Latest news of the domain name industry

Recent Posts

US sneaks public Whois demands into pandemic relief bill

Kevin Murphy, December 28, 2020, Domain Policy

Outgoing US president Donald Trump has signed into law a coronavirus relief bill and spending package that contains a surprise instruction for the government to pursue open access to Whois records.

The Consolidated Appropriations Act of 2021 is focused on federal spending for fiscal 2021, with billions set aside for pandemic-related economic stimulus. It’s the bill you may recall Trump refused to sign for several days on the purported basis that it only provided Americans with a piddling $600 check.

An accompanying document contains encouragement for the National Telecommunications and Information Administration to “to require registrars and registries based in the United States to collect and make public accurate domain name registration information”.

It also asks the NTIA to continue to work within ICANN’s Governmental Advisory Committee to help create “a global access model that provides law enforcement, intellectual property rights holders, and third parties with timely access to accurate domain name registration information”.

The text can be found in a joint explanatory statement (pdf) accompanying the act. It’s not on the statute books as such, but it does tell NTIA how to spend the money it’s been allocated.

The full text relevant to the domain name industry reads:

NTIA is directed, through its position within the Governmental Advisory Committee o work with I CANN to expedite the establishment of a global access model that provides law enforcement, intellectual property rights holders, and third parties with timely access to accurate domain name registration information for legitimate purposes. NTIA is encouraged, as appropriate, to require registrars and registries based in the United States to collect and make public accurate domain name registration information.

As ICANN notes in its analysis, the first sentence is not telling NTIA to do anything it hasn’t been doing since the European Union’s General Data Protection Regulation came into effect two and a half years ago.

The NTIA and GAC have been involved in efforts to create a privacy workaround for rights holders and law enforcement, which in September came up with the widely panned SSAD proposals. ICANN is currently pleading with the EU for clarity on whether it would even be legal.

The second sentence is perhaps a bit more worrying, dangling as it does the possibility of American registries and registrars having to either break EU law or implement a much more complex Whois infrastructure.

But, as ICANN notes, the words “encouraged, as appropriate” are doing a lot of heavy lifting in that sentence, saying “encouragement is aspirational; it is not a mandate”.

However, ICANN appears to be treating it as a warning shot, with head of compliance Jamie Hedlund writing:

It appears to hint that if NTIA and the ICANN community can’t develop a robust access model, Congress could entertain more forceful measures that would impose requirements on U.S.-based registries and registrars to collect and publish domain name registration information.

It seems the NTIA has the wink to cause mischief, should ICANN not deliver what intellectual property lobbyists want.

Mixed messages from ICANN on pandemic travel in 2021

Kevin Murphy, December 22, 2020, Domain Policy

ICANN still hasn’t formally cancelled its public meeting in Cancun, Mexico next March, but it appears to be planning for scheduled in-person gatherings to not resume until the fourth quarter of next year.

While nobody in their right mind seems to believe ICANN 70 will go ahead anywhere other than virtually — and ICANN’s top brass acknowledged in October that a face-to-face community forum appeared highly unlikely — the Org has still not announced that it will be the fourth consecutive meeting to be held via Zoom.

But two recently published documents show that ICANN doesn’t see travel getting back to normal any time soon, though its expected timing is ambiguous.

First, the proposed budget for fiscal 2022, which was published on Friday, envisages pandemic-related travel restrictions for only “the first nine months” of its current FY21, which ends June 30 next year.

That means that ICANN, at least in its travel budget, still thinks there’s a chance that international travel may be an option as early as April next year. Its travel budget for this year is $4.7 million, which certainly suggests one normal public meeting.

That would rule out Cancun, but leaves open the possibility that June 14-17 public meeting in The Hague could actually go ahead.

The budget also assumes a normal level of travel spending for the whole of FY22, which would mean ICANN 72 in Seattle — a mere domestic flight for most ICANN staff and a good portion of the domain industry — would also take place in-person next October.

