Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Fight as ICANN “backtracks” on piracy policing
ICANN has clarified that it will not terminate new gTLD registries that have piracy web sites in their zones, potentially inflaming an ongoing fight between domain companies and intellectual property interests.
This week’s ICANN 56 policy meeting in Helsinki saw registries and the Intellectual Property Constituency clash over whether an ICANN rule means that registries breach their contract if they don’t suspend piracy domains.
Both sides have different interpretation of the rule, found in the so-called “Public Interest Commitments” or PICs that can be found in Specification 11 of every new gTLD Registry Agreement.
But ICANN chair Steve Crocker, in a letter to the IPC last night, seemed to side strongly with the registries’ interpretation.
Spec 11 states, among other things, that:
Registry Operator will include a provision in its Registry-Registrar Agreement that requires Registrars to include in their Registration Agreements a provision prohibiting Registered Name Holders from distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law, and providing (consistent with applicable law and any related procedures) consequences for such activities including suspension of the domain name.
A literal reading of this, and the reading favored by registries, is that all registries have to do to be in compliance is to include the piracy prohibitions in their Registry-Registrar Agreement, essentially passing off responsibility for piracy to registrars (which in turn pass of responsibility to registrants).
Registries believe that the phrase “consistent with applicable law and related procedures” means they only have to suspend a domain name when they receive a court order.
Members of the IPC, on the other hand, say this reading is ridiculous.
“We don’t know what this clause means,” Marc Trachtenberg of the IPC said during a session in Helsinki on Tuesday. “It’s got to mean something. It can’t just mean you have to put a provision into a contract, that’s pointless.”
“To put a provision into a contract that you’re not going to enforce, has no meaning,” he added. “And to have a clause that a registry operator or registrar has to comply with a court order, that’s meaningless also. Clearly a registry operator has to comply with a court order.”
Some IPC members think ICANN has “backtracked” by introducing the PICs concept then failing to enforce it.
IPC members in general believe that registries are supposed to not only require their registrars to ban piracy sites, but also to suspend piracy domains when they’re told about them.
Registries including Donuts have started doing this recently on a voluntary basis with partners such as the Motion Picture Association of America, but believe that ICANN should not be in the business of content policing.
“[Spec 11] doesn’t say what some members of the IPC think it says,” Donuts VP Jon Nevett said during the Helsinki session. “To say we’re in blatant violation of that PIC and that ICANN is not enforcing that PIC is problematic.”
The fight kicked off face-to-face in Helsinki, but it has been happening behind the scenes for several months.
The IPC got mad back in February when Crocker, responding to Governmental Advisory Committee concerns about intellectual property abuse, said the issue “appears to be outside of our mandate” (pdf).
That’s a reference to ICANN’s strengthening resolve that it is not and should not be the internet’s “content police”.
In April (pdf) and June (pdf) letters, IPC president Greg Shatan and the Coalition for Online Accountability’s Steve Metalitz called on Crocker to clarify this statement.
Last night, he did, and the clarification is unlikely to make the IPC happy.
Crocker wrote (pdf):
ICANN will bring enforcement actions against Registries that fail to include the required prohibitions and reservations in its end-user agreements and against Registrars that fail to main the required abuse point of contact…
This does not mean, however, that ICANN is required or qualified to make factual and legal determinations as to whether a Registered Name Holder or website operator is violating applicable laws and governmental regulations, and to assess what would constitute an appropriate remedy in any particular situation.
This seems pretty clear — new gTLD registries are not going to be held accountable for domains used for content piracy.
The debate may not be over however.
During Helsinki there was a smaller, semi-private (recorded but not webcast live) meeting of the some registries, IPC and GAC members, hosted by ICANN board member Bruce Tonkin, which evidently concluded that more discussion is needed to reach a common understanding of just what the hell these PICs mean.
Radix joins the Hollywood content police
Radix has become the second major gTLD registry to announce a content policing deal with the movie industry.
