Latest news of the domain name industry

Recent Posts

Guest post: Pritz on policy vs implementation and the brother-in-law test

Kurt Pritz, July 11, 2013, Domain Policy

A current, important debate in internet governance and operation of the multi-stakeholder model asks: when do the bottom-up policy-making volunteers let go and when do the staff policy implementers take over?

Drawing that line to the satisfaction of everyone seems impossible. That is because there is no bright line — the development and implementation of policy is a task requiring the constant attention and cooperation of policy makers and implementation teams.

Is an ICANN action a policy position? Or is it a mere implementation detail? Labels almost never work, especially one-word labels. Since when are ICANN issues black or white?

We’ve stopped discussing the issues, it is easier to discuss the labels: is it “policy” or “implementation”?

The multi-stakeholder model depends on communication, consideration and collaboration

ICANN has a rich history of its stakeholders butting heads with the Board and both butting heads with the staff: long lines at microphones, speaking in hyperbole, and wringing of hands that the multi-stakeholder model has failed. ICANN also has a rich history of staff-stakeholder collaboration in the formulation of policy and in the implementation of policy.

The initial Inter-Registrar Transfer Policy was little more than a framework. Then a team of ICANN staff and TLD registry operators met over a period of months and developed the implementation model. It really didn’t matter where the policy making ended and the implementation started. There was a resolve that there should be an easy-to-follow way for registrants to transfer names and there was teamwork to get that accomplished.

There are parallels in the “real” world. In 1990, the United States enacted the American with Disabilities Act (ADA). The ADA itself was little more than a framework also: American employers should make “reasonable accommodation” for those with a “disability.” What was a reasonable accommodation? And what qualified as a disability?

Over a period of many years, those questions have been answered through a series of many court cases and regulations. But in 1990 employers were trying to figure that out.

At the time, we worked on developing clear criteria that would let our employees know what was covered by the ADA. After failing at that, we developed an approach to treat employees as you would your brother-in-law. You are deferential to your brother-in-law (because you have to face your sister) but not totally deferential (after all, he is making love to her). You just treat him better than the letter of the law requires.

So when your employee comes up to you and asks for better lighting at his workstation, you don’t try to parse whether you are required to accommodate near-sighted employees. You say, this is my brother-in-law, and I will listen to his request and carefully consider it.

This is how a public participation model works. The stakeholders are not strangers to one another and the model only works if there is mutual trust and respect.

If someone says, “I want to be heard,” she is generally listened to. (That doesn’t mean discussion is never ending. If that same person wants to be heard again, and says the same thing without change, she will be disregarded. If she continually repeats the same demand and content, she will be shunned.)

Policy versus Implementation should be Policy and Implementation

Take the example currently debated. There is a new gTLD policy element (approved in 2009) that states:

Strings must not infringe the existing legal rights of others that are recognized or enforceable under generally accepted and internationally recognized principles of law.

How does one implement that? The implementation of trademark rights protection mechanisms were developed after years of community/staff consultation, “implementability” studies, draft positions, memoranda describing potential solutions and the reasoning behind them, debate, and discussion.

When things were apparently settled, new parties joined the ICANN discussion — they were welcomed as were their opinions. ICANN was richer because there were new participants in the model. New implementation models were written. Finally, there was an indication the discussion was spent. The work was “said and done.”

Then, apparently, not all was said-and-done. After the gTLD program was launched, there were new suggestions and participants. ICANN decided to entertain those ideas. After a round of community feedback, a subset of the new suggestions was recommended by ICANN for inclusion into the implementation plan for new gTLDs.

ICANN’s policy makers, the GNSO, weighed in, agreeing with many of the conclusions but picking one of the recommendations and saying, “we’d like to talk a bit more about this one because we don’t fully understand its implications and effects.” (Unfortunately, the GNSO didn’t say exactly that, it sounded more to me like, “this item is policy and therefore it cannot be implemented without our consensus opinion.”)

