Latest news of the domain name industry

Recent Posts

Has ICANN cut off its regulatory hands?

Kevin Murphy, October 1, 2020, Domain Policy

ICANN may have voluntarily cut off its power to enforce bans on things like cyberbullying, pornography and copyright infringement in future new gTLDs.

Its board of directors yesterday informed the chairs of SubPro, the community group working on new gTLD policy for the next round, that its ability to enforce so-called Public Interest Commitments may be curtailed in future.

A PIC is a contractual promise to act in the public interest, enforceable by ICANN through a PIC Dispute Resolution Process. All 2012 new gTLDs have them, but some have additional PICs due to the gTLD’s sensitive nature.

They were created because ICANN’s Governmental Advisory Committee didn’t like the look of some applications for gTLD strings it considered potentially problematic.

.sucks is a good example — registry Vox Populi has specific commitments to ban cyberbullying, porn, and parking in its registry agreement.

Should ICANN receive complaints about bullying in .sucks, it would be able to invoke the PICDRP and, at least in theory, terminate Vox Pop’s registry contract.

But these are all restrictions on content, and ICANN is singularly focused on not being a content regulator.

It’s so focused on staying away from content that four years ago, during the IANA transition, it amended its bylaws to specifically handcuff itself. The bylaws now state, front and center:

ICANN shall not regulate (i.e., impose rules and restrictions on) services that use the Internet’s unique identifiers or the content that such services carry or provide… For the avoidance of doubt, ICANN does not hold any governmentally authorized regulatory authority.

There’s a specific carve-out grandfathering contracts inked before October 1, 2016, so PICs agreed to by 2012-round applicants are still enforceable.

But it’s doubtful that any PICs not related to the security and stability of the DNS will be enforceable in future, the board told SubPro.

The issue is being raised now because SubPro is proposing a continuation of the PICs program, baking it into policy in what it calls Registry Voluntary Commitments.

Its draft final report acknowledges that ICANN’s not in the content regulation business, but most of the group were in favor of maintaining the status quo.

But the board evidently is more concerned. It told SubPro’s chairs:

The language of the Bylaws, however, could preclude ICANN from entering into future registry agreements (that materially differ in form from the 2012 round version currently in force) that include PICs that reach outside of ICANN’s technical mission as stated in the Bylaws. The language of the Bylaws specifically limits ICANN’s negotiating and contracting power to PICs that are “in service of its Mission.” The Board is concerned, therefore, that the current Bylaws language would create issues for ICANN to enter and enforce any content-related issue regarding PICs or Registry Voluntary Commitments (RVCs)

There’s a possibility that it could now be more difficult for future applicants to get their applications past GAC concerns or other complaints, particularly if their chosen string addresses a “highly sensitive or regulated industry”.

There was a “chuck it in the PICs” attitude to many controversies in the 2012 round, but with that option perhaps not available in future, it may lead to an increase in withdrawn applications.

Could .sucks get approved in future, without a cast-iron, enforceable commitment to ban bullying?

Ethos clarifies .org price rises, promises to reveal number of censored domains

Public Interest Registry and would-be owner Ethos Capital have slightly revised the set of promises they hope to keep if ICANN approves the $1.13 billion acquisition.

Notably, in updating their proposed Public Interest Commitments (pdf), they’ve set out in plain dollar terms for the first time the maximum annual price PIR would charge for a .org domain over the coming seven years.

Applicable Maximum FeeTime Period
$9.93June 30, 2019 to June 29, 2020
$10.92June 30, 2020 to June 29, 2021
$12.02June 30, 2021 to June 29, 2022
$13.22June 30, 2022 to June 29, 2023
$14.54June 30, 2023 to June 29, 2024
$15.99June 30, 2024 to June 29, 2025
$17.59June 30, 2025 to June 29, 2026
$19.35June 30, 2026 to June 29, 2027

Previous versions of the PICs just included a formula and invited the reader to do the math(s).

The two companies are proposing to scrap price caps altogether after June 2027.

If ICANN rejects the deal, under its current contract PIR would be free to raise its prices willy-nilly from day one, though some believe it would be less likely to do so under its current ownership by the non-profit Internet Society.

