Latest news of the domain name industry

Recent Posts

Radix joins the Hollywood content police

Radix has become the second major gTLD registry to announce a content policing deal with the movie industry.

It today said it has signed an agreement with the Motion Picture Association of America similar to the one Donuts announced in February.

Like Donuts, Radix will treat the MPAA as a “trusted notifier” for the purposes of taking down “large-scale pirate websites”.

Radix said the deal “imposes strict standards for such referrals, including that they be accompanied by evidence of clear and pervasive copyright infringement, and a representation that the MPAA has first attempted to contact the registrar and hosting provider for resolution.”

Donuts described its notifier program in this document (pdf). Radix said its arrangement is “similar”.

The Donuts-MPAA deal proved somewhat controversial.

The Electronic Frontier Foundation invoked the slippery slope argument, saying of it:

The danger in agreements like this is that they could become a blanket policy that Internet users cannot avoid. If what’s past is prologue, expect to see MPAA and other groups of powerful media companies touting the Donuts agreement as a new norm, and using it to push ICANN and governments towards making all domain name registries disable access to an entire website on a mere accusation of infringement.

The EFF said these kinds of deals could ultimately lead to legal freedom of speech being curtailed online.

We’re not quite there yet — right now we have two gTLD registries (albeit covering over 200 gTLDs) and one trusted notifier — but I expect more similar deals in future, branching out into different industries such as music and pharamaceuticals.

The deals stem in part from the Domain Name Association’s Healthy Domains Initiative, which aims to avoid ICANN/government regulation by creating voluntary best practices for the industry.

The advantage of a voluntary arrangement is that there’s no risk of a terminal sanction — such as losing your registry contract — if you fail to live up to its terms.

Radix’s portfolio includes .website, .space, .online and .tech. It’s also a .music and .web applicant.

Rape ban results in just one .uk takedown, but piracy suspensions soar

Kevin Murphy, February 19, 2016, Domain Registries

Nominet’s controversial policy of suspending domain names that appear to condone rape resulted in one .uk domain being taken down last year.

That’s according to a summary of take-downs published by Nominet yesterday.

The report (pdf) reveals that 3,889 .uk names were taken down in the 12 months to October 31, 2015.

That’s up on the the 948 domains suspended in the six months to October 31, 2014.

The vast majority — 3,610 — were as a result of complaints from the Police Intellectual Property Crime Unit. In the October 2014 period, that unit was responsible for 839 suspensions.

Unlike these types of suspensions, which deal with the allegedly illegal content of web sites, the “offensive names” ban deals purely with the words in the domain names.

Nominet’s systems automatically flagged 2,407 names as potentially in breach of the policy — most likely because they contained the string “rape” or similar — in the 12 months.

But only one of those was judged, upon human perusal, in breach.

In the previous 12 months period, 11 domains were suspended based on this policy, but nine of those had been registered prior to the implementation of the policy early in 2014.

The policy, which bans domains that “promote or incite serious sexual violence”, was put in place following an independent review by Lord Macdonald.

He was recruited for advice due to government pressure following a couple of lazy anti-porn articles, both based on questionable research by a single anti-porn campaigner, in the right-wing press.

Assuming it takes a Nominet employee five minutes to manually review a .uk domain for breach, it seems the company is paying for 200 person-hours per year, or 25 working days, to take down one or two domain names that probably wouldn’t have caused any actual harm anyway.

Great policy.

Donuts makes Hollywood content policing deal

Kevin Murphy, February 9, 2016, Domain Registries

Donuts has made a deal with the American movie industry that will make it easier to take down piracy domains.

The Motion Picture Association of America has been given a “Trusted Notifier” status, and the two companies have agreed upon a domain take-down framework.

The agreement targets “large-scale pirate websites”, Donuts said.

It’s the first such deal Donuts has made, executive VP Jon Nevett told DI, but it’s likely to be extended into other industries, possibility including music, pharmaceuticals and child abuse prevention.

“This could be a model for not just content-related issues,” he said.

Nevett did not want to get into much detail about the specifics of the take-down process by discussing the definition of “large scale” or timing, but he did say that the MPAA has an obligation to do manual research into each domain it wants suspending.

