Latest news of the domain name industry

Recent Posts

ICANN told to ban .bank or get sued

Kevin Murphy, November 21, 2010, 13:12:45 (UTC), Domain Registries

A major financial services lobby group has threatened to sue ICANN unless it puts strict limitations on “.bank” top-level domains.
BITS, the technology policy arm of the Financial Services Roundtable, said financial domains should be banned from the first round of new TLDs, until rules governing security are developed.
In a November 4 letter to ICANN chief executive Rod Beckstrom, BITS said:

If these critical issues are not fully resolved and ICANN chooses not to defer financial TLD delegation, BITS, its members and its partners are prepared to employ all available legislative, regulatory, administrative and judicial mechanisms.

BITS counts all the major US banks among its membership, as well as many large insurance companies and share-trading services.
The organization is concerned that TLDs such as .bank could lead to consumer confusion and an increase in fraud online if delegated into the wrong hands.
While BITS said that it “prefer[s] a prudent solution”, it has threatened to file “legal complaints in one or more jurisdictions” and to lobby the US Congress for legislation.
It noted that ICANN’s IANA contract, which gives it the power to create new TLDs, expires next August, and said that it may lobby Congress for legislation mandating better security as a condition of the renewal.
BITS and other financial groups have already written to members of Congress, in September, expressing disappointment with the absence of a high-security TLD policy from ICANN and adding:

In recognition of the need for higher levels of security and stability in financial services gTLDs than in gTLDs generally, we urge you to support inclusion of language in cyber security legislation language that prevents ICANN from adding financial services gTLDs to the root zone unless the IANA contract specifies higher levels of security for such gTLDs.

The Federal Deposit Insurance Corporation, the US government body responsible for insuring banks, has also written to the Department of Commerce, expressing its concerns about the possible introduction of a .bank TLD.
Currently, I’m not aware of any public initiative to apply for .bank, but it’s possible that restrictions on financial services TLDs could capture the recently launched German “.insurance” project.
The BITS correspondence was published (pdf) as an attachment to an ongoing Reconsideration Request lodged by Michael Palage, chair of the High Security Top Level Domain Verification Program Advisory Group.
The HSTLD group has been working on a set of technological policy specifications for registries managing high-security TLDs.
Palage is annoyed that ICANN’s board seems to have distanced itself from the HSTLD concept before the group has even finished its work, by resolving in September that:

ICANN will not endorse or govern the program, and does not wish to be liable for issues arising from the use or non-use of the standard.

The HSTLD group, by contrast, has a “clear majority in support of ICANN retaining a continued oversight role”, according to Palage. He wrote:

The ICANN Board’s unilateral actions also have a chilling effect on future bottom up consensus efforts because participants have no basis to know when the ICANN Board will take such unilateral actions in the future.

He’s not alone in worrying about recent top-level ICANN decisions that appear to put corporate legal liability ahead of the wishes of the community. I reported on the issue last week.

Tagged: , , , , , , , ,

Comments (8)

  1. Fascinating, how quickly the International ICANN becomes a USA-centric focal point.
    .USA Financial Institutions have a lot of reason to be concerned. Anyone following the I* saga since 1998 or before will see a remarkable willingness to turn over I* “governance” to the UN-Elected, to Social Savants and the Technically-Challenged.
    The legacy Internet is becoming one big Video Game.
    Monopoly Money is the legal tender. Virtual real estate is selling for $600,000.

  2. Compared to how lax banks are with their online accounts — typically a simple password is all it takes to gain full access to an account — the banks’ concerns about security for new TLDs seems overblown.
    ICANN has been working on a “high-security zone” initiative for banks for some time, with various banking associations. What’s the take on it from those associations?
    I’m beginning to see a pattern where trade associations, most of whose members are completely ignorant of TLD issues, start rattling their sabres trying to wring concessions out of ICANN. We’ve certainly seen this in the trademark arena, and now banking.
    This isn’t, though, just a pissing-match between banks and ICANN, and I’m sure ICANN won’t characterize it as such. The U.S. banking sector had better realize that they’re living in a global world, and if an Asian banking association wants to get .bank, the contest is between that association and the U.S. one.
    The correct (and easy) answer from ICANN is, if you don’t want a .bank, don’t apply for one. And if someone else applies for it, object to it, and sue them.
    The Internet doesn’t belong to the banks, or to anyone else. Frankly the biggest security issues for the banking system come from the banks themselves — as any U.S. taxpayer knows in a visceral way.

  3. gpm group says:

    The correct (and easy) answer from ICANN is, if you don’t want a .bank, don’t apply for one. And if someone else applies for it, object to it, and sue them.
    That statement pretty much sums up one of the fundamental reasons why ICANN’s current approach to new gTLDs is so flawed.

  4. M. Menius says:

    Excellent article and one of the more interesting topics I have read about in the last few months. Consumer safety and minimizing consumer risk is extremely important.
    It is prudent that ICANN explore these issues thoroughly now, and be planful, than to forge ahead blindly with no consideration … as some gtld advocates would have them do.
    These proposed new tld’s should be released slowly and selectively.

  5. […] certainly seems to be a more productive avenue of engagement than hinting at a lawsuit, which it did in a November letter to […]

  6. […] Financial Services Roundtable’s technology arm, BITS, has taken a strong view on .bank, and is drafting security guidelines it hopes will be used by […]

  7. […] has already warned ICANN that it would not tolerate a .bank falling into the wrong hands, a position also held by ICANN’s Governmental Advisory […]

Add Your Comment