The new PICs also include a nod to those who believe that PIR would become less sensitive to issues like free speech and censorship — perhaps because China may lean on Ethos’ shadowy billionaire backers. The document now states:

Registry Operator will produce and publish annually a report… This report will also include a transparency report setting forth the number of .ORG domain name registrations that have been suspended or terminated by Registry Operator during the preceding year under Registry Operator’s Anti-Abuse Policy or pursuant to court order.

A few other tweaks clarify the launch date and composition of its proposed Stewardship Council, a body made up of expert outsiders that would offer policy guidance and have a veto on issues such as changes to .org censorship and privacy policy.

The PICs now ban family members of people working for PIR from sitting on the council, and clarify that it would have to be up and running six months after the acquisition closes.

Because .org is not a gTLD applied for in 2012, the PICs do not appear to be open for public comment, but post-acquisition changes to the document would be.

ICANN currently plans to approve or deny the acquisition request by April 20, just 11 days from now.

.org decision delayed another month

Kevin Murphy, March 18, 2020, Domain Registries

ICANN has been given another month to decided whether or not to approve Ethos Capital’s proposed $1.13 billion acquisition of Public Interest Registry from the Internet Society.

PIR said today that it has agreed to give ICANN until April 20 to give it the yay or nay on the controversial deal.

It seems the disruption and distraction caused by the coronavirus pandemic played at least a small role in the decision. PIR said:

To ensure ICANN and the California Attorney General’s office, with which we have been communicating, have the time they need to address any outstanding questions regarding the transaction, especially in light of current events, we have agreed to an ICANN deadline extension to April 20th. We look forward to ICANN’s decision by this date.

Yesterday, opponents of the deal suggested that the acquisition could interfere with the global pandemic response, but PIR has dismissed these claims today as “misleading and alarmist” and “deceiving the public”.

Meanwhile, PIR has updated the proposed contractual Public Interest Commitments that it believes will address some of its critics’ concerns.

Future changes to the PICs will be subject to ICANN’s public comment process, the company said. This is presumably designed to calm fears that the registry will simply dump the PICs next time its contract comes up for renegotiation.

Given the level of confidence in the efficacy of the public comment process — which I would argue is currently close to zero — I doubt this new promise will have its intended effect.

PIR has also taken on criticism that its proposed .ORG Stewardship Council, designed to make sure .org continues to be managed in the public interest, could easily be captured by Ethos yes-men.

Now, instead of appointing the first five members of the council itself, Ethos will instead recruit an “internationally-recognized executive search firm” to find five suitable candidates from stakeholder groups including ICANN’s Non-Commercial Stakeholder Group and At-Large Advisory Committee.

Those nominations will still be subject to final approval by the PIR board, however, so again I think the deal’s critics will still have complaints to cling to.

PIR expects to announce further details of the council selection process next Monday, March 23.

Ethos volunteers for .org pricing handcuffs

Kevin Murphy, February 25, 2020, Domain Registries

Ethos Capital has volunteered to have price caps written back into Public Interest Registry’s .org contract, should ICANN approve its $1.1 billion proposed acquisition.

The private equity firm said Friday that it has offered to agree to a new, enforceable Public Interest Commitment that bakes its right to increase prices into the contract under a strict formula that goes like this:

Applicable Maximum Fee = $9.93 x (1.10n)

The $9.93 is the current wholesale price of a annual .org registration. The “n” refers to the number of full years the current .org registry agreement has been in play, starting June 30, 2019.

In other words, it’s a 10%-per-year increase on average, but PIR could skip a year here and there and be eligible for a bigger price increase the following year.

For example, PIR could up the fee by 10% or $0.99 to $10.92 this coming June if it wanted, but if it decided to wait a year (perhaps for public relations reasons) if could increase the price to $12.13 in June 2021, an increase of $2.20 or roughly 22%.

It could wait five years before the first price increase, and up it from $9.93 to $16.53, a 66% increase, in year six.

While price increases are of course unpopular and will remain so, the formula does answer the criticism posed on DI and elsewhere that Ethos’ previous public statements on pricing would allow PIR to front-load its fee hikes, potentially almost doubling the price in year one.

But the caps have a built-in expiry date. They only run for eight years. So by the middle of 2027, when PIR could already be charging $18.73, the registry would be free to raise prices by however much it pleases.