It today said it has signed an agreement with the Motion Picture Association of America similar to the one Donuts announced in February.
Like Donuts, Radix will treat the MPAA as a “trusted notifier” for the purposes of taking down “large-scale pirate websites”.
Radix said the deal “imposes strict standards for such referrals, including that they be accompanied by evidence of clear and pervasive copyright infringement, and a representation that the MPAA has first attempted to contact the registrar and hosting provider for resolution.”
Donuts described its notifier program in this document (pdf). Radix said its arrangement is “similar”.
The Donuts-MPAA deal proved somewhat controversial.
The Electronic Frontier Foundation invoked the slippery slope argument, saying of it:
The danger in agreements like this is that they could become a blanket policy that Internet users cannot avoid. If what’s past is prologue, expect to see MPAA and other groups of powerful media companies touting the Donuts agreement as a new norm, and using it to push ICANN and governments towards making all domain name registries disable access to an entire website on a mere accusation of infringement.
The EFF said these kinds of deals could ultimately lead to legal freedom of speech being curtailed online.
We’re not quite there yet — right now we have two gTLD registries (albeit covering over 200 gTLDs) and one trusted notifier — but I expect more similar deals in future, branching out into different industries such as music and pharamaceuticals.
The deals stem in part from the Domain Name Association’s Healthy Domains Initiative, which aims to avoid ICANN/government regulation by creating voluntary best practices for the industry.
The advantage of a voluntary arrangement is that there’s no risk of a terminal sanction — such as losing your registry contract — if you fail to live up to its terms.
Radix’s portfolio includes .website, .space, .online and .tech. It’s also a .music and .web applicant.
Rape ban results in just one .uk takedown, but piracy suspensions soar
Nominet’s controversial policy of suspending domain names that appear to condone rape resulted in one .uk domain being taken down last year.
That’s according to a summary of take-downs published by Nominet yesterday.
The report (pdf) reveals that 3,889 .uk names were taken down in the 12 months to October 31, 2015.
That’s up on the the 948 domains suspended in the six months to October 31, 2014.
The vast majority — 3,610 — were as a result of complaints from the Police Intellectual Property Crime Unit. In the October 2014 period, that unit was responsible for 839 suspensions.
Unlike these types of suspensions, which deal with the allegedly illegal content of web sites, the “offensive names” ban deals purely with the words in the domain names.
Nominet’s systems automatically flagged 2,407 names as potentially in breach of the policy — most likely because they contained the string “rape” or similar — in the 12 months.
But only one of those was judged, upon human perusal, in breach.
In the previous 12 months period, 11 domains were suspended based on this policy, but nine of those had been registered prior to the implementation of the policy early in 2014.
The policy, which bans domains that “promote or incite serious sexual violence”, was put in place following an independent review by Lord Macdonald.
He was recruited for advice due to government pressure following a couple of lazy anti-porn articles, both based on questionable research by a single anti-porn campaigner, in the right-wing press.
Assuming it takes a Nominet employee five minutes to manually review a .uk domain for breach, it seems the company is paying for 200 person-hours per year, or 25 working days, to take down one or two domain names that probably wouldn’t have caused any actual harm anyway.
Great policy.
Donuts makes Hollywood content policing deal
Donuts has made a deal with the American movie industry that will make it easier to take down piracy domains.
The Motion Picture Association of America has been given a “Trusted Notifier” status, and the two companies have agreed upon a domain take-down framework.
The agreement targets “large-scale pirate websites”, Donuts said.
It’s the first such deal Donuts has made, executive VP Jon Nevett told DI, but it’s likely to be extended into other industries, possibility including music, pharmaceuticals and child abuse prevention.
“This could be a model for not just content-related issues,” he said.
Nevett did not want to get into much detail about the specifics of the take-down process by discussing the definition of “large scale” or timing, but he did say that the MPAA has an obligation to do manual research into each domain it wants suspending.
