.black gTLD has seen boost since George Floyd killing

Afilias’ little-known new gTLD .black has seen a noticeable increase in registrations in the last few weeks, as Black Lives Matter protests span the globe.

Between January 1 and May 25 this year, the day on which George Floyd was killed by Minneapolis police over a trivial offence, the gTLD’s zone file grew by 227 domains.

But in the 22 days since the killing, as BLM protests have spread across the US and elsewhere, it’s grown by 292 domains, currently standing at a modest 4,490.

Basically, it’s grown in three weeks by more than the previous five months combined.

The domain georgefloyd.black was registered May 27, after video of the incident shared on social media had attracted mainstream media attention, and is currently parked at GoDaddy.

Other .black domains registered since his death include accountable.black, lives.black, understanding.black, listen.black and itshardbeing.black.

Whois privacy talks in Bizarro World as governments and trademark owners urge coronavirus delay

Coronavirus may have claimed another victim at ICANN — closure on talks designed to reopen private Whois data to the likes of law enforcement and trademark owners.

In a remarkable U-turn, the Governmental Advisory Committee, which has lit a series a fires under ICANN’s feet on this issue for over a year, late last week urged that the so-called Expedited Policy Development Process on Whois should not wrap up its work in June as currently planned.

This would mean that access to Whois data, rendered largely redacted worldwide since May 2018 due to the GDPR regulation in Europe, won’t be restored to those who want it as quickly as they’ve consistently said that they want it.

Surprisingly (or perhaps not), pro-access groups including the Intellectual Property Constituency and Business Constituency sided with the GAC’s request.

In an email to the EPDP working group’s mailing list on Thursday, GAC chair Manal Ismail indicated that governments simply don’t have the capacity to deal with the issue due to the coronavirus pandemic:

In light of the COVID-19 pandemic, and its drastic consequences on governments, organizations, private sector and individuals worldwide, I would like to express our serious concerns, as GAC leaders, that maintaining the current pace of work towards completion of Phase 2 by mid-June could jeopardize the delivery, efficacy and legitimacy of the EPDP’s policy recommendations.

While recognizing that the GAC has continually advised for swiftly completing policy development and implementing agreed policy on this critical public policy matter, we believe that given the current global health emergency, which puts many in the EPDP and the community under unprecedented stress (for example governments has been called to heightened duties for the continuity of essential public services), pressing important deliberations and decisions in such a short time frame on already strained participants would mean unacceptably sacrificing the product for the timeline.

We understand there are budget and human resources considerations involved in the completion of Phase 2 of the EPDP. However, we are all living through a global health pandemic, so we call on the EPDP Team to seriously reassess its course and expectations (be it on the duration of its calls, the turn-around time of reviews, its ultimate timeline and budget) emulating what numerous governments, global organizations, and households are doing to adapt during these challenging times across the world.

In April last year, before the EPDP group had even formally started its current phase of talks, Ismail wrote to ICANN to say the GAC expected the discussions to be more or less wrapped up by last November and that the new policy be implemented by this April.

Proponents of the access model such as Facebook have taken to suing registrars for not handing over Whois data in recent months, impressing the need for the issue to be urgently resolved.

So to now request a delay beyond June is a pretty big U-turn.

While Ismail later retracted her request for delay last Thursday, it was nevertheless discussed by the working group that same day, where the IPC, the BC and the ALAC all expressed support for the GAC’s position.

The registrars and registries, the non-commercial users and the ISPs were not supportive.

Delay might be tricky. For starters, hard-sought neutral working group chair Janis Karklins, has said he can’t continue working on the project beyond June 30, and the group has not secured ICANN funding for any further extensions to its work.

It will be up to the GNSO Council to decide whether to grant the extension, and the ICANN board to decide on funding.

The working group decided on Thursday to ask the Council for guidance on how to proceed.

What’s worrying about the request, or at least the IPC and BC’s support of it, is that coronavirus may just be being deployed as an excuse to extend talks because the IP owners don’t like the proposal currently on the table.

“The reality is we’re looking at a result that is… just not going to be sufficient from our perspective,” MPAA lawyer Frank Journoud, an IPC rep on the working group, said on its Thursday call. “We don’t want the perfect to be the enemy of the good, but right now we’re not even going to get to good.”

The current state of play with the working group is that it published its initial report (pdf) for public comment in February.

The group is recommending something called SSAD, for Standardized System for Access and Disclosure, in which a central gateway provider, possibly ICANN itself, would be responsible for granting Whois access credentials and fielding requests to the relevant registries and registries.