It’s a better deal for registrants than what they’d been facing before, which was a vague commitment to stick to PIR’s old habit of not raising prices by more than 10% a year, but it’s not perfect and it won’t sate those who are opposed to increased fees in principle.

On the upside, a PIC is arguably an even more powerful way to keep PIR in line after the acquisition. Whereas other parts of the contract are only enforceable by ICANN, a Public Interest Commitment could theoretically be enforced via the PIC Dispute Resolution Procedure by any .org registrant with the resources to lawyer up. Losing a PICDRP triggers ICANN Compliance into action, which could mean PIR losing its contract.

The PIC also addresses the concern, which always struck me as a bit of a red herring, that .org could become a more censorial regime under for-profit ownership.

Ethos says it will create a new seven-person .ORG Stewardship Council, made up of field experts in human rights, non-profits and such, which will have the right to advise PIR on proposed changes to PIR policy related to censorship and the use of private user/registrant data.

The Council would be made up initially of five members hand-picked by PIR. Another two, and all subsequent appointments, would be jointly nominated and approved by PIR and the Council. They’d serve terms of three years.

The proposed PIC, the proposed Council charter and Ethos’ announcement can all be found here.

Correlation does not necessarily equal causation, but it’s worth noting that the proposal comes after ICANN had started playing hard-ball with PIR, Ethos and the Internet Society (PIR’s current owner).

In fact, I was just putting the finishing touches to an opinion piece entitled “I’m beginning to think ICANN might block the .org deal” when the Ethos statement dropped.

In that now-spiked piece, I referred to two letters ICANN recently sent to PIR/ISOC and their lawyers, which bluntly asserted ICANN’s right to reject the acquisition for basically any reason, and speculated that the deal may not be a fait accompli after all.

In the first (pdf), Jones Day lawyer Jeffrey LeVee tells his counterpart at PIR’s law firm in no uncertain terms that ICANN is free to reject the change of control on grounds such as the “public interest” and the interests of the “.org community”.

Proskauer lawyer Lauren Boglivi had told ICANN (pdf) that its powers under the .org contract were limited to approve or reject the acquisition based only on technical concerns such as security, stability and reliability. LeVee wrote:

This is wrong. The parties’ contracts authorize ICANN to evaluate the reasonableness of the proposed change of control under the totality of circumstances, including the impact on the public interest and the interest of the .ORG community.

Now, the cynic in me saw nothing but a couple of posturing lawyers trying to rack up billable hours, but part of me wondered why ICANN would go to the trouble of defending its powers to reject the deal if it did not think there was a possibility of actually doing so.

The second letter (pdf) was sent by ICANN’s new chair, Maarten Bottermann, to his ISOC counterpart Gonzalo Camarillo.

The letter demonstrates that the ICANN board of directors is actually taking ownership of this issue, rather than delegating it to ICANN’s executive and legal teams, in large part due to the pressure exerted on it by the ICANN community and governments. Botterman wrote:

It is not often that such a contractual issue raises up to a Board-level concern, but as you might appreciate, PIR’s request is one of the most unique that ICANN has received.

He noted that the controversy over the deal had even made ICANN the target of a “governmental inquiry”, which is either a reference to the California attorney general’s probe or to a letter (pdf) received from the French foreign office, demanding answers about the transaction.

It’s notable from Botterman’s letter that ICANN has started digging into the deep history of PIR’s ownership of .org, much as I did last December, to determine whether the commitments it made to the non-profit community back in 2002 still hold up under a return to for-profit ownership.

Given these turns of events, I was entertaining the possibility that ICANN was readying itself to reject the deal.

But, given Ethos’ newly proposed binding commitments, I think the pendulum has swung back in favor of the acquisition eventually getting the nod.

I reserve the right to change my mind yet again as matters unfold.

Verisign pays ICANN $20 million and gets to raise .com prices again

Kevin Murphy, January 3, 2020, Domain Registries

Verisign is to get the right to raise the price of .com domains by 7% per year, under a new contract with ICANN.

The deal, announced this hour, will also see Verisign pay ICANN $20 million over five years, starting in 2021, “to support ICANN’s initiatives to preserve and enhance the security, stability and resiliency of the DNS”.

According to ICANN, the pricing changes mean that the maximum price of a .com domain could go as high as $10.26 by October 2026.

