Latest news of the domain name industry

Recent Posts

RANT: Governments raise yet another UN threat to ICANN

Kevin Murphy, October 31, 2016, Domain Policy

ICANN’s transition away from US government oversight is not even a month old and the same old bullshit power struggles and existential threats appear to be in play as strongly as ever.

Governments, via the chair of the Governmental Advisory Committee, last week yet again threatened that they could withdraw from ICANN and seek refuge within the UN’s International Telecommunications Union if they don’t get what they want from the rest of the community.

It’s the kind of thing the IANA transition was supposed to minimize, but just weeks later it appears that little has really changed in the rarefied world of ICANN politicking.

Thomas Schneider, GAC chair, said this on a conference call between the ICANN board and the Generic Names Supporting Organization on Thursday:

I’m just urging you about considering what happens if many governments consider that this system does not work. They go to other institutions. If we are not able to defend public interest in this institution we need to go elsewhere, and this is exactly what is happening currently at the ITU Standardization Assembly.

This is a quite explicit threat — if governments don’t like the decisions ICANN makes, they go to the ITU instead.

It’s the same threat that has been made every year or two for pretty much ICANN’s entire history, but it’s also something that the US government removing its formal oversight of ICANN was supposed to help prevent.

So what’s this “public interest” the GAC wants to defend this time around?

It’s protections for the acronyms of intergovernmental organizations (IGOs) in gTLDs, which we blogged about a few weeks ago.

IGOs are bodies ranging from the relatively well-known, such as the World Health Organization or World Intellectual Property Organization, to the obscure, such as the European Conference of Ministers of Transport or the International Tropical Timber Organization.

According to governments, the public interest would be served if the string “itto”, for example, is reserved in every new gTLD, in other words. It’s not known if any government has passed laws protecting this and other IGO strings in their own ccTLDs, but I suspect it’s very unlikely any have.

There are about 230 such IGOs, all of which have acronyms new gTLD registries are currently temporarily banned from selling as domains.

The multi-stakeholder GNSO community is on the verge of coming up with some policy recommendations that would unblock these acronyms from sale and grant the IGOs access to the UDRP and URS mechanisms, allowing them to reclaim or suspend domains maliciously exploiting their “brands”.

The responsible GNSO working group has been coming up with these recommendations for over two years.

While the GAC and IGOs were invited to participate in the WG, and may have even attended a couple of meetings, they decided they’d have a better shot at getting what they wanted by talking directly to the ICANN board outside of the usual workflow.

The WG chair, Phil Corwin of the Internet Commerce Association, recently described IGO/GAC participation as a “near boycott”.

This reluctance to participate in formal ICANN policy-making led to the creation of the so-called “small group”, a secretive ad hoc committee that has come up with an opposing set of recommendations to tackle the same IGO acronym “problem”.

I don’t think it’s too much of a stretch to call the the small group “secretive”. While the GNSO WG’s every member is publicly identified, their every email publicly archived, their every word transcribed and published, ICANN won’t even say who is in the small group.

I asked ICANN for list of its members a couple of weeks ago and this is what I got:

The group is made up of Board representatives from the New gTLD Program Committee (NGPC), primarily, Chris Disspain; the GAC Chair; and representatives from the IGO coalition that first raised the issue with ICANN and some of whom participated in the original PDP on IGO-INGO-Red Cross-IOC protections – these would include the OECD, the UN, UPU, and WIPO.

With the publication two weeks ago of the small group’s recommendations (pdf) — which conflict with the expect GNSO recommendations — the battle lines were drawn for a fight at ICANN 57, which kicks off this week in Hyderabad, India.

Last Thursday, members of the GNSO Council, including WG chair Corwin, met telephonically with GAC chair Schneider, ICANN chair Steve Crocker and board small group lead Disspain to discuss possible ways forward.

What emerged is what Crocker would probably describe as a “knotty” situation. I’d describe it as a “process clusterfuck”, in which almost all the relevant parties appear to believe their hands are tied.

The GNSO Council feels its hands are tied for various reasons.

Council chair James Bladel explained that the GNSO Council doesn’t have the power to even enter substantive talks.

“[The GNSO Council is] not in a position to, or even authorized to, negotiate or compromise PDP recommendations that have been presented to use by a PDP working group and adopted by Council,” he said.