But a resolution passed by the ICANN board of directors last Thursday appears to have a more pessimistic outlook.

The board at that meeting approved the continuation of contingency plans for signing the cryptographic keys at the root of the DNS that would eliminate the need for travel until the fourth quarter of calendar 2021.

Normal, quarterly root Key-Signing Key ceremonies require a small number of trusted “secret key holders” to be flown from around the world into facilities in the US, carrying physical keys, to ensure the integrity of the process.

But those rules were tweaked under coronavirus lockdown last April to allow IANA employees to sub in for these key-holders.

Understanding that the pandemic wasn’t going away any time soon, but perhaps with hindsight on the optimistic side, the KSK ceremony in April generated three quarters’ worth of keys in advance, enabling root DNSSEC until the end of March 2021.

Last Thursday, the ICANN board resolved to again bulk-generate keys during its next ceremony, to be held some time in the first quarter. The plan states:

The coronavirus pandemic is expected to continue to significantly impact operations well into 2021. To limit the impact on the ability to hold quarterly key ceremonies, the plan again provides for generating signatures for an extended nine-month period. This relieves the need to hold a subsequent key signing ceremony until the fourth quarter of 2021.

So, while the proposed budget thinks travel could return to normal by April, the KSK plans are thinking October could be the best-case scenario.

Vaccines appear to be the key, as you might expect:

Staff will continue to monitor the pandemic and prepare for all possible scenarios for this ceremony in accordance with the graduated approach. Should widespread vaccination programs prove to be successful, and international travel limitations be relaxed, it is conceivable a late-2021 ceremony could be conducted in its normal format with international in-person participation.

I’m going to go out on a limb and suggest that the chances of a normal in-person ICANN meeting going ahead before Seattle are pretty slim.

For vaccination programs to be successful, we’re going to need a combination of competent governments capable of handling an unprecedented logistical challenge and a largely sane, rationale populace willing to go under the needle en masse. I’m afraid I don’t have that much faith in humanity.

Even if everything goes smoothly, we’re still looking at the vaccine rollout taking a long time indeed. I live in the UK, the first country to roll out vaccinations at scale, and I don’t anticipate getting the jab for six months or more.

An unofficial calculator tool estimates that a middle-aged Brit with no diagnosed preexisting conditions cannot reasonably expect to get a vaccine until July 2021, assuming the UK manages to quickly ramp up to one million vaccinations per week and 70% of those eligible choose to take the shot.

If that’s true elsewhere in the world, and vaccination becomes a passport to travel, then any hypothetical June face-to-face ICANN meeting could resemble a senior care home or retirement village even more than usual.

Not so much Club Med as a Saga Holiday.

And none of this takes into account the potential impact of the super-spreadable new coronavirus strain discovered to be hugely prevalent in the UK last week.

While it’s early days, it seems there’s a significant possibility that what I’m calling the limeyvirus (because what goes better with Corona than lime?) is going to significantly impact travel worldwide in the coming months.

ICANN predicts rosy post-pandemic domain industry — time to start panicking?

Kevin Murphy, December 21, 2020, Domain Policy

Having totally misjudged the impact of the coronavirus pandemic on the domain name industry and its own budget, ICANN is now forecasting a rosy (post-pandemic?) fiscal 2022.

The Org has just published its proposed budget for the 12 months beginning July 1, 2021, predicting decent growth in transactions for new and legacy gTLDs, along with a modest increase in new registrars.

It’s also predicting that international travel will be back to normal, with three full in-person public meetings going ahead as usual.

ICANN is planning to receive $144.4 million in FY22, up slightly from the $140 million it expects to receive in the current financial year.

The FY22 number is boosted by a $4 million bung from Verisign, negotiated as part of the .com contract renewal, which lifted the price freeze.

It’s predicting a 3% increase in legacy gTLD registry transaction fees to $52.8 million and a 6% increase in legacy gTLD registry transaction fees to $5.1 million.

