Recent Posts
- Domain world growth despite .com slide
- Verisign predicts more gloom as registrars shun .com growth
- Republicans quiz NTIA on Verisign .com renewal
- Smaller, more intense ICANN meetings with no free cocktails?
- Private auctions to be banned in next new gTLD round
- .au prices going up
- Nominet names director hopefuls
- Crowdstrike screw-up took down ICANN’s email
- We grassed up .TOP, says free abuse outfit
- ICANN to earmark $10 million for new gTLD subsidies
- TV network rebrands on single-letter domain
- First registry gets breach notice over new abuse rules
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
Facebook WILL sue more registrars for cybersquatting
Facebook has already sued two domain name registrars for alleged cybersquatting and said yesterday that it will sue again.
Last week, Namecheap became the second registrar in Facebook’s legal crosshairs, sued in in its native Arizona after allegedly failing to take down or reveal contact info for 45 domains that very much seem to infringe on its Facebook, Instagram and WhatsApp trademarks.
In the complaint (pdf), which also names Namecheap’s Panama-based proxy service Whoisguard as a defendant, the social media juggernaut claims that Whoisguard and therefore Namecheap is the legal registrant for dozens of clear-cut cases of cybersquatting including facebo0k-login.com, facebok-securty.com, facebokloginpage.site and facebooksupport.email.
In a brief statement, Facebook said these domains “aim to deceive people by pretending to be affiliated with Facebook apps” and “can trick people into believing they are legitimate and are often used for phishing, fraud and scams”.
Namecheap was asked to reveal the true registrants behind these Whoisguard domains between October 2018 and February 2020 but decline to do so, according to Facebook.
The complaint is very similar to one filed against OnlineNIC (pdf) in October.
And, according to Margie Milam, IP enforcement and DNS policy lead at Facebook, it won’t be the last such lawsuit.
Speaking at the second public forum at ICANN 67 yesterday, she said:
This is the second in a series of lawsuits Facebook will file to protect people from the harm caused by DNS abuse… While Facebook will continue to file lawsuits to protect people from harm, lawsuits are not the answer. Our preference is instead to have ICANN enforce and fully implement new policies, such as the proxy policy, and establish better rules for Whois.
Make no mistake, this is an open threat to fence-sitting registrars to either play ball with Facebook’s regular, often voluminous requests for private Whois data, or get taken to court. All the major registrars will have heard her comments.
Namecheap responded to its lawsuit by characterizing it as “just another attack on privacy and due process in order to strong-arm companies that have services like WhoisGuard”, according to a statement from CEO Richard Kirkendall.
The registrar has not yet had time to file its formal reply to the legal complaint, but its position appears to be that the domains in question were investigated, found to not be engaging in nefarious activity, and were therefore vanilla cases of trademark infringement best dealt with using the UDRP anti-cybersquatting process. Kirkendall said:
We actively remove any evidence-based abuse of our services on a daily basis. Where there is no clear evidence of abuse, or when it is purely a trademark claim, Namecheap will direct complainants, such as Facebook, to follow industry-standard protocol. Outside of said protocol, a legal court order is always required to provide private user information.
UDRP complaints usually take several weeks to process, which is not much of a tool to be used against phishing attacks, which emerge quickly and usually wind down in a matter of a few days.
Facebook’s legal campaign comes in the context of an ongoing fight about access to Whois data. The company has been complaining about registrars failing to hand over customer data ever since Europe’s GDPR privacy regulation came into effect, closely followed by a new, temporary ICANN Whois policy, in May 2018.
Back then, its requests showed clear signs of over-reach, though the company claims to have scaled-back its requests in the meantime.
The lawsuits also come in the context of renewed attacks at ICANN 67 on ICANN and the domain industry for failing to tackle so-called “DNS abuse”, which I will get to in a follow-up article.
Watch: climate change denier on why she trusts .org more than .com
This isn’t news, but I found it amusing, irritating, and slightly confusing — a clip of a climate change denier rubbishing a scientific article because it appears on a .com domain rather than a .org.
The video below, featuring comedian Joe Rogan interviewing conservative political commentator Candace Owens, dates from May 2018, but I first came across it when it popped up on Reddit’s front page this morning.
In it, Rogan attempts to school Owens on why human-influenced climate change, which she believed is a liberal conspiracy, is a scientific fact. At one point, his producer pulls up an article from Scientific American, the respected, 174-year-old popular science magazine, which uses scientificamerican.com.
Owens responds:
What web site is this? .com though? That means it’s making money. I don’t trust that. If it was a .org I would probably take that, but this is just a random web site.
The argument has been made, in the ongoing controversy over .org’s sale to Ethos Capital, that .org domains carry a higher level of trust than other TLDs, through the mistaken belief that you need to be a not-for-profit in order to own one, but I think this is the first time I’ve ever heard that belief openly expressed in a widely-viewed forum by a public figure, albeit not a very bright one.
