Latest news of the domain name industry

Recent Posts

.amazon domain isn’t a slam dunk after all

Kevin Murphy, January 9, 2019, Domain Policy

Amazon’s application for the .amazon dot-brand may not be as secure as it was thought, following an ICANN decision over the Christmas period.

Directors threw out a South American government demand for it to un-approve the .amazon bid, but clarified that ICANN has not yet made a “final decision” to allow the gTLD to go live.

The Board Accountability Mechanisms Committee formally rejected (pdf) a Request for Reconsideration filed by the Amazon Cooperation Treaty Organization, which is made up of the governments of the eight countries near that big foresty, rivery, basiny thing, on December 21.

ACTO had asked the board to overturn its October resolution that took .amazon off its longstanding “Will Not Proceed” (ie, rejected) status and put it back on the path to delegation.

Secretary general Jacqueline Mendoza last month blasted ICANN for multiple “untrue, misleading, unfortunate and biased statements”, in connection with ACTO’s purported acquiescence to the .amazon bid.

Refusing ACTO’s request, the BAMC stated that ACTO had misinterpreted the resolution, and that ICANN did not intend to delegate .amazon until Amazon the company and ACTO had sat down to talk about how they can amicably share the name.

The October resolution “could have been clearer”, the BAMC said, adding:

the Resolution was passed with the intention that further discussions among the parties take place before the Board takes a final decision on the potential delegation of .AMAZON and related top-level domains. The language of the Resolution itself does not approve delegation of .AMAZON or support any particular solution. Rather, the Resolution simply “directs the President and CEO, or his designee(s), to remove the ‘Will Not Proceed’ status and resume processing of the .AMAZON applications.”

There are pages and pages of this kind of clarification. The committee clearly wants to help to smooth over relations between ICANN and the governments.

On the face of it, there’s a slight whiff of ret-conny spin about the BAMC recommendations.

There’s some ambiguity in the public record about what the ICANN board actually voted for in October.

Shortly before the ICANN board voted to resume processing .amazon, CEO Goran Marby stated, in front of an audience at ICANN 63 in Barcelona, both that a decision to delegate was being made and that ACTO was still at the table:

what we in practice has done is, through facilitation process, constructed a shared delegation of .AMAZON where the company has or will provide commitments to the ACTO countries how the .AMAZON will be used in the future. And the decision today is to delegate it, forward it to me to finalize those discussions between the company and those countries.

And I’m also formally saying yes to the invitation to go to Brazil from the ACTO countries to their — finish off the last round of discussions.

While the new clarifications seem to suggest that ACTO still has some power to keep .amazon out of the root, the BAMC decision also suggests that the full board could go ahead and approve .amazon at the ICANN 64 meeting in Japan this March, with or without governmental cooperation, saying:

the BAMC recommends that the Board reiterates that the Resolution was taken with the clear intention to grant the President and CEO the authority to progress the facilitation process between the ACTO member states and the Amazon corporation with the goal of helping the involved parties reach a mutually agreed solution, but in the event they are unable to do so the Board will make a decision on the next steps at ICANN 64 regarding the potential delegation of .AMAZON and related top-level domains. The BAMC encourages a high level of communication between the President and CEO and the relevant stakeholders, including the representatives of the Amazonian countries and the Amazon corporation, between now and ICANN 64.

If you’ve not been following the story, ACTO has concerns about .amazon due to its similarity to the name of the rain-forest region.

Amazon the company has promised to encode cultural safeguards in its ICANN contract and offered to donate a bunch of free stuff to the countries to sweeten the deal

The current Amazon offer has not been published.

The BAMC recommendation will now be considered by the full ICANN board, which is usually just a formality.

Amazon countries fighting back against .amazon gTLD

Kevin Murphy, December 4, 2018, Domain Policy

When ICANN’s board of directors voted in late October to let Amazon have its controversial .amazon gTLD, it was not entirely clear what governments in the Amazon region of South America thought about it.

Now, it is: they’re pissed.

The governments of the Amazon Cooperation Treaty Organization have cancelled planned peace talks with the retailer and ICANN boss Goran Marby and have filed an appeal against the board’s decision.

It even seems that the negotiations — aimed at obtaining ACTO’s blessing by stuffing the .amazon registry agreement with cultural safeguards and augmenting it with financial sweeteners — may be dead before they even started.

The rapid deterioration of the relationship between ACTO and ICANN plays out in a series of letters between Marby and ACTO secretary general Jacqueline Mendoza, published last week by ICANN.

After the board’s October 25 resolution, which gave .amazon a pardon from its longstanding “Will Not Proceed” death sentence, it took just 10 days for ACTO to file a Request for Reconsideration with ICANN, asking the board to rethink its resolution.

