The clothing retailer Patagonia has withdrawn its application for .patagonia after it became clear that ICANN’s Governmental Advisory Committee was unlikely to allow it.
Controversial from the outset, Patagonia’s dot-brand came under fire from governments including Argentina and Chile because the company is named after a large region of Latin America.
The GAC couldn’t find a consensus for a full-on objection to the bid, however, because the US government refused to agree that governments should have rights over such geographic terms.
However the US said last week that it would stand neutral on .patagonia and other geographic-flavored applications at next week’s ICANN meeting in Durban, smoothing the path to GAC consensus.
A GAC consensus objection would have spelled certain death to the application.
Amazon’s .amazon application is in exactly the same position as .patagonia was. Unless the company can come to some kind of arrangement with Brazil and over governments it may suffer the same fate.
European privacy regulators have slammed the new 2013 Registrar Accreditation Agreement, saying it would be illegal for registrars based in the EU to comply with it.
The Article 29 Working Party, which comprises privacy regulators from the 27 European Union nations, had harsh words for the part of the contract that requires registrars to store data about registrants for two years after their domains expire.
In a letter (pdf) to ICANN last month, Article 29 states plainly that such provisions would be illegal in the EU:
The fact that these personal data can be useful for law enforcement does not legitimise the retention of these personal data after termination of the contract. Because there is no legal ground for the data processing, the proposed data retention requirement violates data protection law in Europe.
The 2013 RAA allows any registrar to opt out of the data retention provisions if it can prove that to comply would be illegal its own jurisdiction.
The Article 29 letter has been sent to act as blanket proof of this for all EU-based registrars, but it’s not yet clear if ICANN will treat it as such.
The letter goes on to sharply criticize ICANN for allowing itself to be used by governments (and big copyright interests) to circumvent their own legislative processes. It says:
The fact that these data may be useful for law enforcement (including copyright enforcement by private parties) does not equal a necessity to retain these data after termination of the contract.
the Working Party reiterates its strong objection to the introduction of data retention by means of a contract issued by a private corporation in order to facilitate (public) law enforcement.
If there is a pressing social need for specific collections of personal data to be available for law enforcement, and the proposed data retention is proportionate to the legitimate aim pursued, it is up to national governments to introduce legislation
So why is ICANN trying to get many of its registrars to break the law?
While it’s tempting to follow the Article 29 WP’s reasoning and blame law enforcement agencies and the Governmental Advisory Committee, which pushed for the new RAA to be created in the first place, the illegal data retention provisions appear to be entirely ICANN’s handiwork.
The original law enforcement demands (pdf) say registrars should “securely collect and store” data about registrants, but there’s no mention of the period for which it should be stored.
And while the GAC has expressly supported the LEA recommendations since 2010, it has always said that ICANN should comply with privacy laws in their implementation.
The GAC does not appear to have added any of its own recommendations relating to data retention.
However, the European Commission’s GAC representative then seemed to dismiss the WP’s concerns during ICANN’s public meeting in Toronto last October.
Perhaps ICANN was justifiably confused by these mixed messages.
According to Michele Neylon, chair of the Registrars Stakeholder Group, it has yet to respond to European registrars’ inquiries about the Article 29 letter, which was sent June 6.
“We hope that ICANN staff will take the letter into consideration, as it is clear that the data protection authorities do not want create extra work either for themselves or for registrars,” Neylon said.
“For European registrars, and non-European registrars with a customer base in the EU, we look forward to ICANN staff providing us with clarity on how we can deal with this matter and respect EU and national law,” he said.
The US government is set to allow the Governmental Advisory Committee to kill off Amazon’s application for .amazon, along with eight other new gTLDs with geographic flavors.
In a position paper published last night, the National Telecommunications and Information Administration said:
the United States is willing in Durban to abstain and remain neutral on .shenzen (IDN in Chinese), .persiangulf, .guangzhou (IDN in Chinese), .amazon (and IDNs in Japanese and Chinese), .patagonia, .yun, and .thai, thereby allowing the GAC to present consensus objections on these strings to the Board, if no other government objects.
According to a GAC source, US protests were the “only reason” the GAC was unable to reach a consensus objection to these applications during the Beijing meeting three months ago.
Consensus would strengthen the objection, giving the ICANN board the presumption that the applications, some of which have already passed Initial Evaluation, should not be approved.
None of the nine applications in question met ICANN’s strict definition of a “geographic” string, but they nevertheless look geographic enough to raise concerns with GAC members.
Amazon’s application for .amazon raised the eyebrows of the Latin American countries that share the Amazonia region.
The company has been in talks with these GAC members since Beijing. If it wants to secure .amazon, it has a little over a week to address their concerns, if it wants to avoid an objection.
While the US is now promising to drop its objection to the GAC’s objection, it does not appear to have changed its position, claiming that governments have no rights to geographic strings. NTIA said:
The United States affirms our support for the free flow of information and freedom of expression and does not view sovereignty as a valid basis for objecting to the use of terms, and we have concerns about the effect of such claims on the integrity of the process.
the United States is not aware of an international consensus that recognizes inherent governmental rights in geographic terms.