Now, if my brother-in-law says he wants to talk about something some more, even if he doesn’t give a good reason, I am ready to indulge him. But ICANN did not indulge the GNSO. Now, we are in a policy versus implementation discussion: what work is the province of policy makers, and the province of implementers? The GNSO is considering ICANN Bylaw changes to ensure they are heeded.

Bylaw changes are not the lynchpin to multi-stakeholder model success. Putting rules in place for how and when to listen never work. There will always be exceptions. (Another whole piece can be written on how the rules governing communications between ICANN and its Governmental Advisory Committee have failed to facilitate the success of the multi-stakeholder model.)

Processes and procedures (as they are currently described in the Bylaws) are important. We must have clear rules for creation of consensus policy, with timelines and borders to ensure that issues are addressed and rights are respected.

But the operation of the multi-stakeholder model is more complicated than following those processes. The success of the model depends on the mutual trust and respect of the participants, and the ability to actively listen and to understand what is meant, even if that is not exactly what is said.

Rather than create new rules or discuss how one side can prevent the other from abusing its position, the volunteers, staff and Board should look inwardly to improve its own listening and communicating.

You’re my brother-in-law. I am ready (more than ready) to disagree with you, but first I am going to listen to what you have to say.

This is a guest post written by Kurt Pritz, ICANN’s former chief strategy officer. He is currently an independent consultant working with new gTLD applicants and others.

Donuts beats dot-brand in fight over .express gTLD

Kevin Murphy, July 11, 2013, Domain Policy

Donuts has prevailed in the first big dust-up between a portfolio gTLD applicant and a dot-brand hopeful.

The World Intellectual Property Organization today published its decision (pdf) in the Legal Rights Objection filed by a clothing retailer called Express over the .express gTLD.

The ruling could have a big impact on future rounds of the new gTLD program, possibly giving rise to an influx of defensive, generic-word dot-brand applications.

Both Express and Donuts have applied for .express. They’re the only two applicants for the string.

Express runs about 600 stores in the US and elsewhere and has had a trademark on its name since 1979. Donuts, as with all of its 307 original applications, wants to run .express as an open gTLD.

Express argued in its LRO that a Donuts-run .express would severely damage its brand, saying:

Should applicants for new TLDs be able to operate unrestricted TLDs represented by generic words which are also extremely well known brands, billions of dollars of goodwill will be wiped out in a TLD heartbeat.

Donuts, in its response, pointed out that there are thousands of uses of the word “express” in trademarks and other contexts, and even produced a survey that it said showed only 8% of fashionistas even associate the word with the brand.

The WIPO panelist, after what appears to have been something of a crisis moment of wondering what the hell ICANN was thinking when it designed the LRO, sided with Donuts. He said:

The Panel ultimately decides that the trademark owner (Complainant) should not be able to prevent adoption by the applicant (Respondent) of the applied-for gTLD <.express> in the particular context presented here. While Complainant certainly owns rights in the EXPRESS trademark for use in connection with apparel and fashion accessories, and while that trademark is reasonably well known among a relevant segment of consumers in the United States, there are so many common usages of the term “express” that it is not reasonable to foreclose its use by Respondent as a gTLD.

He follows up with a few sentences that should give owners of dictionary-word trademarks reason to be worried.

The Panel recognizes that, should Respondent successfully secure the gTLD, Complainant may be required to address potential Internet user confusion in the commercial marketplace for its products based on the registration (or attempted registration) of certain second level domains. However, Complainant faces this risk because it adopted a common word in the English language for its trademark. Moreover, Complainant has applied for the identical <.express> string as a gTLD in competition with Respondent. Ultimately, the parties may well end up in an auction contest for the gTLD. This is not Complainant’s last chance to secure its trademark as a gTLD.

In other words, Express can either pay ICANN or Donuts a bunch of cash at auction to get its dot-brand, or it can let Donuts win and spend a bunch of cash on defensive registrations and UDRP/URS complaints. Not a great result for Express either way.

The panelist takes 10 pages of his 26-page decision to explain his deliberations, but it basically boils down to this: Express’ trademark is too generic to give the company exclusivity over the word.

