Conflicting gTLD objection decisions to get appeals process?

ICANN seems to be considering an appeals process for new gTLD applicants that feel they’ve been wronged by dubious String Confusion Objection decisions.
But the process might be limited to applicants for .car, .cars and .cam.
In a resolution this Wednesday, ICANN’s New gTLD Program Committee said:

the NGPC is considering potential paths forward to address the perceived inconsistent Expert Determinations from the New gTLD Program String Confusion Objections process, including implementing a review mechanism. The review will be limited to the String Confusion Objection Expert Determinations for .CAR/.CARS and .CAM/.COM.

Why only those strings? I’m guessing it’s because the conflicting decisions would make for extremely confusing contention sets.
There were three SCOs against .cars applications, filed by Google, which has applied for .car. Google won one case but lost the other two.
That would mean that Google’s .car application would be in contention with one of the applicants but not the other two, hardly a fair outcome.
Similarly, Verisign objected to five .cam applications due to their similarity to .com. It won one and lost the other four.
The NGPC resolution calls for the publication, for comment, of a reviews process designed to untangle this mess. It does not appear to have been published yet.
But it seems that whatever ICANN has come up with will not apply to other applicants who feel they’ve been wronged by odd SCO, or other objection, decisions.

ICANN puts .islam and other gTLD bids in limbo

Or should that be Barzakh?
Rather than making the tricky decision on whether to approve .islam and .halal new gTLD applications, ICANN seems to have place both bids into permanent limbo.
It’s also put off calls on applications for .spa, .amazon, .wine and .vin, due to objections from the Governmental Advisory Committee.
On .islam and .halal, ICANN chair Steve Crocker wrote to Turkish applicant Asia Green IT System to say that the New gTLD Program Committee will not address the bids until AGIT has worked out its differences with the Organization for Islamic Cooperation.
He noted that AGIT has expressed a willingness in the past to work with the OIC, but that the OIC has formally decided to object to the two applications. Crocker wrote:

There seems to be a conflict between the commitments made in your letters and the concerns raised in letters to ICANN urging ICANN not to delegate the strings. Given these circumstances, the NGPC will not address the applications further until such time as the noted conflicts have been resolved.

This is not a formal rejection of the applications, but ICANN seems to have placed them in a limbo that will only be resolved when AGIT withdraws from the program or secures OIC support.
There’s also delaying treatment for .wine and .vin, which have become the subject of a raging row between Europe on the one hand and the US, Canada and Australia on the other.
Europe wants these two wine-related gTLDs to be subject to strict rules on who can register domains containing geographic indicators, such as “Champagne”. The others don’t.
ICANN in response has commissioned a third-party study on GIs, which it expects to be able to consider at its Singapore public meeting next month. Again, a decision has been avoided.
The two applicants for .spa don’t have any closure either.
Spa is the name of a town in Belgium, whereas the two applicants — Donuts and Asia Spa and Wellness Promotion Council — intend to use the string in its English dictionary sense.
There was a bit of a scandal during the Buenos Aires meeting last November when it was suggested that Belgium was using its position on the GAC to shake down the applicants for money.
Belgium denied this, saying the city of Spa didn’t stand to gain financially from the deals that it was trying to make with applicants. Some money would go to “the community served by .spa”, Belgium said, without elaboration.
ICANN has now decided to put .spa on hold, but wants to know more about these talks:

ICANN will not enter into registry agreements with applicants for the identified string at this time. The NGPC notes concern about concluding the discussions with the applicants and will request the GAC to (1) provide a timeline for final consideration of the string, and (2) identify the “interested parties” noted in the GAC advice.

Finally, ICANN has yet again delayed making a call on Amazon’s application for .amazon — until at least Singapore — out of an abundance of legal caution.
The GAC recommended that ICANN should reject .amazon because a few Latin American states claim ownership of the string due to it being the same as the Amazon region they share.
Amazon and others claim that it would be in violation of international law that prevents governments interfering with the use of trademarks for the GAC to block .amazon.
ICANN’s NGPC said:

ICANN has commissioned an independent, third-party expert to provide additional analysis on the specific issues of application of law at issue, which may focus on legal norms or treaty conventions relied on by Amazon or governments. The analysis is expected to be completed in time for the ICANN Singapore meeting so that the NGPC can consider it in Singapore.