Verisign getting the right to once more increase its fees — which is likely to be worth close to a billion dollars to the company’s top line over the life of the contract — was not unexpected.

Pricing has been stuck at $7.85 for years, due to a price freeze imposed by the Obama-era US National Telecommunications and Information Administration, but this policy was reversed by the Trump administration in late 2018.

The amendment to the .com registry agreement announced today essentially takes on the terms of the Trump appeasement, so Verisign gets to up .com prices by 7% in the last four years of the six-year duration of the contract.

ICANN said:

ICANN org is not a price regulator and will defer to the expertise of relevant competition authorities. As such, ICANN has long-deferred to the [US Department of Commerce] and the United States Department of Justice (DOJ) for the regulation of pricing for .COM registry services.

But ICANN will also financially benefit from the deal over and above what it receives from Verisign under the current .com contract.

First, the two parties have said they will sign a binding letter of intent (pdf) committing Verisign to give ICANN $4 million a year, starting one year from now, to help fund ICANN’s activities:

conducting, facilitating or supporting activities that preserve and enhance the security, stability and resiliency of the DNS, which may include, without limitation, active measures to promote and/or facilitate DNSSEC deployment, Security Threat mitigation, name collision mitigation, root server system governance and research into the operation of the DNS

That’s basically describing one of ICANN’s core missions, which is already funded to a great extent by .com fees, so quite why it’s being spun out into a separate agreement is a little bit of a mystery to me at this early stage.

Don’t be surprised if you hear the words “bung” or “quid pro quo” being slung around in the coming hours and days by ICANN critics.

The second financial benefit to ICANN comes from additional payments Verisign will have to make when it sells its ConsoliDate service.

This is the service that allows .com registrants, via their registrars, to synchronize the renewal dates of all of the domains in their portfolio, so they only have to worry about renewals on a single day of the year. It’s basically a partial-year renewal.

Under the amended .com contract, ICANN will get a piece of that action too. Verisign has agreed to pay ICANN a pro-rated fee, based on the $0.25 per-domain annual renewal fee, for the number of days any given registration is extended using ConsoliDate.

I’m afraid to say I don’t know how much money this could add to ICANN’s coffers, but another amendment to the contract means that Verisign will start to report ConsoliDate usage in its published monthly transaction reports, so we should get a pretty good idea of the $$$$ value in the second half of the year.

The amended contract — still in draft form (pdf) and open for public comment — also brings on a slew of new obligations for Verisign that bring .com more into line with other gTLDs.

There’s no Uniform Rapid Suspension policy, so domain investors and cybersquatters can breath a sigh of relief there.

But Verisign has also agreed to a new Registry-Registrar Agreement that contains substantial new provisions aimed at combating abuse, fraud and intellectual property infringement — including trademark infringement.

It has also agreed to a series of Public Interest Commitments, along the same lines as all the 2012-round new gTLDs, covering the same kinds of dodgy activities. The texts of the RRA addition and PICs are virtually identical, requiring:

a provision prohibiting the Registered Name Holder from distributing malware, abusively operating botnets, phishing, pharming, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law and providing (consistent with applicable law and any related procedures) consequences for such activities, including suspension of the registration of the Registered Name;

There are also many changes related to how Verisign handles data escrow, Whois/RDAP and zone file access. It looks rather like users of ICANN’s Centralized Zone Data Service, including yours truly, will soon have access to the humongous .com zone file on a daily basis. Yum.

The proposed amendments to the .com contract are now open for public comment here. You have until February 14. Off you go.

Amazon beats South America! Dot-brand contracts now signed

Kevin Murphy, December 23, 2019, Domain Policy

Amazon has prevailed in its seven-year battle to obtain the right to run .amazon as a branded top-level domain.

The company signed contracts for .amazon and the Chinese and Japanese translations on Thursday, despite years-long protests from the eight South American governments that comprise the Amazon Cooperation Treaty Organization.

This means the three gTLDs are likely to be entered into the DNS root system within a matter of weeks, after ICANN has conducted pre-delegation testing to make sure the registry’s technical systems are up to standard. The back-end is being provided by Neustar, so this is pretty much a formality.

.amazon is pretty much a done deal, in other words, and there’s pretty much nothing ACTO can do within the ICANN system to get the contract unsigned.