After it receives a report from the MPAA, Donuts will reach out to the registrar and registrant to ask for an explanation of the alleged piracy.
A decision to suspend the domain or leave it alone would be made “solely in our discretion”, Nevett said.
Donuts already has this in its acceptable use policy, which reads in part:
Donuts reserves the right, at its sole discretion and at any time and without limitation, to deny, suspend, cancel, redirect, or transfer any registration or transaction, or place any domain name(s) on registry lock, hold, or similar status as it determines necessary for any of the following reasons:
…
domain name use is abusive or violates this AUP, or a third party’s rights or acceptable use policies, including but not limited to the infringement of any copyright or trademark;
While Donuts is the registry for .movie and .theater, the MPAA agreement applies to all of its almost 200 gTLDs.
The announcement comes the day before the Domain Name Association meets to discuss its Healthy Domains Initiative.
Nevett said that DNA members will meet tomorrow with law enforcement, IP owners, and abuse prevention and security folk to seek input on the question “What are tenets of healthy domain ecosystem?”
That input will be discussed at a subsequent DNA meeting, likely to coincide with the ICANN meeting in Marrakech this April.
The eventual goal is to come up with a set of voluntary best practices for registries and registrars.
Nevett stressed that the MPAA deal, and whatever the DNA comes up with, are voluntary agreements made outside the auspices of ICANN’s contracts.
Despite this, the “Trusted Notifier” concept does put me in mind of section 3.18 of the Registrar Accreditation Agreement, where governmental or affiliated entities are given special powers to have dodgy domains investigated and suspended.
Pirates lose privacy rights under new ICANN rules
People operating piracy web sites would have a harder time keeping their personal information private under new ICANN rules.
ICANN’s GNSO Council last night approved a set of recommendations that lay down the rules of engagement for when trademark and copyright owners try to unmask Whois privacy users.
Among other things, the new rules would make it clear that privacy services are not permitted to reject requests to reveal a domain’s true owner just because the IP-based request relates to the content of a web site rather than just its domain name.
The recommendations also contain safeguards that would allow registrants to retain their privacy if, for example, their safety would be at risk if their identities were revealed.
The 93-page document (pdf) approved unanimously by the Council carries a “Illustrative Disclosure Framework” appendix that lays out the procedures in some depth.
The framework only covers requests from IP owners to proxy/privacy services. The GNSO was unable to come up with a similar framework for dealing with, for example, requests from law enforcement agencies.
It states flatly:
Disclosure [of the registrant’s true Whois details] cannot be refused solely for lack of any of the following: (i) a court order; (ii) a subpoena; (iii) a pending civil action; or (iv) a UDRP or URS proceeding; nor can refusal to disclose be solely based on the fact that the Request is founded on alleged intellectual property infringement in content on a website associated with the domain name.
This fairly explicitly prevents privacy services (which in most cases are registrars) using the “we don’t regulate content” argument to shoot down disclosure requests from IP owners.
Some registrars were not happy about this paragraph in early drafts, yet it remains.
Count that as a win for the IP lobby.
However, the new recommendations spend a lot more time giving IP owners a quite strict set of guidelines for how to file such requests in the first place.
If they persistently spam the registrar with automated disclosure requests, the registrar is free to ignore them. They can even share details of spammy IP owners with other registrars.
The registrar is also free to ignore requests that, for example, don’t give the exact or representative URL of an alleged copyright infringement, or if the requester has not first attempted to contact the registrant via an email relay service, should one be in place.
The registrant also gets a 15-day warning that somebody has requested their private details, during which, if they value their privacy more than their web site, they’re able to relinquish their domain and remain anonymous.
If the registrant instead uses that time to provide a good reason why they’re not infringing the requester’s rights, and the privacy service agrees, the request can also be denied.
The guidelines would make it easier for privacy service operators to understand what their obligations are. By formalizing the request format, it should make it easier to separate legit requests from the spurious requests.