In my view, the .amazon issue is the one most likely to bring a lawsuit to ICANN’s doorstep, so the organization clearly wants to get its legal position straight before making a call one way or the other.
All these decisions were made on Wednesday. You can read the NGPC’s resolution here and the important details here.

ICANN approves reworked GAC advice over US concerns

No sooner had we reported on the US government’s complaint about ICANN’s reinterpretation of GAC advice on new gTLDs than it emerged that ICANN has already approved the plan.
The ICANN board’s New gTLD Program Committee on Wednesday approved a resolution on how to implement the so-called Category 1 advice the Governmental Advisory Committee came up with in Beijing last April. The resolution was published today.
The Category 1 advice calls for stronger regulation — stuff like forcing registrants to provide industry credentials at point of sale — in scores of new gTLDs the GAC considers particularly sensitive.
Despite US Department of Commerce assistant secretary Larry Strickling calling for more talks after ICANN substantially diluted some of the GAC’s Beijing communique, the NGPC has now formally approved its watered-down action plan.
Under the plan, registrants in gTLDs such as .lawyer and .doctor will have to “represent” that they are credentialed professionals in those verticals when they register a domain.
That’s as opposed to actually providing those credentials at point of registration, which, as Strickling reiterated in his letter, is what the GAC asked for in its Beijing communique.
The full list of eight approved “safeguards” (as interpreted from GAC advice by ICANN) along with the list of the gTLDs that they will apply to, can be found in this PDF.

US unhappy with ICANN, urges more delay to many new gTLDs

The US government is not pleased with ICANN’s rather liberal interpretation of Governmental Advisory Committee advice on new gTLDs and wants more talks about “safeguards”.
Not only that, but it wants to start talking to ICANN about extending safeguards applicable to new gTLDs to old gTLDs, presumably including the likes of .com, too.
A letter to ICANN from Department of Commerce assistant secretary Larry Strickling, obtained by DI today, calls for more talks before ICANN finalizes its handling of the GAC’s Beijing communique.
Strickling notes, as DI has previously, that ICANN softened the meaning of the advice in order to smooth its implementation.

as can be the case when translating GAC Advice to contractual provisions, the NGPC [the ICANN board’s New gTLD Program Committee] made adjustments to the GAC Advice that the United States believes could cause enforcement problems and as such merits further discussion. The National Telecommunications and Information Administration (NTIA), on behalf of the United States, is planning to raise these concerns for discussion at the March GAC meeting in Singapore and requests that ICANN take this fact into account before moving forward with applications for strings impacted by the relevant portions of GAC advice

The letter (pdf) was sent February 4, just a day before the NGPC held a meeting — the results of which we do not yet know — that had the GAC Advice on its agenda.
The New gTLD Applicants Group had urged the NGPC to finally put the GAC Advice to rest, highlighting the “heavy burden that the delay in the implementation of GAC Category 1 Advice has imposed upon affected applicants” in a letter last week.
The Category 1 advice, you may recall, comprised eight “safeguards” mandating policies such as industry engagement and registrant authentication, applicable to at least 386 gTLD applications.
Back in November, ICANN announced how it planned to handle this advice, but changed its meaning to make it more palatable to ICANN and applicants.
Those changes are what Strickling is not happy with.
He’s particularly unhappy with changes made to the GAC’s demand for many gTLDs to be restricted to only card-carrying members of the industries the strings seem to represent.
The GAC said in Beijing:

At the time of registration, the registry operator must verify and validate the registrants’ authorisations, charters, licenses and/or other related credentials for participation in that sector.

In other words, you’d have to provide your doctor license before you could register a .doctor domain.
But ICANN proposed to implement it like this:

Registry operators will include a provision in their Registry-Registrar Agreements that requires Registrars to include in their Registration Agreements a provision requiring a representation that the Registrant possesses any necessary authorisations, charters, licenses and/or other related credentials for participation in the sector associated with the Registry TLD string.