He went on to say that while the GNSO does have the ability to revisit PDPs, to do so would take years and undermine earlier hard-fought consensus and dissuade volunteers from participating in policy making. He said on the call:

By going back and revisiting PDPs we both undermine the work of the community and potentially could create an environment where folks are reluctant to participate in PDPs and just wait until a PDP is concluded and then get engaged at a later stage when they feel that the recommendations are more likely adopted either by the board or reconciled with GAC advice.

He added that contracted parties — registries and registrars — are only obliged to follow consensus policies that have gone through the PDP process.

Crocker and Disspain agreed that the the GAC and the GNSO appear to have their hands tied until the ICANN board makes a decision.

But its hands are also currently tied, because it only has the power to accept or reject GNSO recommendations and/or GAC advice, and it currently has neither before it.

Chair Crocker explained that the board is not able to simply impose any policy it likes — such as the small group recommendations, which have no real legitimacy — it’s limited to either rejecting whatever advice the GAC comes up with, rejecting whatever the GNSO Council approves, or rejecting both.

The GNSO WG hasn’t finished its work, though the GNSO Council is likely to approve it, and the GAC hasn’t considered the small group paper yet, though it is likely to endorse it it.

Crocker suggested that rejecting both might be the best way to get everyone around a table to try to reach consensus.

Indeed, it appears that there is no way, under ICANN’s processes, for these conflicting views to be reconciled formally at this late stage.

WG chair Corwin said that any attempt to start negotiating the issue before the WG has even finished its work should be “rejected out of hand”.

With the GNSO appearing to be putting up complex process barriers to an amicable way forward, GAC chair Schneider repeatedly stated that he was attempting to reach a pragmatic solution to the impasse.

He expressed frustration frequently throughout the call that there does not appear to be a way that the GAC’s wishes can be negotiated into a reality. It’s not even clear who the GAC should be talking to about this, he complained.

He sounds like he’s the sensible one, but remember he’s representing people who stubbornly refused to negotiate in the WG over the last two years.

Finally, he raised the specter of governments running off to the UN/ITU, something that historically has been able to put the willies up those who fully support (and in many cases make their careers out of) the ICANN multistakeholder model.

Here’s a lengthier chunk of what he said, taken from the official meeting transcript:

If it turns out that there’s no way to change something that has come out of the Policy Development Process, because formally this is not possible unless the same people would agree to get together and do the same thing over again, so maybe this is what it takes, that we need to get back or that the same thing needs to be redone with the guidance from the board.

But if then nobody takes responsibility to — in case that everybody agrees that there’s a public interest at stake here that has not been fully, adequately considered, what — so what’s the point of this institution asking governments for advice if there’s no way to actually follow up on that advice in the end?

So I’m asking quite a fundamental question, and I’m just urging you about considering what happens if many governments consider that the system does not work. They go to other institutions. They think we are not able to defend public interest in this institution. We need to go elsewhere. And this is exactly what is happening currently at the ITU Standardization Assembly, where we have discussions about protection of geographic names because — and I’m not saying this is legitimate or not — but because some governments have the feeling that this hasn’t been adequately addressed in the ICANN structure.

I’m really serious about this urge that we all work together to find solutions within ICANN, because the alternative is not necessarily better. And the world is watching what signals we give, and please be aware of that.

The “geographic names” issue that Schneider alludes to here seems to be a proposal (Word .doc) put forward by African countries and under discussion at the ITU’s WTSA 2016 meeting this week.

The proposal calls for governments to get more rights to oppose geographic new gTLD applications more or less arbitrarily.

It emerged not from any failure of ICANN policy — geographic names are already protected at the request of the GAC — but from Africa governments being pissed off that .africa is still on hold because DotConnectAfrica is suing ICANN in a California court and some batty judge granted DCA a restraining order.

It’s not really relevant to the IGO issue, nor especially relevant to the issue of governments failing to influence ICANN policy.

The key takeaway from Schneider’s remarks for me is that, despite assurances that the IANA transition was a way to bring more governments into the ICANN fold rather than seeking solace at the UN, that change of heart is yet to manifest itself.

The “I’m taking my ball and going home” threat seems to be alive and well for now.

If you made it this far but want more, the transcript of the call is here (pdf) and the audio is here (mp3). Good luck.