In a cover letter to the November 5 request, Mendoza said that ACTO was still happy to have Marby facilitate talks between the governments and Amazon, “to develop a mutually acceptable solution for the delegation” of .amazon.

Amazon is said to have offered concessions such as the protection of culturally sensitive names, along with $5 million worth of free Kindles, in order to get ACTO to back down.

But the governments had yet to see any proposal from Amazon for them to consider, Mendoza wrote a month ago.

At some point Marby then agreed to meet with the ACTO governments — Bolivia, Brazil, Colombia, Ecuador, Guyana, Peru, Suriname and Venezuela — in Bolivia on November 29.

He froze their reconsideration request pending this meeting, according to his November 20 letter (pdf), which also bulletted out the sequence of events that led to the ICANN resolution.

It seems ICANN has been working rather closely with, and had been hearing encouraging noises from, Brazil’s Governmental Advisory Committee representative, over the last 12 months. Indeed, it seems it was Brazil that said the reconsideration should be put on hold, pending the November 29 meeting.

But on November 22, Mendoza cancelled the summit (pdf), taking a hard line against the unfreezing of the applications.

Four days later, she told Marby and ICANN chair Cherine Chalaby that ICANN should be dealing with ACTO, not its individual members.

She said that a “positive reaction” to the reconsideration request and the request for the board resolution to be “cancelled” are “indispensable pre-requisites for such a meeting to take place”.

The short version: ICANN jumped the gun when it unfroze the .amazon gTLD applications, at least in ACTO’s view.

ACTO didn’t even receive Amazon’s latest proposal until November 23, the day after the talks were cancelled, according to ICANN.

And, judging by the latest missive in this infuriating thread, ICANN may have thrown in the towel already.

Marby informed GAC chair Manal Ismail (pdf) last Wednesday that the “facilitation process” ICANN had resolved to lead “has been unsuccessful” and “has not been able to reach its desired conclusion.”

While he added ICANN remains “open to assist and facilitate this matter, should it be considered useful”, there’s otherwise an air of finality about the choice of language in his letter.

As for the reconsideration request (pdf), it seems to be still active, so there’s a chance for the board to change its mind about .amazon’s status.

It will be interesting to see whether the request will be approved by the board for the sake of political expediency.

Reconsideration requests are almost unfailingly tossed out for failing to reach the threshold of providing the board with information it was not aware of at the time of its contested resolution.

In this case, ACTO claims that the board was wrongly informed that the ACTO members had seen and liked Amazon’s latest proposal, presumably because ICANN had been feeling positive vibes from Brazil.

It’s not impossible that the board might agree this is true, put .amazon back on ice, and try again at the “facilitation” route.

But should it? Part of me wonders why the hell ICANN resources — that is, registrants’ money — should be diverted to pay for ICANN to act as an unpaid lobbyist for one of the world’s wealthiest companies, which can’t seem to actually put a proposal on the table in a timely fashion, or for eight national governments who don’t seem to be even talking to each other on an issue they claim is of the utmost importance.

How a single Whois complaint got this registrar shitcanned

Kevin Murphy, August 15, 2018, Domain Registrars

A British registrar has had its ICANN contract terminated after a lengthy, unprecedented fight instigated by a single complaint about the accuracy of a single domain’s Whois.

Astutium, based in London and with about 5,000 gTLD domains under management, finally lost its right to sell gTLD domains last week, after an angry battle with ICANN Compliance, the Ombudsman, and the board of directors.

While the company is small, it does not appear to be of the shady, fly-by-night type sometimes terminated by ICANN. Director Rob Golding has been an active face at ICANN for many years and Astutium has, with ICANN approval, taken over portfolios from other de-accredited registrars in the past.

Nevertheless, its Registrar Accreditation Agreement has been torn up, as a result of a complaint about the Whois for the domain name tomzink.com last December.

Golding told DI today that he considers the process that led to his de-accreditation broken and that he’s considering legal action.

The owner of tomzink.com and associated web site appears to be a Los Angeles-based music producer called Tom Zink. The web site seems legit and there’s no suggestion anywhere that Zink has done anything wrong, other than possibly filling out an incomplete Whois record.

The person who complained about the Whois accuracy, whose identity has been redacted from the public record and whose motives are still unclear, had claimed that the domain’s Whois record lacked a phone and fax number and that the registrant and admin contacts contained “made-up” names.

Historical Whois records archived by DomainTools show that in October last year the registrant name was “NA NA”.

The registrant organization was “Astutium Limited” and the registrant email was an @astutium.com address. The registrant mailing address was in Long Beach, California (the same as Zink). There were no phone/fax numbers in the record.

