CentralNic wins .london back-end deal from Nominet

CentralNic today announced that it’s taking over back-end registry operations for .london.

It’s taking over from Nominet, which has run the technical aspects of the registry since 2016 when MMX dumped its registry business.

The contracted registry is London & Partners, the marketing arm of the London mayor’s office.

CentralNic is based in London, whereas Nominet, which runs .uk and .wales, is based in nearby Oxford. Original registry MMX was based in the British Virgin Islands.

.london currently has about 51,000 domains under management, down from a 2018 peak of about 86,000.

Two world wars and one dot-brand? Americans beat Germans in long-running gTLD fight, kinda

A chemicals company called Merck has beaten another chemicals company called Merck for the right to run .merck as a dot-brand gTLD.

But it looks like we may be looking at an unprecedented case of a shared dot-brand.

US-based Merck Registry Holdings and Germany-based Merck KGaA appear to have resolved their long-running battle over the string, with the German company recently withdrawing its application, enabling its rival to sign a contract with ICANN and go live on the internet.

But it’s not as straightforward as one applicant emerging victorious over the other. Recent changes to the American company’s winning gTLD application strongly suggest that the two companies intend to share the space.

The application was substantially rewritten in March to make it clear that American Merck plans to allow unaffiliated third parties to register .merck names, and that it may substantially change its eligibility policies not long after launch.

Whereas its original 2012 application was pretty much boilerplate dot-brand territory, the March 2021 version is more nuanced. It now talks about extending eligibility to “other registrants” rather than merely “licensees”, for example.

The application now says it “reserves the right to consider allowing third party registrants outside of current affiliate or subsidiary relationships to own .MERCK domains at a future date.”

But, more importantly, it now also says that it intends to transfer its .merck Registry Agreement to a new shell company, London-based MM Domain Holdco Ltd, shortly after ICANN signs it off.

Company records show that MM Domain Holdco has directors — trademark lawyers — from both the American and German companies.

So we’re looking at some kind of shared dot-brand, it seems. If you don’t count Amazon’s uneasy deal with South American governments, that’s pretty much unprecedented for new gTLDs.

The US applicant is a subsidiary of Merck & Co Inc, a New York-listed company with a market cap of $197 billion. The German company is listed in Frankfurt with a market cap of €17 billion.

The German firm is 350 years old and was the parent of the American company until it was seized, and eventually re-privatized as a separate entity, by the US government during World War I.

Both have trademark rights to the term “Merck” and a decades-old cooperation agreement, but have nevertheless been in legal disputes over the mark in recent years.

It will be interesting to see whether the two Mercks ultimately share and actively use .merck, or like so many other dot-brands merely own a defensive, inactive gTLD.

The resolution of the contention set comes after the better part of a decade and many years of negotiations and legal tussles with ICANN.

ICANN had been bent on forcing the companies to a last-resort auction of which it would be the financial beneficiary. Whether this was because it wanted to force the Mercks to the negotiating table to resolve their differences amicably, or because it saw dollar signs… you decide. Maybe both.

The Mercks have in recent years repeatedly delayed the auction, using different ICANN appeals mechanisms. The contention set had been in a Cooperative Engagement Process since late last year, but had been slated to go to auction yesterday, May 12.

The settlement occurred before that date, however, so ICANN won’t be getting any auction money this time.

Brexit specter creeping up on .eu

The .eu ccTLD shrank a bit in the first quarter as a result of Brexit finally kicking in fully.

Registry EURid reported that there were 3,681,337 registered .eu, .ею and .ευ domains at the end of March, down from 3,684,984 at the end of 2020, a dip of just a few thousand names.

Domains registered by UK registrants, who are still grandfathered in for another couple of months, stood at 59,779 at the end of the quarter, down from 77,000 at the end of 2020.

The top-line numbers were also affected negatively by Portugal, which has seen its numbers up and down over the last couple of years due to a cycle of registrar promotions and deletions.

Under EURid rules, Brits and UK residents have until the end of June to make arrangements for their domains before they are deleted.

Because EU citizens living in the UK and elsewhere outside the EU are now eligible for .eu domains, EURid has started breaking out that number too. It was 15,308, more than names registered in Croatia and Latvia, among other nations.

