Recent Posts
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
I attempt to answer ICA’s questions about the “terrible blunder” .org acquisition
The Internet Commerce Association launched a withering attack on ICANN late last week, accusing the organization of a “terrible blunder” by lifting pricing restrictions on .org domain names.
As by now you’re no doubt aware, .org manager Public Interest Registry was acquired last week by a private equity firm with ties to ICANN’s former CEO, in a deal likely to have delivered hundreds of millions of dollars, if not more, to former owner the Internet Society.
The deal means PIR is now almost certain to exercise its newfound right to raise its prices arbitrarily, adding tens of millions to its annual top line at the expense of .org registrants.
While such a price increase is likely to have little impact on most registrants — an annual increase of even 100% would only add about $10 to the per-domain cost — it would certainly prove onerous to many of the high-volume domain investors ICA represents.
So ICA chief Zak Muscovitch whipped off a letter to ICANN (pdf) on Friday, demanding that ICANN use its contractual powers to terminate PIR’s registry agreement and put .org out for open tender. He wrote:
If you were led to believe that removing price caps on .Org domain names was a sound approach because the registry would remain in the hands of a nonprofit foundation, you have clearly been misled. If you were led to believe that despite being the effective owner of the .org registry, you were somehow forced to let your service providers tell you how much they can charge, instead of the other way around, you have been led astray. If you have been told that .Org does not have market power within the nonprofit sector, you have been led astray. If you have been told that competition from other gTLDs will constrain .org prices, you have been led astray.
I think the letter has about as much chance of working as an ice sculptor in hell, but Muscovitch does include a list of seven questions for ICANN that I’m going to attempt to answer to the best of my ability here.
First, he asks:
Were you aware whether ISOC was in talks to sell the registry when you approved the removal of the price caps?
I put the same question to PIR CEO Jon Nevett last week, and he told me: “I don’t know when the talks started with ISOC and the buyer, but neither ICANN nor PIR knew about it when finalizing the .ORG [Registry Agreement].”
I’ve no particular reason to believe he’s lying.
If ISOC was in such talks at that time, why was this material fact not disclosed to you by the registry operator, prior to you approving the renewal agreement?
The acquisition talks between ISOC and Ethos Capital certainly could have been going on prior to the .org contract being signed, which happened June 30 this year.
The main piece of evidence here is that Fadi Chehadé of private equity firm and presumed Ethos affiliate Abry Partners registered the domain ethoscapital.org on May 7, according to Whois records. A company of the same name was formed in Delaware a week later.
Given that Ethos appears to be an Abry vehicle set up purely to acquire PIR, it seems likely that talks were already underway at this point.
The domain ethoscapital.com, which Ethos is currently using as its primary, seems to have been acquired on the secondary market around August. The acquisition was announced November 13.
To Muscovitch’s question, though, I return to Nevett’s line that PIR knew nothing about the acquisition talks before the RA was finalized.
The RA was finalized and opened to public comment in March.
It’s quite possible Ethos and ISOC entered talks in the three months after the deal had been finalized but before it had been signed.
When did you first learn of the negotiations to sell the .Org registry?
An excellent question I’ve also posed but as yet have no answer to.
Did you base your decision to approve the removal of price caps, at least in part, on the expectation or belief that the registry would continue to be operated by a nonprofit organization with a public commitment to maintaining a stable pricing environment, instead of on behalf of a private equity firm whose objective is to maximize profits for its funders?
Cheekily, I’m going to take ICANN at its word and say the answer is “yes”.
One of the controversies concerning the .org renewal was that ICANN seemingly ignored thousands of comments calling for the retention of price caps.
This, ICANN has denied, saying that it “reviewed and evaluated” every comment.
Among the very few comments that weren’t outright condemnations of the decision to remove price caps were two nuanced, arguably ambivalent, analyses from two influential ICANN structures — the At-Large Advisory Committee and the Non-Commercial Stakeholders Group.
