OMG! gTLD applicant actually wins objection appeal

Medistry has become the first new gTLD applicant to win an appeal to ICANN over an objection decision that went against it.
The .med hopeful has also become the first entity in years to successfully use the much-derided Reconsideration Request process to get ICANN’s board of directors to revisit a decision.
The company’s application received a Community Objection filed by the new gTLD program’s Independent Objector, Alain Pellet, along with a bunch of other healthcare-related gTLD bids.
Medistry lost, meaning its application should be dead in the water.
But it appealed using the Reconsideration process, arguing that Pellet failed to follow the rules laid out for the IO in the program’s Applicant Guidebook.
These rules state that the IO can only object on Community grounds if there is at least one informal objection from a community member on the public record, for example filed as ICANN comments.
Medistry claims that the IO did not pass that test in its case and the ICANN board’s Board Governance Committee, which handles Reconsideration Requests, reckons that claim merits further review.
Judging by the International Chamber of Commerce decision (pdf), comments filed by the National Association of Boards of Pharmacy and the American Hospital Association were critical in showing “substantial opposition” from the healthcare community.
Without such opposition, the IO would have had no right to object.
Medistry argued during the objection case that the NABP comment, which talks about the need for patient safety, was purely “advisory” in nature and did not represent an objection to its .med application.
The ICC panelist, Fabian von Schlabrendorff, disagreed, writing:

The Expert Panel accepts that the comments made by the National Association of Boards of Pharmacy (NABP), on which the Independent Objector relies for the purpose of demonstrating substantial opposition, represent an expression of opposition, i.e. resistance or dissent, to the Application, going beyond merely having an advisory character as the Applicant suggests.

The problem with that interpretation is that it turns out to be dead wrong. Von Schlabrendorff read too much into the original NABP comment.
Medistry submitted as part of its Reconsideration Request a letter from NABP saying:

We wish to clarify that NABP’s comment was intended to be advisory in nature, stressing that health-related gTLDs should account for patient safety and implement protections against fraud and abuse. In submitting this comment, NABP did not oppose Medistry’s application to be the Registry Operator for the .MED gTLD, nor take any position as to whether Medistry’s .MED application contained appropriate safeguards.

The second public “objection” used by the IO to allege substantial opposition, an argument that von Schlabrendorff accepted, came from the America Hospital Association.
Except the AHA did not file a comment on the Medistry application (well, it did, but it was withdrawn two days later in September 2012, long before the objection process began).
The AHA did object to the other three applications for .med, filed by Google, Hexap and DocCheck, but not to Medistry’s application.
Remarkably, von Schlabrendorff chose to interpret the absence of an AHA objection as the existence of an AHA objection, speculating that it did not object to Medistry’s application due to nothing more than an oversight, and applied its objections against Medistry regardless.

even if the Applicant had established in understandable and verifiable detail that the AHA on purpose decided not to oppose the Application, such decision of the AHA would and could not change the fact that the NABP expressed opposition to the Application on grounds of public health concerns, and that the AHA raised essentially identical concerns with regard to all other .med applications.

To me, this looks like Medistry was given the Kafkaesque challenge of proving that the AHA had not objected to its application, even though there was no such objection on record.
Using a von Schlabrendorff level of speculation, I’m guessing that the AHA did file an objecting comment originally, but withdrew it a couple of days later when informed that Medistry’s parent company is an AHA member.
Given that the NABP and AHA “objections” both turned out to be non-existent, the ICANN BGC has naturally enough decided that the Medistry Reconsideration Request merits further consideration.
The BCG wrote (pdf):

the BGC finds that Request 14-1 should be granted to provide sufficient time to further evaluate whether any actions were taken in contravention of established policy or procedure, such as whether the threshold requirement set forth in Section 3.2.5 of the Guidebook was satisfied. The BGC will ensure that ICANN further evaluates this issue and provides a report to the BGC for consideration
It is important to note that the BGC’s acceptance of this Reconsideration Request should in no way reflect poorly on the IO or be seen as a finding that the IO failed to properly discharge his duties. Rather, this determination is a recognition that the Requester has submitted substantial information indicating that the IO’s assessment of what could be described as vague comments (particularly those of NABP), may not have been consistent with what the commenters intended.