Registrar transaction fees for legacy gTLDs is expected to be up 4% to $33.4 million, with registrar fees for new gTLDs is predicted to rise 5% to $4.2 million.

Altogether, that’s $3 million extra in transaction fees — paid whenever a domain is registered, renewed or transferred — compared to its expected FY21 performance.

But that’s offset by a $600,000 predicted decline in fixed registry fees, due to an expected loss of 15 new gTLD registries (most likely dormant dot-brands) in the period. It expects to end the year with 1,141 fee-paying registries.

ICANN expects its pool of accredited registrars to bounce back a little, adding 28 in FY22 having lost an expected 121 in FY21. It expects to end FY22 with 2,356 registrars on its books.

The proposed budget also sheds light on how ICANN expects the remainder of coronavirus-afflicted FY21 playing out.

It currently expects its top line for the year to June 30, 2021 to be $140 million, compared to the $129.3 million it predicted in the FY21 budget approved in May this year.

But that budget had been slashed in April by 8% from its original draft, published a year ago. It had planned for $140.4 million, but reduced expectations by $11.1 million due to the coronavirus pandemic.

In April, before the extent of the lockdown bump experienced by many registries and registrars became clear, ICANN said:

ICANN org funding may be impacted because the economic crisis stemming from the pandemic has the potential to impact the funding from domain name registrations and contracted parties through the end of FY20 and into the first months of FY21.

Today, it’s saying the impact from coronavirus was “less than expected” and generally forecasting “stable” and more or less business as usual in FY22.

ICANN had budgeted for $85.5 million in transaction fees from all sources in the current year, but now it expects that to come in at $92.6 million, much closer to its December 2019 estimate of $94.7 million.

It had expected to see transaction fees from new gTLDs at both registry and registrar levels to be down by a third, at $8 million, but that number’s now expected to come in at $8.9 million. Likewise, the budget predicted a legacy gTLDs dip of 2.3% to $77.5 million, rather than the $86.2 million it now thinks is heading its way.

I should probably point out for future reference that the proposed budget for FY22 was published Friday, the day before the new strain of ultra-infectious coronavirus was discovered in the UK. Who knows what the impact of that might be.

The budget is open for public comment for two months here.

ICANN throws the book at Net4 over dodgy transfer claims

Kevin Murphy, December 15, 2020, Domain Registrars

Struggling Indian registrar Net 4 India has been slammed with a massive breach notice by ICANN, following claims of domain transfers failing or happening without the consent of the registrant.

ICANN also accuses the company, which is or was India’s largest independent registrar, of trying to bullshit its compliance staff about whether expired domains had been renewed or not.

According to ICANN, Net4 is in breach of the Registrar Accreditation Agreement on four counts, three of which relate to domain ownership records.

ICANN says the company isn’t operating a Whois service on the web or port 43, has failed to escrow its registration data on two recent occasions, and has failed to hand over registrant information upon ICANN’s request.

It’s also past due with its fees, ICANN says.

ICANN’s been dealing with complaints about Net4 for months, after the company’s customer service system appeared to break down in the wake of the coronavirus pandemic. Hundreds of customers have said their domains were unrenewable and that they were unable to transfer to another registrar.

In the latest breach notice — the first published breach notice against any registrar since February — ICANN names almost 200 domain names that have allegedly been held hostage at Net4, despite the registrant’s efforts to transfer out.

ICANN wants proof that registrants were given transfer authorization codes and that their domains were unlocked.

In a smaller number of cases, ICANN wants proof that domains were transferred to Net4 partner Openprovider, for which it acts as a reseller, with the consent of the registrants.

It also claims that Net4 has more than once tried to prove that a registrant renewed their expired name by supplying the registry’s expiration date instead of its own, to blag its way out of accusations that registrants were unable to renew.