ALAC’s eight-page comment (pdf) was very much of the “on the one hand…” variety, but it paid special attention to ISOC’s public interest works when putting forward the view that uncapped pricing might be a good thing, noting (and quoting itself):
a significant portion of .ORG registration fees “are returned to serve the Internet community [through] redistribution of .org funds into the community by the Internet Society, to support Internet development.”… ISOC’s goals and priorities, while far broader than At-Large (and even ICANN), parallel those of At-Large and the interests of end-users. Many At-Large Structures are also ISOC Chapters, further demonstrating the commonality of interests.
NCSG, meanwhile, said in its comments (pdf) that price caps should remain, but increased from the 10%-per-year level. It acknowledged that some .org money flows into funding NCSG.
So there’s two influential groups, both with organizational and/or funding ties to ISOC, saying price increases may be a good thing because ISOC acts in the public interest.
And ICANN said it read and absorbed all the comments, so I’m cheekily going to say that yes, ICANN at least in part renewed the .org contract in the belief that PIR would continue to be a non-profit and act in the public interest.
Had you been aware of the planned sale of the .Org registry to a private equity firm, would you have treated the renewal of the .Org registry agreement and the removal of price caps as worthy of robust discussion and a vote by the Board, such that perhaps the terms of the agreement would have been modified?
I’m going to go out on a limb here and say hell, no. ICANN doesn’t want to be a pricing regulator, regardless of the registry operator, in my view. It’s only the US government that’s preventing it lifting price restrictions on .com, I reckon.
What involvement did your former CEO, Mr. Chehade and your former SVP, Ms. Abusitta-Ouri, have in the decision to employ the base gTLD registry agreement for legacy TLDs during their tenure, if any?
In Chehadé’s case, the answer is fairly clear. Even if he did not have a hands-on role in the decision to cajole legacy gTLD registries toward the 2012 agreement, it all happened on his watch so he bears ultimate responsibility.
It’s worth noting, perhaps, that most of the legacy gTLD agreements that migrated over to the new gTLD agreement’s standard language happened not only while Chehadé was at the helm, but also after he’d already accepted his new job at Abry.
He announced his early resignation in May 2015, telling the AFP at the time that he already had a job lined up in the commercial sector, but he declined to give specifics.
He’d probably made his mind up to quit some time before the announcement. He registered the domain name chehade.company, which he now uses for his investment vehicle Chehadé & Company, in the April.
He revealed he was joining Abry as senior advisor on digital strategy in August that year, but didn’t actually leave until March 2016.
During that interim, lame-duck period ICANN negotiated and signed (all in October 2015) renewals for 2003-round gTLDs .pro, .cat and .travel, all of which incorporated 2012 contract language related to, for example, the Uniform Rapid Suspension process.
Three months before Chehadé’s resignation announcement, ICANN signed a very similar deal with .jobs, the first time it had incorporated 2012 language into a legacy gTLD contract.
These contracts were all signed for ICANN not by Chehadé but by his long-time buddy, frequent co-worker and then-president of the Global Domains Division, Akram Atallah (who is now CEO of Donuts, which is owned by Abry).
Since Chehadé’s departure, ICANN has also taken the same contract renewal stance with TLDs including .xxx, .mobi, .museum and .aero.
By 2016 it had become standard operating practice at ICANN to nudge registries towards the 2012-round contract, as Atallah explained to then-ICA lead Phil Corwin at ICANN’s Hyderabad meeting in November 2016. Atallah stated (pdf):
So basically the negotiations are — the registries come and ask for something, and we tell them please adopt the new gTLD contract. And if they push back on it and they say they don’t want something, we can’t force them to take it. It’s a negotiation between two parties. And I think it’s within the remit of the corporation to negotiate its contracts. If the policy comes back and says that the URS is not something that we want to have as a policy, of course, we would support that.
As regards Nora Abusitta-Ouri, Ethos’s “chief purpose officer”, her former job title of “senior VP for development and public responsibility programs” suggests she had little to no involvement in gTLD contractual issues.
While her LinkedIn profile doesn’t mention it, she appears to have become chief engagement officer at Chehadé & Company after her stint at ICANN ended in July 2016.
