ICANN apologizes for gTLD privacy snafu

ICANN’s top brass have sent personal apologies to the people whose home addresses were exposed when it published their new gTLD applications last week.

The organization blamed “human error” and said it is now conducting an “investigation” to figure out what went wrong.

The note, which is signed by CEO Rod Beckstrom, chairman Steve Crocker, and COO Akram Atallah, reads:

Dear [name of the affected executive],

On behalf of ICANN, we want to personally apologize for our error in exposing your postal address on the TLD Application website. This was a human error, and we have corrected it. We are conducting an internal investigation in order to learn from this mistake and to ensure that it does not happen again.

In the meantime, please be assured that the New Generic Top-level Domain Program remains on track. We are moving ahead with the screening and evaluation of applications, and returning to our shared goal of bringing competition and choice to the Internet’s domain name space.

We are committed to serving you to the very best of our ability and to ensuring the integrity of the New gTLD Program. If you have questions or concerns, please don’t hesitate to reach out to us directly.



As I blogged last week, ICANN accidentally neglected to redact the home addresses of many applicants’ named primary and secondary contacts when it published all 1,930 applications last week.

It has since removed the offending information.

The stupidest gTLD applications I’ve seen so far

Who the hell advised these guys?

Mitek USA, a maker of prefabricated building components (hinges, brackets, etc), has applied for four new generic top-level domains with the shoddiest applications I’ve seen so far.

For pretty much every question that requires any thought to answer, the company has simply replied “TLD will not be resold. Purchased for brand protection only.”

The phrase appears 13 times in each of the four applications.

The applications — for .mitek, .connectors, .sapphire (a brand) and .mii — therefore all appear to be a colossal waste of money.

With no answers to any technical questions beyond “TLD will not be resold. Purchased for brand protection only”, there’s no way they can pass the technical portion of the Initial Evaluation.

The bids, therefore, are completely useless. Even if the strings had been contended (they’re not), there’s no advantage to having a horse in the race if it’s guaranteed to fall at the first fence.

I ask again: who the hell advised these guys?

The registry back-end market numbers are in

The top five registry back-end providers account for almost 72% of all new generic top-level domain applications, according to DI’s preliminary numbers.

Neustar, Demand Media, Afilias, Verisign and ARI Registry Services take the top five spots in our new market share league table (see below).

Thirty-eight companies are listed as back-end providers (including those that plan to self-host their gTLDs) according to our initial analysis of ICANN’s 1,930 applications.

Big portfolio applicants obviously skew the numbers significantly.

All of the 101 applications naming Google as the back-end are from Google’s own subsidiaries, and Amazon’s 76 bids are responsible for Neustar’s position at the top of the table.

Likewise, more than 300 of Demand Media’s strings are associated with one client, Donuts, and 54 of Internet Systems Consortium’s 58 are from Uniregistry, the new Frank Schilling venture.

ARI (.au) is the most successful back-end from the ccTLD world, with 160 applications, followed by Minds + Machines (.fm) with 91, CentralNic (.la) with 60 and Afnic (.fr) with 17.

Demand Media33417.31
ARI Registry Services1608.29
Minds + Machines874.50
GMO Registry271.40
Go Daddy30.16
Smart Communications10.05
Commercial Connect10.05
Thai Name Server Co10.05
NIC Mexico10.05

The four N/A applications on the list were all filed by the same poorly advised applicant.

Some numbers differ slightly from what the respective companies announced. In some cases this could be accounted for by applicants withdrawing bids before Reveal Day.

The data above was generated semi-automatically from the DI PRO New gTLD Application Database, which matches each application to its back-end, and is preliminary in nature.

A full report will follow in due course.

UPDATE (June 19): Three applications originally assigned to KSRegistry have now been reassigned to Registry.net.

UPDATE (June 20): Four applications originally assigned to Minds + Machines have been reassigned to Neustar.

DI launches new gTLD application tracker with built-in string similarity checker

Kevin Murphy, June 15, 2012, Domain Tech

I’m excited to announce the launch of a comprehensive new gTLD application tracking service, featuring a unique built-in string similarity checker, right here on DI.

The service will provide the foundation for all of DI’s new gTLD program analysis over the coming months and years, and is designed to bring together all the best information about each application under one roof.

DI PRO subscribers can start playing with it now here.

All 1,930 applications can currently be searched and sorted by applicant, string, back-end registry provider, and status.

New gTLD application database

Users can also cross-reference applications in contention sets and read salient extracts from each application.

The gTLD application database will shortly be linked to the existing PROfile service, meaning DI PRO subscribers will have access to a database of over 3,000 domain name industry companies.

More features and bid-by-bid analysis will be added as the program progresses, but the feature I’m most excited about today is the string similarity checker, which is already built into every application profile.

This tool checks for visual and phonetic similarity with other applications, existing gTLDs and ccTLDs, as well as strings that are specially protected by the ICANN Applicant Guidebook.

Semantic similarity functionality will be added in the next few days.

Similarity is important for two reasons:

1) the String Similarity Panel, which will create new contention sets based on similar but not identical strings in a couple of months, and

2) the String Confusion Objection, which enables applicants to force rivals into the same contention set based on visual, aural or semantic similarity.

In testing, it’s already thrown up some possible future objections and contention sets that I had not previously considered, and early beta testers — applicants themselves — tell me they think it’s fantastic.

Here’s a screenshot from one of the .sex applications, to give you a taste.

New gTLD Database

Note that, unfortunately, the string similarity feature does not currently support the relatively small number of IDN string applications.

If you’re not already a DI PRO subscriber, you can sign up instantly here using PayPal. If you have any questions about the service, please email subs@domainincite.com.

ICANN takes down gTLD apps after revealing applicants’ home addresses

Kevin Murphy, June 14, 2012, Domain Policy

ICANN has temporarily blocked access to its newly revealed new gTLD applications after accidentally publishing the home addresses of many applicants.

Some applicants noticed today that the personal contact information of their named primary and secondary contacts had been published during yesterday’s Big Reveal.

In many cases this included these employees’ home addresses, despite the fact that the Applicant Guidebook specifically states that this information would not be published.

After being notified of the snafu by DI, ICANN confirmed that the addresses were published by mistake.

It’s taken down all the applications and will republish them later with the private data removed.

“This was an oversight and the files have been pulled down,” ICANN’s manager of gTLD communications Michele Jourdan said. “We are working on bringing them back up again without this information.”

It’s another big data leakage embarrassment for ICANN, following the recent outage caused by the TLD Application System bug.

It’s not likely to win ICANN any friends in the dot-brand community, where ICANN’s demands for background information on applicants’ directors caused huge procedural problems for many companies.

For applicants for controversial gTLDs, the revelation of this private data may carry its own set of risks.