The doctor under this policy would only require the doctor to check a box confirming she’s a doctor. As Strickling said:

The NGPC has changed the GAC-coveyed concept of “verification and validation” to “representation”

Requirements for registries to mandate adherence to government regulations on the protection of financial and healthcare data are also his targets for further discussion.
What all this boils down to is that, assuming ICANN paid heed to Strickling’s letter, it seems unlikely that NTAG will get closure it so desperately wants until the Singapore meeting in late March — a year after the original Beijing communique — at the earliest.
In other words, lots of new gTLD applicants are probably going to be in limbo for a bit longer yet.
But Strickling also has another bombshell to drop in the final sentence of the letter, writing:

In addition, we will recommend that cross community discussion begin in earnest on how the safeguards that are being applied to new gTLDs can be applied to existing gTLDs.

So it seems the GAC is likely to start pressing to retroactively apply its new gTLDs advice to legacy gTLDs too.
Registrant verification in .com? Stricter Whois checks and enforcement? That conversation has now started, it seems.

Yes, there is cybersquatting in new gTLDs

With new TLDs, comes cybersquatting. It’s inevitable. And it’s also true of the new gTLDs that hit general availability this week.
The question of what is or is not cybersquatting is best left to a judge or UDRP panel, of course, but I’ve already come across plenty of newly registered domains that I do not believe would pass the UDRP test.
Sifting through select Whois records of domains that were registered in Donuts’ first seven gTLDs over the last few days, and without leaving the A’s, I’ve found the likes of: adidas.clothing, americanapparel.clothing, akamai.guru, americanexpress.guru. appleservice.guru and accenture.ventures.
Delving a little deeper into .clothing, I see the likes of kanyewest.clothing, ralphlauren.clothing, kardashiankollection.clothing, lauraashley.clothin, michaeljordan.clothing and more.
One Los Angeles clothing store appears to have registered several .clothing domains matching brands it does not own, possibly unaware that such behavior is frowned upon.
While there could be legitimate uses of the names I’ve highlighted here, possibly, they all appear to me to be registered to people unaffiliated with the referenced brands or celebrities.
I found more that are registered behind Whois privacy services, where it’s not possible to tell whether the domain belongs to the brand or not. Domains such as ibm.guru and ibm.ventures use Whois privacy, yet resolve to the IBM web site.
Cases of obvious UDRP losses seem to be few and far between, however. The vast majority of domains registered in these new gTLDs this week seem to be straightforward generic terms.
While I’m using the UDRP sniff test to highlight domains I feel may be cybersquatting, there’s a new process in town when it comes to disputes: the faster, cheaper Uniform Rapid Suspension policy.
URS has a higher burden of proof — “clear and convincing evidence” of bad faith registration and use — and it’s not yet clear how panelists will handle these cases.
There’s only been one URS case to date, that of facebok.pw, in which the domain was suspended following a complaint by Facebook.
In that case, Facebook was able to show bad faith by presenting the panelist with a list of other typo domains the respondent had registered.

Cartier sues Nominet hoping to set global domain name take-down precedent

Luxury watchmaker Cartier has taken .uk registry Nominet to court, hoping to set a precedent that would enable big brands to have domain names taken down at a whim.
The company sued Nominet in a London court in October, seeking an injunction to force the registry to take down 12 domain names that at the time led to sites allegedly selling counterfeit watches.
We’ve only become aware of the case today after Nominet revealed it has filed its defense documents.
Judging by documents attached to Nominet’s court filings, Cartier sees the suit as a test case that could allow it to bring similar suits against other “less cooperative” registries elsewhere in the world.
In a letter submitted as evidence as part of Nominet’s defense, Richard Graham, head of digital IP at Cartier parent company Richemont International, said that he was:

seeking to develop a range of tools that can be deployed quickly and efficiently to prevent Internet users accessing websites that offer counterfeit goods… [and] looking to establish a precedent that can be used to persuade courts in other jurisdictions where the registries are less cooperative.