Confusingly, at around the 11.50 mark in the video, Owens starts banging on about how she doesn’t trust research conducted by “.orgs” such as mediamatters.org.
She appears to be someone who, in the age of fake news, pays attention to TLDs when deciding what is and isn’t true online. I can’t decide whether that’s an admirable quality or not. At least she has a filter, I guess.
Is the .co rebid biased toward Afilias? Yeah, kinda
The Colombian government has come under fire for opening up the .co registry contract for rebid in a way that seems predetermined to pick Afilias as the winner, displacing its fierce rival Neustar.
As I blogged in November, Colombia thinks it might be able to secure a better registry deal, so it plans to shortly open .co up to competitive proposals.
A company called .CO Internet, acquired by Neustar for $109 million in 2014, has been running the ccTLD for the last decade. There are currently around 2.3 million .co domains under management, according to Colombia.
With the renewal deadline looming, the government’s technology ministry, MinTIC, published an eyebrow-raising request for proposals last month.
What’s surprising about the RFP is that some of the four main technical performance criteria listed are so stringent that probably only two companies in the industry qualify — Verisign and Afilias, and so far Verisign has not been involved in the RFP process.
The companies that have been engaging with the government to date are Afilias, Neustar/.CO, Nominet, CentralNic and Donuts.
First, MinTIC wants a registry that’s had at least two million domains under management across its portfolio continuously for two years. All five registries qualify there.
Second, it wants a registry that’s been involved in the migration of a TLD of at least one million names, either as the gaining or losing back-end.
That immediately narrows the pack to just two of the five aforementioned registries — Neustar and Afilias.
Verisign would also qualify, if it’s in the bidding, but I suspect it’s not. Taking over .co would look like a “buy it to kill it” strategy, which would be horrible optics for the Colombian government.
There have only ever been three migrations over one million names, to my knowledge: the Verisign->Afilias .org transition of 2003, the Neustar->Afilias .au move of 2018, and last year’s Afilias->Neustar .in handover.
CentralNic, Nominet and Donuts have all moved numerous TLDs between back-ends, but with much smaller per-TLD domain volumes.
Third — and here’s the kicker — the successful .co bidder will have to show that it processes on average 25 million registry transactions — defined as “billable EPP (write) transactions, as well as all EPP search (read) transactions” — per day. (All of the RFP quotes in this post have been machine-translated from Spanish by Google and run by a few generous Spanish speakers for verification.)
The RFP is not entirely clear on what exact data points it’s looking at here, but my take is that qualifying transactions include, at an absolute minimum, attempts to create a domain, renew a domain, transfer a domain and check whether a domain is registered.
The vast majority of such transactions are in the check and create functions, and I believe a great deal of that activity relates to drop-catching, where registries are flooded with add requests for just-deleted domains.
Whichever way you split it, 25 million a day is a ludicrously high number. Literally only .com, which sees 2.3 billion checks and 1.5 billion adds per month, sees that kind of action.
According to Neustar, which actually runs .co, it only sees 6.4 million transactions per day on average. The requirement to handle 25 million a day is “exaggerated, unjustified and discriminatory” against Neustar, Neustar told MinTIC.
But the RFP allows for the bidding registries to spread their 25-million-a-day quota across all of the TLDs they manage, and this MAY sneak Afilias over the line.
I say MAY in big letters because I don’t believe the numbers that Afilias (and probably other registries too) reports to ICANN every month are reliable.
If you add up the reported, qualifying EPP transactions for September in Afilias’ top four legacy gTLDs — .org, .info, .mobi and .pro — you get to over 25 million per day.
But those same records show that, for example, .mobi, .pro and .info had exactly the same number of EPP availability checks that month — 215,988,497 each.
This is clearly bad data.
I reported on this issue last May, when ICANN’s Security and Stability Advisory Committee informed ICANN that major registries were providing “not reliable” or possibly “fabricated” data about port 43 Whois queries.
Afilias, which was one of the apparent offenders, told me at the time that it was addressing the issue with ICANN, but it does not yet appear to have fully fixed its reporting to enable TLD-by-TLD breakdowns of its registry activity.
It is of course quite possible, even very likely, that Afilias has on average more than 25 million qualifying EPP transactions per day, but how’s it going to prove that to the Colombian government when the numbers it reports under contract to ICANN are clearly unreliable?
It’s a little harder to determine whether Neustar would qualify under the 25-million transaction rule, because some of its largest zones are ccTLDs — .co, .in and .us — that do not publicly report this kind of data. Its comments to the RFP suggest it would not.