What restrictions do you have in place with respect to cooling-off periods for former executives?
Fuck all, clearly.
ICANN going back to Puerto Rico for a third time
ICANN has selected Puerto Rico for its ICANN 73 public meeting.
The meeting is slated to be held at the Puerto Rico Convention Center in San Juan from March 5 to March 10, 2022.
That’s the same venue ICANN visited in March last year, in the wake of Hurricane Maria, which caused extensive damage and loss of life on the island. Indeed, the convention center had just months earlier been used as a command and control center for the recovery effort.
San Juan will become just the third city that ICANN has visited three times. It’s been to Singapore four times and its home city of Los Angeles (if you include Marina Del Rey) six times.
Puerto Rico had also been scheduled as the venue for ICANN 57 in 2016, but the meeting was moved to India instead, because of the Zika virus that was causing international concern at the time.
In 2020, meetings are to be held in Cancún, Kuala Lumpur and Hamburg, in that order. In 2021, ICANN’s going to Cancún (again), The Hague and Seattle.
Former NTIA chief Redl now working for Amazon
David Redl, the former head of the US National Telecommunications and Information Administration has joined Amazon as an internet governance advisor, I’ve learned.
I don’t know whether he’s taken a full-time job or is a contractor, but he’s been spotted palling around with Amazon folk at ICANN 66 in Montreal and knowledgeable sources tell me he’s definitely on the payroll.
Redl was assistant secretary at the NTIA until May, when he was reportedly asked to resign over a wireless spectrum issue unrelated to the domain names after just 18 months on the job.
His private sector career prior to NTIA was in the wireless space. I don’t believe he’s ever been employed in the domain industry before.
NTIA is of course the US agency responsible for participating in all matters ICANN, including the ongoing fight over Amazon’s application for the .amazon brand gTLD.
The proposed dot-brand has been in limbo for many years due to the objections of the eight nations of the Amazon Cooperation Treaty Organization, which claims cultural rights to the string.
ACTO nations on ICANN’s Governmental Advisory Committee want ICANN to force Amazon back to the negotiating table, to give them more power over the TLD after it launches.
But the NTIA rep on the GAC indicated at the weekend that the US would block any GAC calls for .amazon to be delayed any longer.
As I type these words, the GAC is debating precisely what it should say to ICANN regarding .amazon in its Montreal communique, using competing draft texts submitted by the US and European Commission, and it’s not looking great for ACTO.
As I blogged earlier in the week, another NTIA official, former GAC rep Ashley Heineman, has accepted a job at GoDaddy.
UPDATE: As a commenter points out, Redl last year criticized the revolving door between ICANN and the domain name industry, shortly after Akram Atallah joined Donuts.
US official Heineman joins GoDaddy
Former US government official Ashley Heineman has joined the staff of GoDaddy.
Heineman was until quite recently a policy specialist at the US National Telecommunications and Information Administration and the US representative on ICANN’s Governmental Advisory Committee.
But GoDaddy confirmed to DI today that she’s now left NTIA and joined the market-leading registrar.
I don’t know what her job title is yet. One assumes it’s related to policy or legal issues.
Heineman spent 15 years at NTIA and has been the ICANN GAC rep for the US for the last few years.
She’s had a respectably hands-on role, for a GACer, including being a member of the ongoing “EPDP” cross-community working group conducting a post-GDPR review of Whois policy.
Judging by my embarrassing error at the weekend, the US is currently being represented on the GAC by the NTIA’s Vernita Harris.
I’ve also heard rumors from ICANN 66 that another former NTIA official has also recently moved into the domain name industry. I’ll blog it up just as soon as I get confirmation.
Surprise! ICANN throws out complaints about .org price caps
ICANN has rejected two appeals against its decision to lift price caps and introduce new anti-cybersquatting measures in the .org space.
In other news, gambling is going on in Rick’s Cafe.
NameCheap and the Electronic Frontier Foundation both filed Requests for Reconsideration with ICANN back in July and August concerning the .org contract renewal.