The Brexit impact was tempered by strong sequential growth of 9.4% in Ireland, from 78,030 to 85,381 domains.

Given the shared border, language, and confusing/controversial current trading relationship between the UK and Ireland, I wonder whether any of this Irish growth can be attributed to some kind of Plastic Paddy effect, in much the same way as applications for Irish passports increased following the 2016 Brexit referendum.

In percentage terms, the place with the strongest .eu growth in Q1 was the French territory of Saint Martin, which DOUBLED(!) its total in the quarter, growing from 1 to 2.

$40 million UNR auction brings fresh blood to domain industry

Six entities are entering the domain registry business for the first time following UNR’s auction last month, which saw over 20 new gTLDs sold off for a total of over $40 million, according to UNR.

While playing its cards close to its chest and revealing the auction results in rather general terms, UNR disclosed last week that there were 17 bidders at the three-day event, which ran in late April.

It said “between 10 and 20 bidders came away as winners”, which I assume we have to interpret as “between 10 and 17”.

Anyone predicting a bulk purchase by a rival portfolio registry was dead wrong, it appears.

UNR said that, while it will not disclose their identities, “established registries, investment firms, blockchain companies, and high net-worth individuals” were among the winners.

None of the ICANN Registry Agreements have yet changed hands, according to ICANN records.

While existing registries and investment firms (presumably the kind of private equity interests that have shown high levels of interest in the domain industry in recent years) will come as no surprise as buyers, blockchain companies and high net-worth individuals will perhaps raise more eyebrows.

ICANN won’t, to the best of my knowledge, sign an RA with an individual, so we’ll no doubt be seeing a corporate vehicle or two established to take over contracts on behalf of those buyers.

The idea of a blockchain company taking over a TLD in the internet’s official root zone is particularly interesting.

The closest we’ve had to that scenario to date is MMX’s experiments integrating .luxe into the Ethereum blockchain, which has been described as genuinely innovative.

But most forays by blockchain outfits into “domain names” have been strictly alt-root moves, such as Unstoppable Domains’ use of .crypto addresses, which do not use the ICANN root and instead require browser plug-ins to function.

These kinds of services usually have their ability to avoid centralized oversight and control as a USP, which makes an attempt from this sector to suck on the ICANN teat especially intriguing.

And which of UNR’s TLDs would be most suited to blockchain applications? .link? .click? .lol?

UNR has not broken down how much was paid for each TLD, and we’ll likely never know, but the $40 million top-line is far above the $11.65 million minimum opening bids it had established for the no-reserve auction.

But it still works out as under $2 million on average across each of the 23 gTLDs on offer, many of which had been on the market for six or seven years, begging the question of whether UNR CEO Frank Schilling’s big bet on new gTLDs back in 2012 was ultimately a success.

Schilling said in a press release: “All UNR shareholders should be exceptionally pleased with the final outcome of this first-of-its-kind event. We are deeply satisfied to have seen so much new interest and blood enter the arena.”

The TLDs auctioned were: .audio, .blackfriday, .christmas, .click, .country, .diet, .flowers, .game, ,guitars, .help, .hiphop, .hiv, .hosting, .juegos, .link, .llp, .lol, .mom, .photo, .pics, .property, .sexy and .tattoo.

DI will of course reveal the winners over time as their ICANN contracts are updated to reflect the new operators.

IWF finds 3,401 “commercial” child porn domains

The Internet Watch Foundation last year found child sexual abuse material on 3,401 domains that it says appeared to be commercial sites dedicated to distributing the illegal content.

The UK-based anti-CSAM group said in its annual report, published last week, that it found 5,590 domains containing such material in 2020, and 61% were “dedicated commercial sites… created solely for the purpose of profiting financially from the distribution of child sexual abuse material online.”

That’s a 13% increase in domains over 2019, the report says. It compares to 1,991 domains in 2015.

IWF took action on 153,369 URLs containing CSAM last year, the report says.

For example, the TLD with the most CSAM abuse is of course .com, with 90,879 offending URLs in 2020, 59% of the total. That compares to 69,353 or 52% in 2019.

But because those 90,000 URLs may include, for example, pages on image-hosting sites that use .com domains, the number of unique .com domains being abused will be substantially lower.

