Latest news of the domain name industry

Recent Posts

Verisign pays ICANN $20 million and gets to raise .com prices again

Kevin Murphy, January 3, 2020, Domain Registries

Verisign is to get the right to raise the price of .com domains by 7% per year, under a new contract with ICANN.

The deal, announced this hour, will also see Verisign pay ICANN $20 million over five years, starting in 2021, “to support ICANN’s initiatives to preserve and enhance the security, stability and resiliency of the DNS”.

According to ICANN, the pricing changes mean that the maximum price of a .com domain could go as high as $10.26 by October 2026.

Verisign getting the right to once more increase its fees — which is likely to be worth close to a billion dollars to the company’s top line over the life of the contract — was not unexpected.

Pricing has been stuck at $7.85 for years, due to a price freeze imposed by the Obama-era US National Telecommunications and Information Administration, but this policy was reversed by the Trump administration in late 2018.

The amendment to the .com registry agreement announced today essentially takes on the terms of the Trump appeasement, so Verisign gets to up .com prices by 7% in the last four years of the six-year duration of the contract.

ICANN said:

ICANN org is not a price regulator and will defer to the expertise of relevant competition authorities. As such, ICANN has long-deferred to the [US Department of Commerce] and the United States Department of Justice (DOJ) for the regulation of pricing for .COM registry services.

But ICANN will also financially benefit from the deal over and above what it receives from Verisign under the current .com contract.

First, the two parties have said they will sign a binding letter of intent (pdf) committing Verisign to give ICANN $4 million a year, starting one year from now, to help fund ICANN’s activities:

conducting, facilitating or supporting activities that preserve and enhance the security, stability and resiliency of the DNS, which may include, without limitation, active measures to promote and/or facilitate DNSSEC deployment, Security Threat mitigation, name collision mitigation, root server system governance and research into the operation of the DNS

That’s basically describing one of ICANN’s core missions, which is already funded to a great extent by .com fees, so quite why it’s being spun out into a separate agreement is a little bit of a mystery to me at this early stage.

Don’t be surprised if you hear the words “bung” or “quid pro quo” being slung around in the coming hours and days by ICANN critics.

The second financial benefit to ICANN comes from additional payments Verisign will have to make when it sells its ConsoliDate service.

This is the service that allows .com registrants, via their registrars, to synchronize the renewal dates of all of the domains in their portfolio, so they only have to worry about renewals on a single day of the year. It’s basically a partial-year renewal.

Under the amended .com contract, ICANN will get a piece of that action too. Verisign has agreed to pay ICANN a pro-rated fee, based on the $0.25 per-domain annual renewal fee, for the number of days any given registration is extended using ConsoliDate.

I’m afraid to say I don’t know how much money this could add to ICANN’s coffers, but another amendment to the contract means that Verisign will start to report ConsoliDate usage in its published monthly transaction reports, so we should get a pretty good idea of the $$$$ value in the second half of the year.

The amended contract — still in draft form (pdf) and open for public comment — also brings on a slew of new obligations for Verisign that bring .com more into line with other gTLDs.

There’s no Uniform Rapid Suspension policy, so domain investors and cybersquatters can breath a sigh of relief there.

But Verisign has also agreed to a new Registry-Registrar Agreement that contains substantial new provisions aimed at combating abuse, fraud and intellectual property infringement — including trademark infringement.

It has also agreed to a series of Public Interest Commitments, along the same lines as all the 2012-round new gTLDs, covering the same kinds of dodgy activities. The texts of the RRA addition and PICs are virtually identical, requiring:

a provision prohibiting the Registered Name Holder from distributing malware, abusively operating botnets, phishing, pharming, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law and providing (consistent with applicable law and any related procedures) consequences for such activities, including suspension of the registration of the Registered Name;

There are also many changes related to how Verisign handles data escrow, Whois/RDAP and zone file access. It looks rather like users of ICANN’s Centralized Zone Data Service, including yours truly, will soon have access to the humongous .com zone file on a daily basis. Yum.

The proposed amendments to the .com contract are now open for public comment here. You have until February 14. Off you go.

Amazon beats South America! Dot-brand contracts now signed

Kevin Murphy, December 23, 2019, Domain Policy

Amazon has prevailed in its seven-year battle to obtain the right to run .amazon as a branded top-level domain.

The company signed contracts for .amazon and the Chinese and Japanese translations on Thursday, despite years-long protests from the eight South American governments that comprise the Amazon Cooperation Treaty Organization.

This means the three gTLDs are likely to be entered into the DNS root system within a matter of weeks, after ICANN has conducted pre-delegation testing to make sure the registry’s technical systems are up to standard. The back-end is being provided by Neustar, so this is pretty much a formality.