ICANN also accuses the registrar of dragging its feet to address complaints:

Over the past few months, the number of complaints ICANN Contractual Compliance has received from [registered name holders], and authorized representatives, asserting that Net 4 India is exhibiting a pattern of non-response to domain transfer and renewal requests has steadily increased. While addressing the relevant compliance cases, Net 4 India’s responses to ICANN Contractual Compliance have also regularly been untimely and incomplete.

Net4 is now in the unprecedented position of being subject to two different breach notices simultaneously.

ICANN actually issued a suspension notice in June 2019, after noticing that Net4 had been in insolvency proceedings for two years — a debt recovery agency is trying to recover $28 million in unpaid debts.

But that suspension deadline was paused after talks with the “resolution professional” handling the insolvency case, for reasons ICANN’s been rather quiet about, and it remains on pause to this date.

The newest breach notice has a December 31 deadline on it. Unless Net4 turns on its Whois and hands over the reams of requested data by then, ICANN could terminate its contract.

Assuming the insolvency court allows it to, presumably.

There’s one obvious pick for next year’s ICANN Community Excellence Award

Kevin Murphy, December 15, 2020, Domain Policy

ICANN has opened up nominations for its 2021 ICANN Community Excellence Award, and I don’t think it would be inappropriate of me to suggest that one likely nomination seems like a shoo-in: the late Marilyn Cade.

The award, now in its eighth year, is given to a community member who “deeply invested in consensus-based solutions and contributed substantively to the ICANN multistakeholder model”.

It’s judged by a cross-constituency panel of community leaders and awarded in June each year, using three criteria:

  • Demonstrated ability to work across community lines with both familiar and unfamiliar ICANN stakeholders with the aim of building consensus.
  • Facilitator of dialogue and open discussion in a fair and collegial manner, through the spirit of collaboration as shown through empathy, and demonstrating a sincere desire to engage with people from other backgrounds, cultures, and interests.
  • Demonstrated additional support for the ICANN multistakeholder model and its overall effectiveness through volunteer service via working groups or committees.

I believe Cade, who died last month at 73, fits easily into each of these.

She participated in ICANN’s formation in the late 1990s and participated in almost every public meeting since. She was a long-time member, and three-year chair, of the Business Constituency, and participated in several key volunteer working groups.

There’s a rather fascinating and lengthy audio interview with Cade, conducted by Ayden Férdeline shortly before her death, in which she discusses her involvement with the creation of ICANN, over here.

At the time of her death, ICANN CEO Göran Marby said: “Marilyn had strong views and opinions on many matters but always supported the multistakeholder model. She wanted people to be involved in ICANN and to maximize the potential of the Internet.”

While her views and positions may not have been universally loved, the hundreds of public tributes paid since her death reveal a consensus view that, regardless of competing affiliations, Cade was strongly active in community-building and mentoring new community members, particularly from underrepresented demographics.

It would not be the first time ICANN has given this award posthumously. In 2018, it was awarded to former GNSO Council chair Stéphane Van Gelder after his untimely death earlier that year.

It is of course easier to evaluate an individual’s contribution when their entire body of work is known.

From its inaugural 2014 round, the prize was known as the ICANN Ethos Award. The name was changed earlier this year, most probably to avoid alluding to the private equity firm Ethos Capital, which at the time was involved in a high-profile dispute with the org.

The winner will be announced at the ICANN 71 meeting, wherever that may be, next June.

ICANN could block Donuts from buying Afilias

Kevin Murphy, December 14, 2020, Domain Registries

In what appears to be an almost unprecedented move, ICANN is to review Donuts’ proposed acquisition of rival Afilias at the highest level, raising a question mark over the industry mega-merger.

The org’s board of directors will meet Thursday to consider, among other things, “Afilias Change of Control Approval Request”.

It’s highly unusual for a change of control to be discussed at such a high level.

Every registry contract contains clauses requiring ICANN’s consent before a registry switches owners, and it has approved hundreds over the last decade. But the process is usually handled by legal staff, without board involvement.

The only time, to my memory, that the board has got involved was when it withheld consent from .org manager Public Interest Registry earlier this year.