Squabbling drug peddlers drag .pharmacy into brand bunfight

Kevin Murphy, September 29, 2016, Domain Policy

The .pharmacy new gTLD has been dragged into the ongoing trademark dispute between two pharmaceuticals giants called Merck.

Germany-based Merck KGaA has accused the .pharmacy registry of operating an unfair and “secretive” process to resolve competing sunrise period applications.

The domain merck.pharmacy was awarded to US rival Merck & Co, which was spun off from the German original a hundred years ago, after both Mercks applied for the domain during .pharmacy’s January-March 2015 sunrise.

Now Merck KGaA has become what I believe might be the first company to reveal an attempt to invoke ICANN’s Public Interest Commitments Dispute Resolution Procedure to get the decision reversed.

The National Association of Boards of Pharmacy, a US entity, operates .pharmacy as a tightly controlled gTLD with pre-registration credential validation.

When it launched for trademark owners in last year, it was vague about how contentions between owners of matching trademarks would be handled, according to Merck KGaA.

Merck KGaA claims that NABP awarded merck.pharmacy to Merck & Co and initially refused to disclose how it had arrived at its decision other than to say the German firm “met fewer criteria” than its rival.

After some back-and-forth between their lawyers, Merck KGaA was still not happy with NABP’s response to the dispute, so it decided to start filing compliance reports ICANN.

A year on, it tried to invoke the PICDRP.

Public Interest Commitments are addenda to ICANN Registry Agreements that bind the registries to certain behaviors, such as fighting malware and working with industry-specific regulatory bodies.

The PICDRP, heard by ICANN or an independent standing panel, is a way for third parties to challenge registries’ compliance with their contracts when they believe PICs have been violated.

No PICDRP disputes have actually made it before a panel to date, to my knowledge. Indeed, this is the first time I’ve heard of anyone even attempting to file one, though ICANN Compliance reports indicate about 20 were filed last year.

Merck KGaA claims that by not disclosing how it decided Merck & Co should win merck.pharmacy, NABP is in breach of the PIC that states:

Registry Operator will operate the TLD in a transparent manner consistent with general principles of openness and non-discrimination by establishing, publishing and adhering to clear registration policies.

It suspects that NABP was biased towards Merck & Co because the US firm is a $100,000+ contributor to its coffers.

NABP has denied any wrongdoing, saying it applied “objective criteria” to decide which Merck most deserved the name.

This June, over a year after the domain was awarded, Merck KGaA filed its PICDRP complaint with ICANN. Two weeks ago, ICANN responded saying the complaint had been rejected, saying:

The detailed review criteria used to resolve the contention for the registration of the domain name was part of an operational procedure that the registry operator applied to both applicants’ websites and was consistent with .pharmacy’s community restrictions in Specification 12 of the RA. As the internal operational procedure does not conflict with ICANN’s agreements and policies, it is deemed outside of ICANN’s scope of enforcement.

The decision seems to have been made by ICANN staff. No independent panel was appointed. The PICDRP grants ICANN “sole discretion” as to whether a panel is needed.

The only reason the dispute has come to light is that Merck KGaA has decided to challenge ICANN’s decision with a Request for Reconsideration. The RfR and 600-odd pages of exhibits are published here.

It’s the second concurrent RfR Merck has on the go with ICANN. The Mercks are also simultaneously fighting for the right to run .merck as a dot-brand gTLD.

Both applications for .merck went through the Community Priority Evaluation process, but both failed.

The next stage in resolving the contention said would have been an auction, but Merck KGaA has filed for Reconsideration on its CPE panel’s determination.

For $10,000, Donuts will block hundreds of typos and premiums for your brand

Kevin Murphy, September 28, 2016, Domain Registries

Donuts has announced an expansion of its domain-blocking service that will enable brand owners to cheaply (kinda) block misspellings of their trademarks.

Brand owners whose trademarks match “premium” generic strings will also be able to take matching domains out of circulation using the registry’s new DPML Plus service.

DPML, for Domain Protected Marks List, is Donuts’ way of giving trademark owners a way to bulk-block their marks across Donuts’ entire stable of gTLDs, which currently stands at 197 strings.

With typical sunrise period prices at $200+, registering a single string across almost 200 gTLDs during sunrise could near a $40,000 outlay. In general availability, it would often be about a tenth of that price.

But the original DPML, with a roughly $3,000 retail price for a five-year block, reduced the cost to protect a single string to about $3 per domain per year.

