Latest news of the domain name industry

Recent Posts

Trademark posse fails to block Whois privacy policy

Kevin Murphy, March 5, 2019, Domain Policy

The ICANN community’s move to enshrine Whois privacy into formal consensus policy is moving forward, despite votes to block it by intellectual property interests.

During a special meeting yesterday, the GNSO Council voted to approve a set of recommendations that would (probably) bring ICANN’s Whois policy into compliance with the General Data Protection Regulation.

But four councilors — Paul McGrady and Flip Petillion of the Intellectual Property Constituency and Marie Pattullo and Scott McCormick of the Business Constituency — voted against the compromise deal.

Their downvotes were not enough to block it from passing, however. It has now been opened for a month of public comments before being handed to the ICANN board of directors for final approval, whereupon it will become ICANN’s newest consensus policy and binding on all contracted parties.

McGrady, an lawyer with Winston Strawn, claimed that the Expedited Policy Development Process working group that came up with the recommendations failed to reach the level of consensus that it had claimed.

“The consensus call was broken,” he said, adding that the EPDP’s final report “reflects consensus where there really wasn’t any.”

The GNSO was due to vote 10 days ago, but deferred the vote at the request of the IPC and BC. McGrady said that both groups had tried to muster up support in their communities for a “yes” vote in the meantime, but “just couldn’t get there”.

Speaking for the BC from a prepared statement, Pattullo (who works for European brand protection group AIM) told the Council:

The report is a step backwards for BC members’ interests compared to the Temp Spec, especially as the legitimate purposes for collecting and processing data are insufficiently precise, and do not include consumer protection, cybercrime, DNS abuse and IP protection.

The Temp Spec is the Temporary Specification currently governing how registries and registrars collect and publish Whois data. It was created as an emergency measure by the ICANN board and is due to expire in May, where it will very probably be replaced by something based on the EPDP recommendations.

In response to the IPC/BC votes, Michele Neylon of the Registrars Constituency and Ayden Férdeline of the Non-Commercial Stakeholders Group read statements claiming that trademark interests had been given substantial concessions during the EPDP talks.

Neylon in particular had some harsh words for the holdout constituencies, accusing them of “bad faith” and pointing out that the EPDP spent thousands of hours discussing its recommendations.

“Our members would want any number of obligations this report contains to be removed, but despite the objections we voiced our support for the final product as a sign of compromise and support for the entire multistakeholder model,” he said.

“Given the objections of certain parts of the community it’s unclear how we can ask this group to carry on with the next phase of its work at the same pace,” he said. “Given the unwillingness of others to participate and negotiate in good faith, how can we ask our reps to spend hours compromising on this work when it’s clear others will simply wait until the last minute and withdraw their consent for hard-fought compromise.”

The EPDP had a hard deadline due to the imminent expiration of the Temp Spec, but that’s not true of its “phase two” work, which will explore possible ways trademark enforcers could get access to redacted private Whois data.

Unfortunately for the IP lobby, there’s a very good chance that this work is going to proceed at a much slower pace than phase one, which wrapped up in basically six months.

During yesterday’s Council call, both Neylon and NCSG rep Tatiana Tropina said that the dedication required of volunteers in phase one — four to five hours of teleconferences a week and intensive mailing list discussions — will not be sustainable over phase two.

They simply won’t be able to round up enough people with enough time to spare, they said.

Coincidentally, neither the registrars nor the non-coms have any strong desire to see a unified access solution developed any time soon, so a more leisurely pace suits them politically too.

It will be up to the EPDP working group, and whoever turns out to be its new chair, to figure out the timetable for the phase two work.

Kirikos lawyers up after ICANN etiquette fight

Kevin Murphy, October 25, 2018, Domain Policy

Domain investor George Kirikos has hired lawyers to send nastygrams to ICANN after a fight over the rules of etiquette on a working group mailing list.

Kirikos claims there’s a “campaign of intimidation” against him by fellow volunteers who do not agree with his opinions and forthright tone, but that he “has not done anything wrong”.

In response, ICANN CEO Goran Marby this evening revealed that he has assigned his general counsel and new deputy, John Jeffrey, to the case.

Even by ICANN standards, it’s a textbook case of a) manufacturing mountains out of molehills, and b) how it can become almost impossible to communicate like sensible human beings when everyone’s tangled in red tape.

The dispute started back in May, when Kirikos got into a fight with IP lawyer Greg Shatan on the mailing list of the Rights Protection Mechanisms working group.

Both men are volunteers on the group, which seeks to refine ICANN policy protecting trademark owners in gTLDs.

The argument was about the content of a World Intellectual Property Organization web page listing instances of UDRP cases being challenged in court.

Kirikos took a strident tone, to which Shatan took exception.

Shatan then reported Kirikos to the working group’s co-chairs, claiming a breach of the Expected Standards of Behavior — the informal code of conduct designed to prevent every ICANN discussion turning into a flame war and/or bare-knuckle alley fight.