It’s not entirely clear why Afilias has been singled out for special treatment.

It’s probably not due to its status as a legacy gTLD registry operator because of .info — when GoDaddy bought .biz operator Neustar’s registry business earlier this year, there was no such board review.

In addition, the .info contract’s change of control provisions are very similar to those in the standard new gTLD contract.

Could it be due to Donuts executives former ties to ICANN and the perception of a conflict of interest? Again, it seems unlikely.

While Donuts CEO Akram Atallah is former president of ICANN’s Global Domains Division, former ICANN CEO Fadi Chehadé is no longer involved with Donuts owner Abry Partners, having jumped to erstwhile PIR bidder Ethos Capital this July.

Are there competition concerns? It’s a possibility.

Afilias holds the contracts for 24 gTLDs new and legacy, but supports a couple hundred more, while Donuts is contracted for over 240.

But between them, they have barely 10 million domains under management. Donuts isn’t even the market leader in terms of new gTLD registrations.

And ICANN avoids making competition pronouncements like the plague, preferring instead to refer to national competition regulators.

Could ICANN’s interest have been perked by the fact that Afilias is the back-end provider for .org’s 10 million domains, and the proposed Donuts deal comes hot on the heels of the failed PIR acquisition? Again, it’s a possibility.

But none of the dangers ICANN identified in the .org deal — such as pricing, freedom of speech, and the change from a non-profit to for-profit corporate structure — appear to apply here.

There could be technical concerns. Atallah told DI a couple weeks ago that the plan was to ultimately migrate its managed TLDs to its Amazon cloud-based registry.

But moving its clients’ TLDs to a new back-end infrastructure would require their consent — it would be up to PIR and its overlords at the Internet Society to agree to moving .org to the cloud.

I think it’s likely that a combination of all the above factors, and maybe others, are what’s driving the Afilias acquisition to the ICANN boardroom. It will be interesting to see what the board decrees.

Westerdal offloads two more gTLDs to Donuts

Kevin Murphy, December 9, 2020, Domain Registries

Donuts has bulked out its gTLD portfolio yet again, acquiring two more strings from Fegistry and Top Level Spectrum.

ICANN records show that it recently took over the contracts for .observer and .realty.

They’re both launched, active TLDs. Both selling registries are backed by investor Jay Westerdal.

.observer was bought dormant by TLS from the British newspaper of the same name in 2016 and launched the following year with .com-competitive prices.

TLS has been marketing it as a place for news organizations, though it’s unrestricted. Registrations plateaued at about 1,000 a couple of years ago and haven’t seen much movement since.

.realty is a different story.

Fegistry paid ICANN $5,588,888 at a public auction — beating Donuts, in fact — in 2014, and launched it in 2017 with a roughly $300-a-year retail price.

It’s been cruising along with about 2,200 names under management for the last couple of years, until this September and early October, when its zone file shot up to almost 18,000 domains.

This seems to have been the result of a $0.99 promotion at Epik, which has since ended.

One would have to assume that the vast majority of those new domains will be speculative and are unlikely to renew at the full $300 reg fee a year from now.

While the contracts changed hands in late October, it’s inconceivable that Donuts was not aware of the quality of the recent registrations.

It’s not the first time Westerdal’s businesses have sold to Donuts, which took .contact off Top Level Spectrum’s hands in April 2019. That gTLD entered general availability this week.

It’s also handed off responsibility for .forum to MMX, which plans to launch it with a puzzling $1,000 price tag next March, although TLS is still listed as the ICANN contractor.

TLS still runs the controversial gripe site TLD .feedback, along with the unlaunched head-scratcher .pid.

Fegistry is still fighting for .hotel, along with rival applicants, in ICANN’s quasi-judicial Independent Review Process.

Whois privacy group finds its new chair

Kevin Murphy, December 8, 2020, Domain Policy

Verisign’s top policy veep is set to become the third chair of the ICANN working group looking at Whois policy in the post-GDPR world.