.amazon is pretty much a done deal, in other words, and there’s pretty much nothing ACTO can do within the ICANN system to get the contract unsigned.

ACTO was of course angry about .amazon because it thinks the people of the Amazonia region have greater rights to the string than the American e-commerce giant.

It had managed to muster broad support against the gTLD applications from its Governmental Advisory Committee colleagues until the United States, represented on the GAC by the National Telecommunications Administration did a U-turn this November and withdrew its backing for the consensus.

This coincided with Amazon hiring David Redl, the most-recent former head of the NTIA, as a consultant.

The applications were originally rejected by ICANN due to a GAC objection in 2013.

But Amazon invoked ICANN’s Independent Review Process to challenge the decision and won in 2017, with the IRP panel ruling that ICANN had paid too much deference to unjustified GAC demands.

More recently, ACTO had been demanding shared control of .amazon, while Amazon had offered instead to protect cultural interests through a series of Public Interest Commitments in its registry agreements that would be enforceable by governments via the PIC Dispute Resolution Procedure.

This wasn’t enough for ACTO, and the GAC demanded that ICANN facilitate bilateral talks with Amazon to come to a mutually acceptable solution.

But these talks never really got underway, largely due to ACTO internal disputes during the political crisis in Venezuela this year, and eventually ICANN drew a line in the sand and approved the applications.

After rejecting an appeal from Colombia in September, ICANN quietly published Amazon’s proposed PICs (pdf) for public comment.

Only four comments were received during the month-long consultation.

As a personal aside, I’d been assured by ICANN several months ago that there would be a public announcement when the PICs were published, which I even promised you I would blog about.

There was no such announcement, so I feel like a bit of a gullible prick right now. It’s my own stupid fault for taking this on trust and not manually checking the .amazon application periodically for updates — I fucked up, so I apologize.

PICs commenters, including a former GAC vice-chair, also noticed this lack of transparency.

ACTO itself commented:

The proposed PIC does not attend to the Amazon Countries public policy interests and concerns. Besides not being the result of a mutually acceptable solution dully endorsed by our countries, it fails to adequately safeguard the Amazon cultural and natural heritage against the the risks of monopolization of a TLD inextricably associated with a geographic region and its populations.

Its comments were backed up, in pretty much identical language, by the Brazilian government and the Federal University of Rio de Janeiro.

Under the Amazon PICs, ACTO and its eight members each get a .amazon domain that they can use for their own web sites.

But these domains must either match the local ccTLD or “the names of indigenous peoples’ groups, and national symbols of the countries in the Amazonia region, and the specific terms OTCA, culture, heritage, forest, river, and rainforest, in English, Dutch, Portuguese, and Spanish”.

The ACTO nations also get to permanently block 1,500 domains that have the aforementioned cultural significance to the region.

The ACTO and Brazilian commenters don’t think this goes far enough.

But it’s what they’ve been given, so they’re stuck with it.

Hold your horses! The last wave of comments on .amazon hasn’t started yet

ICANN has yet to open the final (?) public comment period on Amazon’s .amazon gTLD applications, but it’s been receiving comments anyway.

As I blogged at the weekend, ICANN has now given all but final approval to .amazon, and the last hurdle is 30 days of public comments, on Amazon’s proposed Public Interest Commitments.

I noted at the time that the ability to comment had not yet opened, or that it was well hidden.

Over the last 24 hours or so, ICANN has nevertheless received about 15 comments about .amazon on its old new gTLD application comment system.

They’re all negative, urging ICANN to prioritize the rights of the Amazon region of South America over Amazon’s corporate IP rights.

Go here and search for the string “amazon” to locate and read them.

But according to ICANN, the 30 days of comment has not yet kicked off.

A spokesperson told DI last night that the .amazon applications are still being processed and that the PICs have not yet been formally published.

It’s not yet clear whether the new gTLD application comment system will be used, or whether ICANN will use the email-based system it uses by default for comment periods.

I expect ICANN will make a formal announcement when comments do open. Either way, I’ll blog about it here when the time comes.

Amazon’s proposed PICs were published as part of a letter to ICANN (pdf) last month.

Given the timing, it seems ICANN only has a few days to open the comment period if it wants to have any hope of approving .amazon during ICANN 65, which runs in Marrakech from June 24 to 27.

Amazon wins! ICANN on verge of approving .amazon despite government outrage

Amazon has one foot over the finish line in its seemingly endless battle for the .amazon gTLD.

ICANN last week nudged its application along to probably its final hurdle and gave the strongest indication yet that the controversial dot-brand will soon be delegated in the root.

Amazon has essentially won, beating off objections from the eight South American nations of the Amazon Cooperation Treaty Organization.

In a May 15 resolution, published late Friday, the ICANN board of directors resolved that there is “no public policy reason for why the .AMAZON applications should not be allowed to proceed”.