It’s hard to disagree with his reasoning.

If subsequent LROs go the same way, and I suspect they will, then it will quickly become clear that the only way to guarantee nobody else gets your dictionary-word brand as a gTLD will be to apply for it yourself and fight it all the way to auction.

IAB gives dotless domains the thumbs down

Kevin Murphy, July 11, 2013, Domain Tech

The Internet Architecture Board believes dotless domain names would be “inherently harmful to Internet security.”

The IAB, the oversight committee which is to internet technical standards what ICANN is to domain names, weighed into the debate with an article apparently published yesterday.

In it, the committee states that over time dotless domains have evolved to be used only on local networks, rather than the internet, and that to start delegating them at the top level of the DNS would be dangerous:

most users entering single-label names want them to be resolved in a local context, and they do not expect a single name to refer to a TLD. The behavior is specified within a succession of standards track documents developed over several decades, and is now implemented by hundreds of millions of Internet hosts.

By attempting to change expected behavior, dotless domains introduce potential security vulnerabilities. These include causing traffic intended for local services to be directed onto the global Internet (and vice-versa), which can enable a number of attacks, including theft of credentials and cookies, cross-site scripting attacks, etc. As a result, the deployment of dotless domains has the potential to cause significant harm to the security of the Internet

The article also says (if I understand correctly) that it’s okay for browsers to interpret words entered into address bars without dots as local resources and/or search terms rather than domain names.

It’s pretty unequivocal that dotless domains would be Bad.

The article was written because there’s currently a lot of talk about new gTLD applicants — such as Google, Donuts and Uniregistry — asking ICANN to allow them to run their TLDs without dots.

There’s a ban in the Applicant Guidebook on the “apex A records” that would be required to make dotless TLDs work, but it’s been suggested that applicants could apply to have the ban lifted on a case by case basis.

More recently, ICANN’s Security and Stability Advisory Committee has stated almost as unequivocally as the IAB that dotless domains should not be allowed.

But for some reason ICANN recently commissioned a security company to look into the issue.

This seems to have made some people, such as the At Large Advisory Committee, worried that ICANN is looking for some wiggle room to give its new gTLD paymasters what they want.

Alternatively, ICANN may just be looking for a second opinion to wave in the faces of new gTLD registries when it tells them to take a hike. It was quite vague about its motives.

It’s not just a technical issue, of course. Dotless TLDs would shake up the web search market in a big way, and not necessarily for the better.

Donuts CEO Paul Stahura today published an article on CircleID that makes the case that it is the browser makers, specifically Microsoft, that are implementing DNS all wrong, and that they’re objecting to dotless domains for competitive reasons. The IAB apparently disagrees, but it’s an interesting counterpoint nevertheless.

First three new gTLD objections thrown out

Kevin Murphy, July 9, 2013, Domain Policy

Three objections against new gTLD applications have been thrown out by the World Intellectual Property Organization, two of them on the basis that they were blatant attempts to game the system.

The objections were all Legal Rights Objections. Essentially, they’re attempts by the objectors to show that for ICANN to approve the gTLD would infringe their existing trademark rights.

The applications being objected to were Google’s .home, SC Johnson’s .rightathome and Vipspace Enterprises .vip.

The decisions are of course completely unprecedented. No LROs have ever been decided before.

Let’s look at each in turn.

Google’s .home

The objector here was Defender Security Company, a home security company, which has also applied for .home and has objected to nine of its competitors for the string.

Basically, the objection was thrown out (pdf) because it was a transparent attempt to game the trademark system in order to secure a potentially lucrative gTLD.

Defender appears to have bought the application, along with associated companies, domains, social media accounts and trademarks, from CGR E-Commerce, a company owned by .music applicant Constantine Roussos.

The panelist in the case apparently doesn’t have a DomainTools subscription and couldn’t make the Roussos link from historical Whois records, but it’s plain to see for those who do.

The case was brought on the basis of a European Community trademark on the term “.home”, applied for in December 2011, just a few weeks before ICANN opened the new gTLD application window, and a US trademark on “true.home” applied for a few months later.

