Latest news of the domain name industry

Recent Posts

Credit card hack cost Web.com millions

Kevin Murphy, October 30, 2015, Domain Registrars

Web.com is taking a $1 million per-quarter hit to its revenue as a result of August’s hacking attack.

It also incurred $400,000 in consulting, legal and credit monitoring fees in the third quarter as a result of the breach, CEO David Brown told analysts last night.

Some 93,000 credit card numbers were stolen during the attack, a small portion of its 3.3 million customers.

A number of customers jumped ship as a result of the attack, moving their domains elsewhere, which increased Web.com’s churn rate.

“Due to the subscription nature of our business, in the fourth and subsequent quarters we expect the breach will have about a $1 million negative impact on revenue per quarter due to the shortfall from Q3,” Brown said.

It added 15,000 customers in the quarter, lower than the 21,000 it added in Q2.

Net income for the quarter was $6.1 million, reversing a $3.4 million loss in the year-ago period, on revenue that was basically flat at $136.8 million, compared to $137.4 million a year ago.

In response to an analyst question, Brown also commented on the success, or lack thereof, of the company’s new gTLD business. He said:

That continues to be positive, but we’re not doing back-flips here. It’s not that positive. We think it’s good for the market, good for consumers and businesses to have more choices. But they’re not flying off the table. .com and .net and the original extensions still are the force in the marketplace. But as we see more gTLDs and as the market understands them and see the opportunity, we continue to believe that this will be a positive trend. But at this point, it’s not moving the needle in our business or likely in anyone’s business.

Web.com owns registrars including Network Solutions and Register.com.

.cars domains to start at $45,000, retail for $2,500

Kevin Murphy, October 29, 2015, Domain Registries

Cars Registry has set pricing for .car, .cars and .auto domains at crazy-high levels.

If you want to buy a domain in any of the three gTLDs on day one, it will cost you a whopping $45,000.

If you buy one during regular general availability, it’s likely to set you back $2,500.

The registry, a partnership of Uniregistry and XYZ.com, has set its registry fee at $2,000, according to an email sent to registrars this week.

That’s a buck higher than .sucks, one of the most expensive new gTLDs to launch to date.

The sunrise fee will be $3,000 — made up of the regular $2,000 fee plus an added $1,000. Again, that’s higher than .sucks.

The Early Access Period — which, as reported yesterday, has replaced the more usual landrush — will run for nine days with prices ranging from $45,000 to $5,000.

Compared to the usual models of XYZ.com and Uniregistry, which tend towards the mass-market, these prices are colossal.

I wonder how much the pricing was influenced by the fact that the registry has the car-related gTLD market almost entirely sewn up.

Its only potential competitor is .autos, which has been delegated for almost 18 months but has yet to even reveal its launch plans and probably isn’t going to be available to the mass market anyway.

Sunrise for all three gTLDS is due to start December 9, ending January 12. EAP will begin that day, and GA will start January 20.

.gay applicant appeals community loss, again

Kevin Murphy, October 28, 2015, Domain Policy

dotgay LLC has appealed its Community Priority Evaluation defeat again, filing a new Request for Reconsideration with ICANN this week.

It’s an unprecedented second use of the RfR process to appeal its CPE loss, in which the Economist Intelligence Unit panel decided the applicant’s definition of “gay” was far too broad to award dotgay enough points to pass the evaluation.

But dotgay wants ICANN to initiate a third CPE, to be carried out by anyone other than the EIU.

The EIU panel said earlier this month that it had “determined that the applied-for string does not sufficiently identify some members of the applicant’s defined community, in particular transgender, intersex, and ally individuals”.

Basically, EIU was pointing out, for the second time, that transgender people and straight “allies” aren’t “gay”.

It awarded dotgay 0 out of the possible 4 points available on “Nexus” criteria, meaning the applicant failed to hit the 14 points required to win.

While the RfR dodges the transgender issue altogether, dotgay has some interesting arguments in response to the “ally” question.

It’s now claiming that “ally” refers to companies and organizations that support the equal rights cause (because non-human legal entities don’t have a gender identity or sexual preference) and to proxy registrars:

Now, since an organization or company in itself can impossibly be “lesbian” or “gay”, Requester has been seeking for a way to also position these companies and organizations in this community definition. For this reason, Requester has referred to these organizations as “allies” in the context of the LGBTQIA definition.