It’s worth noting that Richemont has applied for 13 dot-brands under ICANN’s new gTLD program and that Graham is often the face of the applications at conferences and such.
Pretty soon Richemont will also be a domain name registry. We seem to be looking at two prongs of its brand protection strategy here.
According to the company’s suit, the 12 domains in question all had bogus Whois information and were all being used to sell bogus Cartier goods.
None of them used a Cartier trademark in the domain — this is explicitly about the contents of web sites, not their domains names — and Cartier says most appeared to be registered to people in China.
Rather than submitting a Whois inaccuracy complaint with Nominet — which could have led to the domains being suspended for a breach of the terms of service — Cartier decided to sue instead.
Graham actually gave Nominet’s lawyers over a week’s notice that the lawsuit was incoming, writing his letter (pdf) on October 22 and filing the complaint (pdf) with the courts November 4.
Cartier seems to have grown frustrated playing whack-a-mole with bootleggers who cannot be traced and just pop up somewhere else whenever their latest web host is persuaded to cut them off.
Graham’s letter, which comes across almost apologetic in its cordiality when compared to the usual legal threat, reads:

Cartier therefore believes the most cost effective and efficient way to disrupt access to the Counterfeiting Websites operating in the UK is to seek relief from you, as the body operating the registry of .uk domain names.

Armed with the foreknowledge provided by the letter, Nominet reviewed the Whois records of the domains in question, found them lacking, and suspended the lot.
Ten were suspended before Cartier sued, according to Nominet. Another expired before the suit was filed and was re-registered by a third party. A fourth, allegedly registered to a German whose scanned identity card was submitted as evidence by Nominet, was suspended earlier this month.
As such, much of Nominet’s defense (pdf) relies upon what seems to be a new and obscure legal guideline, the “Practice Direction on Pre-Action Conduct”, that encourages people to settle their differences without resorting to the courts.
Nominet’s basically saying that there was no need for Cartier to sue, because it already has procedures in place to deal with counterfeiters using fake Whois data.
Also offered in the defense are the facts that suspending a domain does not remove a web site, that Nominet does not operate web sites, and the following:

Nominet is not at liberty under its Terms and Conditions of Domain Name Registration to suspend .uk domain names summarily upon mere receipt of a demand from someone unconnected with the domain name registrant.

That seems to me to be among the most important parts of the defense.
If Cartier were to win this case, it may well set a precedent giving registries (in the UK at least, at first) good reason to cower when they receive dodgy take-down orders from multibillion-dollar brands.
Indeed, that seems to be what Cartier is going for here.
Unfortunately, Nominet has a track record of at least accelerating the takedown of domains based on nothing more than third-party “suspicion”. Its defense actually admits this fact, stating:

Inaccurate identity and contact information generally leads to the suspension of a domain within three weeks. Where suspicions of criminality are formally confirmed by a recognised law enforcement agency, suspension may be very significantly expedited.

I wonder if this lawsuit would have happened had Nominet not been so accommodating to unilateral third-party take-down notices in the past.
In a statement to members today, a copy of which was sent to DI, Nominet encouraged internet users to report counterfeiting web sites to the police if and when they find them.

DotConnectAfrica files for ICANN independent review

Failed .africa gTLD applicant DotConnectAfrica has filed an Independent Review Process appeal against ICANN, it emerged today.
The nature of the complaint is not entirely clear, but in a press release DCA said it’s related to “ICANN Board decisions and actions taken with regard to DCA Trust’s application for the .africa new gTLD”.
It’s only the third time an IRP has been filed. The first two were related to .xxx; ICM Registry won its pioneering case in 2009 and Manwin Licensing settled its followup case last year.
DCA said that it’s an “amended” complaint. It turns out the first notice of IRP was sent October 23. ICANN published it December 12, but I missed it at the time.
I’d guess that the original needed to be amended due to a lack of detail. The “Nature of Dispute” section of the form, filed with the International Center for Dispute Resolution, is just a sentence long, whereas ICM and Manwin attached 30 to 60-page legal complaints to theirs.
The revised notice, which has not yet been published, was filed January 10, according to DCA.
DCA applied for .africa in the current new gTLD round, but lacked the government support required by the Applicant Guidebook for strings matching the names of important geographic regions.
Its rival applicant, South African ccTLD registry Uniforum, which does have government backing, looks set to wind up delegated, whereas ICANN has designated DCA’s bid as officially “Not Approved”.
DCA has been alleging a conspiracy — often involving DI — at almost every juncture of the process, even before it filed its application. Read more here, here and here.
To win an IRP, it’s going to have to show that it suffered “injury or harm that is directly and causally connected to the Board’s alleged violation of the Bylaws or the Articles of Incorporation”.