What this seems to mean is that the Medistry application for .med is undeaded and that von Schlabrendorff’s increasingly dodgy-looking decision is going to be looked at.
It also means that Reconsideration Requests are not entirely useless.
No Reconsideration Request of any consequence has been accepted by the BCG in the 15 years the procedure has been active.
Generally, they’re thrown out because the requester fails to provide any new information that wasn’t available at the time the offending decision is made, which is a prerequisite for success.
In this case, Medistry’s production of the NABP letter of clarification seems to have been critical.

Who runs the internet? An ICANN 49 primer

The ICANN 49 public meeting is kicking off here in Singapore right now, and control of the domain name system is going to be the hottest of hot topics for the next four days.
Two Fridays ago the US government announced its plan to remove itself from oversight of key internet functions currently managed by ICANN, causing a firestorm of controversy in the US.
A lot of the media commentary has been poorly informed, politically motivated and misleading.
According to this commentary, the move means that regimes more repressive that the United States government are going to take over the internet, killing off free speech.
Here I present a backgrounder on the issue, a primer for those who may not be familiar with the history and the issues. ICANN addicts may find the latter half of the piece interesting too, but first…
Let’s go back to basics
The issue here is control over the DNS root zone file. Basically, the root zone file is a 454K text file that lists all the top-level domains that are live on the internet today.
Each TLD is listed alongside the DNS name servers that it is delegated to and control it. So .com has some name servers, .uk has some name servers, .info has some name servers, etc.
If an internet user in San Francisco or London or Ulan Bator tries to visit google.com, her ISP finds that web site by asking the .com zone file for its IP address. It finds the location of the .com zone file (managed by Verisign) in turn by asking the root zone file.
The root zone files are served up by 13 logical root zone servers named A through M, managed by 12 different entities. Verisign runs two. ICANN runs one. Most are US-based entities.
Every root server operator agrees that Verisign’s root is authoritative. They all take their copies of the root zone file from this server. This keeps the data clean and consistent around the world.
So Verisign, in terms of actually sitting at a keyboard and physically adding, deleting or amending entries in the root zone file, has all of the power over the internet’s DNS.
Verisign could in theory assign .uk or .xxx or .com to name servers belonging to Canada or the Vatican or McDonalds or me.
But in practice, Verisign only makes changes to the root zone when authorized to do so by the US National Telecommunications and Information Administration, part of the Department of Commerce.
That’s because Verisign’s power to amend the root zone comes from its Cooperative Agreement with NTIA.
Amendment 11 (pdf) of this agreement dates from 1999, a time before Verisign acquired Network Solutions (NSI) and before ICANN had a name and was known as “NewCo”. It states:

NSI agrees to continue to function as the administrator for the primary root server for the root server system and as a root zone administrator until such time as the USG instructs NSI in writing to transfer either or both of these functions to NewCo or a specified alternate entity.
While NSI continues to operate the primary root server, it shall request written direction from an authorized USG official before making or rejecting any modifications, additions or deletions to the root zone file. Such direction will be provided within ten (10) working days and it may instruct NSI to process any such changes directed by NewCo when submitted to NST in conformity with written procedures established by NewCo and recognized by the USG.

So the power to amend the root zone — and therefore decide which TLDs get to exist and who gets to run them — actually lies in NTIA’s hands, the hands of the US government.
NTIA says its role is “largely symbolic” in this regard.
That’s because the power to decide what changes should be made to the root zone has been delegated to ICANN via the “IANA functions” contract.

