Latest news of the domain name industry

Recent Posts

ICANN holds its ground on weaseled GAC advice

Kevin Murphy, September 11, 2014, Domain Policy

While many members of the community are getting upset about the plan to make it harder for ICANN’s board to overrule GAC advice, today we got a reminder that the board is not the GAC’s lapdog.

The New gTLD Program Committee is standing firm on the way it creatively reinterpreted Governmental Advisory Committee advice to make it less punishing on a few dozen new gTLD registries.

The NGPC passed a resolution on Monday approving an updated scorecard to send to the GAC. ICANN chair Steve Crocker delivered it to GAC chair Heather Dryden yesterday.

A “GAC scorecard” is a table of the GAC’s demands, taken from the formal advice it issues at the end of each public meeting, with the NGPC’s formal responses listed alongside.

The latest scorecard (pdf) addresses issues raised in the last five ICANN meetings, dating back to the Beijing meeting in April 2013.

The issues mainly relate to the GAC’s desire that certain new gTLDs, such as those related to regulated industries, be locked down much tighter than many of the actual applicants want.

One big point of contention has been the GAC’s demand that registrants in gTLDs such as .attorney, .bank and .doctor should be forced to provide a relevant licence or other credentials at point of sale.

The GAC’s exact words, from its Beijing communique (pdf), were:

At the time of registration, the registry operator must verify and validate the registrants’ authorisations, charters, licenses and/or other related credentials for participation in that sector.

However, when the NGPC came up with its first response, in November last year, it had substantially diluted the advice. The creative reinterpretation I mentioned earlier read:

Registry operators will include a provision in their Registry-Registrar Agreements that requires Registrars to include in their Registration Agreements a provision requiring a representation that the Registrant possesses any necessary authorisations, charters, licenses and/or other related credentials for participation in the sector associated with the Registry TLD string.

In other words, rather than presenting your medical licence to a registrar when buying a .doctor domain, registrants would merely assert they have such a licence on the understanding that they could lose their domain if they fail to present it on demand in future.

The GAC, which isn’t entirely stupid, spotted ICANN’s reimagining of the Beijing communique.

At the Singapore meeting this March, it issued a list of passive-aggressive questions (pdf) for the NGPC, noting that its Beijing advice had been “amended” by the board and wondering whether this would lead to “greater risks of fraud and deception” in new gTLDs.

ICANN’s response this week is quite lengthy.

The NGPC said it had “to balance many competing positions” when figuring out how to respond to the Beijing communique, and that it tried “to address all of the completing concerns in a way that respected the spirit and intent of the GAC’s advice.”

The committee gives a number of examples (starting on page 15 of this PDF) explaining why the GAC’s original demands would be unreasonably burdensome not only on registries and registrars but also on registrants.

Here’s one example:

consider a potential registrant that is a multinational insurance company seeking to register a domain name in the .insurance TLD. Suppose the multinational insurance company has locations in over 30 countries, including the United States and Kenya. If the potential registrant insurance company attempts to register a domain name in the .insurance TLD, would that trigger an obligation to verify and validate its credentials, licenses, charters, etc. in the location of its headquarters, or all of the places around the globe where it does business. Is it realistic for a Registry Operator or Registrar to have the knowledge and expertise to determine precisely what credentials or authorizations are required in every country around the world (and in every city, county or other political division if those political subdivisions also require credentials [e.g. in the United States, insurance is primarily regulated at the state level and require a license in each of the 50 states])?

The short version is that the NGPC isn’t budging on this particular issue.

Rather than backpedaling, it’s giving the GAC the reasons it disagreed with its advice and explaining how it attempted to at least comply with the spirit, if not the letter, of Beijing.

As far as I can tell, that seems to be the case in each of the 39 items in the new scorecard — explanation not capitulation. Read the full thing here.

Community panel hands .radio to EBU because nobody objected

Kevin Murphy, September 11, 2014, Domain Registries

The European Broadcasting Union is likely to win the right to the .radio new gTLD, beating three portfolio applicants, after a favorable Community Priority Evaluation.

The main reason the EBU managed to score a passing 14 out of 16 points in the CPE is that there was no significant objection to the EBU’s bid on the public record.

The EBU managed to win, under ICANN’s complex scoring system, despite the fact that the CPE panel ruled that no one entity, not even the EBU, can claim to represent the “radio” community.

The win means that Donuts, Afilias and BRS Media, which all applied for open .radio gTLDs, will likely have to withdraw their bids and leave .radio in the hands of the EBU’s more restrictive policies.

The EBU’s bid envisages a post-registration enforcement regime, in which registrants’ web sites and Whois records are vetted to ensure they have a community “nexus” and are using their domains in the spirit of the community.

Registrants would have to provide a statement of their usage intent at the point of registration.

Domain investors are explicitly not welcome in the TLD, judging by the EBU’s application.

The EBU, as mentioned, scored 14 out of 16 points in the CPE. The threshold to pass is 14.

As I’ve been saying for years, passing a CPE should be very difficult because applicants can immediately lose two points if there’s any decent opposition to their applications.

The other three applicants for .radio could have easily beaten back the EBU had they managed to effectively organize just a single significant member of the radio community against the EBU’s bid.

However, they failed to do so.

The EBU scored the maximum of two points under the “Opposition” part of the CPE, because, in the words of the panel:

To receive the maximum score for Opposition, the application must not have received any opposition of relevance. To receive a partial score for Opposition, the application must have received opposition from, at most, one group of non-negligible size.