ACTO was of course angry about .amazon because it thinks the people of the Amazonia region have greater rights to the string than the American e-commerce giant.

It had managed to muster broad support against the gTLD applications from its Governmental Advisory Committee colleagues until the United States, represented on the GAC by the National Telecommunications Administration did a U-turn this November and withdrew its backing for the consensus.

This coincided with Amazon hiring David Redl, the most-recent former head of the NTIA, as a consultant.

The applications were originally rejected by ICANN due to a GAC objection in 2013.

But Amazon invoked ICANN’s Independent Review Process to challenge the decision and won in 2017, with the IRP panel ruling that ICANN had paid too much deference to unjustified GAC demands.

More recently, ACTO had been demanding shared control of .amazon, while Amazon had offered instead to protect cultural interests through a series of Public Interest Commitments in its registry agreements that would be enforceable by governments via the PIC Dispute Resolution Procedure.

This wasn’t enough for ACTO, and the GAC demanded that ICANN facilitate bilateral talks with Amazon to come to a mutually acceptable solution.

But these talks never really got underway, largely due to ACTO internal disputes during the political crisis in Venezuela this year, and eventually ICANN drew a line in the sand and approved the applications.

After rejecting an appeal from Colombia in September, ICANN quietly published Amazon’s proposed PICs (pdf) for public comment.

Only four comments were received during the month-long consultation.

As a personal aside, I’d been assured by ICANN several months ago that there would be a public announcement when the PICs were published, which I even promised you I would blog about.

There was no such announcement, so I feel like a bit of a gullible prick right now. It’s my own stupid fault for taking this on trust and not manually checking the .amazon application periodically for updates — I fucked up, so I apologize.

PICs commenters, including a former GAC vice-chair, also noticed this lack of transparency.

ACTO itself commented:

The proposed PIC does not attend to the Amazon Countries public policy interests and concerns. Besides not being the result of a mutually acceptable solution dully endorsed by our countries, it fails to adequately safeguard the Amazon cultural and natural heritage against the the risks of monopolization of a TLD inextricably associated with a geographic region and its populations.

Its comments were backed up, in pretty much identical language, by the Brazilian government and the Federal University of Rio de Janeiro.

Under the Amazon PICs, ACTO and its eight members each get a .amazon domain that they can use for their own web sites.

But these domains must either match the local ccTLD or “the names of indigenous peoples’ groups, and national symbols of the countries in the Amazonia region, and the specific terms OTCA, culture, heritage, forest, river, and rainforest, in English, Dutch, Portuguese, and Spanish”.

The ACTO nations also get to permanently block 1,500 domains that have the aforementioned cultural significance to the region.

The ACTO and Brazilian commenters don’t think this goes far enough.

But it’s what they’ve been given, so they’re stuck with it.

Hold your horses! The last wave of comments on .amazon hasn’t started yet

ICANN has yet to open the final (?) public comment period on Amazon’s .amazon gTLD applications, but it’s been receiving comments anyway.

As I blogged at the weekend, ICANN has now given all but final approval to .amazon, and the last hurdle is 30 days of public comments, on Amazon’s proposed Public Interest Commitments.

I noted at the time that the ability to comment had not yet opened, or that it was well hidden.

Over the last 24 hours or so, ICANN has nevertheless received about 15 comments about .amazon on its old new gTLD application comment system.

They’re all negative, urging ICANN to prioritize the rights of the Amazon region of South America over Amazon’s corporate IP rights.

Go here and search for the string “amazon” to locate and read them.

But according to ICANN, the 30 days of comment has not yet kicked off.

A spokesperson told DI last night that the .amazon applications are still being processed and that the PICs have not yet been formally published.

It’s not yet clear whether the new gTLD application comment system will be used, or whether ICANN will use the email-based system it uses by default for comment periods.

I expect ICANN will make a formal announcement when comments do open. Either way, I’ll blog about it here when the time comes.

Amazon’s proposed PICs were published as part of a letter to ICANN (pdf) last month.

Given the timing, it seems ICANN only has a few days to open the comment period if it wants to have any hope of approving .amazon during ICANN 65, which runs in Marrakech from June 24 to 27.

Amazon wins! ICANN on verge of approving .amazon despite government outrage

Amazon has one foot over the finish line in its seemingly endless battle for the .amazon gTLD.