What you’re looking at here is a diagram, from the latest IANA contract, showing that whatever changes ICANN proposes to make to the root (such as adding a new gTLD) must be authorized by NTIA before somebody at Verisign sits at a keyboard and physically makes the change.
In the diagram, “IANA Functions Operator” is ICANN, “Administrator” is NTIA, and “Root Zone Maintainer” is Verisign.
What NTIA now proposes is to remove itself from this workflow. No longer would ICANN have to seek a US government rubber stamp in order to add a new TLD or change ownership of an existing TLD.
It’s possible that Verisign will also be removed from the diagram. ICANN runs a root server already, which could replace Verisign’s A-root as the authoritative one of the 13.
NTIA says that the Cooperative Agreement and the IANA contract are “inextricably intertwined” and that it will “coordinate a related and parallel transition in these responsibilities.”
If this all sounds dry and technical so far, that’s because it is.
So why is it so important?
An entry in the DNS root zone has economic value. The fact that the record for .com points to Verisign’s name servers and not yours means that Verisign is worth $7 billion and you’re not.
Whoever has power over the root therefore has the ability to dictate terms to the entities that want their TLD listed.
ICANN’s contract with Verisign makes Verisign pay ICANN $0.25 for every .com name sold, for example.
The contract also forces Verisign to only sell its names via registrars that have been accredited by ICANN.
This gives ICANN, by indirect virtue of its control of the root, power over registrars too.
The Registrar Accreditation Agreement contains terms that require registrars to publish, openly, the names and addresses of all of their customers, for example.
Suddenly, control of the root is not only about lines in a database, it’s about consumer privacy too.
The same goes for other important issues, such as free speech.
Should people have the right to say that a company or a politician “sucks”? Most of us would agree that they should.
However, if they want to register a .sucks domain name in future they’re going to have to abide by rules, developed by ICANN and its community, that protect trademark owners from cybersquatting.
Over the course of many years, ICANN has decided that trademark owners should always have the right to preemptively register any domain name that matches their brands. This will apply to .sucks too.
If I, militant vegetarian that I am, wanted to register mcdonalds.sucks after .sucks becomes available, there’s a significant probability that I’m not going to get the opportunity to do so.
Of course, there’s nothing stopping you and I publishing our opinion of a worthless politician or corrupt company in other ways using other domain names, but it remains true that ICANN has essentially prioritized, for very good reasons, the rights of trademark owners over the rights of other internet users.
Theoretically, at some point in the future, ICANN could amend the Registrar Accreditation Agreement to require registrars to, for example, always deactivate a domain name when they receive a cease and desist letter, no matter how unfounded or spurious, from a trademark lawyer.
Suddenly, the web belongs to the IP attorneys, free speech is damaged, and it’s all because ICANN controls the DNS root.
I’m not saying that’s going to happen, I’m just using this as an example of how ruling the root has implications beyond adding records to a database.
What does US oversight have to do with this?
The question is, does the US removing itself from the root zone equation have any impact on what ICANN does in future? Has the US in fact been a good custodian of the root?
Commentators, many of them Republicans apparently seizing on the NTIA’s move as the latest opportunity to bash President Obama’s administration, would have you believe that the answer is yes.
I’m not so sure.
The US in fact has a track record of using its power in ways that would reduce free speech on the internet.
Back in 2005, there was a controversy about ICANN’s decision to add .xxx — a top-level domain for pornography — to the root zone. Whatever you think about porn, this is undeniably a free speech issue.
The US government, under the Bush administration, was initially ambivalent about the issue. Then a bunch of right-wing religious groups started lobbying the NTIA en masse, demanding .xxx be rejected.
The NTIA suddenly switched its position, and actually considered (ab)using its power over the root zone to block .xxx’s approval and therefore appease the Republican base.
This all came out due to .xxx operator ICM Registry’s Freedom of Information Act requests, which were detailed in the the declaration (pdf) of an Independent Review Panel — three neutral, respected judges — that oversaw ICM’s appeal against ICANN:

Copies of messages obtained by ICM under the Freedom of Information Act show that while officials of the Department of Commerce concerned with Internet questions earlier did not oppose and indeed apparently favored ICANN’s approval of the application of ICM, the Department of Commerce was galvanized into opposition by the generated torrent of negative demands, and by representations by leading figures of the so-called “religious right”, such as Jim Dobson, who had influential access to high level officials of the U.S. Administration. There was even indication in the Department of Commerce that, if ICANN were to approve a top level domain for adult material, it would not be entered into the root if the United States Government did not approve

