Latest news of the domain name industry

Recent Posts

CoCCA to charge trademark owners for Whois access

Kevin Murphy, April 14, 2018, Domain Registries

CoCCA has become the first domain registry to publicly announce that it will charge trademark owners for access to Whois records.

The company said it plans to release an updated version of its software and registry service, containing a range of features for ensuring General Data Protection Regulation compliance, on April 20.

The public Whois records of affected TLDs will have the name, email, phone and physical address of the registrant omitted, but only if the registrant is an EU resident or uses an EU-based registrar or reseller.

There will be ways to opt-out of this, for registrants who want their information public.

The changes will come into effect first at .af, .cx, .gs, .gy, .ht, .hn, .ki, .kn, .sb, .tl, .kn, .ms and .nf, CoCCA said.

But the registry runs almost 40 gTLDs on its shared infrastructure and has almost 20 more running its software. They’re all pretty small zones, mostly ccTLDs.

CoCCA said that it will give access to private data to law enforcement and members of the Secure Domain Foundation, a DNS reputation service provider.

But trademark owners will get hit in the wallet if they want the same privileges. CoCCA said:

intellectual property owners or other entities who have a legitimate interest in redacted data will be able to order historical abstracts online for a nominal fee (provided they sign an attestation).

While the affected TLDs are probably small enough that the IP lobby won’t be overly concerned today, if CoCCA’s policy becomes more widespread in the industry — which it well could — expect an outcry.

Cybersquatting cases up because of .com

Kevin Murphy, March 23, 2018, Domain Services

The World Intellectual Property Organization handled cybersquatting cases covering almost a thousand extra domain names in 2017 over the previous year, but almost all of the growth came from complaints about .com names, according to the latest WIPO stats.

There were 3,074 UDRP cases filed with WIPO in 2017, up about 1.2% from the 3,036 cases heard in 2016, WIPO said in its annual roundup last week.

That’s slower growth than 2016, which saw a 10% increase in cases over the previous year.

But the number domains complained about in UDRP was up more sharply — 6,370 domains versus 5,374 in 2016.

WIPO graph

WIPO said that 12% of its 2017 cases covered domains registered in new gTLDs, down from 16% in 2016.

If you drill into its numbers, you see that 3,997 .com domains were complained about in 2017, up by 862 domains or 27% from the 3,135 seen in 2016.

.com accounted for 66% of UDRP’d domains in 2016 and 70% in 2017. The top four domains in WIPO’s table are all legacy gTLDs.

As usual when looking at stats for basically anything in the domain business in the last few years, the tumescent rise and meteoric fall of .xyz and .top have a lot to say about the numbers.

In 2016, they accounted for 321 and 153 of WIPO’s UDRP domains respectively, but they were down to 66 and 24 domains in 2017.

Instead, three Radix TLDs — .store, .site and .online — took the honors as the most complained-about new gTLDs, with 98, 79, and 74 domains respectively. Each of those three TLDs saw dozens more complained-about domains in 2017 than in 2016.

As usual, interpreting WIPO’s annual numbers requires caution for a number of reasons, among them: WIPO is not the only dispute resolution provider to handle UDRP cases, rises and falls in UDRP filings do not necessarily equate to rises and falls in cybersquatting, and comparisons between .com and new gTLDs do not take into account that new gTLDs also have the URS as an alternative dispute mechanism.

Lawyer: GoDaddy Whois changes a “critical” contract breach

Kevin Murphy, March 13, 2018, Domain Registrars

GoDaddy is in violation of its ICANN registrar contract by throttling access to its Whois database, according to a leading industry lawyer.

Brian Winterfeldt of the Winterfeldt IP Group has written to ICANN to demand its compliance team enforces what he calls a “very serious contractual breach”.

At issue is GoDaddy’s recent practice, introduced in January, of masking key fields of Whois when accessed in an automated fashion over port 43.

The company no longer shows the name, email address or phone number of its registrants over port 43. Web-based Whois, which has CAPTCHA protection, is unaffected.

It’s been presented as an anti-spam measure. In recent years, GoDaddy has been increasingly accused (wrongly) of selling customer details to spammers pitching web hosting and SEO services, whereas in fact those details have been obtained from public Whois.

But many in the industry are livid about the changes.