The almost 70 comments submitted before the March 23 deadline have been published in an unreadable, eye-fucking Google spreadsheet upon which transparency-loving ICANN may as well have hung a “Beware of the Leopard” sign. The staff summary of the comments is currently nine days late.

Kuala Lumpur meeting cancelled and ICANN 68 could be even trickier online

ICANN has as expected cancelled its in-person ICANN 68 meeting, which had been due to take place in Kuala Lumpur in June, due to the coronavirus pandemic.

The decision, which was never really in any doubt, was taken by its board of directors yesterday. The board considered:

Globally, a high number of people are under some form of a “stay at home” or lock-down order, directed to avoid contact with others except to receive essential services such as medical care or to purchase supplies. Schools and offices are closed, gatherings are prohibited, and international travel is largely on pause. We do not know when travel or in-person meetings will be authorized or possible. As it relates to Kuala Lumpur, Malaysia has a Movement Control Order in force at least until 14 April 2020 that prohibits meetings such as ICANN68. The duration of the Movement Control Order has already been extended once.

It appears that the four-day meeting, which will instead go ahead virtually (presumably on the Zoom conferencing service) might be even more disjointed than ICANN 67.

ICANN 67, which took place online in March, did have a centralized component — a bunch of ICANN staffers on location at its headquarters in Los Angeles — but that may not be possible this time around.

The board said that “due to current social distancing requirements, ICANN org is unable to execute a virtual meeting from a single location, and that a decentralized execution model might necessitate changes to the format.”

It added that there is support for “a flexible, modified virtual meeting format that focuses on cross-community dialogues on key policy topics, supplemented by a program of topical webinars and regular online working meetings scheduled around the key sessions.”

While there has been a lot of criticism of the Zoom platform in recent weeks due to security and privacy concerns, ICANN indicated this week that it’s not particularly concerned and will carry on using the service.

Go here to help fight against coronavirus abuse

A coalition of over 1,000 security experts, domain name providers and others have got together to help coordinate efforts to combat abusive coronavirus-related domains.

A workspace on the collaboration platform Slack has been growing steadily since it was created a week ago, enabling technology professionals to exchange information about the alarming number of sites currently trying to take advantage of the pandemic.

You can join the channel via this link. Thanks to Theo Geurts of RealtimeRegister.com for passing it along.

The collection of chat rooms appears to have been created by Joshua Saxe, chief scientist at security software firm Sophos, March 19. There are currently 1,104 members.

There’s a channel devoted to malicious domains, which is being used to share statistical data and lists of bad and good coronavirus-related domains, among other things.

Across the workspace, a broad cross-section of interested parties is represented. Current members appear to come from security companies, governments, law enforcement, registries, registrars, ICANN, healthcare providers, and others.

It seems like a pretty good way for the technical members of the domain name industry to keep track of what’s going on during the current crisis, potentially helping them to put a stop to threats using domains they manage as they emerge.

More domain industry response to coronavirus

It’s beginning to look like home-working has become the norm, rather than the exception, in the domain name industry.
Following on my post Monday, here are the latest companies and organizations to provide updates on their responses to the coronavirus pandemic.

• ICANN has told its staff in Brussels, Geneva and Singapore to work from home, while recommending that its guys in Istanbul, LA and Washington DC do the same. Staff in Montevideo and Nairobi, where confirmed cases of the virus are pretty light, will carry on as normal for now. The edict will be in effect until March 31. One imagines there’s a good chance it could be renewed.
• In the UK, Nominet said yesterday that it has “initiated home-working across all our teams from today” and expects “business as usual”. All in-person events through the end of May have been postponed.
• In Ireland, registry IEDR said that it closed its offices in Dublin on Friday and may reopen March 30, pending further government guidance. Like other registries, IEDR said it’s already well-equipped for staff to work remotely.
• Also in Ireland, registrar Blacknight Solutions tells me its team are also now working from home.
• Canada-based registrar Tucows said: “On Sunday March 8, Tucows’ executive leadership announced that all employees who could conceivably work from home were encouraged to do so in the week that followed. On Monday, it looked like an overabundance of caution but by Thursday morning it seemed prescient.” While there is expected to be no impact to the registrar side of the house, the Ting Internet ISP arm has cancelled and rescheduled all home egineering visits, which obviously could cause customer disruption.
• French registrar Gandi, operating under some of the world’s most stringent government guidelines, said yesterday its staff are naturally enough now all working from home.
• Not strictly domain industry, but the World Intellectual Property Organization said yesterday it has limited access to its Geneva headquarters to only “essential” staff.
• US-based registrar MarkMonitor said Monday it has implemented a remote-working regime for its staff.