Now, with DPML Plus, Donuts is offering a premium service that adds the ability to block typos and premium names.

Typos and substring-based blocking were near the top of the intellectual property community’s wish-list when the new gTLD program was being developed, but those features were never incorporated into ICANN rights protection mechanisms.

But for $9,999 (suggested retail price), DPML Plus buyers get a 10-year block on the string that matches their trademark and three extra strings that are either typos of the trademark or contain the trademark as a substring, Donuts said.

So Google would for example be able to block android.examples, anrdoid.examples, androidphone.examples and googleandroidphone.examples using a single DPML Plus subscription.

Basically, they get to block up to 788 domains at $9,999 over 10 years, which works out to about $1.26 per domain per year.

It looks nice and cheap on that basis, but companies wishing to block dozens of base trademarks would be looking at six or seven-figure up-front payments.

DPML Plus also lifts the ban on blocking “premium” domains.

Under the old DPML, customers could not block a domain if Donuts had flagged it with a premium price, but under DPML Plus they can.

This opens the door to brand owners who have valuable trademarks on generic dictionary words to get them blocked across the whole Donuts portfolio.

A Donuts spokesperson said the company reserves the right to reject such strings if it suspects gaming.

Another benefit of the DPML Plus is the ability to prevent other companies with identical trademarks later unblocking and snatching blocked domains for themselves.

Currently, third parties with matching brands can “override” DPML blocks, but that feature is turned off for DPML Plus subscribers. They get exclusivity for the life of the block.

Donuts said the Plus offer will only be available to buy between October 1 and December 31.

As an added carrot, from January 1 the price of its vanilla DPML service is going to go up by an amount the company currently does not want to disclose.

Amazingly, .blockbuster will soon be a gTLD

Video rental chain Blockbuster may have gone the way of the the 8-track, the VCR, and the Nokia cell phone, but it will soon have a gTLD of its own.

The .blockbuster gTLD application completed its pre-delegation testing with ICANN this week and is now with IANA/Verisign, ready to go live on the internet in the coming week or so.

It’s a fairly straightforward dot-brand application, even though the brand itself is pretty much dead.

Blockbuster, which at its peak in 2004 had 9,000 rental stores in its chain, was rescued from its Netflix-induced bankruptcy by TV company Dish Network back in 2011.

Dish applied for .blockbuster in 2012 when the brand was still, if only barely, a going concern.

However, since that time all of its remaining Blockbuster stores have been closed down and the Blockbuster-branded streaming service has been renamed Sling.

The web site at blockbuster.com is a husk that hasn’t been updated since 2014.

And yet the brand will shortly be at the cutting edge of online branding by having its own new gTLD.

A dot-brand without a brand? Surely this will be among the most useless new gTLDs to hit the ‘net.

Does .tickets have the ultimate anti-cybersquatting system?

Kevin Murphy, January 19, 2016, Domain Registries

I’ve never seen anything like this before.

.tickets gTLD registry Accent Media has launched an anti-cybersquatting measure that lets the world know who is trying to register what domain name a whole month before the domain is allowed to go live.

The service, at domains.watch, is currently only being used by .tickets, but it seems to be geared up to accept other TLDs too.

A spokesperson said the site soft-launched a couple months ago.

Today, if you want to register a .tickets domain name, you have a choice of two processes — “fast-track” or “standard”.

Fast-track is for organizations with trademarks matching their names. It take five days for the trademark to be verified and the domain to go live.

Standard-track applications, however, are published on domains.watch for 30 days before the the registration is fully processed (under the registry hood, the domain are kept in “Pending Create” status).

Domains.Watch

During that 30 days, anyone with a trademark they believe would be infringed by the domain may file a challenge against the registration. They have to pay a fee to do so.

The would-be registrant can counter by showing their own rights. If they have no documented rights, the challenger gets the name instead.

“Rights” in the case of .tickets means a trademark or evidence of use of a mark in a ticketing-related context.

While it’s certainly not unusual in the industry for restricted TLDs to manually vet their registrants before processing a registration, I’ve never before come across a registry that does it all in public, allowing basically anyone — or, at least, anyone who is willing to pay the challenge fee — to challenge any registration.

Can you imagine what the domain world would be like if this kind of system were commonplace across a range of TLDs?

A lot of people outside the industry — particularly in security, I fancy — would love it.