ICANN last week nudged its application along to probably its final hurdle and gave the strongest indication yet that the controversial dot-brand will soon be delegated in the root.

Amazon has essentially won, beating off objections from the eight South American nations of the Amazon Cooperation Treaty Organization.

In a May 15 resolution, published late Friday, the ICANN board of directors resolved that there is “no public policy reason for why the .AMAZON applications should not be allowed to proceed”.

It now plans to approve the application for .amazon, along with the Chinese and Japanese translations, after Amazon’s “Public Interest Commitments” — enforceable voluntary commitments that would be incorporated into its registry contract — have been subject to 30-day public comment period.

These PICs would require Amazon to give each of the eight nations, and ACTO itself, one domain name under .amazon that they could use to provide non-commercial information about the region whose name the company shares.

Amazon would also have to block up to 1,500 culturally sensitive terms in each of the TLDs, so that nobody could use them.

There’d be a steering committee comprising Amazon and the ACTO members, which would get to decide which domains are blocked. Amazon would have the ultimate veto, but ACTO states could appeal by filing PIC Dispute Resolution Procedure complaint with ICANN.

The text of Amazon’s proposed PICs can be found in an April 17 letter to ICANN (pdf).

As far as I can tell, the public comment period has not yet been opened. If it has, it’s so well-hidden on the ICANN web site that even my voodoo powers have been ineffective in unearthing it.

It seems likely that it will attract comment from ACTO and its members, along with others with an interest in protecting the Amazon region.

Whether their comments will be enough to make ICANN change its mind about eventually delegating .amazon seems highly unlikely.

Amazon, in my view, has basically won at this point.

The victory comes over seven years after the original application was filed.

Amazon fought off a Community Objection from the Independent Objector in 2013, but its applications were rejected by ICANN after receiving consensus advice from the Governmental Advisory Committee.

The GAC reached consensus against Amazon only after the United States, which had been protecting what is one of its largest technology companies’ interests, caved to pressure from the rest of the committee.

But Amazon filed an Independent Review Process complaint, which in July 2017 came back in the company’s favor. The IRP panel ruled that the GAC’s advice had been flimsy and baseless, and that ICANN should un-reject the .amazon applications.

Since then, it’s been a fight between Amazon and ACTO, with ICANN trapped in the middle.

As far as ICANN is concerned, the GAC had only advised it to “facilitate” a resolution between the two parties. It does not appear to believe it was under an obligation to assure that both parties were happy with the outcome.

ACTO had wanted much stronger protections from Amazon including majority control of the policy steering committee and, hilariously, a button on every single .amazon web page linking to an ACTO site promoting the Amazon region.

The company rejected those requests, and instead put its own unilateral proposal to ICANN.

Following ICANN’s approval, it’s now very possible that Amazon could start using .amazon this year.

However, given the usual speed at which the company launches its delegated gTLDs, some time in the 2030s is just as likely.

.pharmacy TLD faces action after losing complaint over Canadian drug peddler

ICANN has hit the .pharmacy gTLD registry with a breach notice after a complaint from a Canadian web site that was refused a .pharmacy domain.

The US National Association of Boards of Pharmacy failed to operate the TLD “in a transparent manner”, contrary to the Public Interest Commitments in its registry agreement, ICANN says.

It’s only the second time, to my knowledge, that a registry has been told it has broken its contract after losing a Public Interest Commitments Dispute Resolution Process decision.

NABP runs .pharmacy as a restricted TLD that can only be used by licensed pharmacies.

A year ago, a company called Canadawide Pharmacy Ltd, which currently uses a .org domain, applied for canadawidepharmacy.pharmacy but, last December, was rejected due to claims that it was “until recently” affiliated with unlicensed cross-border drug sellers.

The sale of medications into the US, where patients are gouged mercilessly by pharmaceuticals companies, from Canada, where common drugs are sold at a fraction of the price, is controversial, with NABP previously being accused of applying for .pharmacy for protectionist reasons.

(The price of generic Viagra on Canadawide’s web site goes as low as $2.15 per dose. In the US, you’re looking at about $66 per dose for the branded version, which doesn’t even include the price of dinner.)

Earlier this year, Canadawide filed a PICDRP, accusing .pharmacy of breaching its own contractual commitment to transparency.

