ICANN has sent breach notices to 10 domain name registrars for failing to respond to its ongoing contract compliance audit.
The 10 registrars with breach notices are: Crosscert, Mat Bao, DomainsToBeSeen.com, USA Webhost, Internet NAYANA Inc, Cheapies.com, Domainmonger.com, Lime Labs, Namevault.com, and Power Brand Center.
According to ICANN, these registrars failed to provide the requested documentation as required by their Registrar Accreditation Agreement.
The Contractual Compliance Audit Program is a proactive three-year effort to check that all registries and registrars are abiding by the terms of their agreements.
ICANN selected 317 registrars at random for the first year of the program. As of January 4, 22 had not responded to these notices.
Only registrars signed up to the 2009 version of the RAA are contractually obliged to respond.
Verisign, which was one of six gTLD registries selected to participate this year, has controversially refused to let ICANN audit .net, saying it is not obliged to do so.
While the .net contract does have some audit requirements, we understand they’re not as wide-ranging as ICANN’s audit envisages.
The 10 registrars have been given until February 1 to provide ICANN with the necessary information or risk losing their accreditations.
New gTLD applicants could barely disguise their anger tonight, after learning that ICANN has delayed a key deliverable in the new gTLD program — originally due in October — until March.
On a webinar this evening, program manager Christine Willett told applicants that the string similarity analysis due on all 1,917 remaining bids is not expected to be ready until March 1.
The analysis, which will decide which “contention sets” applications are in — whether .hotel must fight it out with .hotels and .hoteis, for example — had already been delayed four times.
The reasons given for the latest delay were fuzzy, to put it mildly.
Willett said that ICANN has concerns about the “clarity and consistency of the process” being used by the evaluation panel — managed by InterConnect Communications and University College London.
Under some very assertive questioning by applicants — several of which branded the continued delays “unacceptable” — Willett said:
When you don’t have a consistent process, or there are questions about the process that is followed, it invariably would put into question the results that would come out of that process…
I don’t want to publish contention sets and string similarity results that I can’t stand behind, that ICANN cannot explain, and that only frustrate and potentially affect the forward progress of the program.
It sounded to some applicants rather like ICANN has seen some preliminary string similarity results that it wasn’t happy with, but Willett repeatedly said that this was not the case.
It’s also not clear whether the pricey yet derided Sword algorithm for determining string similarity has had any bearing on the hold-ups.
One of the reasons that applicants are so pissed at the latest delay is that it presents a very real risk of also delaying later stages of the evaluation, and thus time to market.
Willett admitted that the remaining steps of the program — such as objections and contention resolution — are reliant on the publication of string similarity results.
“I am quite confident we will have results on string similarity by March 1,” she said. “We need to publish contention sets — we need to publish string similarity results — by March 1 in order to maintain the timeline for the rest of the program.”
March 1 is worryingly close to the March 13 deadline for filing objections, including the String Confusion Objection, which can be used by applicants to attempt to pull others into their contention sets.
Just 12 days is a pretty tight deadline for drafting and filing an objection, raising the possibility that the objection deadline will be moved again — something intellectual property interests would no doubt welcome.
The IP community is already extremely irked — understandably — by the fact that they’re being asked to file objections before they even know if an application has passed its Initial Evaluation, and will no doubt jump on these latest developments as a reason to further extend the objection window. Some applicants may even agree.
ICANN has just published a paper that attempts to frame what is policy and what is implementation. Now, if you’re a normal person, your natural response would be “who cares?”.
But if you’re an Icannite, chances are you’re already in a bit of a state. Because the question of what, within the ICANN decision-making process constitutes policy development, and what should be considered implementation of policies that have already been developed, is one that has grown contentious indeed in recent times.
The theory behind ICANN is that it works by bringing together groups of people from various backgrounds or with various interests and then waiting until they all take a decision. That can then become part of the sets of official guidelines that govern the way the Internet’s addressing and numbering system works.
In this obvious oversimplification of the ICANN model, the group of people are called stakeholders and the decisions they take are policies. The way they arrive at those decisions goes by the sweet name of “bottom-up, consensus-driven, policy development process”.
This is what makes ICANN such a unique governance body. One that (in theory) takes into account the opinions and inputs of all interested parties.
It is designed to prevent one view from dominating all others, be it the opinion of industry insiders, politicians or even free-speech advocates — all groups with legitimate interests, but all groups that, when they find themselves in the ICANN fish pond, have to listen to the other fish.