Numbers aside, I’ll note that there’s very probably an inherent bias towards legacy gTLD operators like Afilias and against relative newcomers such as CentralNic if you’re counting EPP transactions. As I noted above, a lot of these transactions are coming from drop-catch activity, which is more prevalent on larger, older TLDs where there are more dropping domains that are more likely to have existing backlinks and traffic.
The fourth technical requirement in the Colombian RFP that looks a bit fishy is the requirement that the new registry must have channel relationships with at least 10 of the largest 25 registrars, as listed by a web site called domainstate.com.
I can’t say I’ve looked at domainstate.com very often, if at all, but a quick look at its numbers for September strongly suggests to me that it does not count post-2012 new gTLD registrations in its registrar league table. One registrar with almost four million domains under management doesn’t even show up on the list. This arguably could give an advantage to a registry that plays strongly in legacy gTLDs.
That said, it’s probably an academic point — I don’t think any of the bidders for the .co contract would have difficulty showing that they have 10 of the top 25 registrars on board, whichever way you calculate that league table.
Cumulatively, these four technical hurdles have led some to suggest that Afilias has somehow steered MinTIC towards creating an RFP only it could win.
Apart from what I’ve discussed here, I’ve no evidence that is the case, and Afilias has not yet responded to my request for comment today.
Luckily for the bidding registries, the Columbian RFP has not yet been finalized. Comments submitted by the bidders and others are apparently going to be taken on board, so the barriers to entry for respondents could be lowered before bids are finally accepted.
MinTIC posted an update last night that extends the period that the RFP could run, and the transition period should Neustar lose the contract. A handover, should one happen at all, could now happen as late as February next year.
Ten years ago I predicted Oscar winners wanted a .movie gTLD. Was I right?
Almost 10 years ago, when DI was barely a month old, I looked at that year’s Oscar nominees and predicted that a .movie gTLD could find some demand in the movie industry. Was I right?
Of course I was. As regular readers know, I’m always right. Apart from those times I’m wrong.
In 2010, there was no .movie gTLD and no publicly announced applications, but I noted at the time that almost half of the 50 nominated movies that year included the word “movie” immediately before the dot.
This year, there were 52 nominated movies across all categories (I’m well aware that this is a pretty small sample size to draw any conclusions from, but this post is just a bit of fun) so one might reasonably expect there to be roughly 25 official sites using .movie domains among them.
There are not. Only nine of the films, including four of the nine Best Picture nominees, use freshly registered .movie domains for their official sites.
These include the likes of 1917.movie, thecave.movie, joker.movie, onceuponatimeinhollywood.movie and littlewomen.movie.
.movie, managed by Donuts, has been around since August 2015. It competes with Motion Picture Domain Registry’s .film, which was not used by any of this year’s Oscars hopefuls.
What about the rest of this year’s nominees? Did they all register fresh .com domains for their movies?
No. In fact, only 10 of the 52 movies appear to have registered new .com domains for their official sites — one more than .movie — including two of the Best Picture nominations.
These fresh .com regs include domains such as parasite-movie.com, richardjewellmovie.com, ilostmybodymovie.com, forsamafilm.com and breakthroughmovie.com.
One movie — Honeyland, a North Macedonian environmentalist documentary about bees — uses a .earth domain.
I discovered today that, rather brilliantly, the Japan-based .earth registry demands registrants “voluntarily pledge to become ambassadors for Earth and do away with actions that harm Earth and its inhabitants” in its Ts&Cs.
So, of the 52 nominated movies, only 20 opted to register a new domain for their official site — down from 24 in 2010 — and that business was split evenly between .com and new gTLDs.
Whether the movies opted for a .movie domain appears to depend in large part on the distributor.
Sony appears to be a bit of a fan of the gTLD, while Fox, Disney and Warner tend to use after-the-slash branding on their existing .com domains for their films’ official sites.
I tallied 17 movies that have their official sites on their distributor’s .com/.org domain.
There are also trends that I could not have predicted a decade ago, such as the rise of streaming services. Back in 2010, Netflix was still largely a DVD-delivery player and was not yet creating original content.
But this year, seven of the Oscar-nominated movies were made and/or distributed by Netflix, and as such the official web site is the same place you go to actually watch the film — netflix.com.
A few of the nominated animated shorts don’t need official sites either — you just head to YouTube to watch them for free.
There are currently only about 3,200 domains in the .movie zone file, about 1,200 fewer than rival .film. It renews at over $300 a year at retail, so it’s not cheaper than the alternatives by a long way.
DI Leaders Roundtable #4 — Big predictions for 2020
Hindsight is 2020, right? Not this time!
We’re rolling up to the end of the year, so for the fourth DI Leaders Roundtable I thought I’d task my panel of industry experts with the wholly original and unpredictable question:
What do you think will be the major trends or developments in the domain name industry in 2020?