It’s calling for a rethink of the process, during the mandatory review of the new gTLD program that ICANN must conduct before accepting a second round of applications.
Given that the GAC currently has the ability to object to any string for any reason, it’s difficult to see how a review could achieve the NTIA’s goal without reining in the GAC’s powers.
DotConnectAfrica and GCCIX WLL have become the first new gTLD applicants to have their applications — for .africa and .gcc respectively — officially flagged as “Not Approved” by ICANN.
Both were killed by Governmental Advisory Committee advice.
While GCC had passed its Initial Evaluation already, DCA’s IE results report (pdf), which were published last night, simply states: “Overall Initial Evaluation Summary: Incomplete”.
In both cases the decision to flunk the applications was taken a month ago by ICANN’s New gTLD Program Committee.
DCA filed a formal Reconsideration Request (pdf), challenging the decision in typically incomprehensible style, on June 19, threatening to take ICANN to an Independent Review Panel (ICANN’s very expensive court of appeals) if it does not overturn its decision.
Here’s a sample:
We have no intention of withdrawing our application against the backdrop that we rightly believe that the Board decision is injudicious, very wrong and injurious to our application and to our organizational aspirations. We are placing faith in the possibility that this particular communication will serve the purpose of causing the ICANN Board to have a rethink, and see the wisdom in allowing DCA Trust to continue to participate in the new gTLD Program without the necessity of going to an Independent Review Process (IRP) Panel to challenge the ICANN Board Decision which we presently disagree with in the most absolute terms.
The Board Governance Committee, which handles Reconsideration Requests, has a sturdy track record of denying them, so I think the chances of DCA’s being approved are roughly zero.
But if the company is nutty enough to try its hand at an IRP, which could quite easily set it back a few million dollars in legal fees, the story might not be over yet.
The GAC didn’t like DCA’s .africa bid because African governments back UniForum, DCA’s South Africa-based competitor for the string.
Had the application made it to Initial Evaluation — its processing number wasn’t up for a few weeks — it would have been flunked by the Geographic Names Panel due to its lack of support anyway.
GCC’s application for .gcc was also rejected by the GAC on geographic grounds. It stands for Gulf Cooperation Council, and the Persian/Arabian Gulf nations in question didn’t support the bid.
Also today, the American insurance company Allstate withdrew its applications for .carinsurance and .autoinsurance. Both were single-registrant “closed generics”, which ICANN has indicated might not be approved, also due to GAC advice.
ICANN has approved the standard registry contract for new gTLD registries after many months of controversy.
But its New gTLD Program Committee has also decided to put hundreds more applications on hold, pending talks with the Governmental Advisory Committee about its recent objections.
The new Registry Agreement is the baseline contract for all new gTLD applicants. While some negotiation on detail is possible, ICANN expects most applicants to sign it as is.
Its approval by the NGPC yesterday — just a couple of days later than recently predicted by ICANN officials — means the first contracts with applicants could very well be signed this month.
But a preliminary reading of today’s document suggests that the other changes made since the previous version, published for comment by ICANN in April, are relatively minor.
There have been no big concessions to single-registrant gTLD applicants, such as dot-brands, and ICANN admitted that it may have to revise the RA in future depending on how those discussions pan out.
In its resolution, the NGPC said:
ICANN is currently considering alternative provisions for inclusion in the Registry Agreement for .brand and closed registries, and is working with members of the community to identify appropriate alternative provisions. Following this effort, alternative provisions may be included in the Registry Agreement.
But many companies that have already passed through Initial Evaluation now have little to worry about in their path to signing a contract with ICANN and proceeding to delegation.
“New gTLDs are now on the home stretch,” NGPC member Chris Disspain said in a press release “This new Registry Agreement means we’ve cleared one of the last hurdles for those gTLD applicants who are approved and eagerly nearing that point where their names will go online.”
Hundreds more, however, are still in limbo.
The NGPC also decided yesterday to put a hold on all “Category 1″ applications singled out for advice in the Governmental Advisory Committee’s Beijing communique.
That’s a big list, comprising hundreds of applications that GAC members had concerns about.
The NGPC resolved: “the NGPC directs staff to defer moving forward with the contracting process for applicants who have applied for TLD strings listed in the GAC’s Category 1 Safeguard Advice, pending a dialogue with the GAC.”
That dialogue is expected to kick off in Durban a little over a week from now, so the affected applicants may not find themselves on hold for too long.
Negotiations, however, are likely to be tricky. As the NGPC’s resolution notes, most people believe the Beijing communique was “untimely, ill-conceived, overbroad, and too vague to implement”.
Or, as I put it, stupid.
By the GAC’s own admission, its list of strings is “non-exhaustive”, so if the delay turns out to have a meaningful impact on affected applicants, expect all hell to break loose.