Given how dog-bites-man such announcements have rapidly become, I doubt I’ll be following up this series of posts again, unless something truly extraordinary happens. It’s pretty safe to assume that before long almost everyone in the industry will be working from home.

Facebook WILL sue more registrars for cybersquatting

Facebook has already sued two domain name registrars for alleged cybersquatting and said yesterday that it will sue again.
Last week, Namecheap became the second registrar in Facebook’s legal crosshairs, sued in in its native Arizona after allegedly failing to take down or reveal contact info for 45 domains that very much seem to infringe on its Facebook, Instagram and WhatsApp trademarks.
In the complaint (pdf), which also names Namecheap’s Panama-based proxy service Whoisguard as a defendant, the social media juggernaut claims that Whoisguard and therefore Namecheap is the legal registrant for dozens of clear-cut cases of cybersquatting including facebo0k-login.com, facebok-securty.com, facebokloginpage.site and facebooksupport.email.
In a brief statement, Facebook said these domains “aim to deceive people by pretending to be affiliated with Facebook apps” and “can trick people into believing they are legitimate and are often used for phishing, fraud and scams”.
Namecheap was asked to reveal the true registrants behind these Whoisguard domains between October 2018 and February 2020 but decline to do so, according to Facebook.
The complaint is very similar to one filed against OnlineNIC (pdf) in October.
And, according to Margie Milam, IP enforcement and DNS policy lead at Facebook, it won’t be the last such lawsuit.
Speaking at the second public forum at ICANN 67 yesterday, she said:

This is the second in a series of lawsuits Facebook will file to protect people from the harm caused by DNS abuse… While Facebook will continue to file lawsuits to protect people from harm, lawsuits are not the answer. Our preference is instead to have ICANN enforce and fully implement new policies, such as the proxy policy, and establish better rules for Whois.

Make no mistake, this is an open threat to fence-sitting registrars to either play ball with Facebook’s regular, often voluminous requests for private Whois data, or get taken to court. All the major registrars will have heard her comments.
Namecheap responded to its lawsuit by characterizing it as “just another attack on privacy and due process in order to strong-arm companies that have services like WhoisGuard”, according to a statement from CEO Richard Kirkendall.
The registrar has not yet had time to file its formal reply to the legal complaint, but its position appears to be that the domains in question were investigated, found to not be engaging in nefarious activity, and were therefore vanilla cases of trademark infringement best dealt with using the UDRP anti-cybersquatting process. Kirkendall said:

We actively remove any evidence-based abuse of our services on a daily basis. Where there is no clear evidence of abuse, or when it is purely a trademark claim, Namecheap will direct complainants, such as Facebook, to follow industry-standard protocol. Outside of said protocol, a legal court order is always required to provide private user information.

UDRP complaints usually take several weeks to process, which is not much of a tool to be used against phishing attacks, which emerge quickly and usually wind down in a matter of a few days.
Facebook’s legal campaign comes in the context of an ongoing fight about access to Whois data. The company has been complaining about registrars failing to hand over customer data ever since Europe’s GDPR privacy regulation came into effect, closely followed by a new, temporary ICANN Whois policy, in May 2018.
Back then, its requests showed clear signs of over-reach, though the company claims to have scaled-back its requests in the meantime.
The lawsuits also come in the context of renewed attacks at ICANN 67 on ICANN and the domain industry for failing to tackle so-called “DNS abuse”, which I will get to in a follow-up article.

Watch: climate change denier on why she trusts .org more than .com

This isn’t news, but I found it amusing, irritating, and slightly confusing — a clip of a climate change denier rubbishing a scientific article because it appears on a .com domain rather than a .org.
The video below, featuring comedian Joe Rogan interviewing conservative political commentator Candace Owens, dates from May 2018, but I first came across it when it popped up on Reddit’s front page this morning.
In it, Rogan attempts to school Owens on why human-influenced climate change, which she believed is a liberal conspiracy, is a scientific fact. At one point, his producer pulls up an article from Scientific American, the respected, 174-year-old popular science magazine, which uses scientificamerican.com.
Owens responds:

What web site is this? .com though? That means it’s making money. I don’t trust that. If it was a .org I would probably take that, but this is just a random web site.

The argument has been made, in the ongoing controversy over .org’s sale to Ethos Capital, that .org domains carry a higher level of trust than other TLDs, through the mistaken belief that you need to be a not-for-profit in order to own one, but I think this is the first time I’ve ever heard that belief openly expressed in a widely-viewed forum by a public figure, albeit not a very bright one.
Confusingly, at around the 11.50 mark in the video, Owens starts banging on about how she doesn’t trust research conducted by “.orgs” such as mediamatters.org.
She appears to be someone who, in the age of fake news, pays attention to TLDs when deciding what is and isn’t true online. I can’t decide whether that’s an admirable quality or not. At least she has a filter, I guess.