They’re even allowed to charge IP owners a nominal fee to streamline the processing of their requests.
While these recommendations have been approved by the GNSO Council, they need to be approved by the ICANN board before becoming the law of the ‘net.
They also need to pass through an implementation process (conducted by ICANN staff and GNSO members) that turns the recommendations into written procedures and contracts which, due to their complexity, I have a hunch will take some time.
The idea is that the rules will form part of an accreditation program for privacy/proxy services, administered by ICANN.
Registrars would only be able to use P/P services that agree to follow these rules and that have been accredited by ICANN.
It seems to me that the new rules may be quite effective at cracking down on rogue, “bulletproof” registrars that automatically dismiss piracy-based disclosure requests by saying they’re not qualified to adjudicate copyright disputes.
Radiohead backs .music community bid
Ed O’Brien, guitarist with the band Radiohead, has become the latest musician to throw his support behind DotMusic’s community-based application for the new gTLD .music.
In a letter to ICANN today (pdf), O’Brien said that if DotMusic loses its ongoing Community Priority Evaluation, it will “be setting back the world’s chances of a Fair Trade Music Industry by many years”.
“I challenge The Internet Corporation for Assigned Names and Numbers views that the global music community to which I belong does not exist,” he wrote.
He’s arguably the highest-profile musician to support DotMusic to date. Radiohead have sold over 30 million records and a few years ago O’Brien was ranked by Rolling Stone as the 59th greatest guitarist of all time.
The phrase “Fair Trade Music Industry” appears to have been coined last week at TechCrunch Disrupt by Grammy-nominated musician Imogen Heap, another one of DotMusic’s celebrity supporters.
It refers to the notion that artists should be fairly compensated for their work, opposing services such as Spotify, which reportedly pays artists less than a tenth of a cent every time one of their songs is played.
Both Heap and Radiohead are noted for their innovative uses of technology in their music (for example, listen to Radiohead’s incredible 1997 album OK Computer, bootlegs of which are available to stream for free on YouTube).
Radiohead is also known for its love-hate relationship with internet-based music business models.
In 2007, Radiohead released a new album for free on its web site, allowing fans to set their own price. But in 2013, it pulled its back catalog from Spotify, with lead singer Thom Yorke calling the service “the last desperate fart of a dying corpse”.
Its music is back on Spotify now.
But you can see why the band would support DotMusic’s application for .music, which proposes a number of novel rights protection mechanisms covering not just trademarks, but also copyright.
One interesting proposal is to ban any domain name from .music if a matching domain in another TLD has received over 10,000 copyright infringement notices from a big music industry body. This is to prevent TLD “hopping” affecting .music.
So, for example, if thepiratebay.com had received 10,000 notices, thepiratebay.music would be permanently blocked from registration.
The company is proposing a somewhat restricted namespace too, where only “community members” are allowed to register domains.
But prospective registrants merely need to self-identify as a member of one of the community’s dozens of subsets — which includes “fans” and “bloggers” — in order to register.
Parking will be prohibited, however, which would cut down on domain investor speculation.
Quite how .music will enhance the move for “fair trade” for artists is not entirely clear from O’Brien’s letter. After .music launches, there will still be hundreds of other TLDs that do not have DotMusic’s rules in place.
It’s also unlikely that the Economist Intelligence Unit, which is currently handling the CPE, will even see O’Brien’s letter.
ICANN told DotMusic (pdf) recently that the EIU “may not consider” any support letters received after October 13, which was two months after the official deadline for letters to be submitted.
DotMusic has letters of support — mostly the same letter with a different signature — from literally hundreds of musicians, trade groups, producers and publishers.
CEO Constantine Roussos told DI last week that it has more support letters than all the other “Community” gTLD applicants combined.
He said he’s confident that DotMusic’s CPE will be successful, citing positive precedent set by EIU panels in .osaka, .hotel and .radio CPE cases.