US lobbying via ICANN’s Governmental Advisory Committee and other channels had the effect that ICANN rejected ICM’s .xxx application. It’s only because ICM was prepared to spend years and millions of dollars appealing the decision that .xxx was finally added to the root.
When you read an article claiming that the US government relinquishing its root oversight role will have a negative effect on free speech, ask yourself what the record actually shows.
The .xxx case is the only example I’m aware of the US leveraging or preparing to leverage its oversight role in any way. On free speech, USG is 0 for 1.
The US is also a powerful member of the Governmental Advisory Committee, the collection of dozens of national governments that have a strong voice in ICANN policy-making.
Under the rules of the new gTLD program, the GAC has right to veto any new gTLD — prevent it being added to the DNS root zone — if all the governments on the GAC unanimously agree to the veto.
Currently, there’s a controversy about the proposed gTLD .amazon, which has been applied for by the online retail behemoth Amazon.
Latin American countries that count the Amazonia region and Amazon river as part of their territories don’t want it approved; they believe they have the better rights to the .amazon string.
Despite this outrage, the GAC initially could not find unanimous consensus to veto .amazon. It transpired that the US, no doubt protecting the interests of a massive US-based corporation, was the hold-out.
Last July, NTIA decided to drop its opposition to the veto, leading to a GAC consensus that .amazon should be rejected.
In its position paper (pdf) announcing the .amazon veto block reversal, NTIA said the US “affirms our support for the free flow of information and freedom of expression”.
By its own definitions, the US made a decision that harmed free expression (not to mention Amazon’s business interests). It seems to have done so, again, in the name of political expediency.
I’m not saying that the US decision was right or wrong, merely that the record again shows that it’s not the great protector of free speech that many commentators are making it out to be.
What should replace the US?
The question for the ICANN community this week in Singapore and over the coming months is what, if anything, should replace the US in terms of root zone oversight.
The NTIA has been adamant that a “multi-stakeholder” solution is the way to go and that it “will not accept a proposal that replaces NTIA’s role with a government-led or an inter-governmental solution.”
The weirdness in this statement, and with the whole transition process in general, is ICANN is already a multi-stakeholder system.
In light of the US’ longstanding “hands off” approach (with the aforementioned exception of .xxx), does ICANN even need any additional oversight?
Today, legislative power in ICANN resides with its board of directors. The ICANN staff wield executive control.
In theory and under ICANN’s extensive governance rules, the board is only supposed to approve the consensus decisions of the community and the staff are only supposed to execute the wishes of the board.
In practice, both board and staff are often criticized for stepping beyond these bounds, making decisions that do not appear to have originated in the community policy-making process.
The ruling on vertical integration between registries and registrars, where the community could not even approach consensus, appears to have originated with ICANN’s legal department, for example.
There has also been substantial concern about the extent of the power handed to hand-picked advisory panels created by CEO Fadi Chehade recently.
In that light, perhaps what ICANN needs is not oversight from some third party but rather stronger community accountability mechanisms that prevent capture and abuse.
That’s certainly my view today. But I don’t have any particularly strong feelings on these issues, and I’m open to have my mind changed during this week’s discussions in Singapore.

Turkey blocks Google DNS in Twitter crackdown

The Turkish government has reportedly blocked access to Google’s public DNS service from with its borders, as part of its recently instituted censorship of Twitter.
According to local reports, the IP addresses 8.8.8.8 and 8.8.4.4 — Google’s public DNS servers — were banned after they became widely used to circumnavigate blocks on Twitter’s domain names.
Turkish prime minister Recep Tayyip Erdogan last week vowed to “wipe out” Twitter, after the company refused to take down tweets criticizing his government over corruption allegations ahead of an election next week.
Twitter is encouraging Turkish users to use SMS to send tweets instead. Many Turks are also turning to VPNs to evade this bizarre piece of Draconian censorship.