Nominet bans rape domains

Nominet has banned “rape” domains from the .uk space, following an independent review spurred by a newspaper article.
The company announced today that it is to adopt the recommendations of Lord Macdonald (pdf), who said domains that “signal or encourage serious sexual offences” should be deleted.
The policy applies retroactively and at least a dozen domains have already been suspended.
Nominet CEO Lesley Cowley said in a statement:

Even though we are only talking about a handful of domain names, we agreed that we do not want those domain names on the register – regardless of whether there was an associated website or content.

Under the new policy, Nominet will review all new domain name registrations within the first 48 hours. It said it will:

Institute a system of post-registration domain name screening, within 48 hours of registration, for domain names that appear to signal or encourage serious sexual offences. Where examples that meet these criteria are discovered, they will be suspended or de-registered.

It’s pretty vague at the moment, both in terms of what constitutes a “signal” and how the oversight process will be carried out. Nominet said it will reveal implementation details at a later date.
Importantly, there will be no pre-screening of domains for potentially offensive substrings. It will still be possible to register names if you’re a “therapist” or enjoy “grapes”.
Macdonald said in his report:

any process of pre-registration scrutiny is likely to be slow, technologically blunt, and have minimal useful impact. It would likely damage the credibility of the .uk space in the market place and it would bring few discernible advantages.

He seems to be envisaging a system of manual review, aided by keyword searches, that looks only for domains that seem to be unambiguously “egregious”. He wrote:

it is precisely because of the inadequacies of the screening technology that Nominet has available to it, and the utmost importance of avoiding unnecessary or mistaken interference with free expression rights, that any post registration screening process should be strictly designed to target only the most egregious examples

Keywords under scrutiny are likely to include “rape”, “incest”, “bestiality”, “paedophilia” and derivatives.
Macdonald noted that Nominet gets 20 – 25 registrations containing these strings per week, but that the “vast majority” were false positives that should not trigger a suspension.
The Macdonald report gives examples of existing domains that would be likely to trigger Nominet action, including rapeme.co.uk, rapemyteacher.co.uk and rapeporn.co.uk.
According to Whois records, all of the domains listed in the report have already been suspended by Nominet.
Macdonald wrote:

it is difficult to see any reasonable basis whatsoever upon which the registration of a domain name such as rapemyteacher.co.uk could be consistent with any reasonable terms of business that Nominet might draw up.

It’s not clear from archives whether many of these domains even led to sites with content. An Archive.org capture of rapeporn.co.uk from 2009 contains a short essay (looks like a hasty attempt to justify the domain to me) on why rape fantasy and actual rape are different.
I suspect that “rapemyteacher.co.uk” was supposed to be a joke, a play on the popular site RateMyTeachers.com.
However, in Macdonald’s view, it’s easily possible for Nominet to suspend these names without infringing anyone’s free speech rights under the European Convention on Human Rights and UK law.
He said that in some cases the domain name itself may be illegal, if it encourages others to commitment crimes. Incitement is a crime, after all.
But his report seems to envisage that the use of the word “rape” may be justifiable when used in a figurative sense not related to actual sexual violence. It would also not be banned in positive contexts such as rape victim support services.
He recommended against instituting bans on swearwords and racist terms for similar reasons.
The one thing missing from the report, and Nominet’s response to it so far, is any requirement for Nominet to disclose which domain names it has suspended under the new policy.
That would be an important oversight mechanism, in my view.
If Nominet is going to be deleting names based on an as-yet-undisclosed review process, wouldn’t free speech be served by at least telling the public what has been censored?
What if rapemyteacher.co.uk was supposed to be a parody of RateMyTeachers.com? Did Nominet just suspend a humor site for no good reason and without telling anyone but the registrant?
The Macdonald report was commissioned following an outraged Sunday Times article based on a blog post by anti-porn crusader John Carr, who wanted a ban on “depraved or disgusting words”.
Neither Carr, the Sunday Times, Nominet or Macdonald have ever presented any examples of “egregious” .uk domain names leading to content encouraging or glorifying sexual violence, nor have they ever said that they’ve seen one with their own eyes.
It’s possible that such domains do not exist.
The review and the new Nominet policy, I think it’s fair to say, has probably not protected a single man, woman, child, corpse or sheep from unwelcome interference. It was, I suspect, a waste of time and resources.
But at first look the policy, properly implemented, does not appear to present a huge risk of infringing free speech rights or throwing up vast numbers of false positives.