Back in January, DomainTools CEO Tim Chen told us that, even as a white-listed known quantity, its port 43 access was about 2% of its former levels.

And last week competing registrar Namecheap publicly complained that Whois throttling was hindering inbound transfers from GoDaddy.

Winterfeldt wrote (pdf) that “nothing in their contract permits GoDaddy to mask data elements, and evidence of illegality must be obtained before GoDaddy is permitted to throttle or deny
port 43 Whois access to any particular IP address”, adding:

The GoDaddy whitelist program has created a dire situation where businesses dependent upon unmasked and robust port 43 Whois access are forced to negotiate wholly subjective terms for access, and are fearful of filing complaints with ICANN because they are reticent to publicize any disruption in service, or because they fear retaliation from GoDaddy…

This is a very serious contractual breach, which threatens to undermine the stability and security of the Internet, as well as embolden other registrars to make similar unilateral changes to their own port 43 Whois services. It has persisted for far too long, having been officially implemented on January 25, 2018. The tools our communities use to do our jobs are broken. Cybersecurity teams are flying blind without port 43 Whois data. And illegal activity will proliferate online, all ostensibly in order to protect GoDaddy customers from spam emails. That is completely disproportionate and unacceptable

He did not disclose which client, if any, he was writing on behalf of, presumably due to fear of reprisals.

He added that his initial outreaches to ICANN Compliance have not proved fruitful.

ICANN said last November that it would not prosecute registrar breaches of the Whois provisions of the Registrar Accreditation Agreements, subject to certain limits, as the industry focuses on becoming compliant with the General Data Protection Regulation.

But GoDaddy has told us that the port 43 throttling is unrelated to GDPR and to the compliance waiver.

Masking Whois data, whether over port 43 or not, is likely to soon become a fact of life anyway. ICANN’s current proposal for GDPR compliance would see public Whois records gutted, with only accredited users (such as law enforcement) getting access to full records.

Brandsight starts beta with “large corporations”

Kevin Murphy, February 20, 2018, Domain Registrars

New brand management registrar Brandsight says it has started a beta test of its initial service.

Head of marketing Elisa Cooper tells DI the service is being tested by prospective clients at unspecified “large corporations”.

Brandsight Domain Name Management is a portfolio management system for large corporate domain controllers.

The company reckons its service is more streamlined than the competition, leveraging “big data” and modern user interface techniques to make brand managers’ lives easier.

Features include the ability to make sure domains are forwarding to where they’re supposed to. There’s also an industry news feed, according to a press release.

Brandsight was formed last year and staffed by former senior staffers from Fairwinds and MarkMonitor who thought they’d spotted a gap in the market.

ICANN chief to lead talks over blocked .amazon gTLD

Kevin Murphy, February 14, 2018, Domain Policy

ICANN CEO Goran Marby has been asked to help Amazon come to terms with several South American governments over its controversial bid for the .amazon gTLD.

The organization’s board of directors passed a resolution last week accepting the suggestion, which came from the Governmental Advisory Committee. The board said:

The ICANN Board accepts the GAC advice and has asked the ICANN org President and CEO to facilitate negotiations between the Amazon Cooperation Treaty Organization’s (ACTO) member states and the Amazon corporation

Governments, prominently Peru and Brazil, have strongly objected to .amazon on the grounds that the “Amazon” river and rain-forest region, known locally as “Amazonas” should be a protected geographic term.

Amazon’s applications for .amazon and two Asian-script translations were rejected a few years ago after the GAC sided with its South American members and filed advice objecting to the gTLDs.

A subsequent Independent Review Process panel last year found that ICANN had given far too much deference to the GAC advice, which came with little to no evidence-based justification.

The panel told ICANN to “promptly” take another look at the applications and “make an objective and independent judgment regarding whether there are, in fact, well-founded, merits-based public policy reasons for denying Amazon’s applications”.

Despite this, the .amazon application is still classified as “Will Not Proceed” on ICANN’s web site. That’s basically another way of saying “rejected” or “denied”.

Amazon the company has promised to protect key domains, such as “rainforest.amazon”, if it gets to run the gTLDs. Governments would get to help create a list of reserved, sensitive domains.

It’s also promised to actively support any future bids for .amazonas supported by the governments concerned.

.amazon would be a dot-brand, so only Amazon would be able to register names there.