Golding told DI that some of these details were present when the domain was transferred in from another registrar. Others seem to have been added because the registrar was looking after the name on behalf of its client.

The admin and technical records both contained Astutium’s full contact information.

Following the December complaint, the record was cleaned up to remove all references to Astutium and replace them with Zink’s contact data. Judging by DomainTools’ records, this seems to have happened the same day as ICANN forwarded the complaint to Astutium, December 20.

So far, so normal. This kind of Whois cleanup happens many times across the industry every day.

But this is where relations between Astutium and ICANN began to break down, badly.

Even though the Whois record had been cleaned up already, Golding responded to Compliance, via the ICANN complaints ticketing system:

Please dont forward bigus/meaningless whois complaints which are clearly themselves totally inaccurate… No action is necessary or will be taken on bogus/incomplete/rubbish reports. [sic]

Golding agreed with me today that his tone was fairly belligerent from the outset, but noted that it was far from the first time he’d received a compliance complaint he considered bogus.

In the tomzink.com case, he took issue with the fact that the complainant had said that the admin/tech records contained no fax number. Not only was this not true (it was Astutium’s own fax number), but fax numbers are optional under ICANN’s Whois policy.

He today acknowledges that some parts of the complaint were not bogus, but notes that the Whois record had been quickly updated with the correct information.

But simply changing the Whois record is not sufficient for ICANN. It wants you to show evidence of how you resolved the problem in the form of copies of or evidence of communications with the registered name holder.

The Whois Accuracy Program Specification, which is part of the RAA, requires registrars to verify and validate changes to the registered name holder either automated by phone or email, or manually.

Golding told DI that in this case he had called the client to advise him to update his contact information, which he did, so the paper trail only comprises records of the client logging in and changing his contact information.

What he told ICANN in January was:

If ICANN compliance are unable to do the simple job they have been tasked with (to correctly vet and format the queries before sending them on, as they have repeatedly agreed they will do *on record* at meetings) then Registrars have zero obligations to even look at them. Any ‘lack of compliance’ is firmly at your end and not ours in this respect.

However in this specific case we chose to look, contacted the registrant, and had them update/correct/check the records, as can easily be checked by doing a whois

ICANN then explained that “NA NA” and the lack of a phone number were legitimate reasons that the complaint was not wholly bogus, and again asked Golding to provide evidence of Astutium’s correspondence with Zink.

After ignoring a further round or two of communication via the ticketing system, Golding responded: “No, we don’t provide details of private communications to 3rd parties”.

He reiterated this point a couple more times throughout February, eventually saying that nothing in WAPS requires Astutium to “demonstrate compliance” by providing such communications to ICANN, and threatening to escalate the grievance to the Ombudsman.

(That may be strictly true, but the RAA elsewhere does require registrars to keep records and allow ICANN to inspect them on demand.)

It was around the same time that Compliance started trying to get in touch with Golding via phone. While it was able to get through to the Astutium office landline, Compliance evidently had the wrong mobile phone number for Golding himself.

Golding told DI the number ICANN was trying to use (according to ICANN it’s the one listed in RADAR, the official little black book for registrars) had two digits transposed compared to his actual number, but he did not know why that was. Several other members of ICANN staff have his correct number and call him regularly, he said.

By February 27, Compliance had had enough, and issued Astutium with its first public breach notice (pdf)

Allowing a compliance proceeding to get to this stage is always bad news for a registrar — when ICANN hits the public breach notice phase, staff go out and actively search for other areas of potential non-compliance.

Golding reckons Compliance staff are financially incentivized, or “get paid by the bullet point”, at this stage, but I have no evidence that is the case.

Whatever the reason, Compliance in February added on claims:

  • that Astutium was failing to output Whois records in the tightly specified format called for by the RAA (Golding blames typos and missed memos for this and says the errors have been corrected),
  • that Astutium’s registration agreement failed to include renewal and post-renewal fees (Golding said every single page of the Astution web site, including the registration agreement page, carries a link to its price list. While he admitted the text of the agreement does not include these prices, he claimed the same could be said of some of the biggest registrars),
  • that the registration agreement does not specify how expiration notices are delivered (according to Golding, the web site explains that it’s delivered via email)
  • that the address published on the Astutium web site does not match the one provided via the Registrar Information Specification, another way ICANN internally tracks contact info for its registrars (Golding said that his company’s address is published on every single page of its site)

A final bullet point asked the company to implement corrective measures to ensure it “will respond to ICANN compliance matters timely, completely and in line with ICANN’s Expected Standards of Behavior”.

The reference to the Expected Standards of Behavior — ICANN’s code of politeness for the community — is a curious one, not typically seen in breach notices. Unless I’m reading too much into it, it suggests that somebody at ICANN wasn’t happy with Golding’s confrontational, sometimes arguably condescending, attitude.