But the closest precedent we have so far is the Far Further application for .music, which comprehensively lost its CPE a year ago, scoring just three points out of the available 16, well short of the 14-point passing score.
There are differences between the applications, but Far Further’s CPE panel told it that there was no such thing as “the music community”, which sets a pretty high bar for DotMusic to leap.
If DotMusic wins its CPE, the remaining seven competing applications for the string get kicked out of the program. If it loses, it goes to an auction it has little chance of winning.
Grogan hopeful of content policing clarity within “a few weeks”
ICANN may be able to provide registrars, intellectual property interests and others with clarity about when domain names should be suspended as early as next month, according to compliance chief Allen Grogan.
With ICANN 53 kicking off in Buenos Aires this weekend, Grogan said he intends to meet with a diverse set of constituents in order to figure out what the Registrar Accreditation Agreement requires registrars to do when they receive abuse complaints.
“I’m hopeful we can publish something in the next few weeks,” he told DI. “It depends to some extent on what direction the discussions take.”
The discussions center on whether registrars are doing enough to take down domains that are being used, for example, to host pirated content or to sell medicines across borders.
Specifically at issue is section 3.18 of the 2013 RAA.
It requires registrars to take “reasonable and prompt steps to investigate and respond appropriately” when they receive abuse reports.
The people who are noisiest about filing such reports — IP owners and pharmacy watchdogs such as LegitScript — reckon “appropriate action” means the domain in question should be suspended.
The US Congress heard these arguments in hearings last month, but there were no witnesses from the ICANN or registrar side to respond.
Registrars don’t think they should be put in the position of having to turn off what may be a perfectly legitimate web site due to a unilateral complaint that may be flawed or frivolous.
ICANN seems to be erring strongly towards the registrars’ view.
“Whatever the terms of the 2013 RAA mean, it can’t really be interpreted as a broad global commitment for ICANN to enforce all illegal activity or all laws on the internet,” Grogan told DI.
“I don’t think ICANN is capable of that, I don’t think we have the expertise or resources to do that, and I don’t think the ICANN multistakeholder community has ever had that discussion and delegated that authority to ICANN,” he said.
CEO Fadi Chehade recently told the Washington Post that it isn’t ICANN’s job to police web content, and Grogan has expanded on that view in a blog post last week.
Grogan notes that what kind of content violates the law varies wildly from country to country — some states will kill you for blasphemy, in some you can get jail time for denying the Holocaust, in others political dissent is a crime.
“Virtually everybody I’ve spoken with has said that is far outside the scope of ICANN’s remit,” he said.
However, he’s leaving some areas open for discussion,
“There are some constituents, including some participants in the [Congressional] hearing — from the intellectual property community and LegitScript — who think there’s a way to distinguish some kinds of illegal activities from others,” he said. “That’s a discussion I’m willing to have.”
The dividing line could be substantial risk to public health or activities that are broadly, globally deemed to be illegal. Child abuse material is the obvious one, but copyright infringement — where Grogan said treaties show “near unanimity” — could be too.
So is ICANN saying it’s not the content police except when it comes to pharmacies and intellectual property?
“No,” said Grogan. “I’m saying I’m willing to engage in that dialogue and have that conversation with the community to see if there’s consensus that some activities are different to others.”
“In a multistakeholder model I don’t think any one constituency should control,” he said.
In practical terms, this all boils down to 3.18 of the RAA, and what steps registrars must take to comply with it.
It’s a surprisingly tricky one even if, like Grogan, you’re talking about “minimum criteria” for compliance.
Should registrars, for example, be required to always check out the content of domains that are the subject of abuse reports? It seems like a no-brainer.
But Grogan points out that even though there could be broad consensus that child abuse material should be taken down immediately upon discovery, in many places it could be illegal for a registrar employee to even check the reported URL, lest they download unwanted child porn.