The application received letters of opposition, which were determined not to be relevant, as they were (1) from individuals or groups of negligible size, or (2) were not from communities either explicitly mentioned in the application nor from those with an implicit association to such communities.

Donuts, Afilias and BRS Media all submitted comments in opposition to the EBU application. As competing applicants, these submissions were (probably correctly) disregarded by the panel.

There were a small number of other objecting comments on the record that the CPE panel (again probably correctly) chose to disregard as coming from organizations of negligible size.

The was one comment, in Polish, from a Polish law firm. Another comment came from a something dodgy-looking calling itself the International Radio Emergency Support Coalition.

A third comment came from the Webcaster Alliance, a group that made a bit of a name for itself a decade ago but which today has a one-page web site that doesn’t even list its members (assuming it has any).

Attempts by BRS Media, which already runs .am and .fm, to orchestrate a campaign of opposition seem to have failed miserably.

In short, the panel’s decision that there was no relevant, on-the-record opposition seems to be on pretty safe ground.

What’s slightly disturbing about the CPE is that the panel seems to have decided that the EBU does not actually represent the radio community as described in its application.

It dropped one point on the “Community Establishment” criteria, and another on the “Nexus between Proposed String and Community” criteria.

Specifically, it lost a point because, as the panel stated:

Based on information provided in the application materials and the Panel’s research, there is no such entity that organizes the community defined in the application. Therefore, as there is no entity that is mainly dedicated to the community as defined in the .RADIO application, as the Panel has determined, there cannot be documented evidence of community activities.

In other words, there may be a “radio community”, but nobody, not even the EBU, is responsible for organizing it.

It also lost a point because while the string “radio” does “identify” the community, it does not “match” it.

The panel explained:

To receive the maximum score for Nexus, the applied-for string must “match” the name of the community or be a well-known short-form or abbreviation of the community name. To receive a partial score for Nexus, the applied-for string must “identify” the community. “Identify” means that the applied-for string should closely describe the community or the community members, without over-reaching substantially beyond the community.

Failing to get full marks on community and nexus would usually, in my view, indicate that an application would not succeed in its CPE bid.

However, the lack of any outcry from significant members of the community (either because there was no such opposition or the three rival applicants failed to muster it) seems set to allow .radio to be managed by the applicant with the most restrictive policies.

US-based Moniker gets Euro data retention waiver

Kevin Murphy, September 11, 2014, Domain Registrars

ICANN has approved Moniker’s request for a partial waiver of the Registrar Accreditation Agreement based on European privacy law, despite the fact that the registrar is based in the US.

The data retention waiver for Moniker was one of a few granted to members of the KeyDrive group of registrars that were approved by ICANN yesterday.

KeyDrive is based in Luxembourg, but the waiver request was granted because complying with the 2013 RAA could violate German privacy law and Moniker’s data is stored in Germany.

ICANN said:

Registrar’s technical backend services provider as well as data storage and collection occur on servers hosted and operated in Germany, and is subject to German law. Accordingly, ICANN has determined that it is appropriate to grant Registrar a data retention waiver

Group members Key-Systems AG (a German company) Key-Systems LLC (an American company) also received waivers yesterday.

InternetX, part of Germany-based United Internet, and http.net Internet also had their requests approved.

The waiver process was introduced because the 2013 RAA requires registrars to store customer data long after their domains expire, which registrars’ lawyers say forces them to break local laws.

An EU directive implemented in many European countries says that companies cannot store personal data for longer than it is needed for the purpose for which is was collected.

ICANN terminates billion-dollar gTLD applicant over unpaid $3,000 bill

Kevin Murphy, August 27, 2014, Domain Registrars

Telefonica Brasil, part of the massive Telefonica group of telecoms companies, has lost its registrar accreditation after failing to pay its ICANN fees.

The company, which had revenue last year of $14.6 billion, is facing termination of its Registrar Accreditation Agreement over the pitiful sum of $3,082.12.

It’s also embarrassing because Telefonica is applying for the new gTLD .vivo, its consumer brand in Brasil, which will require it to sign a Registry Agreement with ICANN.

I don’t think the loss of the RAA affects the company’s ability to get its gTLD contracted and delegated.

According to ICANN (pdf), Telefonica also failed to comply with the Registrar Information Specification, a pretty basic rule in the 2013 Registrar Accreditation Agreement requiring registrars to provide their address and names of officers and any parent companies.

The company has no gTLD names under management, so registrants will not be affected by the termination, which will take effect September 25.

ICANN sent its initial breach notice in July, but Telefonica did not comply before the August deadline. It also received a breach notice over an unpaid $10,000 bill a year ago.

GAC kills .indians and two more dot-brands die

Kevin Murphy, August 27, 2014, Domain Registries

Reliance Industries, owner of the Mumbai Indians cricket team, has withdrawn its application for the new gTLD .indians after an objection from the Indian government.

ICANN’s Governmental Advisory Committee has said in formal advice several times, most recently in March, that India was not cool with the idea of a .indians TLD, but noted that the country stood alone.

Following the Singapore meeting this year, the GAC said: “the Government of India has requested that the application for .indians not proceed.”

As a piece of non-consensus advice, ICANN would have been able to more easily reject India’s objection, but the withdrawal means it will not have to make that decision.

India has a similarly dim view of .ram, which Chrysler has applied for to protect a car brand but which also matches an important deity in the Hindu pantheon. That bid is still active.

But recently we’ve seen two other dot-brand applicants get out of the new gTLD program.

Dun & Bradstreet has just withdrawn its bid for .dnb. Last week, Myriad International Holdings yanked its application for .mih.