Latest news of the domain name industry

Recent Posts

Industry firm stars in reality TV show

Kevin Murphy, October 6, 2016, Gossip

NCC Group, registry for the .trust gTLD and domain data escrow provider, provided several of the supporting stars for a UK reality TV game show that started a few weeks ago.

Hunted is a Channel 4 show in which 10 members of the public turn “fugitive” for a month.

The contestants are pursued on foot and electronically by a team of military, law enforcement and security experts.

Contestants have to keep on the move and are not allowed to leave the UK. Each fugitive team has a covert cameraman recording their escapades.

It’s basically a big televised game of hide-and-seek.

Whoever makes it 28 days without being physically captured by the “hunters” wins a share of £100,000.

NCC provides four of members of the hunter team, all from the firm’s security division.

Here’s the pre-launch trailer.

Two episodes in to the six-episode series, I’d have to say it’s a fun watch, even if you have to take the “cyber” elements slightly with a pinch of salt.

Because the “hunters” don’t actually have legal access to CCTV cameras, phone records, car registration databases and the like, that element is simulated by the show’s makers, overseen by an ex-cop independent adjudicator.

It airs on Channel 4 on Thursday nights in the UK. The first two episodes are currently available on-demand.

.trust gTLD might be for sale as NCC closes domain business

Kevin Murphy, September 1, 2016, Domain Registries

NCC Group has stroppily departed from the domain name business but is evading questions about whether its .trust gTLD is for sale.

The company last month told the markets that it is to “cut its losses” and get rid of its Open Registry registry/registrar business, which it acquired for up to £14.9 million ($22.6 million) just 19 months ago.

But it left open the question of whether it would also divest .trust, the gTLD it acquired from Deutsche Post for an undisclosed sum a year earlier.

Talking to The Telegraph earlier this week, NCC CEO Rob Cotton had some harsh words for the new gTLD industry:

People thought there’d be a need for lots of generic domains, but there’s no need for them at all, it’s only good news for bad guys who can get them for free and pretend to be anyone.

It’s not exactly a volte face from NCC, which has repeatedly published research showing consumers don’t trust new gTLDs.

The company had been banking on .trust (a back-up plan after it failed to obtain .secure, which it had originally applied for) to showcase its potentially higher-margin domain security services.

In its full-year 2016 financial results last month, the company said it was closing down its domain services division, taking a charge of over £13 million as result.

Forty-five people lost their jobs as a result of change in strategy.

The closure does not appear to apply to its data escrow business, which has proven popular among new gTLD registries. That business sits within a separate Escrow Division.

The company said:

It is clear that the open generic domains and city codes have not been taken up by businesses and consumers as well as expected with all of these falling well short of their initial registration targets. Coupled with the fact that the branded domains are still either undelegated or those that are, are unused, it is clear that the market is not ready for the very necessary changes that need to happen to strengthen security on the Internet.

The domains division brought in just shy of £5 million ($6.6 million) in the year to May 31, but most of that was due to its withdrawal of its application for .secure. The division was making a loss.

On .trust, which the company reckons is worth £4.2 million, NCC was less than clear about its plans.

It said in its results that it “will continue to use .trust as the Group’s domain”, but that could merely mean it will continue to use nccgroup.trust as its primary web site.

I asked the company whether .trust was for sale this week and received the following PR statement:

NCC Group said in their FY results statement that certain parts of the Domain Services Division will be divested in due course, although the capability to provide a secure domain environment will be retained. They also stated that this will involve the diminution and realisation of assets. They said that Open Registry is to be realised and other assets written down.

They also made the point that they are still committed to the concept behind domain services and have retained the ability to provide a secure, managed environment when the marketplace changes.

Given the language, I would err towards .trust not being for sale, but the fact that the firm declined to give a straight answer it seems possible that it actually is.

European privacy ruling could add to registrars’ costs

Kevin Murphy, November 6, 2015, Domain Registrars

European domain registrars say they are facing increased costs of doing business due to a recent court ruling on privacy protection.

As a result, US data escrow giant Iron Mountain is likely to lose a lot of its ICANN business, as EU registrars defect to local alternatives such as UK-based NCC Group.

The ruling in question deals with the so-called “safe harbor” principles, under which European companies were able to transfer customers’ private data to US companies as long as the recipient promised to abide by EU privacy protection rules.

However, former spy Edward Snowden’s revelations of widespread privacy violations by the US government seemed to show that many US tech giants were complicit in handing over such data to US spooks.

And now the European Court of Justice has ruled the safe habor principles invalid.

This affects registrars because, under their ICANN contracts, they have to escrow registrant data on a weekly basis. That’s to prevent registrants losing their domains when registrars go out of business or turn out to be crooks.

While registrars have a choice of escrow agents, pretty much all of them use Iron Mountain, because ICANN subsidizes the service down to $0.

However, with the ECJ ruling, Euro-registrars have told ICANN that it would now be “illegal” to continue to use Iron Mountain.

In a recent letter (pdf) to ICANN, about 20 EU-based registrars said that non-European registrars would get a competitive advantage unless ICANN does something about it.

