The recently discovered security vulnerability in one of ICANN’s web sites revealed how much Donuts was willing to pay for contested gTLDs at auction.
This worrying claim emerged during a meeting between registries and the ICANN board of directors at ICANN 53 in Buenos Aires yesterday.
“We were probably the largest victim of the data breach,” Donuts veep Jon Nevett told the board. “We had our financial data reviewed numerous times, dozens of times. We had our relative net worth of our TLDs reviewed, so it was very damaging information.”
He was referring to the misconfiguration in the new gTLD applicants’ portal, which allowed any user to view confidential application attachments belonging to any applicant.
But it was not until late May that it emerged that only one person, dotBerlin CEO Dirk Krischenowski, was suspected by ICANN of having deliberately viewed data belonging to others.
Nevett said communication should have been faster.
“We were in the dark for a number of weeks about who saw the data,” he told the board. “That was troubling, as we were going to auctions in that interim period as well.”
Donuts, which applied for over 300 new gTLDs, is known to have taken a strictly numbers-driven approach to string selection and auction strategy.
If a rival in a contention set had known how much Donuts was prepared to pay for a string, it would have had a significant advantage in an auction.
In response to Nevett’s concerns, ICANN CEO Fadi Chehade said that ICANN had to do a thorough investigation before it could be sure who saw what when.
ICANN has slapped a de facto ban on so-called “closed generic” gTLDs, at least for the remaining 2012 round applicants.
The ICANN board’s New gTLD Program Committee passed a resolution Sunday that un-freezes the remaining new gTLD applications that envisage a namespace wholly controlled by the applicant.
The affected strings are .hotels, .dvr and .grocery, which are uncontested, as well as .food, .data and .phone, which are contested by one or two other applicants.
The NGPC said five strings are affected, but the ICANN web site currently shows these six.
The resolution allows the contested strings to head to dispute resolution or auction, but makes it clear that “exclusive generic gTLDs” will not be able to sign a registry contract.
Instead, they will either have to withdraw their applications (receiving a partial refund), drop their exclusivity plans, or have their applications carried over to the second new gTLD round.
The GNSO has been asked to develop a policy on closed generics for the second round, which is still probably years away.
It’s not clear whether other applicants would be able to apply for strings that are carried over, potentially making the close generic applicant fight two contention sets.
The NGPC decision comes over two years after the Governmental Advisory Committee advised that closed generics must serve “a public interest goal” or be rejected.
This weekend’s resolution sidesteps the “public interest” question altogether.
Freenom, the company behind .tk and other freebie ccTLDs, has had its ICANN registrar accreditation suspended for cybersquatting competing registrars including Go Daddy and Key-Systems.
OpenTLD, its registrar business, has been told it cannot accept new registrations or inbound transfers from July 8 to October 6 or until it provides ICANN with a full list of the names it squatted.
I believe it’s the first time ICANN has suspended a registrar for this reason.
The suspension notice states:
ICANN has found that OpenTLD has engaged in a pattern and practice of trafficking in or use of domain names identical or confusingly similar to a trademark or service mark of a third party in which the Registered Name Holder has no rights or legitimate interest
That’s a long-winded way of saying “massive cybersquatting”.
ICANN is basing its claims on two UDRP cases that Freenom and its CEO, Joost Zuurbier, lost.
According to WIPO panelists in Key-Systems GmbH v. Joost Zuurbier, OpenTLD B.V. and NetEarth Group, Inc. v. Stichting OpenTLD WHOIS Proxy, the company squatted at least seven of its rivals’ trademarks.
The domains were netearthone.biz, rrpproxy.me, key-systems.cc, resellerclub.tk, resellbiz.biz, godaddy.cf and resello.ws.
According to the UDRP decisions, Freenom used the domains to try to entice resellers of the other registrars over to OpenTLD.
It bought the competing registrars’ trademarks as search keywords on Google’s advertising platform, a WIPO panelist found. If you searched Google for Key-Systems trademark “RRPproxy”, for example, you’d get an ad linking to rrpproxy.me.
In some cases the names were registered behind Freenom’s in-house privacy service. In others, Zuurbier and OpenTLD were listed plainly as the registrants.
The WIPO panelists also found that Freenon shirked its duties under the UDRP as registrar, deleting the squatted domains rather than locking them, which essentially amounted to “cyberflight”.
It all looks pretty bad for Freenom, which only gained its accreditation two years ago.
To avoid termination, it has to provide ICANN with a list of all of its trademark infringing names, agree to transfer them to the mark owners or delete them, and bunch of other stuff.