It now plans to approve the application for .amazon, along with the Chinese and Japanese translations, after Amazon’s “Public Interest Commitments” — enforceable voluntary commitments that would be incorporated into its registry contract — have been subject to 30-day public comment period.

These PICs would require Amazon to give each of the eight nations, and ACTO itself, one domain name under .amazon that they could use to provide non-commercial information about the region whose name the company shares.

Amazon would also have to block up to 1,500 culturally sensitive terms in each of the TLDs, so that nobody could use them.

There’d be a steering committee comprising Amazon and the ACTO members, which would get to decide which domains are blocked. Amazon would have the ultimate veto, but ACTO states could appeal by filing PIC Dispute Resolution Procedure complaint with ICANN.

The text of Amazon’s proposed PICs can be found in an April 17 letter to ICANN (pdf).

As far as I can tell, the public comment period has not yet been opened. If it has, it’s so well-hidden on the ICANN web site that even my voodoo powers have been ineffective in unearthing it.

It seems likely that it will attract comment from ACTO and its members, along with others with an interest in protecting the Amazon region.

Whether their comments will be enough to make ICANN change its mind about eventually delegating .amazon seems highly unlikely.

Amazon, in my view, has basically won at this point.

The victory comes over seven years after the original application was filed.

Amazon fought off a Community Objection from the Independent Objector in 2013, but its applications were rejected by ICANN after receiving consensus advice from the Governmental Advisory Committee.

The GAC reached consensus against Amazon only after the United States, which had been protecting what is one of its largest technology companies’ interests, caved to pressure from the rest of the committee.

But Amazon filed an Independent Review Process complaint, which in July 2017 came back in the company’s favor. The IRP panel ruled that the GAC’s advice had been flimsy and baseless, and that ICANN should un-reject the .amazon applications.

Since then, it’s been a fight between Amazon and ACTO, with ICANN trapped in the middle.

As far as ICANN is concerned, the GAC had only advised it to “facilitate” a resolution between the two parties. It does not appear to believe it was under an obligation to assure that both parties were happy with the outcome.

ACTO had wanted much stronger protections from Amazon including majority control of the policy steering committee and, hilariously, a button on every single .amazon web page linking to an ACTO site promoting the Amazon region.

The company rejected those requests, and instead put its own unilateral proposal to ICANN.

Following ICANN’s approval, it’s now very possible that Amazon could start using .amazon this year.

However, given the usual speed at which the company launches its delegated gTLDs, some time in the 2030s is just as likely.

.pharmacy TLD faces action after losing complaint over Canadian drug peddler

ICANN has hit the .pharmacy gTLD registry with a breach notice after a complaint from a Canadian web site that was refused a .pharmacy domain.

The US National Association of Boards of Pharmacy failed to operate the TLD “in a transparent manner”, contrary to the Public Interest Commitments in its registry agreement, ICANN says.

It’s only the second time, to my knowledge, that a registry has been told it has broken its contract after losing a Public Interest Commitments Dispute Resolution Process decision.

NABP runs .pharmacy as a restricted TLD that can only be used by licensed pharmacies.

A year ago, a company called Canadawide Pharmacy Ltd, which currently uses a .org domain, applied for canadawidepharmacy.pharmacy but, last December, was rejected due to claims that it was “until recently” affiliated with unlicensed cross-border drug sellers.

The sale of medications into the US, where patients are gouged mercilessly by pharmaceuticals companies, from Canada, where common drugs are sold at a fraction of the price, is controversial, with NABP previously being accused of applying for .pharmacy for protectionist reasons.

(The price of generic Viagra on Canadawide’s web site goes as low as $2.15 per dose. In the US, you’re looking at about $66 per dose for the branded version, which doesn’t even include the price of dinner.)

Earlier this year, Canadawide filed a PICDRP, accusing .pharmacy of breaching its own contractual commitment to transparency.

And it won. The PICDRP standing panel ruled 3-0 this month (pdf) that NABP lacked transparency on three counts when it rejected Canadawide’s registration.

The registry failed to provide enough evidence linking Canadawide to unlicensed affiliates, the panel ruled. It also seemed to acknowledge that the alleged affiliates were historical.

As a result of the panel’s finding, ICANN has made a public breach notice that gives NABP until August 11 to:

Provide ICANN with corrective and preventative action(s), including implementation dates and milestones, to address the PIC Reporter’s complaint, the PIC Standing Panel’s findings and ensure that NABP will operate the TLD pharmacy in a transparent manner consistent with general principles of openness and non-discrimination by establishing, publishing and adhering to clear registration policies

None of this seems to suggest that Canadawide will definitely get its domain. If NABP has sufficient evidence to continue to deny the application, it looks like it could come into compliance by merely being transparent about this evidence.