Under GNSO PDP rules, working group volunteers have to agree to abide by the ESB. Group chairs have the ability to kick participants who repeatedly offend.

At this point, the sensible thing to do would have been for Shatan and Kirikos to hug it out and move on.

But this is ICANN.

What actually happened was a pointless procedural back-and-forth between Kirikos, Shatan, and working group chairs Phil Corwin of Verisign and Brian Beckham of WIPO, which resulted in Kirikos hiring two lawyers — Andrew Bernstein of Torys and regular ICANN participant Robin Gross of IP Justice.

It’s believed to be the first time a WG participant has hired counsel over a mailing list argument.

Far too boring to recount here, Corwin’s timeline of events can be found from page 24 of this transcript (pdf) of remarks delivered here in Barcelona during ICANN 63, while the Bernstein/Kirikos timeline can be found here (pdf).

The rub of it is that Kirikos reckons both Corwin and Beckham are biased against him — Beckham because Kirikos voted against his chairship, Corwin because of a similar dispute in a related working group earlier this year — and that the ESB is unenforceable anyway.

According to Bernstein: “Mr. Kirikos has strong concerns that whatever process ICANN purports to operate with respect to Mr. Shatan’s complaint, it will not be fairly or neutrally adjudicated.”

He added that Kirikos had said that “due to the precise language of Section 3.4 of the Working Group Guidelines, Mr. Shatan lacked a basis to initiate any complaint”.

That language allows complaints to be filed if the ESB is “abused”. According to Corwin’s account, Kirikos — well-known as a detail-oriented ICANN critic — reckons the correct term should be “violated”, which rendered the ESB “null and void and unenforceable” in this instance.

Bernstein has since added that the ICANN board of directors never intended the ESB to be anything but voluntary.

The sum of this appears to be that the dispute has had a chilling effect on the RPM working group’s ability to get anything done, consuming much of its co-chairs’ time.

Kirikos lawyering up seems to have compounded this effect.

Now, as ICANN 63 drew to a close this evening, CEO Marby said in a brief prepared statement that the WG’s work has “more or less stalled for the last several months” and that he’s assigned general counsel John Jeffrey to “look into the issues surrounding this matter”.

ICANN “takes the issue very seriously”, he said.

As well it might. The Kirikos/Shatan incident may have been blown waaaaay out of proportion, but at its core is a serious question about civil discourse in ICANN policy-making.

Personally, I hold out hope it’s not too late for everyone to hug it out and move on.

But this is ICANN.

It’s Drazek vs Dammak for GNSO Council chair

Kevin Murphy, September 28, 2018, Domain Policy

The chair of ICANN’s Generic Names Supporting Organization Council is contested this year, with a registry veep facing off against a software engineer.

The nomination from the contracted parties house is US-based Keith Drazek, Verisign’s VP of policy and government relations.

He’ll be opposed by non-contracted parties nominee and current vice-chair Rafik Dammak, a Tunisian working as a software engineer for NTT Communications (which is technically a contracted party due its dot-brand gTLD) in Japan.

Both men are long-time, active members of the ICANN community and GNSO.

The Council will pick its new chair about a month from now at the ICANN 63 meeting in Barcelona.

The winner will replace lawyer Heather Forrest, the non-contracted party who took the seat after an unopposed vote a year ago.

Is the new Whois policy group already doomed to fail?

Kevin Murphy, July 24, 2018, Domain Policy

ICANN’s Generic Names Supporting Organization has set itself extremely aggressive, some might say impossible, targets for its emergency Whois policy work.

The GNSO Council on Thursday approved the charter for a new working group that will attempt to come up with a consensus policy for how to amend the Whois system in light of the EU’s General Data Protection Regulation.

But the vote was not unanimous — three of the six Non-Commercial Stakeholder Group councilors abstained largely because they think intellectual property interests have managed to capture the discussion before it has begun.

The three abstentions were independent consultant Ayden Ferdeline, cybersecurity policy researcher Tatiana Tropina, and privacy consultant Stephanie Perrin.

Tropina said during the Thursday meeting: “I cannot vote ‘yes’ for a document that in my opinion has parts that are not properly worded and, instead of setting the scope of the EPDP [Expedited Policy Development Process] work, set up multiple possibilities to get the work sidetracked.”

She and Ferdeline pointed specifically to section J of the approved charter (pdf), which addresses “reasonable access” to non-public Whois data.

This is the part of the policy work that will decide whether, and to what extent, entities such as trademark owners and cybersecurity researchers will be able to peek behind the curtain of post-GDPR personal data redactions and see who actually owns domain names.

There are several “gating” questions that the working group must answer before it gets to J, however, such as: what data should be collected by registrars, how data transfer to registries should be handled, and are the reasons for this data to be collected all valid?

But when it comes to section J, the abstaining NCSG councilors reckon that the Intellectual Property Community has managed to sneak in the notion that its members should get access to private data as a fait accompli. Section J reads in part:

What framework(s) for disclosure could be used to address (i) issues involving abuse of domain name registrations, including but not limited to consumer protection, investigation of cybercrime, DNS abuse and intellectual property protection, (ii) addressing appropriate law enforcement needs, and (iii) provide access to registration data based on legitimate interests not outweighed by the fundamental rights of relevant data subjects?

