Latest news of the domain name industry

Recent Posts

.feedback gTLD in breach of contract after big brand “fraud” claims

Kevin Murphy, March 17, 2017, Domain Registries

ICANN has slapped .feedback operator Top Level Spectrum with a contract breach notice after a huge complaint about alleged fraud filed by a gang of big brands.

The company becomes the third new gTLD to be hit by a breach notice, and the first to receive one as a result of losing a Public Interest Commitments Dispute Resolution Process case.

While TLS dodged the “fraud” charges on a technicality, the breach is arguably the most serious found by ICANN in a new gTLD registry to date.

The three-person PICDRP panel found TLS was in violation of the following commitment from its registry agreement:

Registry Operator will operate the TLD in a transparent manner consistent with general principles of openness and non-discrimination by establishing, publishing and adhering to clear registration policies.

But TLS dodged the more serious charges of “fraudulent” behavior, which it denied, largely on the technicality that its PICs only require it to bar its registrants from such behavior.

There’s nothing in the PICs preventing the registry from behaving fraudulently, so the PICDRP panel declined to rule on those allegations, saying only that they “may be actionable in another forum”.

The complainants, which filed their 1,800-page complaint in October, were MarkMonitor and a bunch of its clients, including Adobe, American Apparel, Best Buy, Facebook, Levi and Verizon.

They’d claimed among other things that 70% of .feedback domains were trademarked names actually registered by the registry, and that TLS had stuffed each site with reviews either paid for or scraped from services such as Yelp!.

They claimed that Free.Feedback, a free domains service hosted by an affiliated entity, had been set up to auto-populate Whois records with the names of brand owners (or whoever owned the matching .com domain) even when the registrant was not the brand owner.

This resulted in brand owners receiving “phishing” emails related to domains they’d never registered, the complainants stated.

TLS denied all all the allegations of fraud, but the PICDRP panel wound up not ruling on many of them anyway, stating:

the Panel finds that Respondent’s Registry Operator Agreement contains no covenant by the Respondent to not engage in fraudulent and deceptive practices.

The only violations it found related to the transparency of .feedback’s launch policies.

The panel found that TLS had not given 90 days notice of policy changes and had not made its unusual pricing model (which included an extra fee for domains that did not resolve to live sites) transparent.

The registry had a number of unusual launch programs, which I outlined in December 2015 but which were apparently not adequately communicated to registrars and registrants.

The panel also found that Free.Feedback had failed to verify the email addresses of registrants and had failed to make it easy for trademark owners to cancel domains registered in their names without their consent.

Finally, it also found that TLS had registered a bunch of trademark-match domain names to itself during the .feedback sunrise period:

self-allocating or reserving domains that correspond to the trademark owners’ marks during the Sunrise period constitutes a failure by the Respondent to adhere to Clause 6 of its Registration and Launch policies, versions 1 and 2. According to the policies, Sunrise period is exclusively reserved for trademark owners

TLS, in its defense, denied that it had self-allocated these names and told the panel it had “accidentally” released them into the zone file temporarily.

As a result of the PIC breaches found by the panel, ICANN Compliance has issued a breach notice (pdf) against the company.

To cure the breach, and avoid having its Registry Agreement taken away, TLD has to, by April 15:

Provide ICANN with corrective and preventative action(s), including implementation dates and milestones, to ensure that Top Level Spectrum will operate the TLD feedback in a transparent manner consistent with general principles of openness and nondiscrimination by establishing, publishing and adhering to clear registration policies;

That seems to me like it’s probably vague enough to go either way, but I’d be surprised if TLS doesn’t manage to comply.

Government anger over two-letter domains

Kevin Murphy, March 16, 2017, Domain Policy

ICANN’s Governmental Advisory Committee has clashed with its board of directors over the lack of protections for two-letter domain names that match country codes.

The board has now formally been urged to reconsider its policy to allow registries to sell these names, after angry comments and threats from some GAC members.