“Shadow content policing” fears at ICANN 57

Kevin Murphy, November 7, 2016, Domain Policy

Fears that the domain name industry is becoming a stooge for “shadow regulation” of web content were raised, and greeted very skeptically, over the weekend at ICANN 57.

Attendees yesterday heard concerns from non-commercial stakeholders, notably the Electronic Frontier Foundation, that deals such as Donuts’ content-policing agreement with the US movie industry amount to regulation “by the back door”.

But the EFF, conspicuously absent from substantial participation in the ICANN community for many years, found itself walking into the lion’s den. Its worries were largely pooh-poohed by most of the rest of the community.

During a couple of sessions yesterday, EFF senior attorney Mitch Stoltz argued that the domain industry is being used by third parties bent on limiting internet freedoms.

He was not alone. The ICANN board and later the community at large heard support for the EFF’s views from other Non-Commercial User Constituency members, one of whom compared what’s going on to aborted US legislation SOPA, the Stop Online Piracy Act.

“Regulation of content through the DNS system, through ICANN institutions and through contracted parties is of great concern and I think should be of great concern to all of us here,” Stoltz said.

He talked about a “bright line” between making policies related to domain names and policies related to content.

“I hope that the bright line between names and content is maintained because I think once we get past it, there may be no other bright line,” he said.

“If we allow in copyright enforcement, if we allow in enforcement of professional or business licensing as a criterion for owning a domain name, it’s going to be very hard to hold that line,” he said.

ICANN has long maintained, though with varying degrees of vigor over the years, that it does not regulate content.

Chair Steve Crocker said yesterday: “It’s always been the case, from the inception. It’s now baked in deeply into the mission statement. We don’t police content. That’s not our job.”

That kind of statement became more fervent last year, as concerns started to be raised about ICANN’s powers over the internet in light of the US government’s decision to give up its unique ICANN oversight powers.

Now, a month after the IANA transition was finalized, ICANN has new bylaws that for the first time state prominently that ICANN is not the content cops.

Page one of the massive new ICANN bylaws says:

ICANN shall not regulate (i.e., impose rules and restrictions on) services that use the Internet’s unique identifiers or the content that such services carry or provide

It’s pretty explicit, but there’s a catch.

A “grandfather” clause immediately follows, which states that registries and registrars are not allowed to start challenging the terms of their existing contracts on the basis that they dabble too much with content regulation.

That’s mainly because new gTLD Registry Agreements all include Public Interest Commitments, which in many cases do actually give ICANN contractual authority over the content of web sites.

Content-related PICs are most prominent in “Community” gTLDs.

In the PICs for Japanese city gTLD .osaka, for example, the registry promises that “pornographic, vulgar and highly objectionable content” will be “adequately monitored and removed from the namespace”.

While ICANN does not actively go out looking for .osaka porn, if porn did start showing up in .osaka and the registry does not suspend the domains, it would be in breach of its RA and could lose its contract.

That PIC was voluntarily adopted by the .osaka registry and does not apply to other gTLDs, but it is binding.

So in a roundabout kind of way, ICANN does regulate content, in certain narrow circumstances.

Some NCUC members think this is a “loophole”.

Another back door they think could be abused are the bilateral “trusted notifier” relationships between registries and third parties such as the movie, music and pharmaceutical industries.

Donuts and Radix this year have announced that the Motion Picture Association of America is allowed to notify it about domains that it believes are being used for large-scale, egregious movie piracy.

Donuts said it has suspended a dozen domains — sites that were TLD-hopping to evade suspension — since the policy came into force.

EFF’s Stoltz calls this kind of thing “shadow regulation”.

“Shadow regulation to us is the regulation of content… through private agreements or through unaccountable means that were not developed through the bottom-up process or through a democratic process,” he told the ICANN board yesterday.

While the EFF and NCUC thinks this is a cause for concern, they picked up little support from elsewhere in the community.

Speakers from registries, registrars, senior ICANN staff, intellectual property and business interests all seemed to think it was no big deal.

In a different session on the same topic later in the day, outgoing ICANN head of compliance Allen Grogan addressed these kinds of deals. He said:

From ICANN’s point of view, if there are agreements that are entered into between two private parties, one of whom happens to be a registry or a registrar, I don’t see that ICANN has any role to play in deciding what kinds of agreements those parties can enter into. That clearly is outside the scope of our mission and remit.

We can’t compel a registrar or a registry to even tell us what those agreements are. They’re free to enter into whatever contracts they want to enter into.

To the extent that they become embodied in the contracts as PICs, that may be a different question, or to the extent that the agreements violate those contracts or violate consensus policies, that may be a different question.