NameCheap argued that ICANN should have listened to the deluge of public comments complaining about the removal of price caps in Public Interest Registry’s .org contract, while EFF complained about the inclusion of the Uniform Rapid Suspension rights protection mechanism.
Reconsideration requests are usually handled by the Board Accountability Mechanisms Committee but this time around three of its four members (Sarah Deutsch, Nigel Roberts, and Becky Burr) decided to recuse themselves due to the possibility of perception of conflicts of interest.
That meant the committee couldn’t reach a quorum and the RfRs went to ICANN’s outside lawyers for review instead, before heading to the full ICANN board.
This hasn’t happened before, to my recollection.
Also unprecedented, the board’s full discussion of both requests was webcast live (and archived here), which negates the need for NameCheap or the EFF to demand recordings, which is their right under the bylaws.
But the upshot is basically the same as if the BAMC had considered the requests in private — both were denied in a unanimous (with the three recusals) vote.
Briefing the board yesterday, ICANN associate general counsel Elizabeth Le said:
There was no evidence to support that ICANN Org ignored public consultation. Indeed both renewals went out for public comments and there were over 3,700 comments received, all of which ICANN reviewed and evaluated and it was discussed in not only the report of public comments, but it was discussed through extensive briefings with the ICANN board…
Ultimately, the fact that the removal of the price caps was part of the Registry Agreements does not render the public comment process a sham or that ICANN failed to act in the public benefit or that ICANN Org ignored material information.
General counsel John Jeffrey and director Avri Doria both noted that the board may not have looked at each individual comment, but rather grouped together based on similarity. Doria said:
Whether one listens to the content once or listens to it 3,000 times, they have understood the same content. And so I really just wanted to emphasize the point that it’s not the number of comments, it’s the content of the comments.
This seems to prove the point I made back in April, when this controversy first emerged, that letter-writing campaigns don’t work on ICANN.
As if to add insult to injury, the board at the same meeting yesterday approved paying an annual bonus to the ICANN Ombudsman, who attracted criticism from NameCheap and the Internet Commerce Association after dismissing many of the public comments as “more akin to spam”.
Somber mood as ICANN 66 opens in Montreal
The opening ceremony of ICANN’s 66th public meeting set a somber tone, as leaders bade farewell to recently departed and departing colleagues.
Outgoing chair Cherine Chalaby and CEO Göran Marby delivered eulogies respectively to senior vice president Tarek Kamel, and long-time industry/community participant, Don Blumenthal, both of whom died over the last several weeks.
Apparently choking up at one point, Chalaby described Kamel as a “good friend” and “great man” who “always made time for me, always encouraged me, and always advised me with great sincerity”.
Marby later announced that ICANN will create a new annual award, named after Kamel, which will honor “individuals significantly contributing to capacity building and creating diversity within our community”.
He also said that the dinner held by the CEO with the technical community at the end of every ICANN meeting will in future be named after Blumenthal, a long-serving member of the security community.
“His expertise, hard work and humor will be sorely missed,” Marby said.
Chalaby himself is leaving ICANN under less sad circumstances on Thursday, when the third and final of his terms comes to an end and he leaves the board of directors for good. He’s been on the board for nine years and chair for two.
Marby presented him with ICANN’s Leadership Award in recognition of his time served.
Chalaby will be replaced by Maarten Botterman.
ICANN 66 runs through Thursday in Montreal, Canada.
America has Amazon’s back in gTLD fight at ICANN 66
The United States looks set to stand in the way of government attempts to further delay Amazon’s application for .amazon.
The US Governmental Advisory Committee representative, Vernita Harris, said today that the US “does not support further GAC advice on the .amazon issue” and that ICANN is well within its rights to move forward with Amazon’s controversial gTLD applications.
She spoke after a lengthy intervention from Brazilian rep Ambassador Achilles Zaluar Neto, who said South American nations view the contested string as their “birthright” and said ICANN is allowing Amazon “to run roughshod over the concerns and the cultural heritage of eight nations and tens of millions of people”.