Is the .co rebid biased toward Afilias? Yeah, kinda

The Colombian government has come under fire for opening up the .co registry contract for rebid in a way that seems predetermined to pick Afilias as the winner, displacing its fierce rival Neustar.
As I blogged in November, Colombia thinks it might be able to secure a better registry deal, so it plans to shortly open .co up to competitive proposals.
A company called .CO Internet, acquired by Neustar for $109 million in 2014, has been running the ccTLD for the last decade. There are currently around 2.3 million .co domains under management, according to Colombia.
With the renewal deadline looming, the government’s technology ministry, MinTIC, published an eyebrow-raising request for proposals last month.
What’s surprising about the RFP is that some of the four main technical performance criteria listed are so stringent that probably only two companies in the industry qualify — Verisign and Afilias, and so far Verisign has not been involved in the RFP process.
The companies that have been engaging with the government to date are Afilias, Neustar/.CO, Nominet, CentralNic and Donuts.
First, MinTIC wants a registry that’s had at least two million domains under management across its portfolio continuously for two years. All five registries qualify there.
Second, it wants a registry that’s been involved in the migration of a TLD of at least one million names, either as the gaining or losing back-end.
That immediately narrows the pack to just two of the five aforementioned registries — Neustar and Afilias.
Verisign would also qualify, if it’s in the bidding, but I suspect it’s not. Taking over .co would look like a “buy it to kill it” strategy, which would be horrible optics for the Colombian government.
There have only ever been three migrations over one million names, to my knowledge: the Verisign->Afilias .org transition of 2003, the Neustar->Afilias .au move of 2018, and last year’s Afilias->Neustar .in handover.
CentralNic, Nominet and Donuts have all moved numerous TLDs between back-ends, but with much smaller per-TLD domain volumes.
Third — and here’s the kicker — the successful .co bidder will have to show that it processes on average 25 million registry transactions — defined as “billable EPP (write) transactions, as well as all EPP search (read) transactions” — per day. (All of the RFP quotes in this post have been machine-translated from Spanish by Google and run by a few generous Spanish speakers for verification.)
The RFP is not entirely clear on what exact data points it’s looking at here, but my take is that qualifying transactions include, at an absolute minimum, attempts to create a domain, renew a domain, transfer a domain and check whether a domain is registered.
The vast majority of such transactions are in the check and create functions, and I believe a great deal of that activity relates to drop-catching, where registries are flooded with add requests for just-deleted domains.
Whichever way you split it, 25 million a day is a ludicrously high number. Literally only .com, which sees 2.3 billion checks and 1.5 billion adds per month, sees that kind of action.
According to Neustar, which actually runs .co, it only sees 6.4 million transactions per day on average. The requirement to handle 25 million a day is “exaggerated, unjustified and discriminatory” against Neustar, Neustar told MinTIC.
But the RFP allows for the bidding registries to spread their 25-million-a-day quota across all of the TLDs they manage, and this MAY sneak Afilias over the line.
I say MAY in big letters because I don’t believe the numbers that Afilias (and probably other registries too) reports to ICANN every month are reliable.
If you add up the reported, qualifying EPP transactions for September in Afilias’ top four legacy gTLDs — .org, .info, .mobi and .pro — you get to over 25 million per day.
But those same records show that, for example, .mobi, .pro and .info had exactly the same number of EPP availability checks that month — 215,988,497 each.
This is clearly bad data.
I reported on this issue last May, when ICANN’s Security and Stability Advisory Committee informed ICANN that major registries were providing “not reliable” or possibly “fabricated” data about port 43 Whois queries.
Afilias, which was one of the apparent offenders, told me at the time that it was addressing the issue with ICANN, but it does not yet appear to have fully fixed its reporting to enable TLD-by-TLD breakdowns of its registry activity.
It is of course quite possible, even very likely, that Afilias has on average more than 25 million qualifying EPP transactions per day, but how’s it going to prove that to the Colombian government when the numbers it reports under contract to ICANN are clearly unreliable?
It’s a little harder to determine whether Neustar would qualify under the 25-million transaction rule, because some of its largest zones are ccTLDs — .co, .in and .us — that do not publicly report this kind of data. Its comments to the RFP suggest it would not.
Numbers aside, I’ll note that there’s very probably an inherent bias towards legacy gTLD operators like Afilias and against relative newcomers such as CentralNic if you’re counting EPP transactions. As I noted above, a lot of these transactions are coming from drop-catch activity, which is more prevalent on larger, older TLDs where there are more dropping domains that are more likely to have existing backlinks and traffic.
The fourth technical requirement in the Colombian RFP that looks a bit fishy is the requirement that the new registry must have channel relationships with at least 10 of the largest 25 registrars, as listed by a web site called domainstate.com.
I can’t say I’ve looked at domainstate.com very often, if at all, but a quick look at its numbers for September strongly suggests to me that it does not count post-2012 new gTLD registrations in its registrar league table. One registrar with almost four million domains under management doesn’t even show up on the list. This arguably could give an advantage to a registry that plays strongly in legacy gTLDs.
That said, it’s probably an academic point — I don’t think any of the bidders for the .co contract would have difficulty showing that they have 10 of the top 25 registrars on board, whichever way you calculate that league table.
Cumulatively, these four technical hurdles have led some to suggest that Afilias has somehow steered MinTIC towards creating an RFP only it could win.
Apart from what I’ve discussed here, I’ve no evidence that is the case, and Afilias has not yet responded to my request for comment today.
Luckily for the bidding registries, the Columbian RFP has not yet been finalized. Comments submitted by the bidders and others are apparently going to be taken on board, so the barriers to entry for respondents could be lowered before bids are finally accepted.
MinTIC posted an update last night that extends the period that the RFP could run, and the transition period should Neustar lose the contract. A handover, should one happen at all, could now happen as late as February next year.