But if a registrar or registry decides to enter into an agreement to trust the MPAA or law enforcement or anyone else in deciding what actions to take, I think they’re free to do that and it would be far beyond the scope of ICANN’s power or authority to do anything about that.

In the same session, Donuts VP Jon Nevett cast doubt on the idea that there is an uncrossable “bright line” between domains and content by pointing out that the MPAA deal is not dissimilar to registries’ relationships with the bodies that monitor online child abuse material.

“We have someone that’s an expert in this industry that we have a relationship with saying there is child imagery abuse going on in a name, we’re not going to make that victim go get a court order,” he said.

Steve DelBianco of the NetChoice Coalition, a member of the Business Constituency, had similar doubts.

“Mitch [Stoltz] cited as an example that UK internet service providers were blocking child porn and since that might be cited as an example for trademark and copyright that we should, therefore, not block child porn at all,” he said. “I can’t conceive that’s really what EFF is thinking.”

Nevett gave a “real-life example” of a rape.[tld] domain that was registered in a Donuts gTLD.

“[The site] was a how-to guide. Talk about horrific,” he said. “We got a complaint. I’m not going to wait till someone goes and gets a court order. We’re a private company and we agreed to suspend that name immediately and that’s fine. There was no due process. And I’m cool with that because that was the right thing to do.”

“Just like a restaurant could determine that they don’t want people with shorts and flip-flops in the restaurant, we don’t want illegal behavior and if they want to move somewhere else, let them move somewhere else,” he said.

In alleged copyright infringement cases, registrants get the chance to respond before their names are suspended, he said.

Stoltz argued that the Donuts-MPAA deal had been immediately held up, when it was announced back in February, as a model that the entire industry should be following, which was dangerous.

“If everyone is subject to the same policies, then they are effectively laws and that’s effectively law-making by other means,” he said.

He and other NCUC members are also worried about the Domain Name Association’s Healthy Domains Initiative, which is working on voluntary best practices governing when registries and registrars should suspend domain names.

Lawyer Kathy Kleiman of the NCUC said the HDI was basically “SOPA behind closed doors”.

SOPA was the hugely controversial proposed US federal legislation that would have expanded law enforcement powers to suspend domains in cases of alleged copyright infringement.

Stoltz and others said that the HDI appeared to be operating under ICANN’s “umbrella”, giving it an air of having multistakeholder legitimacy, pointing out that the DNA has sessions scheduled on the official ICANN 57 agenda and “on ICANN’s dime”.

DNA members disagreed with that characterization.

It seems to me that the EFF’s arguments are very much of the “slippery slope” variety. While that may be considered a logical fallacy, it does not mean that its concerns are not valid.

But if there was a ever a “bright line” between domain policy and content regulation, it was traversed many years ago.

The EFF and supporters perhaps should just acknowledge that what they’re really concerned about is copyright owners abusing their powers, and target that problem instead.

The line has moved.

Big brands condemn “fraudulent” .feedback gTLD in ICANN complaint

Kevin Murphy, October 25, 2016, Domain Registries

Top Level Spectrum has been accused today of running the gTLD .feedback in a “fraudulent and deceptive” manner.

Over a dozen famous brands, corralled by corporate registrar MarkMonitor, today formally complained to ICANN that .feedback is a “complete sham”.

They reckon that the majority of .feedback domains belong to entities connected to the registry, violate trademarks, and have been stuffed with bogus and plagiarized reviews.

TLS denies any involvement.

MarkMonitor clients Adobe, American Apparel, Best Buy, Facebook, Levi and Verizon are among those that today filed a Public Interest Commitments Dispute Resolution Policy complaint with ICANN.

PICDRP is the mechanism third parties can use to complain about new gTLD registries they believe are in breach of the Public Interest Commitments found in their registry contracts.

The 50-page complaint (pdf), which comes with hundreds of pages of supporting documentation spread over 36 exhibits, purports to show TLS engaging in an “escalating pattern of discriminatory, fraudulent and deceptive registry misconduct”.

While the allegations of wrongdoing are fairly broad, the most interesting appears to be the claim that TLS quietly registered thousands of .feedback names matching trademarks to itself and then filled them with reviews either ripped off from Yelp! or supplied by overseas freelancers working for pennies.

TLS denies that it did any of this.

The .feedback registry is closely tied to the affiliated entity Feedback SAAS, which offers a hosted social platform for product/company reviews. Pricing for .feedback domains is dependent on whether registrants use this service or not.

The complaint states:

the overwhelming majority of domain names registered and activated within the .FEEDBACK TLD — over seventy percent (70%) — are currently owned and operated by Respondent [TLS], and parties working in concert with Respondent

Respondent has solicited and paid numerous third parties, including professional freelance writers who offer to post a set number of words for a fee, to write fabricated reviews regarding Complainants’ products and services.