Governments from Brazil, Iran, China and the European Union are among at least 10 angered that the names are either not adequately protected or only available for exorbitant prices,

The debate got very heated at ICANN 58 here in Copenhagen on Wednesday morning, during a public session between the GAC and the board, with Iran’s outspoken GAC rep, Kavous Arasteh, almost yelling at Chris Disspain, the board’s point man on the topic.

Arasteh even threatened to take his concerns, if not addressed, to the International Telecommunications Union when it convenes for a plenipotentiary next year.

“Your position is not acceptable. Rejected categorically,” he said.

“The multistakeholder process was not easily accepted by many countries. Still people have difficulty with that,” he said. “We have a plenipotentiary coming in 2018, and we will raise the issue if the matter is not resolved… It is not always commercial, government also has some powers, and we exercise our powers.”

Invoking the ITU is a way to turn a relatively trivial disagreement into an existential threat to ICANN, a typical negotiating tactic of governments that don’t get what they want from ICANN.

The relatively trivial disagreement in this case is ICANN’s decision to allow gTLD registries to release all previously reserved two-letter strings.

In November, ICANN approved a policy that released all two-letter strings on the proviso that registrants have to assert that they will not pass themselves off as affiliated with the countries concerned.

Registries also were given a duty to investigate — but not necessarily act upon — governmental complaints about confusion.

ICANN thinks that this policy is perfectly compliant with the GAC’s latest official advice, supplied following the Helsinki meeting last June, which asked ICANN to:

urge the relevant Registry or the Registrar to engage with the relevant GAC members when a risk is identified in order to come to an agreement on how to manage it or to have a third-party assessment of the situation if the name is already registered.

Disspain patiently pointed out during Wednesday’s session that governments have no legal rights to their ccTLD strings at the second level, and that most of the complaining governments don’t even protect two-letter strings in their own ccTLDs.

But some GAC reps disagreed.

China stated (via the official interpreter): “We believe the board doesn’t have the right or the mandate to decide whether GAC members have the right over two-character domain names.”

While no government spoke in favor of the ICANN policy on Wednesday, the complaining governments do appear to be in a minority of the GAC.

Despite this, they seem to have been effective in swaying fellow committee members to issue some stern new advice. The Copenhagen communique, published last night (pdf), reads:

a. The GAC advises the ICANN Board to:

I. Take into account the serious concerns expressed by some GAC Members as contained in previous GAC Advice

II. Engage with concerned governments by the next ICANN meeting to resolve those concerns.

III. Immediately explore measures to find a satisfactory solution of the matter to meet the concerns of these countries before being further aggravated.

IV. Provide clarification of the decision-making process and of the rationale for the November 2016 resolution, particularly in regard to consideration of the GAC advice, timing and level of support for this resolution.

ICANN is being compelled to retroactively revisit a policy that was issued in compliance with previous GAC advice, it seems.

The next ICANN meeting is being held in Johannesburg in June, so the clock is ticking.

Two-letter domains are valuable properties even in new gTLDs. With each expected to sell for thousands, two-letter names are likely to be a multimillion dollar windfall for even moderately sized portfolio registries.

In rare public session, ICANN approves sexual harassment policy

Kevin Murphy, March 11, 2017, Domain Policy

ICANN’s board of directors this afternoon approved an anti-harassment policy designed to protect community members from unwanted sexual attention.

It’s the policy inspired by the now infamous Cheesesandwichgate incident at the Marrakech meeting a year ago.

But general counsel John Jeffrey noted that there have been multiple similar complaints to the Ombudsman over the last year or so, possibly as a result of increased awareness that such complaints are possible.

While the text of the resolution has not yet been published, I believe it’s approving a lightly modified version of the policy draft outlined here.

That draft sought to ban activities such as “sexually suggestive touching” and “lewd jokes” at ICANN meetings. A laundry list of characteristics (such as race, gender, disability) were also given special protection.

What’s possibly more interesting than the new policy itself is the manner in which the policy was approved.