And it won. The PICDRP standing panel ruled 3-0 this month (pdf) that NABP lacked transparency on three counts when it rejected Canadawide’s registration.

The registry failed to provide enough evidence linking Canadawide to unlicensed affiliates, the panel ruled. It also seemed to acknowledge that the alleged affiliates were historical.

As a result of the panel’s finding, ICANN has made a public breach notice that gives NABP until August 11 to:

Provide ICANN with corrective and preventative action(s), including implementation dates and milestones, to address the PIC Reporter’s complaint, the PIC Standing Panel’s findings and ensure that NABP will operate the TLD pharmacy in a transparent manner consistent with general principles of openness and non-discrimination by establishing, publishing and adhering to clear registration policies

None of this seems to suggest that Canadawide will definitely get its domain. If NABP has sufficient evidence to continue to deny the application, it looks like it could come into compliance by merely being transparent about this evidence.

“Shadow content policing” fears at ICANN 57

Kevin Murphy, November 7, 2016, Domain Policy

Fears that the domain name industry is becoming a stooge for “shadow regulation” of web content were raised, and greeted very skeptically, over the weekend at ICANN 57.

Attendees yesterday heard concerns from non-commercial stakeholders, notably the Electronic Frontier Foundation, that deals such as Donuts’ content-policing agreement with the US movie industry amount to regulation “by the back door”.

But the EFF, conspicuously absent from substantial participation in the ICANN community for many years, found itself walking into the lion’s den. Its worries were largely pooh-poohed by most of the rest of the community.

During a couple of sessions yesterday, EFF senior attorney Mitch Stoltz argued that the domain industry is being used by third parties bent on limiting internet freedoms.

He was not alone. The ICANN board and later the community at large heard support for the EFF’s views from other Non-Commercial User Constituency members, one of whom compared what’s going on to aborted US legislation SOPA, the Stop Online Piracy Act.

“Regulation of content through the DNS system, through ICANN institutions and through contracted parties is of great concern and I think should be of great concern to all of us here,” Stoltz said.

He talked about a “bright line” between making policies related to domain names and policies related to content.

“I hope that the bright line between names and content is maintained because I think once we get past it, there may be no other bright line,” he said.

“If we allow in copyright enforcement, if we allow in enforcement of professional or business licensing as a criterion for owning a domain name, it’s going to be very hard to hold that line,” he said.

ICANN has long maintained, though with varying degrees of vigor over the years, that it does not regulate content.

Chair Steve Crocker said yesterday: “It’s always been the case, from the inception. It’s now baked in deeply into the mission statement. We don’t police content. That’s not our job.”

That kind of statement became more fervent last year, as concerns started to be raised about ICANN’s powers over the internet in light of the US government’s decision to give up its unique ICANN oversight powers.

Now, a month after the IANA transition was finalized, ICANN has new bylaws that for the first time state prominently that ICANN is not the content cops.

Page one of the massive new ICANN bylaws says:

ICANN shall not regulate (i.e., impose rules and restrictions on) services that use the Internet’s unique identifiers or the content that such services carry or provide

It’s pretty explicit, but there’s a catch.

A “grandfather” clause immediately follows, which states that registries and registrars are not allowed to start challenging the terms of their existing contracts on the basis that they dabble too much with content regulation.

That’s mainly because new gTLD Registry Agreements all include Public Interest Commitments, which in many cases do actually give ICANN contractual authority over the content of web sites.

Content-related PICs are most prominent in “Community” gTLDs.

In the PICs for Japanese city gTLD .osaka, for example, the registry promises that “pornographic, vulgar and highly objectionable content” will be “adequately monitored and removed from the namespace”.

While ICANN does not actively go out looking for .osaka porn, if porn did start showing up in .osaka and the registry does not suspend the domains, it would be in breach of its RA and could lose its contract.

That PIC was voluntarily adopted by the .osaka registry and does not apply to other gTLDs, but it is binding.

So in a roundabout kind of way, ICANN does regulate content, in certain narrow circumstances.

Some NCUC members think this is a “loophole”.

Another back door they think could be abused are the bilateral “trusted notifier” relationships between registries and third parties such as the movie, music and pharmaceutical industries.