Except that they don’t always want to. And in recent years, as the pressure on the ICANN model has increased because of the new gTLD program, there have been several occasions when some thought it would be better to cut through (or go around) the policy development process to get things done.
This is where the policy versus implementation debate comes from. It’s a boring one to most balanced human beings, but a crucial one for those who rate ICANN and the work that goes on there as a major interest.
The new staff paper is a welcome initiative by ICANN to try and make real progress on a debate that has, up until now, simply exacerbated tensions within the ICANN community.
It’s a first step. A kind of “state of play” view of what can at present be considered policy within the ICANN system, and a first attempt at separating that from implementation.
It’s only eight pages long (and if that seems long to you, believe me, as far as ICANN papers go, this is the equivalent of a 140-character tweet), but if you can’t be bothered to read it, I’ll break it down for you in just one word: complexity.
A first step towards much needed simplification
The real issue behind this debate is the overly complex thing that ICANN has become. Don’t agree? Even though staff need to write an eight-page report just to help everyone, including themselves, understand what “policy” means?
Read the paper and marvel at the number of different processes that could be termed policy within ICANN, including something called “little p policies”, as opposed to “Capital P Policies”. Then there’s “formal policies”, “operational policies” and even “consensus policies”.
Just in setting that scene, the staff paper is useful!
Let’s hope it leads all ICANN stakeholders to the clear realization that this can’t go on any longer. ICANN must simplify its processes so that there is no longer a need to spend time and energy splitting hairs on deciding things like: when in the ICANN universe is policy making actually making policy, and when is it implementing policies that have already been made?
This is a guest post by domain name industry consultant Stephane Van Gelder of Stephane Van Gelder Consulting. He has served as chair of the GNSO Council and is currently a member of ICANN’s Nominating Committee.
ICANN chairman Steve Crocker has clarified comments made during a recent interview in which he said he expected new gTLDs to be delegated “towards the end of the year”.
Crocker told DI today that ICANN plans to put new gTLDs into the root “as quickly as possible” and “hopefully by the middle of the year”.
In response to our blog post yesterday, he said in an email:
What I wanted to convey was that by the end of the year I hope we will have seen the effects of some of the first new gTLDs delegated into the root. I didn’t mean to suggest that those first delegations wouldn’t happen until the end of the year. We are working aggressively toward our goal of delegating some of the first new gTLDs as quickly as possible, hopefully by the middle of this year. Instead, I was looking beyond the instant the strings enter the root to the time when the community will be able to see the effects.
So, there you have it.
Verisign has delivered a significant blow to ICANN’s authority by refusing to take part in its contractual compliance audit program.
The snub runs a risk of scuppering ICANN’s plans to make compliance a cornerstone of its new management’s strategy.
In a letter to ICANN’s compliance department this week, Verisign senior vice president Pat Kane said that the company has no obligation to submit to an audit of .net under its ICANN contract.
Verisign has no contractual obligations under its .net Registry Agreement with ICANN to comply with the proposed audit. Absent such express contractual obligations, Verisign will not submit itself to an audit by or at the direction of ICANN of its books and records.
The company is basically refusing to take part in ICANN’s Contractual Compliance Audit Program, a proactive three-year plan to make sure all gTLD registries and accredited registrars are sticking to their contracts.
For registries, the plan calls for ICANN to look at things like compliance with Whois, zone file access, data escrow, monthly reporting, and other policies outlined in the registry agreements.
Verisign isn’t necessarily admitting that it thinks it would not pass the .net audit, but it is sending a strong signal that it believes ICANN’s authority over it has limits.
In the program’s FAQ, ICANN admits that it does not have explicit audit rights over all contracted parties, stating:
What’s the basis for including all contracted parties, when the ‘Right to Audit’ clause isn’t present in 2001 RAA and Registry Agreements?
One of ICANN’s responsibilities is to conduct audits of its agreements in order to ensure that all contracted parties are in compliance with those agreements.
If Verisign is refusing to participate, other registries may decide they don’t want to cooperate either. That wouldn’t look good for ICANN, which has made compliance a key strategic priority.
When Fadi Chehade started as CEO last September, one of his first moves was to promote compliance boss Maguy Serad to vice president, reporting directly to him.
He told DI that he would be “bringing a lot more weight and a lot more independent management from my office to the compliance function”.
At his inaugural address to the community in Prague last June, he spoke of how he planned to bring IBM-style contract management prowess to ICANN.
Compliance is also a frequently raised concern of the Governmental Advisory Committee (though generally geared toward rogue registrars rather than registries).