Ten years ago I predicted Oscar winners wanted a .movie gTLD. Was I right?

Almost 10 years ago, when DI was barely a month old, I looked at that year’s Oscar nominees and predicted that a .movie gTLD could find some demand in the movie industry. Was I right?
Of course I was. As regular readers know, I’m always right. Apart from those times I’m wrong.
In 2010, there was no .movie gTLD and no publicly announced applications, but I noted at the time that almost half of the 50 nominated movies that year included the word “movie” immediately before the dot.
This year, there were 52 nominated movies across all categories (I’m well aware that this is a pretty small sample size to draw any conclusions from, but this post is just a bit of fun) so one might reasonably expect there to be roughly 25 official sites using .movie domains among them.
There are not. Only nine of the films, including four of the nine Best Picture nominees, use freshly registered .movie domains for their official sites.
These include the likes of 1917.movie, thecave.movie, joker.movie, onceuponatimeinhollywood.movie and littlewomen.movie.
.movie, managed by Donuts, has been around since August 2015. It competes with Motion Picture Domain Registry’s .film, which was not used by any of this year’s Oscars hopefuls.
What about the rest of this year’s nominees? Did they all register fresh .com domains for their movies?
No. In fact, only 10 of the 52 movies appear to have registered new .com domains for their official sites — one more than .movie — including two of the Best Picture nominations.
These fresh .com regs include domains such as parasite-movie.com, richardjewellmovie.com, ilostmybodymovie.com, forsamafilm.com and breakthroughmovie.com.
One movie — Honeyland, a North Macedonian environmentalist documentary about bees — uses a .earth domain.
I discovered today that, rather brilliantly, the Japan-based .earth registry demands registrants “voluntarily pledge to become ambassadors for Earth and do away with actions that harm Earth and its inhabitants” in its Ts&Cs.
So, of the 52 nominated movies, only 20 opted to register a new domain for their official site — down from 24 in 2010 — and that business was split evenly between .com and new gTLDs.
Whether the movies opted for a .movie domain appears to depend in large part on the distributor.
Sony appears to be a bit of a fan of the gTLD, while Fox, Disney and Warner tend to use after-the-slash branding on their existing .com domains for their films’ official sites.
I tallied 17 movies that have their official sites on their distributor’s .com/.org domain.
There are also trends that I could not have predicted a decade ago, such as the rise of streaming services. Back in 2010, Netflix was still largely a DVD-delivery player and was not yet creating original content.
But this year, seven of the Oscar-nominated movies were made and/or distributed by Netflix, and as such the official web site is the same place you go to actually watch the film — netflix.com.
A few of the nominated animated shorts don’t need official sites either — you just head to YouTube to watch them for free.
There are currently only about 3,200 domains in the .movie zone file, about 1,200 fewer than rival .film. It renews at over $300 a year at retail, so it’s not cheaper than the alternatives by a long way.

DI Leaders Roundtable #4 — Big predictions for 2020

Hindsight is 2020, right? Not this time!
We’re rolling up to the end of the year, so for the fourth DI Leaders Roundtable I thought I’d task my panel of industry experts with the wholly original and unpredictable question:

What do you think will be the major trends or developments in the domain name industry in 2020?