It was the first time in goodness knows how many years — definitely over 10, and I’m tempted to say over 15, but nobody seems to know for sure — that the ICANN board has deliberated on a resolution in public.

By “in public” I mean the 30-minute session was live-streamed via Adobe Connect from an undisclosed location somewhere at ICANN 58, here in Copenhagen. An in-person live audience was not possible for logistical reasons, I’m told.

Apart from the first few years of ICANN’s existence, its public board meetings have usually been rubber-stamping sessions at the end of the week-long meeting, based on discussions that had gone on behind closed doors days earlier.

So today’s session was a significant attempt to increase transparency that is likely to be welcomed by many.

Unfortunately, its existence could have been communicated better.

For the first 15 minutes, there were no more than 19 people in the Adobe room, and I believe I may have been the only one who was not ICANN staff or board.

After I tweeted about it, another 10 or so people showed up to listen.

Given that increased board transparency is something many sections of the community have been clamoring for for years, one might have expected a bigger turnout.

While the meeting had been prominently announced, it was not listed on the official ICANN 58 schedule, so had failed to make it onto the to-do lists of any of the iCal slaves pottering around the venue.

The session itself came across to me as a genuine discussion — not stage-managed or rehearsed as some had feared.

Directors raised issues such as the possible increased workload on the Ombudsman, the fact that the current Ombudsman (or Ombudsperson, as some directors referred to him) is male, and the availability of female staff members to receive “sensitive” complaints.

Today’s open session is part of a “pilot” and is due to be followed up on Sunday with another, which will discuss ICANN’s fiscal 2018 operating plan and budget.

Again, turning up to watch in person will not be possible, but the 90-minute session will be streamed live at 0745 UTC here.

The first in the pilot program, which even I missed, was in Brussels in September.

Schneider quits as chair of GAC

Kevin Murphy, March 11, 2017, Domain Policy

ICANN’s Governmental Advisory Committee is looking for a new chair.

Incumbent Thomas Schneider intends to leave the role before his current two-year term expires, he told GAC members assembled here at the ICANN 58 public meeting in Copenhagen this afternoon.

Schneider said that his boss at the Swiss government agency at which he works recently retired and that he has been appointed his successor.

From April, he’ll become vice director of the Federal Office of Communication, responsible for international affairs, he said.

The increased workload, including organizing the next Internet Governance Forum in Geneva, means he will no longer be able to devote his time to chairing the GAC, he said.

Schneider’s first two-year term as GAC chair started at the beginning of 2015. He was reelected to the position for a second term last November.

His replacement will be elected at the ICANN 60 meeting in Abu Dhabi this coming October, at which point Schneider will hand over the reins.

Papac named ICANN’s first complaints officer

Kevin Murphy, March 10, 2017, Domain Policy

ICANN has named its first-ever complaints officer.

It’s Krista Papac, a long-time domain industry participant who’s been working for ICANN, most recently as director of registry services and engagement, since 2013.

She’s previously worked for the registries Verisign, ARI (now part of Neustar) and data escrow agent Iron Mountain.

Her job will be to “provide a centralized mechanism to track complaints received about the ICANN organization” and is “an additional way for the ICANN organization to be accountable for and transparent about its performance”.

Her input will come largely from existing accountability mechanisms — the Ombudsman, Requests for Reconsideration, the Independent Review Process, and the contractual compliance department.

She’ll report to general counsel John Jeffrey.

The hire, and the reporting line, has already proved somewhat controversial.

Domain investor trade group the Internet Commerce Association today said that it was skeptical that a complaints officer reporting to the general counsel could be effective.

ICA added in a blog post that, while it has no beef with Papac, it had concerns that an insider had been hired into the role.

How can any individual who has worked for years within ICANN’s [Global Domains Division] be expected to cast prior experience and relationships aside to thoroughly and dispassionately investigate a complaint brought against GDD actions generally, or those of a specific member of the GDD staff?

Papac’s new role follows Jamie Hedlund’s internal move from head of government relations to VP of contractual compliance and consumer safeguards, in January.