ICANN CEO Fadi Chehade has laid out his current best thinking for the timeline of the IANA’s transition from US government oversight, and he’ll be gone well before it’s done.
At the opening ceremony of the ICANN 53 meeting in Buenos Aires today, Chehade described how June 2016 is a likely date for the divorce; three months after his resignation takes effect.
I asked our community leaders, “Based on your plans and what you’re seeing and what you know today, when could that finish?” The answers that are coming back to us seem to indicate that by ICANN 56, which will be back in Latin America in the middle of 2016, a year from today, the contract with the US Government could come to an end.
He showed a slide that broke the remaining work of the transition into three phases.
Work being carried out within ICANN is not entirely to blame for the length of time the process will take.
The US National Telecommunications and Information Administration needs 60 to 90 days to review the final community-developed transition proposal.
And under forthcoming US legislation, 30 legislative days will be required for the US Congress to review the NTIA’s approval of the plan.
Thirty legislative days, Chehade explained, could mean as many as 60 actual days, depending on the yet-unpublished 2016 Congressional calendar.
He urged the community focus hard on Phase One in his graphic — actually producing a consensus transition plan.
The target for delivery of this is the next ICANN meeting, 54, which will take place in Dublin, Ireland from October 18 to October 22 this year.
ICANN has risked the ire of community members by kicking off ICANN 53 today with a joke referencing transgender celebrity Bruce/Caitlyn Jenner.
Just moments into his opening address this hour, ICANN chair Steve Crocker worked a joke around before/after photos of the former athlete.
[UPDATE: Crocker has issued an apology. See the bottom of this post.]
This is what Crocker said:
What are we really talking about here? What is this thing we call “the transition”? And why has it captivated the attention of so many?
[Jenner photo appears]
Ahhh, no. That’s not quite the transition that I’m referring to. I’m only referring to the IANA stewardship transition.
Reaction from attendees was mixed.
The joke got laughter from the room.
On Twitter, some were less amused.
— Aida Mahmutović (@Aidazzles) June 22, 2015
#ICANN53 starts with a joke at the expense of the LGBTQI population. I guess that is better than a prayer. But not a lot.
— avri (@avri) June 22, 2015
Ehhh….what just happened there. Seriously #ICANN, some things one do not joke about.
— Patrik Fältström (@patrikhson) June 22, 2015
Slow start from Crocker here. Apparently ICANN meetings are supposed in Summer and jokes about transgender transition are funny #sheesh
— Adrian Kinderis (@AdrianKinderis) June 22, 2015
Unfortunate & sad that on such a global platform ICANN has used Caitlyn Jenner's image to generate a laugh instead of applauding her courage
— dotgay LLC (@dotgay) June 22, 2015
I’ll be the first to leap to the defense of the joke.
I laughed. I don’t think it was offensive or insulting to Jenner or to trans people in general — it was more a joke about celebrity culture — and I don’t think any offense was intended.
If I had seen it on TV, I wouldn’t have batted an eyelid. I even made a joke about Jenner’s Vanity Fair cover, on Twitter, a couple weeks back.
But a lot of ICANN regulars are more sensitive about this kind of thing. I’ve had conversations with people who believe it was highly inappropriate for CEO Fadi Chehade to congratulate a participant, from the stage during a previous meeting, on her visible pregnancy.
For ICANN’s chairman to make a joke about a transgender person’s transition at the opening ceremony of a major meeting? That’s a misjudgment, in my view.
ICANN, recall, has recently been bombarded with letters from equal rights groups over the decision by the Economist Intelligence Unit to reject a .gay gTLD applicant’s Community Priority Evaluation.
EIU based its decision in large part on the fact that the proposed .gay community included transgender and intersex people, which the EIU said were not encapsulated by the string “gay”.
ICANN has expected standards of behavior for its meetings that cover such things as sexism and homophobia.
UPDATE: Crocker issued the following statement on ICANN’s Facebook account:
I understand that I may have inadvertently offended some during my speech at this morning’s welcome session with a reference to Caitlyn Jenner, which was intended as a salute. It opened up an important dialog that is consistent with our principles.
Please know that I view Caitlyn’s decision to be heroic and brave. I made this reference solely because of the world attention on a transition and it was not intended in any way, shape or form to be a criticism of her heroic decision. I was in no way making light or poking fun at her transition, but rather playing on the world attention on a “transition.” I apologize if my comments were perceived in a different manner than I intended them.
Dr. Stephen Crocker
ICANN Board Chair
Photo credit: James Bladel.