I’m wonderfully happy to report that the panel grasped the opportunity with both hands and delivered an absolute smorgasbord (selection of open sandwiches) of informed opinion about how they reckon 2020 will play out.
From potential changes to security practices to ongoing consolidation to increased government regulation to the death of new gTLDs to the growth of new gTLDs, 2020 is certainly going to be a fun year to report on.
In no particular order, this is what they said:
Rick Schwartz, domain investor

2020 is going to be just a fabulous year.
It comes down to two words: re-branding and upgrading.
Businesses that have gotten domains that may have not been prime to begin with want prime domains now to help them grow and be taken more seriously.
Businesses, especially global businesses that made the mistake of using non-dotcom domains, have realized their mistake and want to upgrade to a dotcom domain because of their own self-interest. They don’t care what domainers think! They only care about what they think and their bottom line, and in that regard they only have one choice and they all know it.
It’s mandatory if they want to grow and become part of the largest franchise ever known to mankind. The dotcom franchise.
If you add up all the net worth of every company on earth using the dotcom brand, the number is unfathomable.
As we go into the seventh year of the new gTLD experiment, they are meaningless. They haven’t been adopted by almost anybody. Circulation is poor. So many registrations are questionable or penny-promotional. The majority are parked and not in use nor will they ever be. And 99.9% of the people on this planet could not name a single one of them! Not a one!
The poor roll-out, poor marketing, poor circulation, questionable tactics and rolling out hundreds of extensions at one time was a death wish. A demolition derby as I have described and look at the HUNDREDS that are truly dying on the vine. They are not viable!
The registries themselves wanted the same result as dotcom but they smothered their own product by holding back anything they deemed to have any value whatsoever. They wanted the same result as dotcom but they certainly didn’t use the same playbook. There was no such thing as premium domains with Network Solutions. That was what gave life to the aftermarket.
They changed the recipe and it is what it is. Instead of replacing dotcom domains they should have marketed them as an on-ramp to their main dotcom website. That was a fatal choice.
Country-code extensions with dual purposes have outperformed all the new gTLDs put together.
.org has legs. Even .net domains seem to be in better shape than any of the new extensions.
According to NTLDStats.com there are 400 extensions with less than 20,000 registrations. Not viable! Over 300 of them have less than 10,000 and more than 200 have less than 5,000 and most of those have 2,000 or less.
On the other hand, there have been a lot of gimmicks used by the top 10 to gain HOLLOW registrations. Those 10 control 63% of all new gTLD registrations. Leaving the other 37% to be divided by over 500 other extensions. It’s laughable.
And when it comes to aftermarket sales, 2019 was worse than 2018 and 2017. Wrong direction for something that is supposed to be “emerging.”
According to TheDomains.com reported sales, of new gTLD’s are in a nosedive for 2019 vs 2018 and 2017. And most were done by registries themselves and not individual domain investors. Wrong direction!
2017
1,007 Total Sales
$5.2m Dollar Volume
$5,118 Average Price
$500.3k High Price
2018
1,490 Total Sales
$5.7m Dollar Volume
$3,847 Average Price
$510k High Price
2019
865 Total Sales
$3.4m Dollar Volume
$3,940 Average Price
$335k High Price
To me, 2020 is a year of total clarity. The experiment is over.
Get on board or get run over.

Sandeep Ramchamdani, CEO, Radix Registry

Within the new domains space, we will see a clear separation between the top 10 most popular extensions, and everything else. Many new TLDs have been able to jump volumes by operating at ultra-low prices. As the reality of renewals hit next year, the top TLDs by DUMs will more closely represent the most popular strings overall. Registrars will naturally tend towards focusing on these strings at the cost of everything else.
We will continue to see the normalization of new strings, as its visibility driven by legitimate end-user usage, rises. Our hope is that more registries play an active role in driving adoption by highly visible end-users and accelerate this evolution.

