Latest news of the domain name industry

Recent Posts

.music and .gay possible in 2018 after probe finds no impropriety

Kevin Murphy, January 2, 2018, Domain Policy

Five more new gTLDs could see the light of day in 2018 after a probe into ICANN’s handling of “community” applications found no wrongdoing.

The long-running investigation, carried out by FTI Consulting on ICANN’s behalf, found no evidence to support suspicions that ICANN staff had been secretly and inappropriately pulling the strings of Community Priority Evaluations.

CPEs, carried out by the Economist Intelligence Unit, were a way for new gTLD applicants purporting to represent genuine communities to avoid expensive auctions with rival applicants.

Some applicants that failed to meet the stringent “community” criteria imposed by the CPE process appealed their adverse decisions and an Independent Review Process complaint filed by Dot Registry led to ICANN getting crucified for a lack of transparency.

While the IRP panel found some hints that ICANN staff had been nudging EIU’s arm when it came to drafting the CPE decisions, the FTI investigation has found:

there is no evidence that ICANN organization had any undue influence on the CPE Provider with respect to the CPE reports issued by the CPE Provider or engaged in any impropriety in the CPE process.

FTI had access to emails between EIU and ICANN, as well as ICANN internal emails, but it did not have access to EIU internal emails, which EIU declined to provide. It did have access to EIU’s internal documents used to draft the reports, however.

Its report states:

Based on FTI’s review of email communications provided by ICANN organization, FTI found no evidence that ICANN organization had any undue influence on the CPE reports or engaged in any impropriety in the CPE process. FTI found that the vast majority of the emails were administrative in nature and did not concern the substance or the content of the CPE results. Of the small number of emails that did discuss substance, none suggested that ICANN acted improperly in the process.

FTI also looked at whether EIU had applied the CPE rules consistently between applications, and found that it did.

It also dug up all the sources of information EIU used (largely Google searches, Wikipedia, and the web pages of relevant community groups) but did not directly cite in its reports.

In short, the FTI reports very probably give ICANN’s board of directors cover to reopen the remaining affected contention sets — .music, .gay, .hotel, .cpa, and .merck — thereby removing a significant barrier to the gTLDs getting auctioned.

If there were to be no further challenges (which, admittedly, seems unlikely), we could see some or all of these strings being sold off and delegated this year.

The probe also covered the CPEs for .llc, .inc and .llp, but these contention sets were resolved with private auctions last September after applicant Dot Registry apparently decided it couldn’t be bothered pursuing the ICANN process any more.

The FTI’s reports can be downloaded from ICANN.

.music and .gay CPE probe could end this month

Kevin Murphy, June 5, 2017, Domain Policy

An ICANN-commissioned investigation into the fairness of its Community Priority Evaluation process for new gTLDs could wind up before the end of June.

In an update Friday, ICANN also finally revealed who is actually conducting the probe, which has been slammed by affected applicants for being secretive.

A tentative timeline sketched out in the update means applicants for gTLDs including .gay and .music could find their applications closer to release from limbo in just a few weeks.

ICANN revealed that FTI Consulting’s Global Risk and Investigations Practice and Technology Practice have been looking into claims ICANN staff meddled in the Economist Intelligence Unit’s supposedly independent CPE reviews for the last several months.

FTI is reviewing how ICANN staff interacted with the EIU during the CPE processes, how the EIU conducted its research and whether the EIU applied the CPE criteria uniformly across different gTLDs.

ICANN said that FTI finished collected material from ICANN in March and hopes to have all the information it has asked the EIU for by the end of this week.

It could deliver its findings to ICANN two weeks after that, ICANN said.

Presumably, there would be little to prevent ICANN publishing these findings very shortly thereafter.

ICANN has been harangued by some of the applicants for .music, .gay, hotel, .cpa, .llc, .inc, .llp and .merck, all of which have been affected by controversial CPE decisions and have been delayed by the investigation, for months.

.gay, .music and others in limbo as ICANN probes itself

Kevin Murphy, May 8, 2017, Domain Policy

Several new gTLD applicants have slammed ICANN for conducting an investigation into its own controversial practices that seems to be as opaque as the practices themselves.

Seven proposed new gTLDs, including the much-anticipated .music and .gay, are currently trapped in ICANN red tape hell as the organization conducts a secretive probe into how its own staff handled Community Priority Evaluations.

The now broad-ranging investigation seems have been going on for over six months but does not appear to have a set deadline for completion.

Applicants affected by the delays don’t know who is conducting the probe, and say they have not been contacted by anyone for their input.