It was the opening exchange in would could prove to be a fractious war of words at ICANN 66 in Montreal, which formally opens tomorrow.
The .amazon applications have been controversial because the eight countries in the Amazon Cooperation Treaty Organization believe their unwritten cultural rights to the word outweigh Amazon’s trademark rights.
Forced to the negotiating table by ICANN last year, the two sides each posed their own sets of ideas about how the gTLD could be managed in such a way as to protect culturally sensitive terms at the second-level, and taking ACTO’s views into account.
But an ICANN-imposed deadline for talks to conclude in April was missed, largely as a result of the ongoing Venezuela crisis, which caused friction between the ACTO governments.
But today, Brazil said that ACTO is ready and willing to get back to the negotiating table asked that ICANN reopen these talks with an impartial mediator at the helm.
As things stand, Amazon is poised to get .amazon approved with a bunch of Public Interest Commitments in its registry contract that were written by Amazon without ACTO’s input.
Neto said that he believed a “win-win” deal could be found, which “would provide a positive impetus for internet governance instead of discrediting it”. He threatened to raise the issue at the Internet Governance Forum next month.
ICANN’s failure to reopen talks “would set a bad precedent and reflect badly on the current state of internet governance, including its ability to establish a balance between private interests and public policy concerns”, he said
But the US rallied to Amazon’s defense. Harris said:
The United States does not support further GAC advice on the .amazon issue. Any further questions from the GAC to the Board on this matter we believe is unwarranted… We are unaware of any international consensus that recognizes inherent governmental rights and geographic names. Discussions regarding protections of geographic names is the responsibility of other forums and therefore should be discussed and those relevant and appropriate forums. Contrary to statements made by others, it is the position of the United States that the Board’s various decisions authorizing ICANN to move forward with processing the.application are consistent with all relevant GAC advice. The United States therefore does not support further intervention that effectively works to prevent or delay the delegation of .amazon and we believe we are not supportive and we do not believe that it’s required.
This is a bit of a reversal from the US position in 2013.
Back then, the GAC wanted to issue consensus advice that ICANN should reject .amazon, but the US, protecting one of its largest companies, stood in the way of full consensus until, in the wake of the Snowden revelations, the US decided instead to abstain, apparently to appease an increasingly angry Brazil.
It was that decision that opened the door to the six more years of legal wrangling and delay that .amazon has been subject to.
With the US statement today, it seems that the GAC will be unlikely to be able to issue strong, full-consensus advice that will delay .amazon further, when it drafts its Montreal communique later in the week.
The only other GAC member speaking today to support the US position was Israel, whose rep said “since it is an ongoing issue for seven years, we don’t believe that there is a need for further delay”.
Several government reps — from China, Switzerland, Portugal, Belgium and the European Commission — spoke in favor of Brazil’s view that ICANN should allow ACTO and Amazon back to the negotiating table.
The GAC is almost certain to say something about .amazon in its communique, due to drop Wednesday, but the ICANN board of directors does not currently have an Amazon-related item on its Montreal agenda.
UPDATE: The originally published version of this story incorrectly identified the US GAC representative as Ashley Heineman, who is listed on the GAC’s web site as the US representative. In fact, the speaker was Vernita Harris, acting associate administrator at the US National Telecommunications and Information Administration. Had I been watching the meeting, rather that just listening to it, this would have been readily apparent to me. My apologies to Ms Heineman and Ms Harris for the error.
New (kinda) geo-TLD rules laid out at ICANN 66
The proposed rules for companies thinking about applying for a geographic gTLD in the next application round have been sketched out.
They’re the same as the old rules.
At ICANN 66 in Montreal today, a GNSO Policy Development Process working group team discussed its recently submitted final report (pdf) into geographic strings at the top level.
While the group, which comprised over 160 members, has been working for over two years on potential changes to the rules laid out in the 2012 Applicant Guidebook, it has basically concluded by consensus that no changes are needed.
What it has decided is that the GNSO policy on new gTLDs that was agreed upon in 2007 should be updated to come into line with the current AGB.
