Latest news of the domain name industry

Recent Posts

PwC wants to be your Whois gatekeeper

Kevin Murphy, June 11, 2019, Domain Services

PricewaterhouseCoopers has built a Whois access system that may help domain name companies and intellectual property interests call a truce in their ongoing battle over access to private Whois data.

Its new TieredAccess Platform will enable registries and registrars to “outsource the entire process of providing access to non-public domain registration data”.

That’s according to IP lawyer Bart Lieben, partner at the Belgian law firm ARTES, who devised the system and is working with PwC to develop it.

The offering is designed to give trademark lawyers access to the data they lust after, while also reducing costs and mitigating domain name industry liability under the General Data Protection Regulation.

TieredAccess would make PwC essentially the gatekeeper for all requests for private Whois data (at least, in the registries plugged into the platform) coming from the likes of trademark owners, security researchers, lawyers and law enforcement agencies.

At one end, these requestors would be pre-vetted by PwC, after which they’d be able to ask for unredacted Whois records using PwC as an intermediary.

They’d have to pick from one of 43 pre-written request scenarios (such as cybersquatting investigation, criminal probe or spam prevention) and assert that they will only use the data they obtain for the stated purposes.

At the other end, registries and registrars will have adopted a set of rules that specify how such requests should be responded to.

A ruleset could say that cops get more access to data than security researchers, for example, or that a criminal investigation is more important than a UDRP complaint.

PwC has created a bunch of templates, but registrars and registries would be able to adapt these policies to their own tastes.

Once the rules are put in place, and the up-front implementation work has been done to plug PwC into their Whois servers, they wouldn’t have to worry about dealing with Whois requests manually as most are today. The whole lot would be automated.

Not even PwC would have human eyes on the requests. The private data would only be stored temporarily.

One could argue that there’s the potential for abusive or non-compliant requests making it through, which may give liability-nervous companies pause.

But the requests and response metadata would be logged for audit and compliance, so abusive users could be fingered after the act.

Lieben says the whole system has been checked for GDPR compliance, assuming its prefabricated baseline scenarios and templates are adopted unadulterated.

He said that the PwC brand should give clients on both sides “peace of mind” that they’re not breaking privacy law.

If a registrar requires an affidavit before releasing data, the assertions requestors make to PwC should tick that box, he said.

Given that this is probably a harder sell to the domain name industry side of the equation, it’s perhaps not surprising that it’s the requestors that are likely to shoulder most of the cost burden of using the service.

Lieben said a pricing model has not yet been set, but that it could see fees paid by registrars subsidized by the fees paid by requestors.

There’s a chance registries could wind up paying nothing, he said.

The project has been in the works since September and is currently in the testing phase, with PwC trying to entice registries and registrars onto the platform.

Lieben said some companies have already agreed to test the service, but he could not name them yet.

The service was developed against the backdrop of ongoing community discussions within ICANN in the Expedited Policy Development Working group, which is trying to create a GDPR-compliant policy for access to private Whois records.

ICANN Org has also made it known that it is considering making itself the clearinghouse for Whois queries, to allow its contracted parties to offload some liability.

It’s quite possible that once the policies are in place, ICANN may well decide to outsource the gatekeeper function to the likes of PwC.

That appears to be what Lieben has in mind. After all, it’s what he did with the Trademark Clearinghouse almost a decade ago — building it independently with Deloitte while the new gTLD rules were still being written and then selling the service to ICANN when the time came.

The TieredAccess service is described in some detail here.

KPMG dumps .com for dot-brand gTLD

Kevin Murphy, April 12, 2019, Domain Registries

KPMG has become the latest company to dump its .com domain in favor of its dot-brand gTLD.

The company recently announced that it is now using home.kpmg as its primary web site domain, replacing kpmg.com.

The migration appears to be complete already. URLs on the old .com address now bounce users to the equivalent page on .kpmg. Web searches for KPMG return the .kpmg domain as the top hit.

KPMG said in a press release:

The move enhances the KPMG brand through a strong, simplified name, and provides end users with a level of assurance that any site that ends with .kpmg is owned and operated by KPMG.

Since the top level domain can only be used by KPMG, visitors to sites that use the new top level domain can easily confirm its authenticity and be assured that the information they contain is reliable and secure.

The company said that it is the first of the “Big Four” professional services firms to make the switch.

This is technically correct. Rival Deloitte uses several .deloitte domains, but it has not bit the bullet and migrated from its .com.

Of the other two, Ernst & Young does not have a dot-brand, and PricewaterhouseCoopers does not use its .pwc extension beyond a single experimental domain that redirects to pwc.com.

KPMG had revenue just shy of $29 billion last year and is one of the most recognizable brands in the corporate world.

Fatal timeout? A dozen dot-brands procrastinating to death

Kevin Murphy, January 7, 2015, Domain Registries

Over a dozen new gTLD applications have been iced because the applicants couldn’t or wouldn’t talk to ICANN about signing contracts before their deadlines.

Volvo and PricewaterhouseCoopers are among the 13 dot-brand applicants whose $185,000+ investments could vanish in a puff of smoke because they can’t bring themselves to sign on the dotted line, I’ve discovered.

The following gTLD applications, filed by 10 different companies, are no longer active because of contracting problems:

.select, .compare, .axis, .origins, .changiairport, .nissay, .lamer, .clinique, .pwc, .volvo, .amp, .招聘 (Chinese “.recruitment”), .wilmar

They’re all uncontested applications. They’re also all, with the exception of .招聘, envisaged having single-registrant policies (dot-brands, in other words).

All had their apps flagged by ICANN as “Will Not Proceed” in the new gTLD process late last year, having failed to sign or start negotiating their Registry Agreements in time.

Under program rules, applicants originally had nine months from the day they were invited to contract with ICANN in which to sign their RAs.

After protests from dot-brand applicants planning to sign up for so-called “Spec 13” code of conduct exemptions, ICANN last June gave such applicants an extension until July 2015, as long as they hit a September 1 deadline to respond to ICANN’s overtures.

Applicants that did not request an extension had an October 29 deadline to sign their RAs.

According to an ICANN spokesperson, a failure to hit such “interim milestones” disqualifies applicants from signing RAs.

It’s not entirely clear from the Applicant Guidebook how applicants can extricate themselves from this limbo state without withdrawing their applications, but ICANN assures us it is possible.

“Will not Proceed is not a final status,” the spokesperson cautioned. “But they are currently not eligible to sign the RA with ICANN. But if that status changes, we’ll update it accordingly on the site.”

Withdrawals would qualify the applicants for a 35% refund on their application fees, he confirmed.