Donuts and Radix this year have announced that the Motion Picture Association of America is allowed to notify it about domains that it believes are being used for large-scale, egregious movie piracy.

Donuts said it has suspended a dozen domains — sites that were TLD-hopping to evade suspension — since the policy came into force.

EFF’s Stoltz calls this kind of thing “shadow regulation”.

“Shadow regulation to us is the regulation of content… through private agreements or through unaccountable means that were not developed through the bottom-up process or through a democratic process,” he told the ICANN board yesterday.

While the EFF and NCUC thinks this is a cause for concern, they picked up little support from elsewhere in the community.

Speakers from registries, registrars, senior ICANN staff, intellectual property and business interests all seemed to think it was no big deal.

In a different session on the same topic later in the day, outgoing ICANN head of compliance Allen Grogan addressed these kinds of deals. He said:

From ICANN’s point of view, if there are agreements that are entered into between two private parties, one of whom happens to be a registry or a registrar, I don’t see that ICANN has any role to play in deciding what kinds of agreements those parties can enter into. That clearly is outside the scope of our mission and remit.

We can’t compel a registrar or a registry to even tell us what those agreements are. They’re free to enter into whatever contracts they want to enter into.

To the extent that they become embodied in the contracts as PICs, that may be a different question, or to the extent that the agreements violate those contracts or violate consensus policies, that may be a different question.

But if a registrar or registry decides to enter into an agreement to trust the MPAA or law enforcement or anyone else in deciding what actions to take, I think they’re free to do that and it would be far beyond the scope of ICANN’s power or authority to do anything about that.

In the same session, Donuts VP Jon Nevett cast doubt on the idea that there is an uncrossable “bright line” between domains and content by pointing out that the MPAA deal is not dissimilar to registries’ relationships with the bodies that monitor online child abuse material.

“We have someone that’s an expert in this industry that we have a relationship with saying there is child imagery abuse going on in a name, we’re not going to make that victim go get a court order,” he said.

Steve DelBianco of the NetChoice Coalition, a member of the Business Constituency, had similar doubts.

“Mitch [Stoltz] cited as an example that UK internet service providers were blocking child porn and since that might be cited as an example for trademark and copyright that we should, therefore, not block child porn at all,” he said. “I can’t conceive that’s really what EFF is thinking.”

Nevett gave a “real-life example” of a rape.[tld] domain that was registered in a Donuts gTLD.

“[The site] was a how-to guide. Talk about horrific,” he said. “We got a complaint. I’m not going to wait till someone goes and gets a court order. We’re a private company and we agreed to suspend that name immediately and that’s fine. There was no due process. And I’m cool with that because that was the right thing to do.”

“Just like a restaurant could determine that they don’t want people with shorts and flip-flops in the restaurant, we don’t want illegal behavior and if they want to move somewhere else, let them move somewhere else,” he said.

In alleged copyright infringement cases, registrants get the chance to respond before their names are suspended, he said.

Stoltz argued that the Donuts-MPAA deal had been immediately held up, when it was announced back in February, as a model that the entire industry should be following, which was dangerous.

“If everyone is subject to the same policies, then they are effectively laws and that’s effectively law-making by other means,” he said.

He and other NCUC members are also worried about the Domain Name Association’s Healthy Domains Initiative, which is working on voluntary best practices governing when registries and registrars should suspend domain names.

Lawyer Kathy Kleiman of the NCUC said the HDI was basically “SOPA behind closed doors”.

SOPA was the hugely controversial proposed US federal legislation that would have expanded law enforcement powers to suspend domains in cases of alleged copyright infringement.

Stoltz and others said that the HDI appeared to be operating under ICANN’s “umbrella”, giving it an air of having multistakeholder legitimacy, pointing out that the DNA has sessions scheduled on the official ICANN 57 agenda and “on ICANN’s dime”.

DNA members disagreed with that characterization.

It seems to me that the EFF’s arguments are very much of the “slippery slope” variety. While that may be considered a logical fallacy, it does not mean that its concerns are not valid.

But if there was a ever a “bright line” between domain policy and content regulation, it was traversed many years ago.

The EFF and supporters perhaps should just acknowledge that what they’re really concerned about is copyright owners abusing their powers, and target that problem instead.

The line has moved.

  • Page 1 of 2
  • 1
  • 2
  • >