First ICANN gTLD auction slated for June 4

ICANN has published a preliminary schedule for its first new gTLD contention set auctions, which would see the first batch hit the block on June 4 this year.
The plan is now to sell off roughly 20 strings every month, with the last lot going under the hammer in March 2015, a full year from now.
Each contention set, of which there are 233, has been allocated to a batch, ordered by the applicants with the best position in the prioritization queue governing all aspects of the new gTLD program.
But each batch is filled with sets that have either already been resolved or which are currently “ineligible” for auction for one reason or another.
Ineligible contention sets are those that include an application that has, for example, an outstanding change request or a piece of unresolved Governmental Advisory Committee advice.
For example, the 12 applications for .app are scheduled for a July auction, but none of them are going anywhere until the GAC advice against the string goes away.
Naturally enough, ICANN says it’s a preliminary schedule that is subject to a lot of change.
Applicants in contention sets may nevertheless draw comfort from the fact that these auctions finally seem to have firm dates. The auctions were originally slated to start this month.

Community gTLD applicants flunk on “nexus”

The first four Community Priority Evaluation results are in, and all four applicants flunked by failing to prove a “nexus” between the new gTLD string and the community they purport to represent.
No applicant score more than 11 points of the 14 necessary to pass. A total of 16 points are available.
Winning a CPE automatically wins a contention set — all the other applicants for the same new gTLD must withdraw — so it’s a deliberately difficult test.
The scoring mechanism has been debated for years. Scoring 14 points unless the gTLD string exactly matches the name of your organization has always struck me as an almost impossible task.
The first four results appear to substantiate this view. Nobody scored more than 0 on the “nexus” requirement, for which 4 points are available.
The four CPE applicants were: Starting Dot (.immo), Taxi Pay (.taxi), Tennis Australia (.tennis) and the Canadian Real Estate Association (.mls). All four were told:

The string does not identify or match the name of the community, nor is it a well-known short-form or abbreviation of the community.

In some cases, the evaluation panel used evidence from the applicant’s own applicant to show that the string “over-reaches” the community the applicant purported to represent.

The application for .Taxi defines a core community of taxi companies and drivers, as well as peripheral industries and entities.
…
While the string identifies the name of the core community members (i.e. taxis), it does not match or identify the peripheral industries and entities that are included in the definition of the community

In other cases, the panel just used basic common sense. For example, Tennis Australia was told:

Tennis refers to the sport and the global community of people/groups associated with it, and therefore does not refer specifically to the Tennis Australia community.

Starting Dot (.immo) and Taxi Pay (.taxi) both also scored 0 on the “Community Establishment” criteria where, again, 4 points were available.
In that part of the CPE, the applicants have to show that their community is clearly delineated, organized, and long-standing.
In both cases, the panel found that the communities were too eclectic, too disorganized and too young — neither existed before the new gTLD program kicked off in September 2007.
It’s not looking promising for any of the 14 CPE applicants listed by ICANN here. I’ll give $50 to a charity of the applicant’s choosing if any of them scores more than 14 points.

Donuts plays the genericide card in showdown with Belgian government over .spa

Donuts has asked ICANN to approved its .spa new gTLD application over the objections of the Belgian government, saying the town of Spa no longer has exclusive rights to the string.
As we reported at the weekend, Spa is asking Donuts and rival applicant Asia Spa and Wellness Promotion Council for an up to 25% cut of profits from .spa, as well as the right to help manage the TLD at the registry’s expense.
ASWPC has agreed to these terms, but Donuts has not. It says it offered Spa extra protections for sensitive names, but does not want to hand over any managerial control or profit.
Yesterday, Donuts wrote to ICANN (pdf) to say that “spa” is now so generic that no interest would be served by ICANN enforcing the city’s demands. Here’s the meat of it:

While the City of Spa maintains a historical link to the word “spa”, that word long ago evolved as a globally recognized generic term by people who have never even heard of the city of its origin. The public interest served by making that term available to a global community of spa users far outweighs any risk of confusion with the city of the same name. And for those names that may cause confusion, Donuts has provided a rigorous series of additional protections and controls.
The City of Spa gave the word “spa” to the world many centuries ago, and the world has done a great deal with it. Just as attorneys for the City of Spa don’t fly around the world handing cease-­and-desist notices to resort operators and hot-­tub manufacturers, we do not believe it is appropriate for them to overrun ICANN procedure to try to exert control over how that term is used in the Internet’s global addressing system.