Similarly, it might seem obvious that abuse reports should be referred to the domain’s registrant for a response. But what of registrars owned by domain investors, where registrar and registrant are one and the same?
These and other topics will come up for discussion in various sessions next week, and Grogan said he’s hopeful that decisions can be made that do not need to involve formal policy development processes or ICANN board action.
Is the Defending Internet Freedom Act pro-crime?
The Defending Internet Freedom Act of 2015, introduced to the US Congress last month, contains a provision that could be interpreted as pro-pron, pro-piracy or even just pro-crime.
The act is designed to prevent the US giving up its oversight of ICANN/IANA unless certain quite strict conditions are met.
It’s a revised version of a bill that was introduced last year but didn’t make it through the legislative process.
Like the 2014 version, it says that the US cannot sever ties with ICANN until its bylaws have been amended in various ways, including:
ICANN is prohibited from engaging in activities unrelated to ICANN’s core mission or entering into an agreement or modifying an existing agreement to impose on a registrar or registry with which ICANN conducts business any condition (such as a condition relating to the regulation of content) that is unrelated to ICANN’s core mission.
It’s the “regulation of content” bit that caught my eye.
Presumably written as a fluffy, non-controversial protection against censorship, it ignores where the real content regulation conversations are happening within the ICANN community.
It’s a constant mantra of ICANN that is “doesn’t regulate content”, but the veracity of that assertion has been chipped away relentlessly over the last several years by law enforcement, governments and intellectual property interests.
Today, ICANN’s contracts are resplendent with examples of what could be argued is content regulation.
Take .sucks, for a timely example. Its Registry Agreement with ICANN contains provisions banning pornography, cyber-bulling and parked pages.
That’s three specific types of content that must not be allowed in any web site using a .sucks domain.
It’s one of the Public Interest Commitments that were voluntarily put forward by .sucks registry Vox Populi, but they’re still enforceable contract provisions.
Using a dispute resolution process (PICDRP), ICANN would be able to levy fines against Vox Pop, or terminate its contract entirely, if it repeatedly allows porn in .sucks web sites.
This sounds quite a lot like content regulation to me.
It’s not just .sucks, of course. Other registries have PICs that regulate the content of their gTLDs.
And every contracted new gTLD registry operator has to agree to this PIC:
Registry Operator will include a provision in its Registry-Registrar Agreement that requires Registrars to include in their Registration Agreements a provision prohibiting Registered Name Holders from distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law, and providing (consistent with applicable law and any related procedures) consequences for such activities including suspension of the domain name.
It’s convoluted, but it basically indirectly forces (via registrars) new gTLD domain registrants to, for example, agree to not infringe copyright.
The PIC is paired with a provision (3.18) of the 2013 Registrar Accreditation Agreement that requires all registrars to investigate and “take necessary and appropriate actions” in response to abuse reports within 24 hours of receipt.
Section 3.18 is essentially the RAA mechanism through which ICANN can enforce the PIC from the RA.
This is currently one of the most divisive issues in the ICANN community, as we witnessed during the recent Congressional hearings into ICANN oversight.
On the one hand, big copyright owners and online pharmacy watchdogs want ICANN to act much more ruthlessly against registrars that fail to immediately take down sites that they have identified as abusive.
On the other hand, some registrars say that they should not have to engage in regulating what content their customers publish, at least without court orders, in areas that can sometimes be amorphously grey and fuzzy.
Steve Metalitz, from a trade group that represents the movie and music industies at ICANN, told the US Congress that registrars are dismissing piracy reports without investigating them, and that “unless registrars comply in good faith, and ICANN undertakes meaningful and substantive action against those who will not, these provisions will simply languish as empty words”.
John Horton from pharmacy watchdog used the same Congressional hearing to out several registrars he said were refusing to comply with 3.18.
One Canadian registrar named in Horton’s testimony told DI that every complaint it has received from LegitScript has been about a web site that is perfectly legal in Canada.