It appears to be a case of the GNSO setting a policy, the ICANN staff and board implementing rules inconsistent with that policy, then, seven years later, the GNSO changing its policy to comply with that top-down mandate.
It’s not really how bottom-up ICANN is supposed to work.
But at least nobody’s going to have to learn a whole new set of rules when the next application round opens.
The 2012 AGB bans two-letter gTLDs, for example, to avoid confusion with ccTLDs. It also places strong restrictions on the UN-recognized names of countries, territories, capital cities and regions.
It also gave the Governmental Advisory Committee sweeping powers to object to any gTLD it didn’t like the look of.
What it didn’t do was restrict geographic names such as “Amazon”, which is an undeniably famous geographic feature but which does not appear on any of the International Standards Organization lists that the AGB defers to.
Amazon the retailer has been fighting for its .amazon gTLDs for seven years, and it appears that the new GNSO recommendations will do nothing to provide clarity for edge-case applicants such as this in future rounds.
The group that came up with report — known as Work Track 5 of the New gTLD Subsequent Procedures PDP Working Group — evidently had members that want to reduce geographic-string protections and those who wanted to increase them.
Members ultimately reached “consensus” — indicating that most but not all members agreed with the outcome — to stick with the status quo.
Nevertheless, the Montreal session this afternoon concluded with a great deal of back-slapping and expressions that Work Track 5 had allowed all voices, even those whose requests were ultimately declined, to be heard equally and fairly.
The final report has been submitted to the full WG for adoption, after which it will go to the full GNSO for approval, before heading to public comment and the ICANN board of directors as part of the PDP’s full final report.
Industry veteran Jay Daley tapped to lead IETF
The Internet Engineering Task Force has named domain industry veteran Jay Daley as its new executive director.
In a blog post last week, the IETF said that Daley beat 133 other “highly qualified applicants” for the job.
He’s the first person to hold the executive director title since the IETF formalized itself into an LLC entity owned by the Internet Society a year ago.
Daley’s most-recent activity in the domain industry was as interim CEO of Public Interest Registry between Brian Cute and Jon Nevett, a position he held for about six months last year.
He continues to sit on PIR’s board of directors
PIR is of course another ISOC subsidiary and its biggest funding source, due to the tens of millions of dollars of .org registry fees it donates every year.
Daley was previously CEO of .nz ccTLD registry NZRS and head of technology at .uk registry Nominet.
Spam is not our problem, major domain firms say ahead of ICANN 66
Eleven of the largest domain name registries and registrars have denied that spam is something they should have to deal with, unless it’s used to proliferate other types of abuse such as phishing or malware.
In a newly published “Framework to Address Abuse” (pdf), the companies attempt to define the term “DNS abuse” narrowly to capture only five (arguably only four and a half) specific types of online threat.
That abuse comprises malware, phishing, botnets, pharming and spam.
The companies agree that these are activities which registrars and registries “must” act upon.
But the document notes that not all spam is its responsibility, stating:
While Spam alone is not DNS Abuse, we include it in the five key forms of DNS Abuse when it is used as a delivery mechanism for the other four forms of DNS Abuse. In other words, generic unsolicited e-mail alone does not constitute DNS Abuse, but it would constitute DNS Abuse if that e-mail is part of a phishing scheme.
In other words, registrars and registries should not feel responsible for the billions of spams sent every day using their domains, unless the spam runs further malware, phishing, pharming or botnet abuse.
The signatories of the framework are Public Interest Registry, GoDaddy, Donuts, Tucows, Amazon Registry Services, Blacknight, Afilias, Name.com, Amazon Registrar, Neustar, and Nominet UK.
It may seem like they’ve presented a surprisingly narrow definition, but it’s in line with what current ICANN contracts dictate.
Neither the standard Registry Agreement nor Registrar Accreditation Agreement mention spam at all. Six years ago, ICANN specifically said that spam is “outside of ICANN’s scope and authority”.
Under the RA, registries have to oblige their registrars to ban registrants from “distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law”.