I’m going to raise my hand to say that I’d never heard of Spa before this particular controversy arose, and I expect that goes for most of the people reading this article. Donuts surely has a point.
But that’s not to say Spa doesn’t have a point too. There are plenty of governments that managed to squeeze concessions out of applicants for gTLDs matching place names in their territories, with little complaint from applicants; it’s just that the line was drawn at capital cities, something which Spa is not.
Donuts urges ICANN to give no weight to the Spa-ASWPC deal and to move both applications forward to the next stage of the process — contention resolution.
We may see some progress at the ICANN meeting in Singapore next week, when ICANN will surely press the Governmental Advisory Committee for further advice on this string.

Full TMCH database published by registry?

DotBerlin seems to have published the full list of trademarks and other strings protected by the Trademark Clearinghouse.
The list, published openly on nic.berlin as the .berlin new gTLD went through its sunrise period, contains 49,989 .berlin domain names that the registry says are protected.
Neither the TMCH nor DotBerlin have yet responded to a request for comment, so I can’t be 100% certain it’s the TMCH list, but it certainly appears to be. You can judge for yourself here (pdf).
UPDATE: DotBerlin told DI that it is “not the full list but part of a registry-reserved names list” that was published “accidentally” and has now been removed from its web site.
The DotBerlin web site calls the list “MarkenSchutzEngel-Domains” which I believe translates to something like “Trademark Guardian Angel Domains”.
While the TMCH says it has 26,802 listed marks, the document published by DotBerlin seems to also include thousands of strings that are protected under the “Trademark +50” rule.
That allows companies that have won UDRP complaints to have those domains’ second-level strings added to their TMCH records. I see plenty of UDRP’d domains on this list.
The list also seems to include hundreds, possibly thousands, of variant strings that put hyphens between different words. For example, Santander appears to have registered:

a-bank-for-your-ideas
a-bank-for-yourideas
a-bank-foryour-ideas
a-bank-foryourideas
a-bankfor-your-ideas
a-bankfor-yourideas
a-bankforyour-ideas
a-bankforyourideas

I spotted dozens of examples of this, which is permitted under ICANN’s TMCH rules.
There are 2,462 internationalized domain names on the list.
I gather that the full TMCH list today is over 50,000 strings, a little larger than the DotBerlin document.
I took the liberty of comparing the list to a dictionary of 110,000 English words and found 1,941 matches. Strings such as “fish”, “vision”, “open”, “jump” and “mothers” are all protected.
A listing in the TMCH means you get the right to buy a domain matching your mark during new gTLD sunrise periods. Anyone else trying to register a matching name will also generate a Trademark Claims notice.
According to some registries I’ve spoken to today, the TMCH forbids the publication of the full database under the contract that all new gTLD registries must sign.
I’ve no idea whether the publication of a list of .berlin names means that DotBerlin broke its contract.
While the TMCH rules were being developed, trademark owners were adamant that the full database should not be published and should not be easily reverse engineered.
They were worried that to publish the list would reveal their trademark enforcement strategies, which may leave them open to abuse.
(Hat tip to Bart Mortelmans of bNamed.net for the link.)

Panel doesn’t consider TLD in the first-ever new gTLD UDRP case

The first new gTLD domain name has been lost to a UDRP complaint.
The famous German bike maker Canyon Bicycles won canyon.bike from a registrant who said he’d bought the name — and others — in order to protect the company from cybersquatters.
The panelist in the case, WIPO’s Andrew Lothian, declined to consider the fact that the TLD was related to Canyon’s business in making his decision. Finding confusing similarity, he wrote:

The Panel finds that, given the advent of multiple new gTLD domain names, panels may determine that it is appropriate to include consideration of the top-level suffix of a domain name for the purpose of the assessment of identity or similarity in a given case, and indeed that there is nothing in the wording of the Policy that would preclude such an approach. However, the Panel considers that it is not necessary to do so in the present case.