Same goes for the other TLDs on the top 10 list — .net, .ru, .nz, .fr, .org, .al, .to, .xyz and .pw.

.co, .cc and .me were on the 2019 list but not the 2019 list, being replaced by .al, .org and .pw.

The most disturbing part of the report, which is stated twice, is the alarming claim that some TLDs exist purely to commercially distribute CSAM:

We’ve also seen a number of new TLDs being created solely for the purpose of profiting financially from the distribution of child sexual abuse material online.

…

We first saw these new gTLDs being used by websites displaying child sexual abuse imagery in 2015. Many of these websites were dedicated to illegal imagery and the new gTLD had apparently been registered specifically for this purpose.

I can only assume that IWF is getting confused between a top-level domain and a second-level domain.

The alternative would be that the organization believes one or more TLD registries are purposefully catering primarily to commercial child pornographers, and for some reason it’s declining to do anything about it.

I’ve put in a request for clarification but not yet received a response.

IWF is funded by corporate donations from primarily technology companies. Pretty much every big domain registry is a donor. Verisign is a top-tier, £80,000+ donor. The others are all around the £5,000 to £10,000 mark.

UPDATE May 26: IWF has been in touch to clarify that it was in fact referring to SLDs, rather than TLDs, in its claims about dedicated commercial CSAM sites quoted above. It has corrected its report accordingly.

.gov TLD quietly changes hands

The .gov TLD used exclusively by governmental entities in the US has quietly changed managers.

On Friday, the IANA records for .gov changed from the General Services Administration to the Cybersecurity and Infrastructure Security Agency.

It was not unexpected. CISA announced the move in March.

But it’s less clear how the change request was handled. The ICANN board of directors certainly didn’t have a formal vote on the matter. IANA has not released a redelegation report as it would with a ccTLD.

CISA intends to make .gov domains more widely available to agencies at the federal, state, city and tribal level, and reduce the price to free or almost free.

Verisign currently manages the technical aspects of the domain, for $400 per domain per year.

UNR cuts $5.2 million from price of new gTLD portfolio

UNR has reduced the opening bids on almost all of the gTLDs it plans to auction off later in the week, to the tune of a whopping $5.2 million.

According to the minimum opening bids listed on the auction web site today, the job lot of 23 TLD contracts could go for as little as $11.65 million, if there’s no competitive bidding whatsoever.

That’s compared to the $16.87 million total when the TLDs were first announced for auction back in January.

It’s a no-reserve auction of UNR’s entire portfolio of gTLDs that runs from Wednesday to Friday this week.

Some gTLDs, such as .hiv and .juegos, have no minimum bids.

The only TLD to receive a price increase since January is .llp, which had a $0 listing back then but is now listed at $200,000. There’s been no change in .llp’s fortunes since then — it’s still unlaunched.

The music-themed .country, which had no list price in January, now has a $300,000 tag.

The biggest discount comes on .link, once listed with a $3 million opener, now reduced to $2 million.

Nine of the gTLDs are now priced at below the original ICANN application fee of $186,000.

Here’s a table comparing the January minimum bid to today’s pricing.

[table id=66 /]

UNR, which sold off its registrar and secondary market businesses to GoDaddy and its stakes in three car-themed gTLDs to XYZ.com last year, plans to remodel itself as a back-end operator post-auction.

UPDATE: According to UNR, the January prices were preliminary and published accidentally, and no changes have been made since late January or early February.

Verisign expects huge domain growth in 2021

Verisign tonight significantly upgraded its estimate of how many .com and .net domains it expects to sell this year, citing an improving economy and increased growth in online commerce.

CEO Jim Bidzos told analysts that it’s now expecting its domain base to increase by 4% to 5.5% this year. Three months ago, it had cautiously predicted growth would be between 2.5% and 4.5%.

That’s a minimum of 6.6 million net new domains this year.

The upgrade was inspired by its first-quarter performance, in which .com and .net base grew by 4.6% when compared to Q1 2020, to 168 million names.

That was an increase of 2.8 million names during the quarter, which compares to 1.83 million net new domains in Q1 2020 and 1.46 million in Q4 2020. A pretty damn good showing, in other words.