They also have to maintain statistical reports on the amount of “pharming, phishing, malware, and botnets” in their zones, and provide those reports to ICANN upon demand. A recent audit found that 5% of registries, mainly dot-brands, were not doing this.
However, ICANN’s Domain Abuse Activity Reporting system, an effort to provide some transparency into how gTLDs are being abused, does in fact track spam. It does not track pharming, which is a fairly obscure and little-used form of DNS attack.
The DAAR report for September shows that spam constituted 73% of all tracked abuse.
The ICANN board of directors today identified DAAR as one of a few dozen priorities for the coming year.
Similarly, the cross-community working group known as the CCT Review Team, which was tasked with looking into how the new gTLD program has impacted competition and consumer trust, had harsh words for spam-friendly registries, and provided a definition of “DNS Security Abuse” that specifically included “high volume spam”.
The review recommended that ICANN introduce more measures to force contracted parties to deal with this type of abuse. This could include incentives for registries to clean up their zones and abuse volume thresholds that would automatically trigger compliance actions.
The new framework document comes in the context of an ongoing debate within the ICANN community about what “DNS abuse” is.
Two partners at Interisle, a security consultancy that often works for ICANN, recently guest-posted on DI to say that this term has become meaningless and should be abandoned in favor of “security threat”.
They argued that the definition should include not only spam, but also stuff like IP infringement, election interference, and terrorism.
But the main threat to contracted parties probably comes from the Governmental Advisory Committee, backed by law enforcement, which is pushing for stronger rules covering abusive content.
During a webinar last week, the US Federal Trade Commission, the FBI, and Europol argued that registries and registrars should be obliged to do more to combat abuse, specifically including spam.
“Whether or not you call it phishing or spam or whether it has a malware payload or not, ultimately it’s all email, and email remains the most common tool of cybercriminals to ensnare their victims, and that’s why we in law enforcement care about the domains used to send emails,” said Gabriel Andrews of the FBI’s Cyber Initiative Resource Fusion Unit, on the call.
Registries and registrars countered, using the same language found in the new framework, that generic spam is a content issue, and outside of their remit.
The two sides are set to clash again at ICANN’s annual general meeting in Montreal next month, in a November 6 face-to-face session.
While 11 entities signed the new framework, it’s arguably only nine companies. Name.com is owned by Donuts and both Amazon firms obviously have the same parent.
But it does include the two largest registrars, and registries responsible for running several hundred commercial gTLDs, dot-brands and ccTLDs.
While none of the signatories of the framework have a particular reputation for being spam-friendly, other companies in the industry — particularly some of the newest and cheapest new gTLDs — tend to attract spammers like flies to a turd.
Some of the signatories are perhaps surprising, given their past or ongoing behavior to tackle content-based abuse in their own zones.
Nominet, notably, takes down tens of thousands of domains ever year based on little more than police assurances that the domains are being used to sell counterfeit merchandise or infringe copyright.
The .uk registry also preemptively suspends domains based on algorithms that guess whether they’re likely to be seen as encouraging sexual violence or could be used in phishing attacks.
Donuts also has a trusted notifier relationship with the movie and music industries that has seen it take down dozens of names being used for mass copyright infringement.
PIR has previous endorsed, then unendorsed, the principal of a “UDRP for copyright”, a method of giving Big Content a way of going through due process to have domains taken or suspended.
Outside the spam issue, while the new registry-registrar framework says that registries and registrars should not get involved in matters related to web site content, it also says they nevertheless “should” (as opposed, one assumes based on the jargon usually found in internet standards, to “must”) suspend domains when they’re being used to distribute:
(1) child sexual abuse materials (“CSAM”); (2) illegal distribution of opioids online; (3) human trafficking; and (4) specific and credible incitements to violence.
These are exceptions because they constitute “the physical and often irreversible threat to human life”, the framework says.
Ultimately, this all boils down to a religious debate about where the line is drawn between “DNS” and “content”, it seems to me.
The contracted parties draw the line at threats to human life, whereas others want action on other forms of abuse largely because registries and registrars are in the best position to help.
Recent Comments