Canyon had argued that the fact that it’s a .bike domain reinforced the similarity between the domain and the mark, but it’s longstanding WIPO policy that the TLD is irrelevant when determining confusing similarity.
The domain was registered under Whois privacy but, when it was lifted, Canyon looked the registrant up on social media and discovered he was very familiar with the world of bikes.
The registrant told WIPO that he’s registered Canyon’s mark “with the best of intentions”.
Apparently, he’s registered more than one famous brand in a new gTLD in the belief that the existence of the program was not wildly known, in order to transfer the domains to the mark holders.
He claimed “that many companies have been content with his actions” according to the decision.
But the fact that he’d asked for money from Canyon was — of course — enough for Lothan to find bad faith.
He also chose to use the fact that the registrant had made no attempt to remove the default Go Daddy parking page — which the registrar monetizes with PPC — as further evidence of bad faith.
The domain is to be transferred.

Roundup: industry reaction to US giving up IANA role

Members of the domain name industry and ICANN community reacted generally positively to the news Friday night that the US will step aside from its central role in ICANN oversight.
Several companies, organizations and individuals issued early statements in response. We present a summary of those to hit the wires so far here.
First, the so-called I* organizations (IETF, IAB, RIRs, ccTLD ROs, ISOC, and W3C), which manage the internet’s various technical functions and standards, issued a joint statement via ICANN:

Our organizations are committed to open and transparent multi-stakeholder processes. We are also committed to further strengthening our processes and agreements related to the IANA functions, and to building on the existing organizations and their roles. The Internet technical community is strong enough to continue its role, while assuming the stewardship function as it transitions from the US Government.

The Domain Name Association’s executive director Kurt Pritz said this:

The DNA welcomes a deliberate, thoughtful process, inclusive of all stakeholder views to determine the future of the IANA function. As our members are some of the most widely recognized customers of IANA, we will be playing an active role in the process moving forward. The US government performs admirably in this role and it is important that any new oversight mechanism perform as reliably and consistently, and in a manner that prevents the Internet from onerous regulations and/or content controls.

New gTLD portfolio applicant Donuts said:

The IANA function is very important to Internet stability, and Donuts supports the multistakeholder approach to managing this vital resource. As the largest applicant for new top-level domains, we look forward to providing a constructive contribution in this multi-stakeholder discussion. It’s critical that any new mechanisms for IANA oversight ensure not only stability and accountability but also uphold the vital public sector role in promoting Internet innovation and openness.

Lisa Hook, CEO of back-end registry provider Neustar, said in a press release:

We share the US government’s view that the time has come for ICANN to convene global stakeholders to develop the policies, procedures, and accountability framework needed to transition ultimate responsibility for the IANA functions, and we look forward to participating in that process.

Back-end and portfolio applicant Afilias said in its own press release:

We endorse the statements of the NTIA and the organizations noted above [the I*s] with respect to the maturation of these organizations and processes, and we are committed to continuing to contribute to the stewardship of the Internet as part of a globally inclusive, open and transparent multi-stakeholder community.

Michele Neylon, CEO of domain name registrar Blacknight Solutions said:

This is an incredibly historic and important day for Internet governance. As a member of the International governance and infrastructure communities I applaud this move away from a single government to a regulating body that represents the interests of the global community. However, the real challenge now lies ahead in identifying and implementing a strong, diverse community to oversee these crucial organizations.

Milton Mueller, the principal academic behind the Internet Governance Project blogged:

IGP has been leading the call for the US government to be consistent about its non-governmental approach to Internet governance since 2005. Naturally, we were gratified to see the Commerce Department finally come around to that position. Far from “giving up” something or “losing control,” the U.S. is sure to find that its policy has gained strength. We have just made it a lot harder for opponents of a free and open Internet to pretend that what they are really against is an Internet dominated by one hegemonic state.