The objector also owned dothome.net, one of many throwaway Go Daddy domain name resellers Roussos set up in late 2011 in order to assert prior rights to TLDs he planned to apply for.

The panelist saw through all the nonsense and rejected the objection due to lack of standing.

Here’s the money quote:

The attempted acquisition of trademark rights appears to have been undertaken to create a basis for filing the Objection, or defending an application. There appears to have been no attempt to acquire rights in or use any marks until after the New gTLD Program had been announced, specifically two weeks before the period to file applications for new gTLDs was to open.

For the EC trademark, lack of standing was found because Defender didn’t present any evidence that it actually owned the company, DotHome Ltd, that owned the trademark.

For the US trademark, which is still not registered, the panelist seems to have relied upon UDRP precedent covering rights in unregistered trademarks in his decision to find lack of standing.

The panelist also briefly addresses the Applicant Guidebook criteria for LROs, although it appears he was not obliged to, and found Defender’s arguments lacking.

In summary, it’s a sane decision that appears to show that you can’t secure a gTLD with subterfuge and bogosity.

It’s not looking good for the other eight objections Defender has filed.

Vipspace Enterprises’ .vip

This is another competitive objection, filed by one .vip applicant against another.

The objector in this case is German outfit I-Registry, which has applied for four gTLDs. The respondent is Vipspace, which has only applied for .vip.

In this case, both companies have applied for trademarks, one filed one month before the other.

The panelist’s decision focuses, sanely again, on the generic nature of the string in question.

Because both trademarks were filed for the word “VIP” meaning “Very Important Person”, which is the intended meaning of both applications, it’s hard to see how either is a proper brand.

The panelist wrote (pdf):

while SOAP, for example, may be a perfectly satisfactory trade mark for cars, it cannot serve as a trade mark for the cleaning product “soap”.

While the parties have used the term, “VIP”, in various forms on their website to indicate the manner in which the term will be used if they are successful in being awarded the domain, there is nothing before the Panel (beyond mere assertion) to show that either of them has yet traded under their marks sufficiently to displace the primary descriptive meaning of the term and establish a brand or at all.

In other words, it’s a second case of a WIPO panelist deciding that getting, or applying for, a trademark is not enough to grant a company exclusive rights to a new gTLD string.

Sanity, again, prevails.

SC Johnson’s .rightathome

While it contains the word “home”, this is a completely unrelated case with a different objector and a different panelist.

The objector here was Right At Home, a Nebraska-based international provider of in-home elderly care services. The applicant is a subsidiary of the well-known cosmetics company SC Johnson, which uses “Right@Home” as a brand.

It appears that both objector and applicant have really good rights to the string in question, which makes the panelist’s decision all the more interesting.

The way the LRO is described in ICANN’s new gTLD Applicant Guidebook, there are eight criteria that must be weighed by the panelist.

In this case, the panelist does not provide a conclusion showing how the weighting was done, but rather discusses each point in turn and decides whether the evidence favors the objector or the applicant.

The applicant here won on five out of the eight criteria.

The fact that the two companies offer different products and/or services, accompanied by the fact that the phrase “Right At Home” is in use by other companies in addition to the complainant and respondent appears to have been critical in tipping the balance.

In short, the panelist appears to have decided (pdf) that because SC Johnson did not apply for .rightathome in bad faith, and because it’s unlikely internet users will think the gTLD belongs to Right At Home, the objection should be rejected.

I am not a lawyer, but it appears that the key takeaway from this case is that owning a legitimately obtained brand is not enough to win an LRO if you’re an objector and the new gTLD applicant operates in a different vertical.

This will worry many people.

Chehade joins Twitter

Kevin Murphy, July 9, 2013, Gossip

ICANN CEO Fadi Chehade now has his own Twitter account, the organization has confirmed.

Here he is, tweeting this morning:

And here’s ICANN confirming it:

And here’s somebody who is definitely not Chehade, but is quite amusing anyway: