Latest news of the domain name industry

Recent Posts

Now the DNA backpedals on “Copyright UDRP”

Kevin Murphy, February 27, 2017, Domain Policy

The Domain Name Association has distanced itself from the Copyright ADRP, a key component of its Healthy Domains Initiative, after controversy.

The anti-piracy measure would have given copyright owners a process to seize or suspend domain names being used for massive-scale piracy, but it appears now to have been indefinitely shelved.

The DNA said late Friday that it has “elected to take additional time to consider the details” of the process, which many of us have been describing as “UDRP for Copyright”.

The statement came a day after .org’s Public Interest Registry announced that it was “pausing” its plan for a Systemic Copyright Infringement Alternative Dispute Resolution Policy modeled on UDRP.

PIR was the primary pen-holder on the DNA’s Copyright ADRP and the only registry to publicly state that it intended to implement it.

It’s my view that the system was largely created as a way to get rid of the thepiratebay.org, an unwelcome presence in the .org zone for years, without PIR having to take unilateral action.

The DNA’s latest statement does not state outright that the Copyright ADRP is off the table, but the organization has deleted references to it on its HDI web page page.

The HDI “healthy practices” recommendations continue to include advice to registries and registrars on handling malware, child abuse material and fake pharmaceuticals sites.

In the statement, the DNA says:

some have characterized [Copyright ADRP] as a needless concession to ill-intentioned corporate interests, represents “shadow regulation” or is a slippery slope toward greater third party control of content on the Internet.

While the ADR of course is none of these, the DNA’s concern is that worries over these seven recommendations have overshadowed the value of the remaining 30. While addressing this and other illegalities is a priority for HDI, we heard and listened to various feedback, and have elected to take additional time to consider the details of the ADR recommendations.

Thus, the DNA will take keen interest in any registrar’s or registry’s design and implementation of a copyright ADR, and will monitor its implementation and efficacy before refining its recommendations further.

The copyright proposal had been opposed by the Electronic Frontier Foundation, the Internet Commerce Association and other members of ICANN’s Non-Contracted Parties House.

In a blog post over the weekend, ICA counsel Phil Corwin wrote that he believed the proposal pretty much dead and the issue of using domains to enforce copyright politically untouchable:

While the PRI and DNA statements both leave open the possibility that they might revive development of the Copyright UDRP at some future time, our understanding is that there are no plans to do so. Further, notwithstanding the last sentence of the DNA’s statement, we believe that it is highly unlikely that any individual registrar or registry would advance such a DRP on its own without the protective endorsement of an umbrella trade association, or a multistakeholder organization like ICANN. Ever since the U.S. Congress abandoned the Stop Online Privacy Act (SOPA) in January 2012 after millions of protesting calls and emails flooded Capitol Hill, it has been clear that copyright enforcement is the third rail of Internet policy.

PIR slams brakes on “UDRP for copyright”

Kevin Murphy, February 24, 2017, Domain Policy

Public Interest Registry has “paused” its plan to allow copyright owners to seize .org domains used for piracy.

In a statement last night, PIR said the plans were being shelved in response to publicly expressed concerns.

The Systemic Copyright Infringement Alternative Dispute Resolution Policy was an in-house development, but had made its way into the Domain Name Association’s recently revealed “healthy practices” document, where it known as Copyright ADRP.

The process was to be modeled on UDRP and similarly priced, with Forum providing arbitration services. The key difference was that instead of trademark infringement in the domain, it dealt with copyright infringement on the associated web site.

PIR general counsel Liz Finberg had told us the standard for losing a domain would be “clear and convincing evidence” of “pervasive and systemic copyright infringement”.

Losers would either have their domain suspended or, like UDRP, seized by the complainant.

The system seemed to be tailor-made to give PIR a way to get thepiratebay.org taken down without violating the owner’s due process rights.

But the the announcement of Copyright ADRP drew an angry response from groups representing domain investors and free speech rights.

The Electronic Frontier Foundation said the system would be captured by the music and movie industries, and compared it to the failed Stop Online Piracy Act (SOPA) in the US.

The Internet Commerce Association warned that privatized take-down policies at registries opened the door for ICANN to be circumvented when IP interests don’t get what they want from the multi-stakeholder process.

I understand that members of ICANN’s Non-Contracted Parties House was on the verge of formally requesting PIR pause the program pending a wider consultation.

Some or all of these concerns appear to have hit home, with PIR issuing the following brief statement last night:

Over the past year, Public Interest Registry has been developing a highly focused policy that addresses systemic, large scale copyright infringement – the ”Systemic Copyright Infringement Alternative Dispute Resolution Policy” or SCDRP.

Given certain concerns that have been recently raised in the public domain, Public Interest Registry is pausing its SCDRP development process to reflect on those concerns and consider forward steps. We will hold any further development of the SCDRP until further notice.

SCDRP was described in general terms in the DNA’s latest Healthy Domains Initiative proposals, but PIR is the only registry to so far publicly express an interest in implementing such a measure.

Copyright ADRP may not be dead yet, but its future does not look bright.

UPDATE: This post was updated 2/26 to clarify that it was only “some members” of the NCPH that were intending to protest the Copyright ADRP.

The Pirate Bay likely to be sunk as .org adopts “UDRP for copyright”

Kevin Murphy, February 8, 2017, Domain Registries

Controversial piracy site The Pirate Bay is likely to be the first victim of a new industry initiative being described as “UDRP for copyright”.

The Domain Name Association today published a set of voluntary “healthy practices” that domain registries can adopt to help keep their TLDs clean of malware, child abuse material, fake pharmacies and mass piracy.

And Public Interest Registry, the company behind .org, tells DI that it hopes to adopt the UDRP-style anti-piracy measure by the end of the first quarter.

This is likely to lead to thepiratebay.org, the domain where The Pirate Bay has resided for some time, getting seized or deleted not longer after.

Under its Healthy Domains Initiative, the DNA is proposing a Copyright Alternative Dispute Resolution Policy that would enable copyright holders to get piracy web sites shut down.

The version of the policy published (pdf) by the DNA today is worryingly light on details. It does not explain exactly what criteria would have to be met before a registrant could lose their domain name.

But PIR general counsel Liz Finberg, the main architect of the policy, said that these details are currently being finalized in coordination with UDRP arbitration firm Forum (formerly the National Arbitration Forum).

The standard, she said, will be “clear and convincing evidence” of “pervasive and systemic copyright infringement”.

It’s designed to capture sites like The Pirate Bay and major torrent sites than do little but link to pirate content, and is not supposed to extend to sites that may inadvertently infringe or can claim “fair use”.

That said, it’s bound to be controversial. If 17 years of UDRP has taught us anything it’s that panelists, often at Forum, can take a liberal interpretation of policies, usually in favor of rights holders.

But Finberg said that because the system is voluntary for registries — it’s NOT an ICANN policy — registries could simply stop using it if it stops working as intended.

Filing a Copyright ADRP complaint will cost roughly about the same as filing a UDRP, typically under $1,500 in fees, she said.

Penalties could include the suspension or transfer of the domain name, but monetary damages would not be available.

Finberg said PIR chose to create the policy because she wasn’t comfortable with the lack of due process for registrants in alternative methods such as Trusted Notifier.

Trusted Notifier, in place at Donuts and Radix, gives the Motion Picture Association of America a special pass to notify registries about blatant piracy and, if the registry agrees, to have the domains suspended.

While stating that .org is a fairly clean namespace, Finberg acknowledged that there is one big exception.

“The Pirate Bay is on a .org, we’re not happy about that,” she said. “If I were to say what’s the one .org that is the prime candidate for being the very first one out of the gate, I would say it’s The Pirate Bay.”

Other registries have yet to publicly state whether they plan to adopt this leg of the DNA HDI recommendations.

Afilias retains .org back-end deal

Kevin Murphy, November 15, 2016, Domain Registries

Public Interest Registry is sticking with Afilias to run the .org registry back-end.

The announcement came yesterday after a open procurement process that lasted for most of 2016.

Over 20 back-end providers from 15 nations — basically the entire industry — responded to PIR’s February request for proposals, we reported back in March.

Afilias retaining the contract is not a huge surprise. The bidding process was widely believed to be a way for non-profit PIR to reduce its costs, believed to be among the highest in the industry.

PIR said yesterday:

Afilias was selected as the best value solution based on the objective criteria and requirements set forth in Public Interest Registry’s procurement process. It is anticipated that Afilias will commence operations under the new contractual agreement on Jan. 1, 2018.

It’s very likely that the new deal will be worth a lot less to Afilias than the current arrangement, which costs PIR about $33 million per year.

In 2013, the last year for which we have Afilias’ financials, .org brought in $31 million of its $77 million revenue.

It’s believed that PIR is currently paying about $3 per domain per year, but Kieren McCarthy at The Register, citing unnamed industry sources, reckons that’s now been bumped down to $2, saving PIR about $10 million per year.

The .org gTLD has about 11.2 million domains under management, but its numbers have been slipping for several months, according to registry reports.

Nominet has sights set on .org after M+M deal

Nominet chief Russell Haworth is hopeful that its new outsourcing deal with Minds + Machines will help it win a much more lucrative back-end contract — .org.

The company is among the 20-plus companies that have responded to Public Interest Registry’s request for proposals, as its back-end deal with Afilias comes to an end.

Nominet is one of a handful of companies — which would also include Verisign, Afilias, CNNIC and DENIC — that currently handles zones the size or larger than .org, which at over 10 million names is about the same size as .uk.

It, like PIR, is also a not-for-profit entity that donates excess funds to good causes, which could count in its favor.

But Haworth told DI today that showing the ability to handle a complex TLD migration may help its bid.

“I personally think that it would stand us in good stead, but we’ll have to see how the process plays out,” he told DI today. “With .org there’s 19-odd players pitching for that, so it’s a fairly competitive field.”

If the migration were to happen today, we’d be looking at around 300,000 domains changing hands. It’s likely to be a somewhat larger number by the time it actually happens.

Collectively, it will be one of the largest back-end transitions to date, though the largest individual affected gTLD, .work, currently has fewer than 100,000 names in its zone.

Haworth said that the plan is to migrate M+M’s portfolio over to Nominet’s systems one at a time.

He was hesitant to characterize the migration process as “easy”, but said Nominet already has such systems in place due to its role as one of ICANN’s Emergency Back-End Registry Operators.

Earlier this year, Nominet temporarily took over defunct dot-brand .doosan, in order to test the EBERO process.

A back-end migration primarily covers DNS resolution and EPP systems.

It sounds like the EPP portion may be the more complex. Some of M+M’s gTLDs have restrictions and tiered pricing that may require EPP extensions Nominet does not currently use in its TLDs.

But the DNS piece may hold the most risk — if something breaks, registrants names stop resolving and web sites go dark.

Haworth said Nominet is also talking to other new gTLD registries about taking over back-end operations. Registries signed three, five or seven-year contracts with their RSPs when the 2012 application round opened, and some are coming up for renewal soon, he said.

Nominet says it will become a top ten back-end after the M+M migration is done.