Latest news of the domain name industry

Recent Posts

ICANN made over $500k in secret lawyer payments over [REDACTED] legal dispute

Kevin Murphy, November 17, 2020, Domain Policy

ICANN has approved a payout of over half a million dollars to outside lawyers for work on a legal dispute it does not want you to know about.

The board of directors a week ago approved the disbursement of a “[Redacted – Privileged & Confidential]” sum to undisclosed parties in relation to “extensive activity in [Redacted – Privileged & Confidential]”.

Under ICANN policy, the fact that board approval was required means that the amount being paid is at least $500,000. The redacted resolution also authorizes additional payments up to $499,999.

ICANN isn’t providing any hints about what the payments concern, other than that it’s a legal dispute of some kind. The resolution states:

When required, ICANN must engage outside legal counsel to help prepare for and defend against all types of disputes that are brought against ICANN. When those disputes become highly contentious they often require significant involvement during a certain time period by outside counsel and that significant amount of time also results in significant fees and related expenses.

The words “related expenses” may be telling. We may not just be talking about lawyers’ fees here.

ICANN also does not state when the expenses were incurred, other than to note that the org’s budget for fiscal 2020, which ended June 30, “contemplated” the need for such payments.

So we’re talking about a legal issue that ICANN was aware of before May 2019, when the FY20 budget was approved, possibly as far back as December 2018, when earlier versions of that budget were published.

Known legal disputes that were active back then and have seen activity in the last few months include the Afilias Independent Review Process complaint about the .web auction and DotConnectAfrica’s court appeal over its .africa loss.

But both of those cases are matters of public record. ICANN even regularly publishes legal documentation on both. They’re not secret.

The only cases I’m aware of that ICANN has actively tried to keep secret involve allegations of sexual discrimination and harassment made against at least one former senior staffer. One such lawsuit was filed late February 2019.

But the hundreds of thousands doled out by ICANN last week could be related to just about anything.

ICANN’s bylaws give the board a broad brush when it comes to redacting information from published resolutions:

any actions relating to personnel or employment matters, legal matters (to the extent the Board determines it is necessary or appropriate to protect the interests of ICANN), matters that ICANN is prohibited by law or contract from disclosing publicly, and other matters that the Board determines, by a three-quarters (3/4) vote of Directors present at the meeting and voting, are not appropriate for public distribution

Usually, when ICANN redacts information, it’s related to personnel matters such as management bonuses.

Whatever it was ICANN just spent your money on, ICANN ain’t saying.

This ICANN comment period is a Kafkaesque nightmare

Kevin Murphy, September 29, 2020, Domain Policy

With the deadline for commenting on draft new gTLD program rules rapidly approaching, you may be tempted to visit the ICANN web site to peruse the comments that have already been submitted by others. Good bloody luck.

The way ICANN has chosen to present the comments is so bafflingly opaque, confusing and confounding that I can’t help but conclude it must have been deliberately designed to be as soul-crushing as possible.

Regular comment periods are pretty straightforward: you email your comments as prose to ICANN, ICANN publishes the email and any attachments for others to read. Everyone knows where everyone stands. Job done.

But recently there’s been a worrying trend towards a questionnaire and spreadsheet model based around Google Docs, and that’s the model being used for comments on the final draft report of the new gTLD program working group, known as SubPro.

You can check out the spreadsheet here.

The first thing you’ll notice is that the spreadsheet is 215 columns wide, with each respondent given one row for their responses.

You’ll also notice that the spreadsheet doesn’t seem to understand line breaks. Where the respondent has provided some textual commentary, it’s spread across multiple columns in some cases and not in others.

And then there’s the column headings.

While stumbling randomly through the spreadsheet, I discovered an interesting nugget of information — it seems the new gTLD registry MMX wants the next application round delayed until all of the 2012 round have been launched, which I found a bit surprising.

This nugget can be found under the column heading “Enter your response here”, a heading that is helpfully shared by 90 (ninety) other columns on the same damn page.

The heading “Do you want to save your progress and quit for now? You will be able to return to the form to complete it at a later time” appears 10 times in the document.

No information in adjacent columns sheds any light on what triggered MMX to make its comment.

In order to figure out the question for pretty much any response, the only option appears to be to cross-reference the spreadsheet with the original form questionnaire, which can be found as a PDF here.

But the questionnaire has 234 questions and there’s no straightforward correlation between the question number and the columns on the spreadsheet, which are addressed as AA through IG.

So when you see that European industry group CENTR went to the trouble to “Support Output(s) as written” in column DI, under the heading “If you choose one of the following responses, there is no need to submit comments”, it’s virtually impossible to figure out what it actually supports.

If you are able to figure out which question it was answering, that probably won’t help you much either.

The form merely contains brief summaries of changes the working group has made. To see the “Output(s) as written” you’d have to cross-reference with the 363-page draft final report (pdf).

