Latest news of the domain name industry

Recent Posts

Here’s why trademark owners will think .sucks sucks

Kevin Murphy, March 13, 2015, Domain Registries

Vox Populi Registry is to launch its .sucks gTLD at the end of the month, and its plans are likely to piss off trademark owners no end.

As previously reported, the company has backpedaled on its idea of pricing its sunrise period names at $25,000 per name per year, but it’s introducing some new concepts that seem almost designed to get hackles up in the IP community.

From March 30 to May 29, any company with a trademark registered in the Trademark Clearinghouse will be able to buy their matching .sucks domains at sunrise for $2,499. That’s also the annual renewal fee.

It’s a tenth of the price previously touted, but still pretty steep even by sunrise standards.

Vox Pop isn’t doing anything particularly unusual with its sunrise, which is governed by policies closely regulated by ICANN.

But its big new idea is its “Sunrise Premium” list, a list of strings dominated by famous trademarks.

Vox Pop CEO John Berard told DI yesterday that the Sunrise Premium list has been compiled from strings registered or blocked in other TLDs’ sunrise periods.

While he declined to characterize it as a list of trademarks, he acknowledged that it will be trademark-heavy.

If your mark is on this list, you will never be able to get a .sucks domain at the regular general availability retail price of $249 a year. It will always be $2,499 a year.

Despite the name, Sunrise Premium names are only available during general availability, which begins June 1.

On the one hand, this mandatory premium pricing for the world’s most well-defended marks appears to have benefits for some trademark owners.

While Sunrise Premium names are not restricted to owners of matching marks, the $2,499 fee applies whether you’re the mark owner, a legitimate third-party registrant, or a cybersquatter.

So the high price looks like a deterrent to cybersquatting, suggesting that Vox Pop is fighting from the IP corner.

But then we discover that Sunrise Premium names will never be eligible for the .sucks “Block” service — similar to .xxx’s Sunrise B, a Block is a non-resolving registry reservation — which is expected to retail at a discounted $199 per year.

Berard said that the registry wants to encourage use.

“If you are on the Sunrise Premium list or want a premium name, those can’t be blocked,” Berard said. “It’s all part and parcel of us trying to put more power in the hands of individuals and to cultivate a commitment on behalf of the commercial world to participate in the dialogue.”

But the fact remains: if you have a track record of defensively registering your trademark, Vox Pop is essentially penalizing you with higher fees.

Feel those hackles rising yet?

Vox Pop’s stated goals are to give companies a way to manage customer feedback and individuals a way to exercise their rights to criticize.

“A company would be smart to register its name because of the value that consumer criticism has in improving customer loyalty, delivering good customer service, understanding new product and service possibilities,” Berard said.

“They’re spending a lot more on marketing and customer service and research. This domain can another plank in that platform,” he said. “On the other hand, we also want to make sure that these names are also accessible to individuals who have something to say.”

Companies on the Sunrise Premium list have an additional thing to worry about: the .sucks Consumer Advocate Subsidy, which will bring the price of a .sucks domain down to $9.95 per year.

The subsidy will only be available to registrants unaffiliated with the trademark-owning company, and they’ll have to direct their domains to a discussion forum platform called Everything.sucks.

Berard said Everything.sucks will be operated by a third party, but could not yet disclose the details.

The subsidy program will be available on regular and Sunrise Premium names, but not Sunrise names. It is not expected to launch until September.

It’s not yet clear how flexible and configurable the service will be.

It seems likely that if somebody wants to write a blog, say, criticizing a certain company, product, service or public figure, they will incur the usual $249 annual reg fee.

It’s not exactly “free” speech.

On the whole, the finalized policies and fees may look like they’re specifically designed to irk the IP lobby, but they do seem to be aligned with Vox Pop’s mission statement.

If you’re of the view that trademark owners should have the sole right to use the string matching their mark as a domain name, you’re likely to be unhappy with what Vox Pop is doing.

If, on the other hand, you’re an advocate of the right of every free person to stick it to The Man, you may view the policies more favorably.

Either way, it could be a money-spinner for Vox Pop.

I’m expecting .sucks to be only the third new gTLD to top 1,000 sunrise registrations (assuming .porn and .adult will be the first).

Assuming the registry’s slice of the $2,499 fee is over $2,000, the company is looking to clear in excess of $2 million in annually recurring sunrise revenue alone.

Rightside to release 20,000 two-character domains

Kevin Murphy, March 11, 2015, Domain Registries

A week from now, new gTLD registry Rightside is to release over 20,000 two-character domain names.

The releases will come across all of its delegated gTLDs, but exclude letter-letter combinations.

Only letter-number, number-letter and number-number combinations will be available, following ICANN’s partial lifting of the ban on two-character domains back in December.

Strings such as “a1″, “2b” and “69” will presumably become available.

Rightside said the domains will be sold on a first-come, first-served basis, with prices ranging from $200 to $50,000.

The registry has almost 30 delegated new gTLDs, including .auction, .software, .lawyer, .sale and .video.

If you’re interested, set your alarms for 1700 UTC on March 18. That’s when all 20,000 drop.

Two-letter domains are still reserved, pending the outcome of ICANN’s government-delayed release process.

Donuts bought .reise

Donuts has been confirmed by a German news site as the new owner of .reise, which was auctioned by its previous owner last week.

It was the first time a live gTLD had been sold at auction.

The deal, which is believed to have cost Donuts at least $400,000, means the company now owns .reise and .reisen.

Both mean “.travel”. According to my GCSE German skillz, last exercised 22 years ago, .reisen is a verb and .reise is a noun, but .reisen is also the plural of the noun .reise.

