Latest news of the domain name industry

Recent Posts

ICANN picks Madrid for next gTLD industry meeting

Kevin Murphy, December 9, 2016, Domain Policy

ICANN’s Global Domains Division has invited the domain industry to Madrid for next year’s GDD Industry Summit.

The meeting will be held at the drably named NH Collection Madrid Eurobuilding hotel from May 8 to 11 2017.

The timing may be fortuitous for intercontinental travelers — it ends just a couple of days before the Domaining Europe event starts in Berlin, which is just a short flight away.

ICANN summits are intersessional meetings dedicated to particular constituencies within the ICANN community. The GDD Industry Summit caters to registries, registrars and others in the business of selling gTLD domains.

They’re less formal that ICANN’s regular public meetings, designed to enable engagement between participants and between participants and ICANN staff.

The 2016 meeting was held in Amsterdam this June, attracting about 400 attendees.

ICANN’s formal public meetings next year are slated for Copenhagen (March), Johannesburg (June) and Abu Dhabi (October).

ICANN 57 brings in thousands of noobs

Kevin Murphy, December 7, 2016, Domain Policy

ICANN 57 set new records in terms of attendance, with a large majority of participants total newbies who’d never been to an ICANN meeting before.

The meeting, held in Hyderabad, India last month, had 3,182 attendees, and first-timers outnumbered veterans over two-to-one.

The previous record was 3,115 total participants, set at ICANN 50 in London two years ago.

Over two thirds of participants — 2,180 people or 68% of the total — were noobs, according to ICANN statistics released last night (pdf).

That compares to 344 newcomers at the abbreviated June meeting in Helsinki.

The massive turnout in November appears to be due to huge local interest.

Over 72% of attendees — 2,306 people — were from the Asia-Pacific region. ICANN does not break down attendance by nationality, but I suspect the large majority will have been Indian.

Only 200 people from Asia-Pac showed up in Helsinki.

Of the Asia-Pacific participants in Hyderabad, 2,056 were first-time attendees.

For context, there were hundreds more first-time Asia-Pac participants in Hyderabad than there were total attendees at the Helsinki meeting, when 1,436 people showed up.

There were also slightly more Asia-Pac attendees at ICANN 57 than total attendees at ICANN 55 in Marrakech this March.

The significant local interest appears to have tilted the gender balance in favor of men, who represented 74% of the total. Women were 20%. The remainder did not disclose their sex.

That compares to 61% and 32% in Helsinki.

UPDATE: This story was updated with better gender mix data a few hours after publication.

DropCatch spends millions to buy FIVE HUNDRED more registrars

Kevin Murphy, December 2, 2016, Domain Registrars

Domain drop-catching service DropCatch.com has added five hundred new registrar accreditations to its stable over the last few days.

The additions give the company a total accreditation count of at least 1,252, according to DI data.

That means about 43% of all ICANN-accredited registrars are now controlled by just one company.

DropCatch is owned by TurnCommerce, which is also parent of registrar NameBright and premium sales site HugeDomains.

Because gTLD registries rate-limit attempts to register names, drop-catchers such as DropCatch find a good way to increase their chances of registering expiring names is to own as many registrars as possible.

DropCatch is in an arms race here with Web.com, owner of SnapNames and half-owner of NameJet, which has about 500 registrars.

The new accreditations would have cost DropCatch $1.75 million in ICANN application fees alone. They will add $2 million a year to its running costs in terms of extra fixed fees.

That’s not counting the cost of creating 500 brand new LLC companies — named in the new batch DropCatch.com [number] LLC where the number ranges from 1046 to 1545 — each of which is there purely for the purpose of owning the accreditation.

In total, the company is now paying ICANN fixed annual fees in excess of $5 million, not counting its variable fees and per-transaction fees.

Because the ICANN variable fee is split evenly between all registrars (with some exceptions I don’t think apply to DropCatch), I believe the addition of 500 new registrars means all the other registrars will be paying less in variable fees.

There’s clearly money to be made in expiring names.

Donuts loses $22.5m .web lawsuit as judge rules gTLD applicants cannot sue

Kevin Murphy, November 30, 2016, Domain Registries

The promise not to sue ICANN that all new gTLD applicants made when they applied is legally enforceable, a California judge has ruled.

Judge Percy Anderson on Monday threw out Donuts’ lawsuit against ICANN over the controversial $135 million .web auction, saying the “covenant not to sue bars Plaintiff’s entire action”.

He wrote that he “does not find persuasive” an earlier and contrary ruling in the case of DotConnectAfrica v ICANN, a case that is still ongoing.

Donuts sued ICANN at first to prevent the .web auction going ahead.

The registry, and other .web applicants, were concerned that ultimately successful bidder Nu Dot Co was being covertly bankrolled by Verisign, which turned out to be completely correct.

Donuts argued that ICANN failed to adequately vet NDC to uncover its secret sugar daddy. It wanted $22.5 million from ICANN — roughly what it would have received if the auction had been privately managed, rather than run by ICANN.

