Latest news of the domain name industry

Recent Posts

ICANN tells Congressmen to chillax

Kevin Murphy, January 25, 2012, Domain Policy

ICANN senior vice president Kurt Pritz has replied in writing to great big list of questions posed by US Congressmen following the two hearings into new gTLDs last month.

The answers do what the format of the Congressional hearings made impossible – provide a detailed explanation, with links, of why ICANN is doing what it’s doing.

The 27-page letter (pdf), which addresses questions posed by Reps. Waxman, Eshoo and Dingell, goes over some ground you may find very familiar, if you’ve been paying attention.

These are some of the questions and answers I found particularly interesting.

Why are you doing this?

Pritz gives an overview of the convoluted ICANN process responsible for conceiving, creating and honing the new gTLD program over the last few years.

It explains, for example, that the original GNSO Council vote, which set the wheels in motion back in late 2007, was 19-1 in favor of introducing new gTLDs.

The “lone dissenting vote”, Pritz notes, was cast by a Non-Commercial Users Constituency member – it was Robin Gross of IP Justice – who felt the program had too many restrictions.

The letter does not mention that three Council members – one from the Intellectual Property Constituency and two more from the NCUC – abstained from the vote.

Why aren’t the trademark protection mechanisms finished yet?

The main concern here is the Trademark Clearinghouse.

New gTLD applicants will not find out how the Clearinghouse will operate until March at the earliest, which is cutting it fine considering the deadline for registering as an applicant is March 29.

Pritz, however, tells the Congressmen that applicants have known all they need to know about the Clearinghouse since ICANN approved the program’s launch last June.

The Clearinghouse is a detail that ideally should have been sorted out before the program launched, but I don’t believe it’s the foremost concern for most applicants or trademark owners.

The unresolved detail nobody seems to be asking about is the cost of a Uniform Rapid Suspension complaint, the mechanism to quickly take down infringing second-level domain names.

ICANN has said that it expects the price of URS – which involves paying an intellectual property lawyer to preside over the case – to be $300 to $500, but I don’t know anyone who believes that this will be possible.

Indeed, one of the questions asked by Rep. Waxman starts with the premise “Leading providers under Uniform Dispute Resolution Policy (UDRP) have complained that current fees collected are inadequate to cover the costs of retaining qualified trademark attorneys.”

UDRP fees usually start at around $1,000, double what ICANN expects the URS – which I don’t think is going to be a heck of a lot simpler for arbitration panels to process – to cost trademark owners.

Why isn’t the Trademark Claims service permanent?

The Trademark Claims service is a mandatory trademark protection mechanism. One of its functions is to alert trademark holders when somebody tries to register their mark in a new gTLD.

It’s only mandatory for the first 60 days following the launch of a new gTLD, but I’m in agreement with the IP community here – in an ideal world, it would be permanent.

However, commercial services already exist that do pretty much the same thing, and ICANN doesn’t want to anoint a monopoly provider to start competing with its stakeholders. As Pritz put it:

“IP Watch” services are already provided by private firms, and it was not necessary for the rights protection mechanisms specific to the New gTLD Program to compete with those ongoing watch services already available.

In other words, brands are going to have to carry on paying if they want the ongoing benefits of an infringement notification service in new gTLDs.

When’s the second round?

Nothing new here. Pritz explains why the date for the second round has not been named yet.

Essentially, it’s a combination of not knowing how big the first round is going to be and not knowing how long it will take to conduct the two (or three) post-first-round reviews that ICANN has promised to the Governmental Advisory Committee.

I tackle the issue of second-round timing in considerable detail on DomainIncite PRO. My feeling is 2015.

On Whois verification

Pritz reiterates what ICANN CEO Rod Beckstrom told the Department of Commerce last week: ICANN expects that many registrars will start to verify their customers’ Whois data this year.

ICANN is currently talking to registrars about a new Registrar Accreditation Agreement that would mandate some unspecified degree of Whois verification.

This issue is at the top of the law enforcement wish list, and it was taken up with gusto by the Governmental Advisory Committee at the Dakar meeting in October.

Pritz wrote:

ICANN is currently in negotiations with its accredited registrars over amendments to the Registrar Accreditation Agreement. ICANN is negotiating amendments regarding to the verification of Whois data, and expects its accredited registrars to take action to meet the rising call for verification of data. ICANN expects that the RAA will incorporate – for the first time – Registrar commitments to verify Whois data.

He said ICANN expects to post the amendments for comment before the Costa Rica meeting in mid-March, and the measures would be in place before the first new gTLDs launch in 2013.

I’ve heard from a few registrars with knowledge of these talks that Whois verification mandates may be far from a dead-cert in the new RAA.

But by publicly stating to government, twice now, that Whois verification is expected, the registrars are under increased pressure to make it happen.