The news broke rather late on a Friday night, with an NTIA press release and hastily convened ICANN press conference, after the story was leaked to the Washington Post.
There hasn’t been much time for formal written reactions yet, but I’m sure more will be forthcoming as people get into work on Monday morning.

Belgians do want a piece of Donuts’ new gTLD action

The Belgian government is blocking approval of Donuts’ bid for the new gTLD .spa until the company agrees to hand over up to 25% of its .spa profits to the community of the city of Spa.
It emerged in a letter from Spa published by ICANN this weekend that the city is also demanding a role in managing the TLD at the registry operator’s expense.
The gTLD has been applied for by Donuts and the Asia Spa and Wellness Promotion Council.
Not only does the string .spa match the name of the city, but also the English dictionary word “spa” is actually named after Spa, which has been known for centuries for its “healing” springs.
Despite this, Spa is not a capital city — it has roughly 10,000 inhabitants — so it does not qualify as a protected geographic string under the rules of ICANN’s new gTLD program.
Spa nevertheless wants a role in the TLD’s management, in order to protect the interests of itself and its local community, and wants some of the profits to benefit its local businesses.
According to the letter (pdf) from Spa outside attorney Phillippe Laurent, ASWPC has already signed a memorandum of understanding with the city. That MoU, published with the letter, states:

The turnover generated by the exploitation of the .SPA registry will be used in priority to defray reasonable out-of-pocket expenses incurred by the City as a result of its participation in the SPARC or any other of its activity related to the management and governance of the .SPA extension.
Additionally, 25% of the net profit generated by the domain names registered in the .SPA registry by any Belgian, Dutch, Luxembourgish, French or German person or entity will be earmarks to be contributed towards Internet and spa & wellness activities development in and for the City of Spa and its region, especially as related to the scope of the “.SPA” TLD, to be directed by the City of Spa.

The deal would also see ASWPC reserve 200 .spa domain names (included potential premiums such as poker.spa and golf.spa) for the city to do with as it pleases.
Donuts has refused to sign the MoU, saying it’s inconsistent with the Applicant Guidebook and sets a “bad precedent”. Spa has therefore refused to endorse its application.
The city has its national government on its side. In the April 2013 Beijing communique of the ICANN Governmental Advisory Committee, the GAC listed .spa as one of several bids needing “further consideration”.
This was reiterated in its Durban and Buenos communiques, with the GAC noting that “discussions” between “relevant parties” were “ongoing”.
Essentially, the GAC is delaying .spa from approval while Spa tries to get Donuts to agree to hand over part of its of .spa profits.
There was a somewhat testy exchange at the Buenos Aires meeting in November, after an ICANN director asked the GAC if it was appropriate for a governmental entity to try to get a financial benefit from an applicant.
The Belgian GAC representative responded later that “no money will flow to the city of Spa”, conceding that “a very small part of the profits of the registry will go to the community served by .spa”.
That now seems to be not entirely accurate.
The MoU sees Spa getting reimbursed for its self-imposed cost of inserting itself into the management of the registry, so some money will flow to it. But it will presumably be revenue-neutral to the city.
The issue of the 25% profit cut is a bit ambiguous though.
While the money would not flow directly into city coffers, the city would get the ability to direct how it was spent. Presumably, it could be spent on projects that Spa locals would otherwise look to the city to pay for.
With Donuts and Spa apparently at an impasse, ICANN recently told the GAC that it won’t sign contracts with either applicant, yet, but that it wants “a timeline for final consideration of the string”.
It also wants the GAC to “identify the ‘interested parties’ noted in the GAC advice.”
With Laurent’s letter and the MoU seemingly spelling out exactly what Spa wants and why, perhaps ICANN can move the issue closer to resolution at the Singapore meeting next week.
Is it a shakedown? Is it appropriate behavior for the GAC to hold an application hostage while it tries to obtain financial benefit for its local businesses? Or is Donuts unreasonably trying to exploit a city’s centuries-old cultural heritage for its own economic gain?