I believe this means that Donuts is the first company to own both the plural and singular forms of a new gTLD string.

Heise Online reports that former registry Dotreise was forced to sell up due to competition from Donuts.

Donuts’ .reisen has over 4,000 names in its zone file, compared to .reise’s 1,300. It’s a small market so far, but Donuts has the lion’s share.

The article notes that Donuts got a better position in ICANN’s prioritization draw in late 2012, meaning it got to market slightly earlier. Donuts also sells for a much lower price.

I doubt time to market was as much of a factor as price.

But it might be interesting to note that while Donuts’ advantage was just six days in terms of contract-signing, that lead had been extended to six weeks by the time .reise was delegated.

Donuts, which has more experience than any other company when it comes to the transition to delegation process, managed to hit general availability two weeks sooner than .reise, even though Donuts’ sunrise period was twice as long.

ICANN wins .hotels/.hoteis confusion appeal but has to pay up anyway

Kevin Murphy, March 5, 2015, Domain Policy

The proposed new gTLDs .hotels and .hoteis are too confusingly similar to coexist on the internet.

That’s the result of an Independent Review Process decision this week, which denied .hotels applicant Booking.com’s demand to have ICANN’s string confusion decision overturned.

But the IRP panel, while handing ICANN a decisive victory, characterized the string confusion and IRP processes as flawed and said ICANN should have to pay half of the panel’s $163,000 costs.

Booking.com filed the IRP a year ago, after the new gTLD program’s String Similarity Panel said in February 2013 that .hotels was too similar to rival Despegar Online’s proposed .hoteis.

.hoteis is the Portuguese translation of .hotels. Neither string was contested, so both would have been delegated to the DNS root had it not been for the confusion decision.

In my view, the String Similarity Panel’s decision was pretty sound.

With an upper-case i, .hoteIs is virtually indistinguishable from .hotels in browsers’ default sans-serif fonts, potentially increasing the ease of phishing attacks.

But Booking.com, eager to avoid a potentially costly auction, disagrees with me and, after spending a year exhausting its other avenues of appeal, filed an IRP in March 2013.

The IRP decision was handed down on Tuesday, denying Booking.com’s appeal.

The company had appealed based not on the merits of the SSP decision, but on whether the ICANN board of directors had acted outside of its bylaws in establishing an “arbitrary” and opaque SSP process.

That’s because the IRP process as established in the ICANN bylaws does not allow appellants to changed a decision on the merits. IRP panels are limited to:

comparing contested actions of the Board to the Articles of Incorporation and Bylaws, and with declaring whether the Board has acted consistently with the provisions of those Articles of Incorporation and Bylaws.

The IRP panel agreed that the SSP process could have been fairer and more transparent, by perhaps allowing applicants to submit evidence to the panel and appeal its decisions, saying:

There is no question but that that process lacks certain elements of transparency and certain practices that are widely associated with requirements of fairness.

But the IRP panel said Booking.com was unable to show that the ICANN board acted outside of its bylaws, highlighting the limits of the IRP as an appeals process:

In launching this IRP, Booking.com no doubt realized that it faced an uphill battle. The very limited nature of the IRP proceedings is such that any IRP applicant will face significant obstacles in establishing that the ICANN Board acted inconsistently with ICANN’s Articles of Incorporation or Bylaws. In fact, Booking.com acknowledges those obstacles, albeit inconsistently and at times indirectly.

Booking.com has failed to overcome the very obstacles it recognizes exist.

The IRP panel quoted members of ICANN’s New gTLD Program Committee extensively, highlighting comments which questioned the fairness of the SSP process.

In contrast to usual practice, where the losing party in an IRP bears the costs of the case, this panel said the $163,000 costs and $4,600 filing fee should be split equally between ICANN and Booking.com:

we can — and we do — acknowledge certain legitimate concerns regarding the string similarity review process raised by Booking.com, discussed above, which are evidently shared by a number of prominent and experienced ICANN NGPC members.

In view of the circumstances, each party shall bear one-half of the costs of the IRP provider

Booking.com and Despegar will now have to fight it out for their chosen strings at auction.

The full decision can be read in PDF format here. Other documents in the case can be found here.

The TL;DR version: ICANN wins because it has stacked the appeals deck in its favor and the IRP process is pretty much useless, so we’re going to make them pay up for being dicks.

More security issues prang ICANN site

Kevin Murphy, March 3, 2015, Domain Tech

ICANN has revealed details of a security problem on its web site that could have allowed new gTLD registries to view data belonging to their competitors.

The bug affected its Global Domains Division customer relationship management portal, which registries use to communicate with ICANN on issues related to delegation and launch.

ICANN took GDD down for three days, from when it was reported February 27 until last night, while it closed the hole.

The vulnerability would have enabled authenticated users to see information from other users’ accounts.

ICANN tells me the issue was caused because it had misconfigured some third-party software — I’m guessing the Salesforce.com platform upon which GDD runs.

A spokesperson said that the bug was reported by a user.

No third parties would have been able to exploit it, but ICANN has been coy about whether any it believes any registries used the bug to access their competitors’ accounts.

ICANN has ‘fessed up to about half a dozen crippling security problems in its systems since the launch of the new gTLD program.

Just in the last year, several systems have seen downtime due to vulnerabilities or attacks.

A similar kind of privilege escalation bug took down the Centralized Zone Data Service last April.

The RADAR service for registrars was offline for two weeks after being hacked last May.

A phishing attack against ICANN staff in December enabled hackers to view information not normally available to the public.