Keith Drazek has been recommended to head the long-running group, known as the EPDP, and the GNSO Council is due to vote on his appointment next week. He’s likely to be a shoo-in.

He’s VP of policy and government relations at the .com registry, and a long-standing member of the ICANN policy-making community.

I recently opined that ICANN was looking for a “masochistic mug” to chair the group. Drazek was until October the chair of the GNSO Council, and is therefore perfectly qualified for the role.

The third phase of the EPDP process, which in typical ICANNese is denominated “phase 2a”, is likely to be slightly less controversial than the first two.

The EPDP has already decided that ICANN should probably create a Standardized System for Access and Disclosure — SSAD — that may enable law enforcement and intellectual property owners to get their hands on unredacted Whois records.

But governments, IP interests and others have already dismissed the plan as useless, and there’s still a big question mark over whether SSAD is too complex and expensive to be worth implementing.

In the third phase, EPDP members will be discussing rules on distinguishing between legal and natural persons when record-holders decide what info to make public, and whether there should be a standardized system of unique, anonymized email forwarders to contact domain registrants.

They’re both less divisive topics than have been previously addressed, but not without the potential for fireworks.

The email issue, for example, could theoretically enable people to harvest a registrant’s entire portfolio of domains, something very useful for law enforcement and IP lawyers but abhorrent to privacy advocates.

The previous two phases were chaired by Kurt Pritz and Janis Karklins, with Rafik Dammak acting as vice-chair.

Three more new gTLDs blink out of existence

Kevin Murphy, December 8, 2020, Domain Registrars

Another new gTLD registry operator, representing three dot-brands, has told ICANN that they want their contracts scrapped.

The registry is CNH Industrial, and the gTLDs are .case, .caseih and .newholland.

To be honest, if you’d asked me yesterday whether these TLDs existed or not, I would have guessed not.

But CNH is a pretty big deal — a New York-listed multinational maker of construction and agricultural equipment and vehicles with over $28 billion in revenue last year. Case and New Holland are two of its brands.

The brands do not appear to have been discontinued, so this seems to be a typical case of company simply deciding against using its TLDs, which it probably shouldn’t have applied for in the first place.

None of them has any domains beyond the mandatory nic.example site.

Interestingly, it has a fourth dot-brand, .iveco, representing a vehicle brand, that so far it does not seem to have terminated, judging by ICANN records. But that’s not in use either.

The terminations bring the total dead dot-brands to 85, 16 of which died this year.

Credit union gTLD changes hands to perhaps surprising buyer

Kevin Murphy, December 4, 2020, Domain Registries

Yet another new gTLD is moving to a new registry, but this time it’s not a case of a large gTLD holder bulking up its portfolio.

This time it’s .creditunion, and the new registry is 18-year-old .coop registry DotCooperation, according to ICANN records.

.creditunion was delegated to the Credit Union Nation Association, the trade group for US credit unions, in 2015 and launched in 2017.

Like .coop, it’s a tightly restricted TLD, with eligibility only for those with a “meaningful nexus to the credit union sector”.

It had 580 domains at the last count, having peaked at 640 a couple years ago. The domains are being used as primary domains by at least a couple dozen credit unions.

But volume was never the plan for .creditunion, with CUNA specifically citing .coop as its role model in its 2012 new gTLD application.

“The success of the gTLD will not be measured by the number of domain names registered. Instead, it will be measured by the level of consumer recognition and trust,” CUNA said back then.

CUNA actually announced the DotCooperation deal in a press release on its web site at the end of September, but I don’t think anyone in the domain industry noticed.

.coop, which is reserved for co-operative associations, was one of the original 2000-round new gTLDs. It’s been chugging along at relatively low volume for the last two decades, peaking at 15,000 in February 2013.

For the last few years, it’s been growing by maybe a dozen or so domains a month, and currently stands at about 8,300 names.

DotCooperation is jointly owned by the National Cooperative Business Association and the International Cooperative Alliance.