For Q1, Verisign tonight reported net income of $150 million, down from $334 million in Q1 last year, when it experienced a one-off tax benefit.

Revenue was up 3.6% on last year at $324 million.

Decision on $135 million .web auction expected in weeks

ICANN, Verisign, Donuts, and the other applicants for .web will find out who gets to control the fiercely contested gTLD by the first week of June at the latest, according to Verisign’s CEO.

Jim Bidzos told analysts tonight that the Independent Review Process panel currently handling a complaint filed by Afilias declared its case closed April 7, and said that a decision will come within 60 days.

Afilias, now owned by Donuts, came second in an ICANN “auction of last resort” in which a Verisign-backed company called Nu Dot Co agreed to pay $135 million for the coveted string.

Afilias wants the auction declared invalid because ICANN, it claims, did not sufficiently pursue allegations that NDC was being secretly bankrolled by Verisign, which it says broke ICANN bylaws and new gTLD application rules.

This is denied by ICANN, as well as NDC and Verisign, which have filed legal documents with the IRP panel despite not being parties.

Afilias and others suspect that Verisign wants .web in order to bury it, keeping what could be a strong .com competitor weak, which Verisign also denies.

The IRP panel held a seven-day virtual hearing last August, but has continued to receive briefs from ICANN and Afilias since then.

Everything.sucks publishes transfer auth codes for thousands of domains in latest .sucks pimpage

Everything.sucks, which is quickly emerging as one of the world’s most prominent organized cybersquatting projects, has a novel new way to sell .sucks domains without, technically, selling them.

The company, which casts itself as a “non-profit organization and communications forum for social activism” has published the transfer authorization codes for what appears to be the thousands of .sucks domains in its portfolio.

This means that anyone can transfer any of the company’s .sucks domains into their own registrar account with just a few clicks and without asking the current registrant — if they can afford the exorbitant transfer fee and don’t mind legal exposure.

You may recall that Everything.sucks is a Wikipedia-style web site that is fed by traffic from thousands of .sucks domains that, as the company freely admits, match the trademarks of famous companies.

Typing poptarts.sucks into your browser address bar will take you to the Everything.sucks wiki pages for Pop-Tarts, which contains content critical of the brand scraped from third-party web sites.

Everything.sucks emerged last year, and in October I reported that hundreds of .sucks domains were pointing there.

At the time, the web site carried banner ads on each brand’s page that took visitors to secondary-market sales pages at Sedo or Uniregistry, where the price was usually the same as the .suck’s registry’s wholesale price of $200.

I thought it was weird that a registrant at the very least flirting with cybersquatting would put up their domains at cost price, but Vox Populi, the registry, denied any involvement with the domains.

The registrant of these names, according to several UDRP decisions that it lost, is a probably fictitious individual named Pat Honeysalt, from a company called Honey Salt Ltd based in either Turks & Caicos or the UK.

Honey Salt has told UDRP panels that it registers the names on behalf of Everything.sucks. Given the volume of registrations, it must have spent many millions of dollars.

In any event, shortly after the UDRP cases started trickling in and not long after DI’s initial coverage, the banner ads on the .sucks pages disappeared.

And now, the auth codes have appeared. It looks like this:

Publishing auth codes right there on its web site appears to be the latest stage in a cat-and-mouse game Everything.sucks is playing with the trademark lawyers pursuing it through the UDRP process.

The boilerplate reads:

We occasionally buy a dot sucks domain and point it at a specific page. We do this to bring awareness to our site and because, well, we love the dot sucks domain. If you ask us if we would sell the domain, our answer is simple. Absolutely not. We will give it to you.

It’s not technically offering to sell these domains any more, right? As far as this nominal non-profit is concerned, it’s giving them away for free to anyone who wants them, including the brand’s owner.

But if you want the names, you’ve still got to pay for the transfer, of course. In the case of poptarts.sucks, it’s $2,399 at the registrar screen-capped below. Another registrar has the same name priced at $2,599.99.

If we’re following the money here, the only beneficiaries that spring to mind are Vox Pop, which gets its fat-margin registry fee, and the hapless registrar, which gets whatever its markup on a .sucks domain transfer is.

I tried these auth codes at six leading registrars and found that four of their shopping carts informed me point-blank that they do not support .sucks transfers at all.