mean to the overall program timetable.
DI is not attending the Beijing meeting in person, but here’s what I’ve learned from remote participation and talking to attendees:
Confusion over the GAC Advice standard
Judging by interactions during Willett’s session, there may be a little bit of confusion about whether GAC Advice needs to be “consensus” GAC Advice in order to halt a new gTLD application.
I think the confusion is mainly due to the way some people (Willett and myself included) use phrases such as “non-consensus GAC Advice” as shorthand for a particular paragraph of the Applicant Guidebook.
Here’s the way I understand it:
All GAC Advice — including Advice sent on issues completely unrelated to the new gTLD program — is consensus GAC Advice.
If the GAC sends written Advice to the ICANN board, it means the GAC has reached consensus to send that Advice, even if the Advice itself reflects a lack of consensus on the specifics.
Confusion in the community is arising now because the Applicant Guidebook also talks about three types of “GAC Advice on New gTLDs”, the first of which is:
The GAC advises ICANN that it is the consensus of the GAC that a particular application should not proceed. This will create a strong presumption for the ICANN Board that the application should not be approved.
That’s describing a situation where the GAC has reached a consensus that an application should be rejected. It’s going to sound the death knell for several applications, without doubt.
The second type of GAC Advice on New gTLDs in the Guidebook is:
The GAC advises ICANN that there are concerns about a particular application “dot-example.” The ICANN Board is expected to enter into dialogue with the GAC to understand the scope of concerns. The ICANN Board is also expected to provide a rationale for its decision.
The language was written by the GAC, using its consensus model, which is why it’s so badly worded.
What it means is that the GAC could not find consensus to kill off an application — some governments want it killed off, some don’t — but that the GAC as a whole reached consensus to tell ICANN that some governments do want it killed off.
So when people talk about “non-consensus” Advice, we’re referring to this second form of GAC Advice on New gTLDs, where the GAC could reached consensus to alert ICANN about “concerns” but could not reach consensus that the application should be taken outside and shot.
Which applications are going to get Advice?
The GAC stated last week that 20 applications had been put forward for specific review at the Beijing meeting.
From what I’ve been able to piece together from the GAC’s public hints, its Early Warnings, and sources in Beijing, I think I’ve identified many of these applications.
I’m pretty certain that DotConnectAfrica’s application for .africa is going to get killer Advice.
I’m not picking on DCA (disclosure: DCA accused me of being part of a racist conspiracy) but it is the only remaining applicant to comprehensively ignore ICANN’s rules on geographic names.
It’s also well-known that Amazon’s application for .amazon (and translations), and Patagonia Inc’s application for .patagonia, both of which were not captured by ICANN’s rules on geography, are unloved by Latin American governments.
The Montevideo Declaration, signed by government ministers from the continent last week, specifically condemns any new gTLDs related to Amazonia and Patagonia.
It’s difficult to see how the GAC could ignore the strength of this position, but it’s always possible that some members may have been lobbied into submission by applicants, therefore spoiling consensus.
Other geographic strings that ICANN’s rules did not identify as geographic may also face Advice.
It’s known that .persiangulf, for example, is racially/culturally divisive because the same body of water is also known as the Arabian Gulf by Arab states in the region.
The Japanese government’s Early Warning against .date (issued because there are two cities in Japan that, when translated into Latin characters, are called Date) is also believed to have been put forward for formal GAC Advice.
Outside of geographic names, I hear that .basketball and .rugby are also on the GAC’s shortlist.
These are interesting cases because the governments with the beef (Greece and the UK) are not concerned about the strings themselves. Rather, they want to make sure their preferred applicant wins.
Both gTLDs are contested, and each contention set has one applicant backed by the official world authority for the sport concerned.
If the GAC issues Advice on either, it’s putting itself in the position of picking winners and losers, which could make for some frenetic lobbying in future application rounds.
The application for .uno is believed to be under discussion in the GAC because it clashes with the acronym of an intergovernmental organization.
It also seems pretty certain that Demand Media’s applications for .navy, .army and .airforce are going to get Advice in one form or another. The US, I gather, is adamant that these bids should be rejected at all costs.
How GAC Advice affects the timetable
Willett said yesterday that ICANN expects to receive the GAC’s Advice this week, which should come as some relief to applicants given that the timing has always been a bit vague.
But it’s still not clear what form the Advice will take.
Sure, there’s bound to be some bits of Advice that call out specific applications for death-by-board, but there may also be Advice that addresses certain “categories” of application.
If that happens, and the GAC does not explicitly state which applications fall into which category, there’s the potential for mass confusion following the Beijing meeting.
I raised this specter last week, and it cropped up again during Willett’s session in Beijing yesterday.
What I forgot about last week, and what Willett was quizzed about yesterday, is that the Guidebook gives applicants with GAC Advice 21 days to respond to it before the ICANN board acts.
“I’m concerned that whereby the GAC Advice is such that it is all-encompassing and non-exhaustive that therefore all applicants must respond and all applicants are waiting another 21 days,” ARI Registry Services CEO Adrian Kinderis asked. “No applicant can proceed, because they’re all impacted.”
“If that hypothetical situation occurs, I think that’s possible,” Willett responded.
I other words, if the GAC delivers broad advice this week that does not name specific applications, it’s possible that every applicant would have 21 days to tell ICANN’s board why they’re not affected.
That would completely balls up ICANN’s plan to sign its first registry agreements on April 23.
The National Telecommunications and Information Administration said today that all new gTLD applicants, even those that have not already been hit by government warnings, should submit Public Interest Commitments to ICANN.
In a rare comment sent to an ICANN public forum today, the NTIA suggested that applicants should use the process to help combat counterfeiting and piracy.
The agency, the part of the US Department of Commerce that oversees ICANN and participates in its Governmental Advisory Committee, said (emphasis in original):
NTIA encourages all applicants for new gTLDs to take advantage of this opportunity to address the concerns expressed by the GAC in its Toronto Communique, the individual early warnings issued by GAC members, and the ICANN public comment process on new gTLDs, as appropriate.
PICs were introduced by ICANN earlier this month as a way for applicants to voluntarily add binding commitments — for example, a promise to restrict their gTLD to a certain user base — to their registry contracts.
The idea is to let applicants craft and agree to stick to special terms they think will help them avoid receiving objections from the GAC, GAC members and others.
NTIA said that applicants should pay special attention in their PICs to helping out the “creative sector”.
Specifically, this would entail “ensuring that WHOIS data is verified, authentic and publicly accessible”.
They should also “consider providing an enforceable guaranty that the domain name will only be used for licensed and legitimate activities”, NTIA said, adding:
NTIA believes that these new tools may help in the fight against online counterfeiting and piracy and is particularly interested in seeing applicants commit to these or similar safeguards.
The PICs idea isn’t going down too well in the applicant community, judging by other submissions this week.
The Registries Stakeholder Group of ICANN, for example, says its members are feeling almost “blackmailed” into submitting PICs, saying the timing is “completely unreasonable”.
As DI noted when PICs was first announced, applicants have been given until just March 5 to submit their commitments, raising serious questions about the timetable for objections and GAC advice.
The RySG has even convened a conference call for March 4 to discuss the proposal, which it says “contains so many serious and fundamental flaws that it should be withdrawn in