Golding claims that some of ICANN’s allegations in this breach notice are “provably false”.

He told us he still hasn’t ruled out legal action for defamation against ICANN or its staff as a result of the publication of the notice.

“I’ll be in California, serving the paperwork myself,” he said.

Astutium did not respond to the breach notice, according to ICANN documents, and it was escalated to full-blown termination March 21.

On March 30, the registrar filed a Request for Reconsideration (pdf) with ICANN. That’s one of the “unprecedented” things I referred to at the top of this article — I don’t believe a registrar termination has been challenged through the RfR process before.

The second unprecedented thing was that the RfR was referred to Ombudsman Herb Waye, under ICANN’s relatively new, post-transition, October 2016 bylaws.

Waye’s evaluation of the RfR (pdf), concluded that Astutium was treated fairly. He noted multiple times that the company had apparently made no effort to come into compliance between the breach notice and the termination notice.

Golding was not impressed with the Ombudsman’s report.

“The Ombudsman is totally useless,” he said.

“The entire system of the Ombudsman is designed to make sure nobody has to look into anything,” he said. “He’s not allowed to talk to experts, he’s not actually allowed to talk to the person who made the complaint [Astutium], his only job is to ask ICANN if they did the right thing… That’s their accountability process.”

The Board Accountability Mechanisms Committee, which handles reconsideration requests, in June found against Astutium, based partly on the Ombudsman’s evaluation.

BAMC then gave Golding a chance to respond to its decision, before it was sent to the ICANN board, something I believe may be another first.

He did, with a distinctly more conciliatory tone, writing in an email (pdf):

Ultimately my aim has always been to have the ‘final decision’ questioned as completely disproportionate to the issue raised… and the process that led to the decisions looked into so that improvements can be made, and should there still be unresolved issues, opportunity to work in a collaborative method to solve them, without the need to involve courts, lawyers, further complaints/challenge processes and so on.

And then the ICANN board voted to terminate the company, in line with BAMC’s recommendation.

That vote happened almost a month ago, but Astutium did not lose its IANA number until a week ago.

According to Golding, the company is still managing almost all of its gTLD domains as usual.

One registry, CentralNic, turned it off almost immediately, so Astutium customers are not currently able to manage domains in TLDs such as .host, he said. The other registries still recognize it, he said. (CentralNic says only new registrations and transfers are affected, existing registrants can manage their domains.)

After a registrar termination, ICANN usually transfers the affected domains to another accredited registrar, but this has not happened yet in Astutium’s case.

Golding said that he has a deal with fellow UK registrar Netistrar to have the domains moved to its care, on the understanding that they can be transferred back should Astutium become re-accredited.

He added that he’s looking into acquiring three other registrar accreditations, which he may merge.

So, what is to be learned from all this?

It seems to me that we may be looking at a case of a nose being cut off to spite a face, somebody talking themselves into a termination. This is a compliance issue that probably could have been resolved fairly quickly and quietly many months ago.

Another takeaway might be that, if the simple act of making a phone call to a registrar presents difficulties, ICANN’s Compliance procedures may need a bit of work.

A third takeaway might be that ICANN Compliance is very capable of disrupting registrars’ businesses if they fail to meet the letter of the law, so doing what you’re told is probably the safest way to go.

Or, as Golding put it today: “The lesson to be learned is: if you don’t want them fucking with your business, bend over, grab your ankles, and get ready.”

.kids auction is off

Kevin Murphy, December 12, 2017, Domain Registries

ICANN has postponed the planned auction of the .kid(s) gTLDs after an appeal from one of the applicants.

The last-resort auction had been penciled in for January 25, and there was a December 8 deadline for the three participants to submit their info to the auctioneer.

But DotKids Foundation, the shallowest-pocketed of the three, filed a Request for Reconsideration last Wednesday, asking ICANN to put the contention set back on hold.

The cancellation of the January auction appears to be to give ICANN’s board of directors time to consider the RfR under its usual process — it has not yet ruled on it.

DotKids and Amazon have applied for .kids and Google has applied for .kid. A String Confusion Objection won by Google put the two strings in the same contention set, meaning only one will eventually go live.

DotKids comprehensively lost a Community Priority Evaluation, which would negate an auction altogether, but it thinks the CPE got it wrong and wants to be treated the same way as other gTLD applicants whose CPE results are currently under review.

Reconsideration requests take between 30 and 90 days to process, and they rarely go the way of the requester, so the delay to the auction will likely not be too long.

ICANN finds no conflict of interest in .sport decision

Kevin Murphy, June 5, 2017, Domain Policy

ICANN has rejected claims that the .sport gTLD contention set was settled by an arbitrator who had undisclosed conflicts of interest with the winning applicant.