Jeff Neuman, Senior VP, Com Laude

Looking into my domain name industry crystal ball for 2020, I can see the continuation of some of the same activities, the start of some new debates, and even more maturation of the industry. Here are my views on three of the policy issues likely to be center-stage in 2020 (in no particular order).
Transitioning to a new Steady State of New TLDs.
OK, so the next round of new gTLDs will not open in 2020. However, there will be some real progress made towards the next round. The Subsequent Procedures PDP will complete its policy work on its review of the 2012 round and deliver it to the Council, who in turn will approve (hopefully) the policy work and submit to the Board.
The ICANN Board will put out the report for public comment and we will see those that oppose any new more new TLDs come back out of the woodwork to file the same type of comments reminiscent of 2009/2010. They will claim that more TLDs are not needed, we should not be moving too fast (despite nearly a decade between rounds), and that we should not be adding new TLDs until we solve DNS Abuse, Name Collision, WHOIS/SSAD/GDPR/RDAP/UAM, (insert your own issue), etc.
Despite the likely negativity from some, the community will realize that there is value to additional new gTLDs and maintaining a competitive landscape. There is still value in innovation, encouraging consumer choice and competition. The community will rise above the negativity to realize that many of the issues we experience in the industry are in fact related to the artificial scarcity of TLDs and that we need to continue to push forward towards completing one of the original missions of ICANN.
Rights Protection Mechanisms move to Phase 2.
Admittedly most of the community has not been paying attention to the Rights Protection Mechanisms (RPMs) Policy Development Process PDP. Currently it is working on Phase 1: Reviewing the RPMs introduced for the 2012 Round of New gTLDs. This work includes looking at the Trademark Clearinghouse, Sunrise Processes, the URS and the Trademark Claims process.
2020 may likely see the beginning of its second phase, the first ever review of the Uniform Dispute Resolution Policy (UDRP).
The UDRP was the first of ICANN’s Consensus Policies, and one that has been in place for more than to decades. Great care must be taken in the review of this policy which most will argue has been ICANN’s most successful policy in its relatively young history. The UDRP not only protects the intellectual property community by going after the bad faith registration and use of gTLD domains, but it also has been instrumental for registries and registrars to stay out of the middle of domain name disputes.
Prior to the UDRP, the one domain name registry/registrar was constantly in court defending itself against claims of contributory infringement and hoping that courts would not impose liability on it for allowing the registration of domain names by cybersquatters and not taking back names when notified about the abuse that was occurring on those names.
The passage of the UDRP drastically changed all of that. Registries and Registrars could extricate themselves from domain name disputes by referring the parties to the UDRP and agreeing to following/implementing the decisions. Courts agreed that following the UDRP served as a shield of liability for those registries and registrars that faithfully followed the policy. The bottom line in my view is that domain name registries and registrars need the UDRP as much as the IP Community.
The DNS Abuse Debate continues.
Although some progress has been made in defining and mitigating DNS Abuse with a number of registries and registrars signing a Framework to Address DNS Abuse, more discussions by the ICANN community will continue to take place both within and outside of ICANN. In my opinion, those registries and registrars that are serious of addressing true DNS abuse, will continue to educate the community on the already positive steps that they have been taking to combat phishing, pharming, malware, botnets, etc. as well a number of other non-DNS abuse issues (illegal pharmaceuticals, child exploitation, etc.).
Other groups will continue to press registries and registrars to do more to combat all sorts of other non-DNS forms of abuse, while others will strenuously argue that the more that is done, the more we threaten the civil liberties of domain name registrants. The community will realize that there is no right side or wrong side in this debate. Each side of those complicated debate is right.
Hopefully, a true sense of “multi-stakeholderism” will arise where domain name registries and registrars continue to mitigate abuse while disassociating themselves from those that are not as serious about combating abuse, ICANN will develop tools that will constructively assist with mitigating abuse (as opposed to focusing on contractual regulations), and the rest of the community will work on how to combat the growing problem without trampling on the rights of registrants. At the end of the day, all of us have a role in protecting end users on the Internet.
Note: I know the ePDP work on Universal Access will of course be ongoing, but I am sure others will give their thoughts on that. From a non-policy perspective, the domain name industry will continue to consolidate. We may very well see more registry/registrar combinations, registries purchasing other registries and private equity investment. We will see some more innovative uses of brand TLDs and others following suit.

Christa Taylor, CMO, MMX

1. The predicted 2020 recession will reward agile organizations who embrace machine learning to enhance operational efficiencies, customer experiences and protect corporate profit margins. Naturally, organizations with high operating costs will be the hardest hit with impacts being felt in the second half of 2020.
2. The potential recession combined with mounting pressures to increase efficiency will lead to a renewed focus on reaching niche markets to expand business.
3. Protection and representation movement of identities will continue to gain strength and momentum in 2020 as more and more people recognize the importance of controlling their own personal data.
4. Horizontal and vertical consolidation along with increased synergies will continue throughout the industry.
5. The 4th industrial revolution (IoT, VR, AI, BC) will gather momentum and provide additional opportunities for the use of domain names.
6. The next round of new gTLD applications will encounter unanticipated challenges causing delays.
7. New gTLDs registrations will continue to grow in 2020.