These ostensibly independent reviews from ordinary consumers are intended to give the appearance of legitimate commentary within .FEEDBACK sites, when, in fact, the reviews are a complete sham.

An investigation carried out by MarkMonitor (pdf) showed that of the 2,787 .feedback domains registered up to July 31, 73% were registered to just five registrants.

The top registrant, Liberty Domains LLC of Las Vegas, owned 47% of these domains.

MarkMonitor believes this company (which it said does not show up in Nevada company records) and fourth-biggest registrant Core Domains LLC (based at the same Vegas mail forwarding service) are merely fronts for TLS, though it has no smoking gun proving this connection.

TLS CEO Jay Westerdal denies the company is affiliated with Liberty.

The MarkMonitor investigation counted 27,573 reviews on these sites, but 22% of them purported have been written prior to the date the domain was registered, in some cases by years.

The company reckons hundreds of reviews can be traced to five freelance writers who responded to February job ads looking for people who could write and post 10 150-word reviews per hour.

Other reviews appear to have been copied wholesale from Yelp! (this can be easily verified by visiting almost any .feedback site and searching for exact-match content on Google).

Westerdal told DI last week that registrants can use an API to import reviews.

The brands’ complaint goes on to criticize TLS for its Free.feedback offering, a very odd, bare-bones web site which seems to offer free .feedback domains.

When you type a domain or email address into the form on Free.feedback, it offers to give you the equivalent .feedback domain for free, automatically populating a second form with the Whois record of the original domain.

According to the complaint, after somebody registers a free .feedback domain, Feedback SAAS starts contacting the person listed in the Whois about their “free trial registration” regardless of whether they were actually the person who signed up the the domain. The complaint states:

Complainants and multiple other trademark owners who received such email notifications from Feedback SAAS and TLS registrars never visited the FREE.FEEDBACK website, and they never requested a free trial registration in the .FEEDBACK TLD

I’ve been unable to fully replicate this experience in attempts to test Free.feedback.

The complaint alleges multiple breaches of the PICs in the .feedback ICANN Registry Agreement.

The brands want ICANN Compliance to conduct a thorough investigation of .feedback, for all Free.feedback domains with phony Whois to be terminated, and for affected trademark owners to get refunds. They also want their legal costs paid by TLS.

ICANN does not typically publish the outcome of PICDRP complaints. Indeed, this is only the second one I’m aware of. It’s difficult to judge what MarkMonitor’s posse’s chances of success are.

Squabbling drug peddlers drag .pharmacy into brand bunfight

Kevin Murphy, September 29, 2016, Domain Policy

The .pharmacy new gTLD has been dragged into the ongoing trademark dispute between two pharmaceuticals giants called Merck.

Germany-based Merck KGaA has accused the .pharmacy registry of operating an unfair and “secretive” process to resolve competing sunrise period applications.

The domain merck.pharmacy was awarded to US rival Merck & Co, which was spun off from the German original a hundred years ago, after both Mercks applied for the domain during .pharmacy’s January-March 2015 sunrise.

Now Merck KGaA has become what I believe might be the first company to reveal an attempt to invoke ICANN’s Public Interest Commitments Dispute Resolution Procedure to get the decision reversed.

The National Association of Boards of Pharmacy, a US entity, operates .pharmacy as a tightly controlled gTLD with pre-registration credential validation.

When it launched for trademark owners in last year, it was vague about how contentions between owners of matching trademarks would be handled, according to Merck KGaA.

Merck KGaA claims that NABP awarded merck.pharmacy to Merck & Co and initially refused to disclose how it had arrived at its decision other than to say the German firm “met fewer criteria” than its rival.

After some back-and-forth between their lawyers, Merck KGaA was still not happy with NABP’s response to the dispute, so it decided to start filing compliance reports ICANN.

A year on, it tried to invoke the PICDRP.

Public Interest Commitments are addenda to ICANN Registry Agreements that bind the registries to certain behaviors, such as fighting malware and working with industry-specific regulatory bodies.

The PICDRP, heard by ICANN or an independent standing panel, is a way for third parties to challenge registries’ compliance with their contracts when they believe PICs have been violated.

No PICDRP disputes have actually made it before a panel to date, to my knowledge. Indeed, this is the first time I’ve heard of anyone even attempting to file one, though ICANN Compliance reports indicate about 20 were filed last year.

Merck KGaA claims that by not disclosing how it decided Merck & Co should win merck.pharmacy, NABP is in breach of the PIC that states:

Registry Operator will operate the TLD in a transparent manner consistent with general principles of openness and non-discrimination by establishing, publishing and adhering to clear registration policies.

It suspects that NABP was biased towards Merck & Co because the US firm is a $100,000+ contributor to its coffers.

NABP has denied any wrongdoing, saying it applied “objective criteria” to decide which Merck most deserved the name.