Furthermore, as stated in the Application, LGBTQIAs are a vulnerable group in many countries and societies, and too often still the subject of prosecution for who they are. In order to put in place safeguards for those gay community members who do not wish to be directly associated with a domain name registration, organizations and companies who in essence cannot be “non-heterosexual” should have the possibility to act as a proxy service, which is common practice in the domain name industry.

In any case, any such “ally” must be approved by an Authentication Partner in order to be able to register a domain name in its own name or in the name or on behalf of a third party who meets the LGBTQI requirements.

It’s an interesting argument, but I can’t see anything in its original application that would support such a position.

dotgay may be on stronger ground with its claim that it unfairly lost one point on the “Opposition” criteria of the CPE.

Two points were available there. Applicants could lose one point immediately if there was a single letter of opposition from a relevant, non-negligible organization.

The EIU seems to have been in possession of such a letter, though its CPE ruling does not name the opponent.

dotgay thinks the opponent was the Q Center, a community center in Portland, Oregon, which opposed dotgay in writing in 2014 but, following a change in its board of directors, retracted that opposition (pdf).

So it may be the case that dotgay unfairly lost a point.

Regaining that point would not be enough to give the company a winning CPE score, but if the EIU screwed up that may be grounds for ICANN to initiate another rerun of the CPE.

However, it’s quite rare for ICANN’s board of directors to approve an RfR.

If dotgay loses, it will either have to go to auction against its rival applicants or file an Independent Review Process complaint, its final avenue of appeal.

Read its RfR here.

Verisign’s silly .xyz lawsuit thrown out

Kevin Murphy, October 28, 2015, Domain Registries

Verisign has had its false advertising lawsuit against the .xyz gTLD registry thrown out of court.

XYZ.com this week won a summary judgement, ahead of a trial that was due to start next Monday.

“By granting XYZ a victory on summary judgement, the court found that XYZ won the case as a matter of law because there were no triable issues for a jury,” the company said in a statement.

The judge’s ruling does not go into details about the court’s rationale. XYZ’s motion to dismiss has also not been published.

So it’s difficult to know for sure exactly why the case has been thrown out.

Verisign sued in December, claiming XYZ and CEO Daniel Negari had lied in advertising and media interviews by saying there are no good .com domain names left.

Many of its claims centered on this video:

XYZ said its ads were merely hyperbolic “puffery” rather than lies.

Verisign also claimed that XYZ had massively inflated its purported registration numbers by making a shady $3 million reciprocal domains-for-advertising deal with Network Solutions.

XYZ general counsel Grant Carpenter said in a statement: “These tactics appear to be part of a coordinated anti-competitive scheme by Verisign to stunt competition and maintain its competitive advantage in the industry.”

While Verisign has lost the case, it could be seen to have succeeded in some respects.

XYZ had to pay legal fees in “the seven-figure range”, as well as disclose hundreds of internal company documents — including emails between Negari and me — during the discovery phase.

Through discovery, Verisign has obtained unprecedented insight into how its newest large competitor conducts its business.

While I’ve always thought the lawsuit was silly, I’m now a little disappointed that more details about the XYZ-NetSol deal are now unlikely to emerge in court.

Should brands get a new gTLD round to themselves? Twitter thinks so

Kevin Murphy, October 20, 2015, Domain Policy

Twitter wants to get its hands on some new gTLDs but doesn’t want to wait.

Having missed the first round of new gTLD applications back in 2012, the company is now keen on getting .twitter and other strings both branded and generic.

“We’re interest in round two,” Twitter trademark counsel Stephen Coates said as ICANN’s business constituencies met the board of directors today.

“We have several interesting opportunities to develop around that space,” he said. “We are interested in both brands and generics.”

The problem for Twitter, and every other would-be gTLD applicant, is that ICANN isn’t even talking in broad terms about when the next round will be.

The absolute minimum that must happen is that ICANN must complete a review of round one, focusing on “Competition, Consumer Trust and Consumer Choice”. This CCT review is mandated by ICANN’s Affirmation of Commitments with the US government.

Almost three years after the first round opened, the volunteer team that will carry out the CCT review has not even been assembled yet.

There are a number of other factors that may or may not wind up on the critical path — such as reviews of rights protection mechanisms and security and stability at the DNS root.

Coates said he would like a “bifurcated” review process leading to two separate second application rounds.

“I would advocate for bifurcating the review process, which I think is very important, especially around RPMs,” he said. “But also bifurcating the round process, treating dot-brands differently than generic names.”

I think this outcome is unlikely.

Application rules that give preference to one type of application over another invite exploitation. It happened in the 2003 sponsored TLD round and it’s happening with “community” and “Specification 13” applications in the current round too.