They want ICANN to start subsidizing one or more EU-based escrow agents, enabling them to switch without adding to costs.

the service fees of those [alternative] providers are not being supported by ICANN. Thus, the only solution for EU based registrars to comply with their local laws is to support this extra cost.

We are sure, you will agree this clearly constitutes an unfair disadvantage to a given category of a registrars.

This is why we ask ICANN to offer the same terms as it currently does to Iron Mountain to other RDE [Registrar Data Escrow] providers established in the European Economical Area to ensure a level playing field for registrars globally.

According to the registrars, they have until January to switch, so ICANN may have to move quickly to avoid unrest.

As .trust opens for sunrise, Artemis dumps .secure bid

Kevin Murphy, December 16, 2014, Domain Registries

Amazon is now the proud owner of the .secure new gTLD, after much smaller competing applicant Artemis Internet withdrew its bid.

Coincidentally, the settlement of the contention set came just yesterday, the day before Artemis took its .trust — which I’ve described as a “backup plan” — to sunrise.

I assume .secure was settled with a private deal. I’ve long suspected Artemis — affiliated with data escrow provider NCC Group — had its work cut out to win an auction against Amazon.

It’s a shame, in a way. Artemis was one of the few new gTLD applicants that had actually sketched out plans for something quite technologically innovative.

Artemis’ .secure was to be a “trust mark” for a high-priced managed security service. It wasn’t really about selling domain names in volume at all.

The company had done a fair bit of outreach work, too. As long ago as July 2013, around 30 companies had expressed their interest in signing up as anchor tenants.

But, after ICANN gave Amazon a get-out-of-jail-free card by allowing it to amend its “closed generic” gTLD applications, it looked increasingly unlikely Artemis would wind up owning the gTLD it was essentially already pre-selling.

In February this year, it emerged that it had acquired the rights to .trust from Deutsche Post, which had applied for the gTLD unopposed.

This Plan B was realized today when .trust began its contractually mandated sunrise period.

Don’t expect many brands to apply for their names during sunrise, however — .trust’s standard registration policies are going to make cybersquatting non-existent.

Not only will .trust registrants have their identities manually vetted, but there’s also a hefty set of security standards — 123 pages (pdf) of them at the current count — that registrants will have to abide by on an ongoing basis in order to keep their names.

As for Amazon, its .secure application, as amended, is just as vague as all of its other former bids for closed, single-registrant generic strings (to the point where I often wonder if they’re basically still just closed generics).

It’s planning to deploy a small number of names to start with, managed by its own intellectually property department. After that, its application all gets a bit hand-wavey.

.secure applicant claims NCC stole her idea

Domain Security Company CEO Mary Iqbal claims that NCC Group took many of her ideas for a high-security .secure top-level domain following unproductive investment talks.

Iqbal is also hinting at “potential future litigation” over the issue.

The surprising claims, made in emails to DI today, follow the announcement last week that a new NCC subsidiary, Artemis Internet, will also apply to ICANN for .secure.

“NCC Group has taken many of the security measures outlined in the Domain Security Company LLC security plan and incorporated them into the NCC Group’s proposed security measures,” Iqbal said.

Artemis chief technology officer Alex Stamos, a veteran security industry technologist, has dismissed the allegations as “completely ridiculous”.

“The only reason I know she is applying is because we did some Google searches when we were putting together our announcement,” he said.

Iqbal claims she was first contacted by NCC in January this year to talk about signing up for data escrow services – one of the technical services all new gTLD applicants need.

However, she says these talks escalated into discussions about a possible NCC investment in Domain Security Company, during which she shared the company’s security and business plans.

She said in an email:

These disclosures were made based on assurances from the NCC Group that the NCC Group was not then involved with any other applications for a secure Top Level Domain. Specific assurances were also given that the NCC Group was not involved with any other potential application for a .SECURE Top Level Domain.

But Stamos said that he’s been working on .secure at NCC since late last year, and he has no knowledge of any talks about investing in Iqbal’s company.

“All I know is that she talked to one of our salespeople about escrow,” he said. “I’ve never seen a business plan or security plan.”

Emails from an NCC executive sent to Iqbal in January and forwarded to DI by Iqbal today appear to be completely consistent with a sales call.

Iqbal said she has emails demonstrating that the talks went further, but she declined to provide them “since I may have to use it in any potential future litigation”.

Stamos pointed out that if NCC was in the habit with competing with its escrow clients, it would have applied for considerably more gTLDs than just .secure.

Artemis is proposing a significant technology development as part of its .secure bid, he said: the Domain Policy Framework, which he outlines on his personal blog here.

He added that Artemis is happy to compete with other .secure applicants – he evidently expects more to emerge – but on the merits of the application rather than “spurious claims”.

Domain Security Company “already has a very troubling history of using the legal process to overcome problems that should be based on merit”, he said.

That’s a reference to the company’s almost-successful attempt to secure US trademarks on .secure and .bank, in spite of the US trademark office’s rules against granting trademarks on TLDs.

Expect more stories like this to emerge about other gTLDs after ICANN’s Big Reveal of the applicant list next month.

Whether her claims have any merit or not, Iqbal’s not the first to claim that another applicant stole her idea, and she certainly won’t be the last.