A lot of you are probably thinking that I should just export the spreadsheet into Excel or OpenOffice and clean it up a bit. But, no, you can’t. ICANN has disabled exporting, downloading, and even copy-pasting.

It’s enough to make one feel like going out and licking the floor on public transport.

Way to go on the transparency, ICANN!

I have to believe that the ICANN staffer responsible for compiling all these comments into the official ICANN summary has some tools at his or her disposal to render this mess decipherable, because otherwise they’ve got a huge, hair-ripping job on their hands.

Of course, since there doesn’t appear to be a way for the rest of us to verify the summary report’s accuracy, they can probably just write whatever they want.

ICANN’s .org decision was NOT unanimous, and it was made in secret

When ICANN announced its decision to deny Public Interest Registry’s request to be acquired by Ethos Capital at the end of April, I felt a little foolish.

I’d confidently predicted just days earlier that the decision by the board would not be unanimous, but ICANN, in announcing the decision, said “the entire Board stands by this decision”.

But it turns out I was right after all. Three directors voted against the consensus and one abstained.

The dissenting votes were cast by industry policy consultant Avri Doria, Serbian internet pioneer Danko Jevtović, and former Sudanese ccTLD operator Ihab Osman.

Doria and Jevtović voted against the first resolved clause, which rejected PIR’s request. All three voted against the second resolved clause, which would have allowed PIR to file a second request.

Sarah Deutsch, a private practice lawyer, abstained from both votes, presumably because she also sits on the board of the Electronic Frontier Foundation, the civil liberties group that can, via California’s attorney general, probably be credited most with getting the transaction killed.

All three dissenters and Deutsch are Nominating Committee appointees.

According to the preliminary report of the April 30 meeting, “Doria indicated that she would be voting against the resolution and explained her views about how the public interest would be better served by ICANN granting its consent to PIR’s request.”

What her reasons were are not reflected in the record.

It also seems likely that any substantive minuting of ICANN’s decision is likely to be limited, as it appears to have been made at a different, off-the-books session at an unspecified earlier date.

The preliminary report notes the “the Board discussed and considered alternative draft resolutions for potential Board action as part of an earlier briefing”.

No such earlier meeting is listed on ICANN’s web site. The board’s previous formal meeting, two weeks earlier, had PIR’s request removed from the agenda at the last minute.

So it appears that ICANN’s board decided to reject the deal basically in secret at some point between April 17 and April 29, during a meeting of which ICANN has no obligation to publicly release the minutes.

Nice transparency loophole!

There’s always the Documentary Information Disclosure Policy, I suppose.

Court rules domain name list should stay secret

Publishing a list of every domain name in their zone is something that most TLD registries do automatically on a daily basis, but a court in Chile has ruled that doing so is a cybersecurity risk.

NIC Chile, which runs .cl, said last week that it has won an appeal against a Transparency Council ruling that would have forced it to publish a list of the domains it manages.

The Court of Appeals ruled that the registry was within its rights to refuse to hand over an Excel spreadsheet listing the 575,430 domains in .cl to the person who requested it.

The request was just for the list of domains, with none of the other data you’d find in a zone file and no Whois information about the registrants.

Nevertheless, the court unanimously ruled that to hand over the list would present “cybersecurity risks”, according to NIC Chile attorney Margarita Valdés Cortés.

NIC Chile said in a statement:

In this particular case, it was considered that the bulk delivery of domain names to a private individual could generate risks of cybersecurity of various kinds, both in access to information as a result of those domain names as well as the possibility that, by having such a list, attacks on servers, phishing, spam or others could be made easier. Similarly, the ruling of the Court of Appeals understood that the delivery of the data affects commercial and economic rights of the holders of these .CL domains, and considered that there is a legal cause that justifies NIC Chile´s refusal to turn over the list of all registered names.

Cortés said that the case will now go to the nation’s Supreme Court for a final decision, after the Transparency Council appealed.

Access to zone files is considered by many security researchers to be an invaluable tool in the fight against cybercrime.

NIC Chile has published the ruling, in Spanish, here (pdf).

Nominet under fire for lack of transparency

Kevin Murphy, September 16, 2013, Domain Policy

Nominet has raised the ire of critics of its Direct.uk proposal for refusing to engage with them, including forcibly ejecting one of their number from a .uk policy meeting.

Opponents of Direct.uk, which would open .uk’s second-level for the first time, have cataloged a number of instances of Nominet apparently failing to act in a transparent manner over the last few weeks.

Most notably, domainer Stephen Wilde of Really Useful Domains, author of a paper critical of Direct.uk, was “escorted” by hotel security staff from a recent policy discussion co-hosted by Nominet.

Domain lawyer Paul Keating was also refused entry and left without an escort.

The event was jointly hosted with the British Computer Society and the Digital Policy Alliance and was restricted to BCS members.

Wilde said that he had joined BCS specifically in order to attend the meeting and had then spent four hours on a train to get there. He said that there were plenty of empty seats in the venue.