After it receives a report from the MPAA, Donuts will reach out to the registrar and registrant to ask for an explanation of the alleged piracy.

A decision to suspend the domain or leave it alone would be made “solely in our discretion”, Nevett said.

Donuts already has this in its acceptable use policy, which reads in part:

Donuts reserves the right, at its sole discretion and at any time and without limitation, to deny, suspend, cancel, redirect, or transfer any registration or transaction, or place any domain name(s) on registry lock, hold, or similar status as it determines necessary for any of the following reasons:

domain name use is abusive or violates this AUP, or a third party’s rights or acceptable use policies, including but not limited to the infringement of any copyright or trademark;

While Donuts is the registry for .movie and .theater, the MPAA agreement applies to all of its almost 200 gTLDs.

The announcement comes the day before the Domain Name Association meets to discuss its Healthy Domains Initiative.

Nevett said that DNA members will meet tomorrow with law enforcement, IP owners, and abuse prevention and security folk to seek input on the question “What are tenets of healthy domain ecosystem?”

That input will be discussed at a subsequent DNA meeting, likely to coincide with the ICANN meeting in Marrakech this April.

The eventual goal is to come up with a set of voluntary best practices for registries and registrars.

Nevett stressed that the MPAA deal, and whatever the DNA comes up with, are voluntary agreements made outside the auspices of ICANN’s contracts.

Despite this, the “Trusted Notifier” concept does put me in mind of section 3.18 of the Registrar Accreditation Agreement, where governmental or affiliated entities are given special powers to have dodgy domains investigated and suspended.

Pirates lose privacy rights under new ICANN rules

Kevin Murphy, January 22, 2016, Domain Registrars

People operating piracy web sites would have a harder time keeping their personal information private under new ICANN rules.

ICANN’s GNSO Council last night approved a set of recommendations that lay down the rules of engagement for when trademark and copyright owners try to unmask Whois privacy users.

Among other things, the new rules would make it clear that privacy services are not permitted to reject requests to reveal a domain’s true owner just because the IP-based request relates to the content of a web site rather than just its domain name.

The recommendations also contain safeguards that would allow registrants to retain their privacy if, for example, their safety would be at risk if their identities were revealed.

The 93-page document (pdf) approved unanimously by the Council carries a “Illustrative Disclosure Framework” appendix that lays out the procedures in some depth.

The framework only covers requests from IP owners to proxy/privacy services. The GNSO was unable to come up with a similar framework for dealing with, for example, requests from law enforcement agencies.

It states flatly:

Disclosure [of the registrant’s true Whois details] cannot be refused solely for lack of any of the following: (i) a court order; (ii) a subpoena; (iii) a pending civil action; or (iv) a UDRP or URS proceeding; nor can refusal to disclose be solely based on the fact that the Request is founded on alleged intellectual property infringement in content on a website associated with the domain name.

This fairly explicitly prevents privacy services (which in most cases are registrars) using the “we don’t regulate content” argument to shoot down disclosure requests from IP owners.

Some registrars were not happy about this paragraph in early drafts, yet it remains.

Count that as a win for the IP lobby.

However, the new recommendations spend a lot more time giving IP owners a quite strict set of guidelines for how to file such requests in the first place.

If they persistently spam the registrar with automated disclosure requests, the registrar is free to ignore them. They can even share details of spammy IP owners with other registrars.

The registrar is also free to ignore requests that, for example, don’t give the exact or representative URL of an alleged copyright infringement, or if the requester has not first attempted to contact the registrant via an email relay service, should one be in place.

The registrant also gets a 15-day warning that somebody has requested their private details, during which, if they value their privacy more than their web site, they’re able to relinquish their domain and remain anonymous.

If the registrant instead uses that time to provide a good reason why they’re not infringing the requester’s rights, and the privacy service agrees, the request can also be denied.

The guidelines would make it easier for privacy service operators to understand what their obligations are. By formalizing the request format, it should make it easier to separate legit requests from the spurious requests.

They’re even allowed to charge IP owners a nominal fee to streamline the processing of their requests.

While these recommendations have been approved by the GNSO Council, they need to be approved by the ICANN board before becoming the law of the ‘net.