Michele Neylon, CEO, Blacknight

I suspect we’ll see more consolidation across the domain and hosting space. Afilias will probably acquire a few more under-performing registry operators. Some will already be on their platform, while others will be using their competitors. CentralNic will continue to acquire companies that fit with their portfolio of services.
There’ll be more mergers and acquisitions across the hosting and domain registrar space with a small number of companies dominating most developed markets.
The PIR acquisition by Ethos Capital will close and the sky won’t fall. PIR will increase their wholesale price by a few percentage points which will upset domain investors. There’ll be increased calls on ICANN to take action, but these will be rebutted.
More country code operators will start using AI to combat abusive registrations. In some cases I suspect we’ll see more stringent registrant validation and verification policies being introduced, though many ccTLD operators will find it hard to balance maintaining new registration volumes while also increasing the overall “quality” of the registration base.
There’ll be an increase in internet shutdowns in less-developed democracies, while governments in Europe and elsewhere will increase pressure on social media companies to stop the spread of propaganda. Internet infrastructure companies will come under more pressure to deal with content issues.
As we enter a new decade the role of the internet in our daily lives, both business and personal will continue to grow.
The big challenges that lie ahead are going to be complex. Without increasing security there’s a tangible risk that consumers will lose trust in the system as a whole and governments will want to impose more regulations to ensure that. One of the challenges is going to be balancing those increased levels of security and consumer confidence while not stifling innovation.
It’s going to be a fun future!

Dave Piscitello, Partner, Interisle Consulting Group

Expect increased scrutiny of the domain registration business. Our study and others to follow will continue to expose enormous concentrations of abuse and criminal domain registrations at a small number of registrars.
Domains registered using bulk registration services will attract the most attention. We call these “burner domains”, because cybercriminals use these in a “register, use, and abandon” fashion that’s similar to how drug dealers use disposable or burner mobile phones.
Governments will become more insistent that ICANN does more than acknowledge their recommendations and then defer adoption. They will increase pressure to validate domain registration data and legitimate businesses will happily comply with the additional validation overhead because of the abuse mitigation benefits they’ll receive.
There’s a possibility that a government other than the EU will adopt a data protection regulation that exposes the flawed logic in the ill-conceived Temp Spec “one redaction fits all”. Having decided to “run with GDPR”, what will ICANN do when faced with a government that insists that email addresses be made public?
The governance model will also fall under scrutiny, as the “multi” in multi-stakeholder appears to be increasingly dominated by two stakeholder interests and public interest barely receives lip service.

Ben Crawford, CEO, CentralNic

• There will be more creative ways to bake identity, cyber security, crime prevention and policing, and IP protection measures into domains and registration services
• More registries will be auctioning their own deleting domains
• Large tech firms, finance players and telcos will play and increasing role in the domain industry
• Further consolidation of gTLDs as the bigger registry operators continue to acquire some of the smaller ones
• More regulations impacting the domain name industry
• Smart independents like .XYZ, Radix and .ICU (which went from zero to 4+ million DUMs in 18 months) will continue to dominate the nTLD space (without blowing $100m on the rights to their TLDs)

Jothan Frakes, Executive Director, Domain Name Association

Consolidation will continue — look for a lot of M&A activity and corporate development. Lots of moves and role changes with people changing companies as the consolidation occurs. With change comes great opportunity, and there will be a lot of change.
The industry is kicking off the year with oomph — the new location and format for NamesCon, billed as as the Domain Economic Forum in Austin. The event looks promising, as it begins refreshed and demonstrates the strengths of the team who produce Cloudfest. Austin, like Las Vegas, is a mecca for tech startups, but larger, so hopefully the convenience of the venue to the local tech companies, along with with GoDaddy demonstrating a heavier presence at the event this year will be a big lure to attract more new faces to this great industry (and event).
There will be more focus on making things easier for new customers to use and activate services on domain names. Cool technologies such as DomainConnect or other methods that enable “app store” type activation of domain names will continue to make it simpler for a domain name owner to activate, build and use their domains. This is a crucial evolutionary step in the business, as it plays a significant role in renewal rates and overall customer growth.
We’ll see further innovation in the use of domain names become more mainstream. IoT, GPS/Geo, AI, Bots, voice, AR/VR and other technologies will drive expanded use of domain names. Even Blockchain, which seems to have gotten more pragmatic about purpose, has a lot of promise with how it can interact with DNS now that the hype has scaled back and the designated drivers that remain are plowing forth with their efforts to deliver on the core purpose/benefits they set out to deliver.
Domains, as well as the cool things that you can do with them, will continue to be a growing business that enables people and organizations to build and do great things.

A very happy new year to all DI readers and supporters!