IF Whois verification is not among the RAA amendments, expect the registrars to get another dressing down from the GAC at the Costa Rica meeting this March.

On the other hand, ICANN has arguably handed them some negotiating leverage when it comes to extracting concessions, such as reduced fees.

The registrars were prodded into these talks with the GAC stick, the big question now is what kind of carrots they will be offered to adopt an RAA that will certainly raise their costs.

ICANN expects to post the proposed RAA changes for public comment by February 20.

Domain registrars pressured into huge shakeup

Kevin Murphy, October 26, 2011, Domain Registrars

Domain name registrars have agreed to negotiate big changes to their standard contract with ICANN, after getting a verbal kicking from the US and other governments.

While the decision to revamp the Registrar Accreditation Agreement was welcomed by intellectual property interests, it was criticized by non-commercial users worried about diluting privacy rights.

The ICANN registrar constituency said in a statement today that it will enter into talks with ICANN staff in an effort to get a new RAA agreed by March next year.

It’s an ambitious deadline, but registrars have come under fire this week over the perception that they have been using ICANN’s arcane processes to stonewall progress.

So, what’s going to change?

The registrars said that the negotiations will focus on 12 areas, originally put forward by international law enforcement agencies, that have been identified as “high priority”.

They cover items such as an obligation to disclose the names of registrants using privacy services, to work with law enforcement, and to tighten up relationships with resellers.

Here’s a list of all 12, taken from a recent ICANN summary report (pdf).

Prohibition on registrar cybersquatting
Malicious conduct – registrar duty to investigate
Designation and publication of technically competent point of contact on malicious conduct issues, available on 24/7 basis
Registrar disclosure of privacy/proxy services made available in connection with registration; and responsibility of registrar for compliance by such services
Obligations of privacy/proxy services made available in connection with registration re data escrow; Relay function; Reveal function
Registrar responsibility for cancellation under appropriate circumstances of registrations made by other privacy/proxy services for noncompliance with Relay and Reveal
Define circumstances under which registrar is required to cancel registration for false Whois data and set reasonable time limits for registrar action
Require PCI compliance in registration process
Define “reseller” and clarify registrar responsibility for reseller compliance
Require greater disclosure of registrar affiliates/multiple accreditations
Require greater disclosure of registrar contact information, information on form of business organization, officers, etc.
Clarification of registrar responsibilities in connection with UDRP proceedings

The changes were first suggested two years ago, and ICANN’s increasingly powerful Governmental Advisory Committee this week expressed impatience with the lack of progress.

There’s a US-EU cybercrime summit coming up next month, and GAC members wanted to be able to report back to their superiors that they’ve got something done.

As I reported earlier in the week, the GAC gave the registrars a hard time at the ICANN meeting in Dakar on Sunday, and it took its concerns to the ICANN board yesterday.

“We are looking for immediate visible and credible action to mitigate criminal activity using the domain name system,” US GAC representative Suzanne Radell told the board.

She won support from Steve Crocker who, in his first meeting as ICANN’s chairman, has shown a less combative style than his predecessor when talking with governments.

He seemed to agree that progress on RAA amendments through the usual channels – namely the Generic Names Supporting Organization – had not met expectations.

“One of the things that is our responsibility at the board level is not only to oversee the process, not only to make sure rules are followed and that everything is fair, but at the end of the day, that it’s effective,” he said.

“If all we have is process, process, process, and it gets gamed or it’s ineffective just because it’s not structured right, then we have failed totally in our duty and our mission,” he said.

An immediate result of the registrars’ decision to get straight into talks was the removal of an Intellectual Property Constituency motion from today’s GNSO Council meeting.

The IPC had proposed that the RAA should be revised in a trilateral way, between the registrars, ICANN, and everyone else via the GNSO.

Yanking the motion, IPC representative Kristina Rosette warned that the IPC would bring it back to the table if the RAA talks do not address the 12 high-priority items.

It would be unlikely to pass – registrars and registries vote against anything that would allow outside interests to meddle in their contracts, and they have the voting power to block such motions.

The ideas in the motion nevertheless stirred some passionate debate.

Tucows CEO Elliot Noss described the GAC’s heavy-handed criticisms as “kabuki theater” and “an attempt to bring politics as usual into the multi-stakeholder process” and said the RAA is not the best way to add protections to the DNS.

“Getting enforcement-type provisions, be they law enforcement or IP protections, into the RAA accomplishes only one thing. It turns the ICANN compliance department into a police department,” he said.

Wendy Seltzer, representing the Non-Commercial Users Constituency, said the changes proposed to the RAA “would reduce the privacy of registrants” and put them at increased risk of domain take-downs.

A broader issue is that even after a new RAA is negotiated registrars will be under no obligation to sign up to it until their current contracts expire.

Because many leading registrars signed their last contract after it was revised in 2009, it could be three or four years before the new RAA has any impact.