Its Board Governance Committee last week decided that Community Objection arbitrator Guido Tawil had no duty to disclose his law firm’s ties to major sports broadcasters when he effectively eliminated Famous Four Media from its fight with SportAccord.

Back in 2013, SportAccord — an applicant backed by pretty much all of the world’s major sporting organizations — won the objection when Tawil ruled that FFM’s fully commercial, open-registration bid could harms its members interests.

FFM complained with Requests for Reconsideration, Ombudsman complaints and then an Independent Review Process complaint.

It discovered, among other things, that Tawil’s law firm was helping broadcaster DirecTV negotiate with the International Olympic Committee (one of SportAccord’s backers) for Olympics broadcasting rights at the time of the Community Objection.

The IRP panel ruled in February this year that the BGC had failed to take FFM’s allegations of Tawil’s “apparent bias” into account when it processed Reconsideration requests back in 2013 and 2014.

So the BGC reopened the two Reconsideration decisions, looking at whether Tawil was required by International Bar Association guidelines to disclosed his firm’s client’s interests.

In a single decision (pdf) late last week, the BGC said that he was not required to make these disclosures.

In each of the three claims of bias, the BGC found that the connections between Tawil and the alleged conflict were too tenuous to have required disclosure under the IBA rules.

It found that the IOC and SportAccord are not “affiliates” under the IBA definition, which requires some kind of cross-ownership interests, even though the IOC is, judging by the .sport application, SportAccord’s most valued supporter.

The BGC also found that because Tawil’s firm was representing DirecTV, rather than the IOC, the relationship did not technically fall within the disclosure guidelines.

For these and other reasons, the BGC rejected FFM’s Reconsideration requests for a second time.

The decision, and the fact that FFM seems to have exhausted ICANN’s appeals mechanisms, means it is now more likely that SportAccord’s application will be allowed to continue negotiating its .sport Registry Agreement with ICANN, where it has been frozen for years.

Time to show ICANN who’s boss!

Kevin Murphy, June 1, 2017, Domain Policy

You are in charge of ICANN.

That statement may sound trite — it is trite — but it’s always been true to some extent.

Even if their individual voices are often lost, members of the ICANN community have always had the ability to influence policy, whether through sporadic responses to public comment periods or long term, soul-crushing working group volunteer work.

ICANN only really has power through community consent.

That’s another trite statement, but one which became more true on October 1 last year, when ICANN separated itself from US government oversight and implemented a new set of community-created bylaws.

The new bylaws created a new entity, the “Empowered Community”, which essentially replaced the USG and is able to wield more power than the ICANN board of directors itself.

Indeed, the Empowered Community can fire the entire board if it so chooses; a nuclear option for the exercise of community control that never existed before.

And the EC is, at the ICANN 59 public meeting in Johannesburg at the end of the month, about to get its first formal outing.

What the EC will discuss is pretty dull stuff. That’s why I had to trick you into reading this post with an outrageous, shameless, sensationalist headline.

Before getting into the substance of the Johannesburg meeting, I’m going to first bore you further for several paragraphs by attempting to answering the question: “What exactly is the Empowered Community?”

The EC exists an an “unincorporated association” under California law, ICANN deputy general counsel Sam Eisner told me.

It doesn’t have shareholders, directors, staff, offices… you wouldn’t find it by searching California state records. But it would have legal standing to take ICANN to court, should the need arise.

It was basically created by the new ICANN bylaws.

It comprises the five major constituencies of ICANN — the Generic Names Supporting Organization, the Country Code Names Supporting Organization, the Governmental Advisory Committee, the At-Large Advisory Committee and the Address Supporting Organization.

They’re called “Decisional Participants” and each is represented on a committee called the EC Administration by a single representative.

Right now, each group is represented on the Administration by its respective chair — GNSO Council chair James Bladel of GoDaddy represents the GNSO currently, for example — but I gather that doesn’t necessarily have to be the case; each group can decide how it appoints its rep.

Bladel tells me that each representative only takes action or casts a vote after being told to do so by their respective communities. As individuals, their power is extremely limited.

When the EC makes decisions, there must always be at least three votes in favor of the decision and no more than one vote against. A 3-1 vote would count as approval, a 3-2 vote would not.

This is to make sure that there is a fairly high degree of consensus among stakeholders while also preventing one community stonewalling the rest for strategic purposes.

The EC’s nine powers are enumerated in article 6.2 of the ICANN bylaws.

It can hire and fire an unlimited number of directors, reject the ICANN budget, file Requests for Reconsideration or Independent Review Process appeals, sue ICANN, and oversee changes to the ICANN bylaws.