In at least some cases, it seems that those pushing for ICANN to more stringently regulate content may have “internet freedom” as the least of their concerns.
If the Defending Internet Freedom Act becomes law in the US, perhaps it could prove a boon to registries and registrars upset with constant meddling from rights owners and others.
On the other hand, perhaps it could also prove a boon for those operating outside the law.
KickAssTorrents continues world tour after latest ccTLD ban
One of the most popular sites for finding copyright-infringing BitTorrent files is reportedly heading to Costa Rica after its latest choice of ccTLD banned it.
KickAssTorrents, which is about the 100th most-popular site on the web, had moved to kickasstorrents.im yesterday, but found its new domain deleted by the Isle of Man registry in a matter of hours.
The site’s owners have TorrentFreak said they now plan to move to kat.cr, in the Costa Rican ccTLD.
KAT has previously been hosted in Somalia’s .so, Tonga’s .to and the Philippines’ .ph.
Here in the UK, major ISPs are obliged to block access to the site after a court ruling.
Cops can’t block domain transfers without court order, NAF rules
Law enforcement and IP owners were dealt a setback last week when the National Arbitration Forum ruled that they cannot block domain transfers unless they have a court order.
The ruling could make it more difficult for registrars to acquiesce to requests from police trying to shut down piracy sites, as they might technically be in breach of their ICANN contracts.
NAF panelist Bruce Meyerson made the call in a Transfer Dispute Resolution Policy ruling after a complaint filed by EasyDNS against Directi (PublicDomainRegistry.com).
You’re probably asking right about now: “The what policy?”
I had to look it up, too.
TDRP, it turns out, has been part of the ICANN rulebook since the Inter-Registrar Transfer Policy was adopted in 2004.
It’s designed for disputes where one registrar refuses to transfer a domain to another. As part of the IRTP, it’s a binding part of the Registrar Accreditation Agreement.
It seems to have been rarely used in full over the last decade, possibly because the first point of complaint is the registry for the TLD in question, with only appeals going to a professional arbitrator.
Only NAF and the Asian Domain Name Dispute Resolution Centre are approved to handle such cases, and their respective records show that only one TDRP appeal has previously filed, and that was in 2013.
In the latest case, Directi had refused to allow the transfer of three domains to EasyDNS after receiving a suspension request from the Intellectual Property Crime Unit of the City of London Police.
The IPCU had sent suspension requests, targeting music download sites “suspected” of criminal activity, to several registrars.
The three sites — maxalbums.com, emp3world.com, and full-albums.net — are all primarily concerned with hosting links to pirated music while trying to install as much adware as possible on visitors’ PCs.
The registrants of the names had tried to move from India-based Directi to Canada-based EasyDNS, but found the transfers denied by Directi.
EasyDNS, which I think it’s fair to say is becoming something of an activist when it come to this kind of thing, filed the TDRP first with Verisign then appealed its “No Decision” ruling to NAF.
NAF’s Meyerson delivered a blunt, if reluctant-sounding, win to EasyDNS:
Although there are compelling reasons why the request from a recognized law enforcement agency such as the City of London Police should be honored, the Transfer Policy is unambiguous in requiring a court order before a Registrar of Record may deny a request to transfer a domain name… The term “court order” is unambiguous and cannot be interpreted to be the equivalent of suspicion of wrong doing by a policy agency.
To permit a registrar of record to withhold the transfer of a domain based on the suspicion of a law enforcement agency, without the intervention of a judicial body, opens the possibility for abuse by agencies far less reputable than the City of London Police.
That’s a pretty unambiguous statement, as far as ICANN policy is concerned: no court order, no transfer block.
It’s probably not going to stop British cops trying to have domains suspended based on suspicion alone — the Metropolitan Police has a track record of getting Nominet to suspend thousands of .uk domains in this way — but it will give registrars an excuse to decline such requests when they receive them, if they want the hassle.
Recent Comments