I’m not sure it’s going to be enough to fully satisfy the GAC.

Radell, for example, said yesterday that some items – such as the registrar obligation to publish an abuse contact – should be brought in through a voluntary code of conduct in the short term.

She also called for the 20% of registrars deemed to be bad actors (not a scientifically arrived-at number) should be de-accredited by ICANN.

UPDATE (October 27): Mason Cole of the registrars constituency has been in touch to say that the RAA talks will not only look at the 12 “high priority” or law enforcement recommendations.

Rather, he said, “there will be consideration of a broader range of issues.”

This appears to be consistent with the registrars’ original statement, which was linked to in the above post:

The negotiations are in response to the development of a list of recommendations made by law enforcement agencies and the broader Internet community to provide increased protections for registrants and greater security overall.

Facebok.com given to Facebook despite “theft” claim

Kevin Murphy, May 30, 2011, Domain Policy

ICANN says registrar contract trumps national court. Registrar warns of legal consequences.

The typo domain name facebok.com has finally been returned to Facebook, over eight months after it was subject to a successful cyberquatting complaint.

The domain does not currently resolve, but Whois records show it was transferred to Facebook from its previous registrant, one “Franz Bauer”, last Thursday.

The case was marked by controversy, after ICANN threatened to shut down its sponsoring registrar, EuroDNS, for failing to transfer the domain last within 10 days, as required by UDRP rules.

EuroDNS had resisted the transfer after being named in a lawsuit, in its native Luxembourg, filed by a suspicious Panama shell company going by the name Facebok.com. The plaintiff claimed the domain had been “stolen” by Bauer.

But ICANN told the registrar last week that the Registrar Accreditation Agreement only allows the registrar to defer a transfer if the original registrant – not a third party – sues.

In a letter noting that EuroDNS is “a long-standing and respected member of the ICANN community”, the ICANN compliance department said:

the only kind of documentation that will stop the registrar from implementing a panel decision ordering a transfer is evidence that the registrant/respondent has commenced a lawsuit against the complainant in a jurisdiction to which the complainant has submitted under UDRP Rules. The mere filing of a complaint by a third party does not excuse the registrar from fulfilling its obligations under the policy.

in recognition that there has been a court filing, ICANN must reiterate that failing to comply with the relevant contractual provisions of the RAA subjects EuroDNS to escalated compliance action up to and including termination of the EuroDNS accreditation.

That seems to have been sufficient clarity for EuroDNS to push through the transfer, but the registrar is not happy about the situation, which may leave it in a tricky legal position in Luxembourg.

In a reply to ICANN, EuroDNS CEO Xavier Buck suggested that the story may not be over yet:

the action you demand from EuroDNS will have tremendous consequences for our company in the pending judiciary case.

Consequently, EuroDNS reserves all rights to seek indemnification from ICANN for any damages or loss caused by the action we have been forced to take not to lose our Registrar accreditation.

The lawsuit was filed last September, just days after the UDRP case was decided, but has not yet gone to court.

Under its previous ownership, facebok.com redirected to a series of scam sites that may have proved rather lucrative.

Three registrars face the ICANN chop

Kevin Murphy, November 24, 2010, Domain Registrars

ICANN has told three registrars they are in breach of their registrar contracts and will lose their accreditation next month unless they rectify the problems.

These registrars, all of which appear to have negligible numbers of gTLD domains under management, are affected:

Mister Name will be shut down if it does not pay its ICANN fees and escrow its Whois data.

Open System Ltd is accused of not having a functioning Whois service.

Best Bulk Domains Inc also doesn’t have a functioning Whois, ICANN said. It also has not been paying its dues and hasn’t maintained accurate contact information for itself.

All three have dates in mid-December to clean up their acts or lose their right to sell gTLD domains.

You can find ICANN’s compliance letters here.

Two registrars get stay of execution

Kevin Murphy, August 19, 2010, Domain Registrars

ICANN has given two registrars another year of accreditation, after previously threatening to terminate their contracts for non-payment of fees.

Abansys & Hostytec and Namehouse, two small registrars, have had the terms of their registrar accreditation agreements extended to August 15, 2011 and July 6, 2011, respectively.

In June, ICANN had told both companies they would be de-accredited on July 1, 2010. Together, the two firms owed almost $20,000 in unpaid fees.

Yesterday, a small note appeared on ICANN’s compliance page:

18 August 2010: Abansys & Hostytec, S.L. RAA effective date extended to 15 August 2011.
18 August 2010: Namehouse, Inc. RAA effective date extended to 6 July 2011.

It’s not entirely clear to me whether this means the registrars have paid up or not. Unlike previous occasions, there’s no mention of whether the companies “cured all outstanding contract breaches”.

According to DotAndCo.net, neither registrar has any domains under management in the gTLDs, although Abansys & Hostytec claims to run over 100,000 domains.