Ferdeline said in his abstention:

I believe that Section J includes, first and foremost, questions that unnecessarily expand the scope of this EPDP and put perceived answers — rather than genuine, open ended questions — into this important document. Overall I think this section of the charter’s scope is unnecessary and will not allow the EPDP team to complete their work in a timely manner.

Tropina said J “poses the questions that, first of all, imply by default that issues related to intellectual property protection and consumer protection require the disclosure of personal data”, adding that she was bewildered that IP interests had been lumped in with security concerns:

This wording fails me: as I am criminal lawyer working in the field of frameworks for cybercrime investigation, I do not see why cybercrime investigations are separated from law enforcement needs and go to the same basket with intellectual property protection as they are on a completely different level of legitimate demands

In short, the newly approved EPDP charter has been framed in such a way as to make discussions extremely fractious from the outset, pitting privacy interests against those of the trademark lobby on some of the most divisive wedge issues.

This is problematic given that the working group has an extremely aggressive schedule — its members have not yet even been named and yet it expects to produce its Initial Report shortly after ICANN 63, which ends October 25 this year.

It’s an absurdly short space of time to resolve questions that have dogged ICANN for almost two decades.

Will this pressure to come to agreement against the clock work in favor of the trademark community, or will it doom the policy-making process to deadlock?

Attempting to steer the WG through this minefield will be Kurt Pritz, who was confirmed by the Council as its neutral chair on Thursday, as DI first reported a week ago.

The make-up of the group has also proved contentious.

While it is a GNSO process that would lead to a Consensus Policy binding on all gTLD registries and registrars, the decision has been made to bring in voices from other areas of the community, such as the Country Code Names Supporting Organization, which will not be directly affected by the resulting policy.

There will be 29 members in total, not counting the non-voting chair.

The GNSO gets 18 of these seats at the table, comprising: three registries, three registrars, two IPC members, two ISPs, two Business Constituency members, six NCSG members (which, I imagine would be split between the privacy-focused NCUC and more IP-friendly NPOC).

But also joining the group on an equal footing will be two members of the Root Server System Advisory Committee (I’ve no idea why), two from the Security and Stability Advisory Committee, two from the ccNSO, two from the At-Large Advisory Committee and three from the Governmental Advisory Committee.

The actual individuals filling these seats will be named by their respective constituencies in the next few days, ahead of the first WG meeting July 30.

It has been said that these people could expect to devote north of 30 hours a week (unpaid of course, though any necessary travel will be comp’d) to the discussions.

Pritz to be named chair of Whois group

Kevin Murphy, July 16, 2018, Domain Policy

Former ICANN senior vice president Kurt Pritz is expected to be named chair of the group tasked with reforming Whois in the post-GDPR world.

Sources familiar with the situation tell DI that Pritz was selected from three candidates who put themselves forward for the grueling policy-making task.

I’m told that choice was made by GNSO Council’s leadership and selection committee (minus Pritz’s wife, Donna Austin, who recused herself) and will have to be confirmed by the full Council when it meets this Thursday.

Pritz would chair the GNSO’s first-ever Expedited Policy Development Process working group, which is expected to provide an ICANN community response to ICANN org’s recent, top-down Temporary Specification for Whois.

The Temp Spec, written by ICANN in response to the GDPR privacy law, is the thing that is contractually forcing all gTLD registries and registrars to redact personal information from their public Whois records.

Because it’s temporary, it will expire May 24 next year, one year after it came into effect.

The EPDP will put the force of community consensus behind the policy that replaces it, but it’s unlikely to differ a great deal from the Temp Spec, so it would be unwise to get your hopes up that Whois will return to pre-GDPR levels of accessibility — ICANN policy cannot overrule the law.

The EPDP chair’s job is expected to be extremely taxing. During the recent ICANN meeting in Panama, it was said that regular, non-chair working group members could be expected to commit as much as 30 hours a week to the project.

ICANN expects that the EPDP’s core work should be complete before ICANN 63, which begins October 20, with its final report due next February.

Given that the ICANN community has failed to come to much consensus on anything Whois related for two decades, these are extremely aggressive targets.

To maintain focus, the EPDP group is going to be kept relatively small, but there’s still bickering about the make-up of the group, with non-commercial interests upset the commercial side of house is getting more representation.

The chair’s role was therefore potentially controversial — neutrality was seen as a key quality when ICANN advertised the gig a couple of weeks ago.

Pritz currently works for the .art new gTLD registry operator UK Creative Ideas, so technically he would be in the Registries Stakeholder Group.

But he’s also one of the key architects of the new gTLD program, ICANN’s point man on the application process before his resignation in late 2012, so he has extensive experience herding cats in a relatively neutral way.

Since then, he’s had stints as a consultant and as executive director of the Domain Name Association.