Most of these powers are reactive — that is, if the ICANN board did something terrible the EC would have to consciously decide to act upon it in some way.

But one of them — approval of changes to Fundamental Bylaws — places the EC squarely in the legislative pathway. Think of it like the Queen of England’s Royal Assent or the US president’s ability to veto bills before they become law.

That’s the role the EC will adopt in Joburg this month.

The ICANN board recently passed a resolution calling for a new board committee to be created to focus on handling accountability mechanisms such as Reconsideration, removing the function from the overworked Board Governance Committee.

Because this requires a change to a Fundamental Bylaw — those bylaws considered so important they need more checks and balances — the EC has been called upon to give it the community’s formal consent.

To the best of my knowledge, the bylaws amendment is utterly uncontroversial. I haven’t heard of any objections or complaints about what essentially seems to be a probably beneficial tweak in how ICANN’s board functions.

But it will be the EC’s first formal exercise of executive power.

So there will be a session at ICANN 59 in which the EC convenes to discuss the board’s resolution and, probably, hear any input it has not already heard.

The exact format of the session seems to be up in the air at the moment, but I gather an open-mic “public forum” style meeting of about an hour is the most likely choice. It will of course be webcast, with remote participation, as almost all ICANN public meetings are.

No votes will be cast at the session — I’m told the bylaws actually forbid it — but the EC will have only 21 days afterwards to poll their communities and formally deliver their verdict. Assuming at least three of the communities consent to the board resolution and no more than one objects, it will automatically become ICANN law.

The next test of the EC, which would prove to be actually newsworthy enough to write about without a clickbait headline, may well be the ICANN budget. ICANN’s financial year ends at the end of June, and the EC has explicit powers to reject it.

The budget often raises concerns from those parties who actually pay into it, and given the difficulties the industry is in right now there may be more concerns than usual.

Anyway, this is the way ICANN works nowadays. It would make for more interesting reading if a triumvirate of Iran, China and Russia now ran the show, but they don’t. You lot do.

Just be glad Donald Trump isn’t holding the reins.

Sorry, that was also trite, wasn’t it.

.gay, .music and others in limbo as ICANN probes itself

Kevin Murphy, May 8, 2017, Domain Policy

Several new gTLD applicants have slammed ICANN for conducting an investigation into its own controversial practices that seems to be as opaque as the practices themselves.

Seven proposed new gTLDs, including the much-anticipated .music and .gay, are currently trapped in ICANN red tape hell as the organization conducts a secretive probe into how its own staff handled Community Priority Evaluations.

The now broad-ranging investigation seems have been going on for over six months but does not appear to have a set deadline for completion.

Applicants affected by the delays don’t know who is conducting the probe, and say they have not been contacted by anyone for their input.

At issue is the CPE process, designed to give genuine “community” gTLD applicants a way to avoid a costly auction in the event that their choice of string was contested.

The results of the roughly 25 CPE decisions, all conducted by the independent Economist Intelligence Unit, were sometimes divergent from each other or just baffling.

Many of the losers complained via ICANN’s in-house Requests for Reconsideration and then Independent Review Process mechanisms.

One such IRP complaint — related to Dot Registry’s .inc, .llc, .llp applications — led to two of the three-person IRP panel deciding last July that ICANN had serious questions to answer about how the CPE process was carried out.

While no evidence was found that ICANN had coached the EIU on scoring, it did emerge that ICANN staff had supplied margin notes to the supposedly independent EIU that had subsequently been incorporated into its final decision.

The IRP panel majority wrote that the EIU “did not act on its own in performing the CPEs” and “ICANN staff was intimately involved in the process”.

A month or so later, the ICANN board of directors passed a resolution calling for the CEO to “undertake an independent review of the process by which ICANN staff interacted with the CPE provider”.

Another month later, in October, the Board Governance Committee broadened the scope of the investigation and asked the EIU to supply it with documents it used to reach its decisions in multiple controversial CPE cases.

A couple of weeks ago, BGC chair Chris Disspain explained all this (pdf) to the applicants for .music, .gay, hotel, .cpa, .llc, .inc, .llp and .merck, all of which are affected by the delay caused by the investigation.

He said that the investigation would be completed “as soon as practicable”.

But in response, Dot Registry and lawyers for fellow failed CPE applicant DotMusic have fired off more letters of complaint to ICANN.

(UPDATE: Dot Registry CEO Shaul Jolles got in touch to say his letter was actually sent before Disspain’s, despite the dates on the letters as published by ICANN suggesting the opposite).

Both applicants note that they have no idea who the independent party investigating the CPEs is. That’s because ICANN hasn’t identified them publicly or privately, and the evaluator has not contacted the applicants for their side of the story.