This June, over a year after the domain was awarded, Merck KGaA filed its PICDRP complaint with ICANN. Two weeks ago, ICANN responded saying the complaint had been rejected, saying:

The detailed review criteria used to resolve the contention for the registration of the domain name was part of an operational procedure that the registry operator applied to both applicants’ websites and was consistent with .pharmacy’s community restrictions in Specification 12 of the RA. As the internal operational procedure does not conflict with ICANN’s agreements and policies, it is deemed outside of ICANN’s scope of enforcement.

The decision seems to have been made by ICANN staff. No independent panel was appointed. The PICDRP grants ICANN “sole discretion” as to whether a panel is needed.

The only reason the dispute has come to light is that Merck KGaA has decided to challenge ICANN’s decision with a Request for Reconsideration. The RfR and 600-odd pages of exhibits are published here.

It’s the second concurrent RfR Merck has on the go with ICANN. The Mercks are also simultaneously fighting for the right to run .merck as a dot-brand gTLD.

Both applications for .merck went through the Community Priority Evaluation process, but both failed.

The next stage in resolving the contention said would have been an auction, but Merck KGaA has filed for Reconsideration on its CPE panel’s determination.

Fight as ICANN “backtracks” on piracy policing

Kevin Murphy, July 1, 2016, Domain Policy

ICANN has clarified that it will not terminate new gTLD registries that have piracy web sites in their zones, potentially inflaming an ongoing fight between domain companies and intellectual property interests.

This week’s ICANN 56 policy meeting in Helsinki saw registries and the Intellectual Property Constituency clash over whether an ICANN rule means that registries breach their contract if they don’t suspend piracy domains.

Both sides have different interpretation of the rule, found in the so-called “Public Interest Commitments” or PICs that can be found in Specification 11 of every new gTLD Registry Agreement.

But ICANN chair Steve Crocker, in a letter to the IPC last night, seemed to side strongly with the registries’ interpretation.

Spec 11 states, among other things, that:

Registry Operator will include a provision in its Registry-Registrar Agreement that requires Registrars to include in their Registration Agreements a provision prohibiting Registered Name Holders from distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law, and providing (consistent with applicable law and any related procedures) consequences for such activities including suspension of the domain name.

A literal reading of this, and the reading favored by registries, is that all registries have to do to be in compliance is to include the piracy prohibitions in their Registry-Registrar Agreement, essentially passing off responsibility for piracy to registrars (which in turn pass of responsibility to registrants).

Registries believe that the phrase “consistent with applicable law and related procedures” means they only have to suspend a domain name when they receive a court order.

Members of the IPC, on the other hand, say this reading is ridiculous.

“We don’t know what this clause means,” Marc Trachtenberg of the IPC said during a session in Helsinki on Tuesday. “It’s got to mean something. It can’t just mean you have to put a provision into a contract, that’s pointless.”

“To put a provision into a contract that you’re not going to enforce, has no meaning,” he added. “And to have a clause that a registry operator or registrar has to comply with a court order, that’s meaningless also. Clearly a registry operator has to comply with a court order.”

Some IPC members think ICANN has “backtracked” by introducing the PICs concept then failing to enforce it.

IPC members in general believe that registries are supposed to not only require their registrars to ban piracy sites, but also to suspend piracy domains when they’re told about them.

Registries including Donuts have started doing this recently on a voluntary basis with partners such as the Motion Picture Association of America, but believe that ICANN should not be in the business of content policing.

“[Spec 11] doesn’t say what some members of the IPC think it says,” Donuts VP Jon Nevett said during the Helsinki session. “To say we’re in blatant violation of that PIC and that ICANN is not enforcing that PIC is problematic.”

The fight kicked off face-to-face in Helsinki, but it has been happening behind the scenes for several months.

The IPC got mad back in February when Crocker, responding to Governmental Advisory Committee concerns about intellectual property abuse, said the issue “appears to be outside of our mandate” (pdf).

That’s a reference to ICANN’s strengthening resolve that it is not and should not be the internet’s “content police”.

In April (pdf) and June (pdf) letters, IPC president Greg Shatan and the Coalition for Online Accountability’s Steve Metalitz called on Crocker to clarify this statement.

Last night, he did, and the clarification is unlikely to make the IPC happy.

Crocker wrote (pdf):

ICANN will bring enforcement actions against Registries that fail to include the required prohibitions and reservations in its end-user agreements and against Registrars that fail to main the required abuse point of contact…

This does not mean, however, that ICANN is required or qualified to make factual and legal determinations as to whether a Registered Name Holder or website operator is violating applicable laws and governmental regulations, and to assess what would constitute an appropriate remedy in any particular situation.

This seems pretty clear — new gTLD registries are not going to be held accountable for domains used for content piracy.