ICANN has spent $120 million on new gTLDs

The new gTLD program has cost ICANN almost $120 million so far, according to a quarterly financial report published earlier this week.
It’s the first time ICANN has published a quarterly statement. Normally it only files a formal report annually.
According to the report, ICANN has spent $119.2 million of its original £344.9 million program budget (which comprises application fees net of refunds).
As of September 30, it still had $225.7 million in cash dedicated to the program, which is accounted for separate to ICANN’s regular operating budget.
ICANN estimates its total spend will be $204.3 million. If you factor in the $108.9 million “risk reserve”, that would put the program $3 million over budget by the time it concludes.
None of this includes the likely proceeds of contention set auctions, which are expected to amount to many millions. This cash will also be accounted for separately, but the community discussion on how to spend it is only just beginning.

Applicant says .islam ban would damage ICANN

If ICANN decides to reject Asia Green IT’s applications for .islam and .halal it would “be dealing a blow to the new gTLD program’s credibility”, according to AGIT.
The two potential new gTLDs are currently in limbo, awaiting a decision by the ICANN’s board of directors’ New gTLD Program Committee, following stalemate within the Governmental Advisory Committee.
The Organization for Islamic Cooperation has objected to the applications, saying it represents 1.6 billion Muslims and that it’s “concerned” about the potential “misuse” of the names.
Mehdi Abbasnia, managing director of the Turkey-based company, recently wrote to ICANN too (pdf) to ask that ICANN speedily approve its applications, given that two formal OIC-backed Community Objections have already failed.
Abbasnia also wrote to DI on Friday (pdf) to reiterate many of the same points.
The two gTLDs are among only a handful originating it the Muslim world, he said, and the idea is to spur adoption of domain names among all Muslims.

Muslim communities the world over have a lot to gain from seeing their members empowered through namespaces that are better suited to their specific needs, easier for them to relate to and use and respectful of their culture and laws.
As Muslims ourselves, this is what we felt we could bring to our community when we first heard of the new gTLD program: our expertise as a technical enabler of TLDs by Muslims, for Muslims. We are looking to fuel the engine, not drive the car.

He added that AGIT prevailed in the objections filed against it, and the GAC failed to reach a consensus to object.

Some in ICANN circles have used the phrase “taking a second bite at the apple” to characterize attempts to overturn decisions and derail processes. In the case of our applications for .Halal and .Islam, the apple’s been eaten to the core!
…
The ball is now in the ICANN Board’s court. If it bows to the OIC’s pressure and blocks our TLD applications, not only will Muslims the world over be prevented from claiming their very own space on the Internet, but I believe it will also be dealing a blow to the new gTLD program’s credibility, and to the credibility of ICANN as a multi-stakeholder governance organization.

While I have no opinion on whether the two applications should be approved or not, I disagree with the apple metaphor.
AGIT is in receipt of formal “GAC Advice on New gTLDs” explaining a non-consensus objection. That’s clearly envisaged by the Applicant Guidebook, and there a process for dealing with it: ICANN’s board talks to the GAC to understand the extent of its members’ concerns and then explains itself after it makes a decision one way or the other.
There doesn’t seem to be an abuse of process by the OIC or GAC here, just a very tricky question for the ICANN board to answer.