They also need to pass through an implementation process (conducted by ICANN staff and GNSO members) that turns the recommendations into written procedures and contracts which, due to their complexity, I have a hunch will take some time.

The idea is that the rules will form part of an accreditation program for privacy/proxy services, administered by ICANN.

Registrars would only be able to use P/P services that agree to follow these rules and that have been accredited by ICANN.

It seems to me that the new rules may be quite effective at cracking down on rogue, “bulletproof” registrars that automatically dismiss piracy-based disclosure requests by saying they’re not qualified to adjudicate copyright disputes.

Radiohead backs .music community bid

Kevin Murphy, December 15, 2015, Domain Registries

Ed O’Brien, guitarist with the band Radiohead, has become the latest musician to throw his support behind DotMusic’s community-based application for the new gTLD .music.

In a letter to ICANN today (pdf), O’Brien said that if DotMusic loses its ongoing Community Priority Evaluation, it will “be setting back the world’s chances of a Fair Trade Music Industry by many years”.

“I challenge The Internet Corporation for Assigned Names and Numbers views that the global music community to which I belong does not exist,” he wrote.

He’s arguably the highest-profile musician to support DotMusic to date. Radiohead have sold over 30 million records and a few years ago O’Brien was ranked by Rolling Stone as the 59th greatest guitarist of all time.

The phrase “Fair Trade Music Industry” appears to have been coined last week at TechCrunch Disrupt by Grammy-nominated musician Imogen Heap, another one of DotMusic’s celebrity supporters.

It refers to the notion that artists should be fairly compensated for their work, opposing services such as Spotify, which reportedly pays artists less than a tenth of a cent every time one of their songs is played.

Both Heap and Radiohead are noted for their innovative uses of technology in their music (for example, listen to Radiohead’s incredible 1997 album OK Computer, bootlegs of which are available to stream for free on YouTube).

Radiohead is also known for its love-hate relationship with internet-based music business models.

In 2007, Radiohead released a new album for free on its web site, allowing fans to set their own price. But in 2013, it pulled its back catalog from Spotify, with lead singer Thom Yorke calling the service “the last desperate fart of a dying corpse”.

Its music is back on Spotify now.

But you can see why the band would support DotMusic’s application for .music, which proposes a number of novel rights protection mechanisms covering not just trademarks, but also copyright.

One interesting proposal is to ban any domain name from .music if a matching domain in another TLD has received over 10,000 copyright infringement notices from a big music industry body. This is to prevent TLD “hopping” affecting .music.

So, for example, if thepiratebay.com had received 10,000 notices, thepiratebay.music would be permanently blocked from registration.

The company is proposing a somewhat restricted namespace too, where only “community members” are allowed to register domains.

But prospective registrants merely need to self-identify as a member of one of the community’s dozens of subsets — which includes “fans” and “bloggers” — in order to register.

Parking will be prohibited, however, which would cut down on domain investor speculation.

Quite how .music will enhance the move for “fair trade” for artists is not entirely clear from O’Brien’s letter. After .music launches, there will still be hundreds of other TLDs that do not have DotMusic’s rules in place.

It’s also unlikely that the Economist Intelligence Unit, which is currently handling the CPE, will even see O’Brien’s letter.

ICANN told DotMusic (pdf) recently that the EIU “may not consider” any support letters received after October 13, which was two months after the official deadline for letters to be submitted.

DotMusic has letters of support — mostly the same letter with a different signature — from literally hundreds of musicians, trade groups, producers and publishers.

CEO Constantine Roussos told DI last week that it has more support letters than all the other “Community” gTLD applicants combined.

He said he’s confident that DotMusic’s CPE will be successful, citing positive precedent set by EIU panels in .osaka, .hotel and .radio CPE cases.

But the closest precedent we have so far is the Far Further application for .music, which comprehensively lost its CPE a year ago, scoring just three points out of the available 16, well short of the 14-point passing score.

There are differences between the applications, but Far Further’s CPE panel told it that there was no such thing as “the music community”, which sets a pretty high bar for DotMusic to leap.

If DotMusic wins its CPE, the remaining seven competing applications for the string get kicked out of the program. If it loses, it goes to an auction it has little chance of winning.