The debate may not be over however.

During Helsinki there was a smaller, semi-private (recorded but not webcast live) meeting of the some registries, IPC and GAC members, hosted by ICANN board member Bruce Tonkin, which evidently concluded that more discussion is needed to reach a common understanding of just what the hell these PICs mean.

Does Chehade agree with Donuts on .doctor?

Kevin Murphy, March 24, 2015, Domain Policy

Should governments have the right to force business-limiting restrictions on new gTLD operators, even though they don’t have the same rules in their own ccTLDs?

ICANN CEO Fadi Chehade evidently believes the answer to that question is “No”, but it’s what ICANN is controversially imposing on Donuts and two other .doctor applicants anyway.

Donuts recently filed a Request for Reconsideration appeal with ICANN over its decision to make the .doctor gTLD restricted to medical professionals only.

It was an unprecedented “Public Interest Commitment” demanded by ICANN staff in order to keep the Governmental Advisory Committee happy.

The GAC has been asking for almost two years for so-called “Category 1” gTLD strings — which could be seen to represent highly regulated sectors such as law or medicine — to see a commensurate amount of regulation from ICANN.

Governments wanted, for example, registrants to show professional credentials before being able to register a name.

In the vast majority of instances, ICANN creatively reinterpreted this advice to require registrants to merely assert that they possess such credentials.

These rules were put in registries’ contracts via PICs.

But for some reason in February the organization told Donuts that .doctor domains must be “ascribed exclusively to legitimate medical practitioners.”

According to Donuts, this came out of the blue, is completely unnecessary, an example of ICANN staff making up policy on the spot.

Donuts wants to be able to to sell .doctor names to doctors of any discipline, not just medical doctors. It also wants people to be able to use the names creatively, such as “computer.doctor” or “skateboard.doctor”.

What makes ICANN’s decision especially confusing is that CEO Fadi Chehade had the previous day passionately leaped to the defense of new gTLD registries in their fight against unnecessary GAC-imposed red tape.

The following video, in which Chehade uses .dentist as an example of a string that should not be subject to even more oversight, was taken February 11 at a Q&A with the Domain Name Assocation.

The New gTLD Program Committee meeting that authorized ICANN staff to add the new PIC took place February 12, the very next day. Chehade did not attend.

It’s quite remarkable how in line with registries Chehade seems to be.

It cuts to the heart of what many believe is wrong with the GAC — that governments demand of ICANN policies that they haven’t even bothered to implement in their own countries, just because it’s much easier to lean on ICANN than to pass regulations at home.

Here’s the entire text of his answer. He’s describing conversations he’d had with GAC members earlier in the week.

They’re saying stop all the Category 1 TLDs. Stop them. Freeze them!

And we said: Why do we need to freeze them? What’s the issue?

They said: It’s going to harm consumers.

How will it harm consumers? We started having a debate.

It turns out that they’re worried that if somebody got fadi.casino or fadi.dentist, to pick one of Statton’s [Statton Hammock, VP at Rightside, who was present], that this person is not a dentist and will pluck your ear instead of your teeth. How do you make sure they’re a dentist?

So I asked the European Commission: How do you make sure dentist.eu is a dentist?

They said: We don’t. They just get it.

I said: Okay, so why do these guys [new gTLD registries] have to do anything different?

And they said: The new gTLD program should be better or a model…

I said: Come on guys, do not apply rules that you’re not using today to these new folks simply because it’s easy, because you can come and raise flags here at ICANN. Let’s be fair. How do you do it at EU?

“Well, if somebody reports that fadi.dentist.eu is not a dentist, we remove them.”

Statton said: We do the same thing. It’s in our PICs. If fadi.dentist is not, and somebody reports them…

They said: But we can’t call compliance.

You can call compliance. Anyone can call compliance. Call us and we’ll follow up. With Statton, with the registrar.

What we have here is Chehade making a passionate case for the domain name industry’s right to sell medical-themed domain names without undue regulation — using many of the same arguments that Donuts is using in its Reconsideration appeal — then failing to show up for a board meeting the next day when that specific issue was addressed.

It’s impossible to know whether the NGPC would have reached a different decision had Chehade been at the February 12 meeting, because no formal vote was taken.

Rather, the committee merely passed along its “sense” that ICANN staff should carrying on what it was doing with regards implementing GAC advice on Category 1 strings.

While Chehade is but one voice on the NGPC, as CEO he is in charge of the ICANN staff, so one would imagine the decision to add the unprecedented new PIC to the .doctor contract falls into his area of responsibility.

That makes it all the more baffling that Donuts, and the other .doctor new gTLD applicants, are faced with this unique demand to restrict their registrant base to one subset of potential customers.

  • Page 1 of 2
  • 1
  • 2
  • >