At issue is the CPE process, designed to give genuine “community” gTLD applicants a way to avoid a costly auction in the event that their choice of string was contested.

The results of the roughly 25 CPE decisions, all conducted by the independent Economist Intelligence Unit, were sometimes divergent from each other or just baffling.

Many of the losers complained via ICANN’s in-house Requests for Reconsideration and then Independent Review Process mechanisms.

One such IRP complaint — related to Dot Registry’s .inc, .llc, .llp applications — led to two of the three-person IRP panel deciding last July that ICANN had serious questions to answer about how the CPE process was carried out.

While no evidence was found that ICANN had coached the EIU on scoring, it did emerge that ICANN staff had supplied margin notes to the supposedly independent EIU that had subsequently been incorporated into its final decision.

The IRP panel majority wrote that the EIU “did not act on its own in performing the CPEs” and “ICANN staff was intimately involved in the process”.

A month or so later, the ICANN board of directors passed a resolution calling for the CEO to “undertake an independent review of the process by which ICANN staff interacted with the CPE provider”.

Another month later, in October, the Board Governance Committee broadened the scope of the investigation and asked the EIU to supply it with documents it used to reach its decisions in multiple controversial CPE cases.

A couple of weeks ago, BGC chair Chris Disspain explained all this (pdf) to the applicants for .music, .gay, hotel, .cpa, .llc, .inc, .llp and .merck, all of which are affected by the delay caused by the investigation.

He said that the investigation would be completed “as soon as practicable”.

But in response, Dot Registry and lawyers for fellow failed CPE applicant DotMusic have fired off more letters of complaint to ICANN.

(UPDATE: Dot Registry CEO Shaul Jolles got in touch to say his letter was actually sent before Disspain’s, despite the dates on the letters as published by ICANN suggesting the opposite).

Both applicants note that they have no idea who the independent party investigating the CPEs is. That’s because ICANN hasn’t identified them publicly or privately, and the evaluator has not contacted the applicants for their side of the story.

DotMusic’s lawyer wrote (pdf):

DotMusic’s rights are thus being decided by a process about which it: (1) possesses minimal information; (2) carried out by an individual or organization whose identity ICANN is shielding; (3) whose mandate is secret; (4) whose methods are unknown; and (5) whose report may never be made public by ICANN’s Board.

He added, pointedly:

The exclusion of directly affected parties from participation eerily reproduces the shortcomings of the EIU evaluations that are under scrutiny in the first place.

Dot Registry CEO Shaul Jolles, in his letter (pdf), quoted Disspain saying at a public forum in Copenhagen this March that a blog post addressing the concerns had been drafted and would be published “shortly”, but wasn’t.

He suggested the investigation is “smoke and mirrors” and, along with DotMusic, demanded more information about the investigator’s identity and methods.

It does strike me as a looking a bit like history repeating itself: ICANN comes under fire for non-transparently influencing a supposedly independent review and addresses those criticisms by launching another non-transparent supposedly independent review.

No matter what I feel about the merits of the “community” claims of some of these applicants, it has been over five years now since they submitted their applications and the courtesy of transparency — if closure itself its not yet possible — doesn’t seem like a great deal to ask.

.hotel losers gang up to threaten ICANN with legal bills

Kevin Murphy, August 30, 2016, Domain Registries

The six losing applicants for the .hotel new gTLD are collectively threatening ICANN with a second Independent Review Process action.

Together, they this week filed a Request for Reconsideration with ICANN, challenging its decision earlier this month to allow the Afilias-owned Hotel Top Level Domain Sarl application to go ahead to contracting.

HTLD won a controversial Community Priority Evaluation in 2014, effectively eliminating all rival applicants, but that decision was challenged in an IRP that ICANN ultimately won.

The other applicants think HTLD basically cobbled together a bogus “community” in order to “game” the CPE process and avoid an expensive auction.

Since the IRP decision, the six other applicants — Travel Reservations, Famous Four Media, Radix, Minds + Machines, Donuts and Fegistry — have been arguing that the HTLD application should be thrown out due to the actions of Dirk Krischenowski, a former key executive.

Krischenowski was found by ICANN to have exploited a misconfiguration in its own applicants’ portal to download documents belonging to its competitors that should have been confidential.

But at its August 9 meeting, the ICANN board noted that the timing of the downloads showed that HTLD could not have benefited from the data exposure, and that in any event Krischenowski is no longer involved in the company, and allowed the bid to proceed.

That meant the six other applicants lost the chance to win .hotel at auction and/or make a bunch of cash by losing the auction. They’re not happy about that.