But the judge ruled that Donuts’ covenant not to sue is enforceable. Because of that, he made no judgement on the merits of Donuts’ arguments.

Under the relevant law, Donuts had to show that the applicant contract was “unconscionable” both “procedurally” and “substantively”.

Basically, the question for the judge was: was the contract unfairly one-sided?

The judge ruled (pdf) that it was not substantively unconscionable and “only minimally procedurally unconscionable”. In other words: a bit crap, but not illegal.

He put a lot of weight on the fact that the new gTLD program was designed largely by the ICANN community and on Donuts’ business “sophistication”. He wrote:

Without the covenant not to sue, any frustrated applicant could, through the filing of a lawsuit, derail the entire system developed by ICANN to process applications for gTLDs. ICANN and frustrated applicants do not bear this potential harm equally. This alone establishes the reasonableness of the covenant not to sue.

Donuts VP Jon Nevett said in a statement yesterday that the fight over .web is not over:

Donuts disagrees with the Court’s decision that ICANN’s required covenant not to sue, while being unconscionable, was not sufficiently unconscionable to be struck down as a matter of law. It is unfortunate that the auction process for .WEB was mired in a lack of transparency and anti-competitive behavior. ICANN, in its haste to proceed to auction, performed only a slapdash investigation and deprived the applicants of the right to fairly compete for .WEB in accordance with the very procedures ICANN demanded of applicants. Donuts will continue to utilize the tools at its disposal to address this procedural failure.

It looks rather like we could be looking at an Independent Review Process filing, possibly the first to be filed under ICANN’s new post-transition rules.

Donuts and ICANN are already in the Cooperative Engagement Process — the mediation phase that usually precedes an IRP — with regards .web.

Second-placed bidder Afilias is also putting pressure on ICANN to overturn the results of the auction, resulting in a bit of a public bunfight with Verisign.

TL;DR — don’t expect to be able to buy .web domains for quite a while to come.

Privacy risk under new domain transfer policy

Kevin Murphy, November 30, 2016, Domain Registrars

ICANN’s new domain Transfer Policy, which comes into effect tomorrow, creates risks for users of privacy/proxy services, registrars and others haved warned.

The policy could lead to private registrants having their contact information published in the public Whois for 60 days, the GNSO Council expects to formally tell ICANN this week.

“This could threaten privacy for at-risk registrants without clear benefit,” the Council says in a draft letter to the ICANN board.

The revised Transfer Policy was designed to help prevent domain hijacking.

The main change is that whenever there’s a “change of registrant”, the gaining and losing registrants both have to respond to confirmation emails before the change is processed.

However, “change of registrant” is defined in such a way that the confirmation emails would be triggered even if the registrant has not changed.

For example, if you change your last name in your Whois records due to marriage or divorce, or if you change email addresses, that counts as a change of registrant.

It now turns out that ICANN considers turning a privacy service on or off as a change of registrant, even though that only affects the public Whois data and not the underlying customer data held by the registrar.

The GNSO Council’s draft letter states:

ICANN has advised that any change to the public whois records is considered a change of registrant that is subject to the process defined through IRTP-C. Thus, turning a P/P service on or off is, from ICANN’s view, a change of registrant. It requires the CoR [change of registrant] process to be followed and more importantly could result in a registrant exposing his/her information in the public whois for 60 days. This could threaten privacy for at-risk registrants without clear benefit.

My understanding is that the exposure risk outlined here would only be to registrants who attempt to turn on privacy at their registrar then for whatever reason ignore, do not see or do not understand the subsequent confirmation emails.

Depending on implementation, it could lead to customers paying for a privacy service and not actually receiving privacy.

On the other side of the coin, it’s possible that an actual change in registrant might not trigger the CoR process if both gaining and losing registrants both use the same privacy service and therefore have identical Whois records.

The Council letter also warns about a possible increase in spam due to the changes:

many P/P services regularly generate new email addresses for domains in an effort to reduce spam. This procedure would no longer be possible, and registrants may be subject to unwanted messaging. Implementing the CoR for email changes that some providers do as often as every 3-5 days is not feasible.

ICANN has been aware of these issues for months. Its suggested solution is for registrars to make themselves the “Designated Agent” — a middleman permitted to authorize transfers — for all of their customers.

As we reported earlier this week, many large registrars are already doing this.

But registrars and the GNSO Council want ICANN to consider reinterpreting the new policy to exclude privacy/proxy services until a more formal GNSO policy can be created.

While the Policy Development Process that created the revised transfer rules wound up earlier this year, a separate PDP devoted to creating rules of privacy/proxy services is still active.

The Council suggests that this working group, known as PPSAI, could assume the responsibility of clearing up the mess.

In the meantime, registrars are rather keen that they will not get hit with breach notices by ICANN Compliance for failing to properly implement to what seems to be a complex policy.