DotMusic’s lawyer wrote (pdf):

DotMusic’s rights are thus being decided by a process about which it: (1) possesses minimal information; (2) carried out by an individual or organization whose identity ICANN is shielding; (3) whose mandate is secret; (4) whose methods are unknown; and (5) whose report may never be made public by ICANN’s Board.

He added, pointedly:

The exclusion of directly affected parties from participation eerily reproduces the shortcomings of the EIU evaluations that are under scrutiny in the first place.

Dot Registry CEO Shaul Jolles, in his letter (pdf), quoted Disspain saying at a public forum in Copenhagen this March that a blog post addressing the concerns had been drafted and would be published “shortly”, but wasn’t.

He suggested the investigation is “smoke and mirrors” and, along with DotMusic, demanded more information about the investigator’s identity and methods.

It does strike me as a looking a bit like history repeating itself: ICANN comes under fire for non-transparently influencing a supposedly independent review and addresses those criticisms by launching another non-transparent supposedly independent review.

No matter what I feel about the merits of the “community” claims of some of these applicants, it has been over five years now since they submitted their applications and the courtesy of transparency — if closure itself its not yet possible — doesn’t seem like a great deal to ask.

ICANN’s Empowered Community to get its first test-drive after appeals panel vote

Kevin Murphy, February 8, 2017, Domain Policy

ICANN’s post-transition bylaws have only been in effect for a few months, but the board of directors wants to change one of them already.

The board last week voted to create a new committee dedicated to handling Requests for Reconsideration — formal appeals against ICANN decisions.

But because this would change a so-called Fundamental Bylaw, ICANN’s new Empowered Community mechanism will have to be triggered.

The Board Governance Committee, noting that the number of RfR complaints it’s having to deal with has sharply increased due to fights over control of new gTLDs, wants that responsibility split out to be handled by a new, dedicated Board Accountability Mechanisms Committee.

It seems on the face of it like a fairly non-controversial change — RfRs will merely be dealt with by a different set of ICANN directors.

However, it will require a change to one of the Fundamental Bylaws — bylaws considered so important they need a much higher threshold to approve.

This means the untested Empowered Community (which I’m not even sure actually exists yet) is going to get its first outing.

The EC is an ad hoc non-profit organization meant to give ICANN the community (that is, you) ultimate authority over ICANN the organization.

It has the power to kick out directors, spill the entire board, reject bylaws changes and approve Fundamental Bylaws changes.

It comprises four or five “Decisional Participants” — GNSO, the ccNSO, the ALAC, the ASO and (usually) the GAC.

In this case at least three of the five Decisional Participants must approve the change, and no more than one may object.

The lengthy process for the EC approving the proposed bylaws change is outlined here.

I wouldn’t expect this proposal to generate a lot of heated discussion on its merits, but it will put the newly untethered ICANN to the test for the first time, which could highlight process weaknesses that could be important when more important policy changes need community scrutiny.

ICANN feeds troll, refuses to censor “rip-off” web site

Kevin Murphy, February 2, 2017, Domain Policy

ICANN’s board has rejected a formal demand that it “take down” the web site RipoffReport.com in what is possibly the strangest Request for Reconsideration case it has considered to date.

The almost 20-year-old site hosts reports from consumers about what they consider to be “rip-offs”. It’s seen its fair share of controversy and legal action over the years.

Somebody called Fraser Lee filed the RfR in December after (allegedly) trying and failing to get the site’s registrar, DNC Holdings (aka Directnic), to yank the domain and then trying and failing to get ICANN Compliance to yank DNC’s accreditation.

The request (pdf) is a rambling, often incoherent missive, alleging that RipoffReport contains “legally proven illegal defamatory, copyright infringing, hateful, suicidal and human rights depriving content” and demanding ICANN “take down the site RIPOFFREPORT.COM AS EXPECTED BY THEIR POLICIES OR RISK BEING SUED AS AN ENDORSER OF CYBER TERRORISM.”

ICANN’s Board Governance Committee has naturally enough rejected (pdf) the request, largely on the grounds that it does not have the authority to police internet content and that it could find no evidence that DNC had breached its contract:

the Requester ultimately seeks to have ICANN assume greater responsibility of policing purportedly illegal activity on the Internet, and attempts to place the burden on ICANN to regulate content on the Internet. That is not ICANN’s role. If content is to be regulated, that review and enforcement falls to institutions charged with interpreting and enforcing laws and regulations around the world, such as law enforcement

In a bizarre twist, the BGC further decided that “Fraser Lee” may not even be the person who filed the original complaints with DNC and ICANN Compliance.

“Fraser Lee, has never initiated a complaint with the ICANN Contractual Compliance department,” the BGC wrote.