It doesn’t matter that the data breach could not have aided HTLD’s application or its CPE case, they argue, the information revealed could prove a competitive advantage once .hotel goes on sale:

What matters is that the information was accessed with the obvious intent to obtain an unfair advantage over direct competitors. The future registry operator of the .hotel gTLD will compete with other registry operators. In the unlikely event that HTLD were allowed to operate the .hotel gTLD, HTLD would have an unfair advantage over competing registry operators, because of its access to sensitive business information

They also think that HTLD being given .hotel despite having been found “cheating” goes against the spirit of application rules and ICANN’s bylaws.

The RfR (pdf) also draws heavily on the findings of the IRP panel in the unrelated Dot Registry (.llc, .inc, etc) case, which were accepted by the ICANN board also on August 9.

In that case, the panel suggested that the board should conduct more thorough, meaningful reviews of CPE decisions.

It also found that ICANN staff had been “intimately involved” in the preparation of the Dot Registry CPE decision (though not, it should be noted, in the actual scoring) as drafted by the Economist Intelligence Unit.

The .hotel applicants argue that this decision is incompatible with their own IRP, which they lost in February, where the judges found a greater degree of separation between ICANN and the EIU.

Their own IRP panel was given “incomplete and misleading information” about how closely ICANN and the EIU work together, they argue, bringing the decision into doubt.

The RfR strongly hints that another IRP could be in the offing if ICANN fails to cancel HTLD application.

The applicants also want a hearing so they can argue their case in person, and a “substantive review” of the .hotel CPE.

The HTLD application for .hotel is currently “On Hold” while ICANN sorts through the mess.

Afilias set to get .hotel despite hacking claims

Kevin Murphy, August 19, 2016, Domain Registries

Afilias is back on the path to becoming the registry for .hotel, after ICANN decided claims of hacking by a former employee of the applicant did not warrant a rejection.

The ICANN board of directors decided last week that HOTEL Top-Level Domain Sarl, which was recently taken over by Afilias, did not gain any benefit when employee Dirk Krischenowski accessed competing applicants’ confidential documents via an ICANN web site.

Because HTLD had won a Community Priority Evaluation, it should now proceed to contracting, barring any further action from the other six applicants.

ICANN’s board said in its August 9 decision:

ICANN has not uncovered any evidence that: (i) the information Mr. Krischenowski may have obtained as a result of the portal issue was used to support HTLD’s application for .HOTEL; or (ii) any information obtained by Mr. Krischenowski enabled HTLD’s application to prevail in CPE.

It authorized ICANN staff to carry on processing the HTLD application.

The other applicants — Travel Reservations, Famous Four Media, Radix, Minds + Machines, Donuts and Fegistry — had called on ICANN in April to throw out the application, saying that to decline to do so would amount to “acquiescence in criminal acts”.

That’s because an ICANN investigation had discovered that Dirk Krischenowski, who ran a company with an almost 50% stake in HTLD, had downloaded hundreds of confidential documents belonging to competitors.

He did so via ICANN’s new gTLD applicants’ portal, which had been misconfigured to enable anyone to view any attachment from any application.

Krischenowski has consistently denied any wrongdoing, telling DI a few months ago that he simply used the tool that ICANN made available with the understanding that it was working as intended.

ICANN has now decided that because the unauthorized access incidents took place after HTLD had already submitted its CPE application, it could not have gained any benefit from whatever data Krischenowski managed to pull.

The board reasoned:

his searches relating to the .HOTEL Claimants did not occur until 27 March, 29 March and 11 April 2014. Therefore, even assuming that Mr. Krischenowski did obtain confidential information belonging to the .HOTEL Claimants, this would not have had any impact on the CPE process for HTLD’s .HOTEL application. Specifically, whether HTLD’s application met the CPE criteria was based upon the application as submitted in May 2012, or when the last documents amending the application were uploaded by HTLD on 30 August 2013 – all of which occurred before Mr. Krischenowski or his associates accessed any confidential information, which occurred from March 2014 through October 2014. In addition, there is no evidence, or claim by the .HOTEL Claimants, that the CPE Panel had any interaction at all with Mr. Krischenowski or HTLD during the CPE process, which began on 19 February 2014.

The HTLD/Afilias .hotel application is currently still listed on ICANN’s web site as “On Hold” while its rivals are still classified as “Will Not Proceed”.

It might be worth noting here — to people who say ICANN always tries to force contention sets to auction so it possibly makes a bit of cash — that this is an instance of it not doing so.