Nominet spokesperson Elaine Quinn told DI that Nominet’s goal is to get as diverse a range of views as possible.

Wilde had already attended multiple previous meetings on the same topic and had been quite vocal at those, it seems. Nominet was worried that he might prevent other voices from being heard at the BCS event.

Quinn posted a statement to Nominet’s members-only forums, which was provided to DI, which read in part:

Two individuals who had been informed that they would not be able to attend in advance nonetheless turned up. Both initial requests to join were polite and were met in turn with a polite response. When the decision to deny entry was repeated, one person continued to remonstrate with our staff. He was then asked to leave the private area (not the hotel) by the hotel security. Upon refusal, the hotel security guard escorted the individual out of the area.

Colleagues at the event felt that the behaviour exhibited was unacceptable and that steps to protect our staff and to allow the event to proceed as planned were, unfortunately, necessary.

The BCS meeting was the latest in a series of controversies that have been raised by Direct.uk’s opponents and cataloged on the pseduonymous blog NominetWatch.com, which claims Nominet is trying to “silence dissenting voices”.

Another of its posts relates to the UK Network Operators Forum, an event on Friday in London.

A Nominet executive had been scheduled to speak at the event and others were due to attend, but all withdrew after the company discovered that Emily Taylor, its former head of policy and now one of its fiercest critics, was also speaking.

Taylor’s presentation (pdf) criticized Nominet’s lack of transparency, comparing it to ICANN’s relatively open culture.

Quinn confirmed that Nominet’s would-be attendees withdrew from the event, but said that this was because they were technical staff not qualified to speak to Taylor’s governance-focused criticisms.

NominetWatch also recently blogged about the fact that Nominet recently closed the comments on a blog post about Direct.uk, suggesting it was intended to stifle debate.

Quinn confirmed that comments were closed, but said it was a temporary measure while Nominet, which had staff on vacation, sifted through some of the many defamatory comments that had been submitted.

Comments have since been reopened and a backlog, many of which are critical of Nominet, have been published.

ICANN cancels Fridays. Bad for transparency.

Kevin Murphy, May 2, 2012, Domain Policy

ICANN’s next public meeting, and all its public meetings thereafter, will be a day shorter than usual, following a decision to cancel the regular Friday morning program.

No Friday means no public meeting of the board of directors.

While the move is being characterized as an effort to enhance the effectiveness of ICANN’s board – a particular concern, frequently voiced, of chairman Steve Crocker – it’s also a perplexing shift away from ICANN’s core tenet of transparency.

One of the effects could be to mask dissent on the board.

From now on, it appears that all of ICANN’s top-level decision-making will happen in private.

Instead of wrapping up each public meeting with a board session at which resolutions get voted on, each meeting will instead be book-ended by less formal “community sessions”.

During these sessions, the board will apparently report to attendees about what it has been doing since the last meeting and what it plans to do before the next meeting.

Crocker said in a statement:

We believe that the removal of the Friday public Board meeting and its replacement with two Board community sessions will improve the effectiveness of both the Board and the staff and increase the time that the Board has to interact with the community.

That may well be true — time will tell — but let’s look at what the ICANN community is almost certainly losing.

First, there will be no more transcripts of board meetings at all.

Today, only the public meetings have published recordings and transcripts. Intersessional meetings are minuted, but not transcribed. If recordings are made, they are not published.

Killing off transcripts completely is a pretty obvious step backwards for an organization committed by its bylaws to “operate to the maximum extent feasible in an open and transparent manner”.

Second, if there is dissent on the board, it will be essentially shielded from the community’s view for some time after the fact.

Take, for example, the approval of the new gTLD program or the approval of ICM Registry’s .xxx contract – the two most controversial decisions ICANN made in 2011.

In both cases, certain directors read prepared statements into the record harshly criticizing the majority view.

In March 2011, for example, George Sadowsky stated that ICM’s purported community support for .xxx was “illusory” and that approving the TLD could lead to DNS Balkanization.

And with new gTLDs last June, Mike Silber abstained in the belief that the program was incomplete and that the vote had been scheduled “based on artificial and ego-driven deadlines”.

In both cases, the ICANN community heard the dissenting views – in person, webcast, recorded and transcribed – moments before the vote actually took place.

With no public board meetings, it seems likely that in future that we’re going to have to wait a week to read the voting record for any given resolution and a month or more to read directors’ statements.

Under ICANN’s bylaws, the voting record, which breaks down who voted for and against resolutions, is contained in a preliminary report that is not published for seven days after the vote.

Also under the bylaws, directors’ voting statements are not published until the minutes of the meeting are approved at the board’s next meeting, typically one to two months later.

If the new procedures had been in effect last year, the statements of Sadowsky and Silber would not have been published for over a month after they were made.

With that in mind, it’s clear that killing off the public board meetings could in no way be seen as a positive step for transparency at ICANN.

It’s true that these meetings have for several years been pure theater, but it was theater with value.