A lengthy (and, one imagines, maddening) email thread between DNC’s lawyer and somebody called “Smith”, evidently provided by DNC to ICANN (pdf), appears show that at least two different identities are in play here.

It’s an odd one for sure, but it does have the virtue of getting ICANN’s board on the record again stating that it does not police content.

ICANN loses another IRP — .sport gTLD fight reopens as panel finds “apparent bias”

Kevin Murphy, February 2, 2017, Domain Registries

The future of the .sport gTLD was cast into turmoil this week after an independent panel ruled that there was “apparent bias” in the decision that awarded the string to a group linked to the Olympics.

The new Independent Review Panel ruling found that ICANN broke its own bylaws by refusing to allow Famous Four Media to appeal a 2013 decision that essentially awarded .sport to rival bidder SportAccord.

FFM claims the expert panelist tasked with deciding SportAccord’s Community Objection had undisclosed conflicts of interest that made him much more likely to rule in favor of SportAccord, which is backed by the International Olympic Committee, than FFM, which is a purely commercial operator.

And the IRP panel did not disagree, ruling this week that ICANN should have taken FFM’s claims into account before rejecting its requests for an appeal in 2014.

The ruling means that ICANN may be forced to throw out the Community Objection decision from 2013 and order it to be re-tried with a new expert, potentially allowing FFM back into the .sport contest.

As usual with IRP cases, the ruling is a complex and very dry read, involving multiple layers of objections, appeals, panels and experts.

FFM and SportAccord were the only two applicants for .sport in the 2012 application round.

SportAccord, which has the backing of dozens of sporting organizations in addition to the IOC, claims to represent pretty much all organized sport and wants to run .sport with restrictions on who can register.

FFM, conversely, wants to keep it open to everyone with a passing interest in sport.

In an attempt to kick FFM out of the contest without a potentially expensive auction, SportAccord filed, and then won, a Community Objection in 2013.

To win, it had to prove that the interests of the sport community would be harmed if FFM got to run it. The objection expert panelist, Guido Tawil, came down on SportAccord’s side.

FFM naturally enough disagreed with his conclusion, and vowed to fight to overturn it.

The registry later discovered that Tawil had undisclosed ties to the IOC, which it said should have disqualified him from acting as an independent expert.

First, Tawil attended a conference of the International Bar Association in Rio de Janeiro in 2011 called “Olympic‐Size Investments: Business Opportunities and Legal Framework”, where he co‐chaired a panel entitled “The quest for optimising the dispute resolution process in major sport‐hosting events”.

Second, the law firm he works for, Argentina-based M & M Bomchil, counts DirecTV among its key clients and at the time of the Community Objection DirecTV was negotiating with the IOC for Latin America broadcasting rights for the Sochi 2014 and Rio 2016 Olympics, rights it subsequently obtained.

Third, a partner in Tawil’s law firm is president of Torneos y Competencias, a sports broadcaster with ties to DirecTV.

FFM has claimed: “Guido Tawil’s own legal practice and business is built around a company for whom IOC broadcasting rights are a core aspect of its business.”

While FFM filed two Requests for Reconsideration with ICANN in late 2013 and early 2014, raising the possibility of conflicts of interest and demanding ICANN have Tawil’s ruling thrown out, both were rejected by ICANN’s Board Governance Committee.

It also took its claims to the ICANN Ombudsman, who drafted (but did not finalize) a finding that agreed with FFM that the Community Objection should be retried with a new expert.

The subsequent IRP filing challenged the two RfR decisions and, two years later, the IRP panel has now ruled:

the IRP Panel is of the view that in order to have upheld the integrity of the system, in accordance with its Core Values, the ICANN Board was required properly to consider whether allegations of apparent bias in fact gave rise to a basis for reconsideration of an Expert Determination. It failed to do so and, consequently, is in breach of its governing documents.

The panel also said that ICANN should have taken the Ombudsman’s draft report into account.

It declared:

that the action of the ICANN Board in failing substantively to consider the evidence of apparent bias of the Expert arising after the Expert Determination had been rendered was inconsistent with the Articles, Bylaws and/or the Applicant Guidebook.

The panel has ordered ICANN to pay FFM’s share of the $152,673 IRP costs.

ICANN’s board will now have to consider the IRP decision, and it seems very possible that a new Community Objection review might be ordered.

On the face of it, it looks like a big win for FFM.

That does not mean that SportAccord will not prevail in its objection for a second time, even with a different presiding expert, however.

One fact in its favor is that it now has three years’ worth of evidence of how Famous Four conducts its business — selling domains at super-cheap prices, some say at the expense of the cleanliness of its namespaces — with which to attempt to show the likelihood of harm.

What seems certain is that the .sport gTLD is not going to see the light of day any time soon.

Read the ruling as a PDF here.