I’m wonderfully happy to report that the panel grasped the opportunity with both hands and delivered an absolute smorgasbord (selection of open sandwiches) of informed opinion about how they reckon 2020 will play out.
From potential changes to security practices to ongoing consolidation to increased government regulation to the death of new gTLDs to the growth of new gTLDs, 2020 is certainly going to be a fun year to report on.
In no particular order, this is what they said:
Rick Schwartz, domain investor
2020 is going to be just a fabulous year.
It comes down to two words: re-branding and upgrading.
Businesses that have gotten domains that may have not been prime to begin with want prime domains now to help them grow and be taken more seriously.
Businesses, especially global businesses that made the mistake of using non-dotcom domains, have realized their mistake and want to upgrade to a dotcom domain because of their own self-interest. They don’t care what domainers think! They only care about what they think and their bottom line, and in that regard they only have one choice and they all know it.
It’s mandatory if they want to grow and become part of the largest franchise ever known to mankind. The dotcom franchise.
If you add up all the net worth of every company on earth using the dotcom brand, the number is unfathomable.
As we go into the seventh year of the new gTLD experiment, they are meaningless. They haven’t been adopted by almost anybody. Circulation is poor. So many registrations are questionable or penny-promotional. The majority are parked and not in use nor will they ever be. And 99.9% of the people on this planet could not name a single one of them! Not a one!
The poor roll-out, poor marketing, poor circulation, questionable tactics and rolling out hundreds of extensions at one time was a death wish. A demolition derby as I have described and look at the HUNDREDS that are truly dying on the vine. They are not viable!
The registries themselves wanted the same result as dotcom but they smothered their own product by holding back anything they deemed to have any value whatsoever. They wanted the same result as dotcom but they certainly didn’t use the same playbook. There was no such thing as premium domains with Network Solutions. That was what gave life to the aftermarket.
They changed the recipe and it is what it is. Instead of replacing dotcom domains they should have marketed them as an on-ramp to their main dotcom website. That was a fatal choice.
Country-code extensions with dual purposes have outperformed all the new gTLDs put together.
.org has legs. Even .net domains seem to be in better shape than any of the new extensions.
According to NTLDStats.com there are 400 extensions with less than 20,000 registrations. Not viable! Over 300 of them have less than 10,000 and more than 200 have less than 5,000 and most of those have 2,000 or less.
On the other hand, there have been a lot of gimmicks used by the top 10 to gain HOLLOW registrations. Those 10 control 63% of all new gTLD registrations. Leaving the other 37% to be divided by over 500 other extensions. It’s laughable.
And when it comes to aftermarket sales, 2019 was worse than 2018 and 2017. Wrong direction for something that is supposed to be “emerging.”
According to TheDomains.com reported sales, of new gTLD’s are in a nosedive for 2019 vs 2018 and 2017. And most were done by registries themselves and not individual domain investors. Wrong direction!
2017
1,007 Total Sales
$5.2m Dollar Volume
$5,118 Average Price
$500.3k High Price
2018
1,490 Total Sales
$5.7m Dollar Volume
$3,847 Average Price
$510k High Price
2019
865 Total Sales
$3.4m Dollar Volume
$3,940 Average Price
$335k High Price
To me, 2020 is a year of total clarity. The experiment is over.
Get on board or get run over.
Sandeep Ramchamdani, CEO, Radix Registry
Within the new domains space, we will see a clear separation between the top 10 most popular extensions, and everything else. Many new TLDs have been able to jump volumes by operating at ultra-low prices. As the reality of renewals hit next year, the top TLDs by DUMs will more closely represent the most popular strings overall. Registrars will naturally tend towards focusing on these strings at the cost of everything else.
We will continue to see the normalization of new strings, as its visibility driven by legitimate end-user usage, rises. Our hope is that more registries play an active role in driving adoption by highly visible end-users and accelerate this evolution.
Jeff Neuman, Senior VP, Com Laude
Looking into my domain name industry crystal ball for 2020, I can see the continuation of some of the same activities, the start of some new debates, and even more maturation of the industry. Here are my views on three of the policy issues likely to be center-stage in 2020 (in no particular order).
Transitioning to a new Steady State of New TLDs.
OK, so the next round of new gTLDs will not open in 2020. However, there will be some real progress made towards the next round. The Subsequent Procedures PDP will complete its policy work on its review of the 2012 round and deliver it to the Council, who in turn will approve (hopefully) the policy work and submit to the Board.
The ICANN Board will put out the report for public comment and we will see those that oppose any new more new TLDs come back out of the woodwork to file the same type of comments reminiscent of 2009/2010. They will claim that more TLDs are not needed, we should not be moving too fast (despite nearly a decade between rounds), and that we should not be adding new TLDs until we solve DNS Abuse, Name Collision, WHOIS/SSAD/GDPR/RDAP/UAM, (insert your own issue), etc.
Despite the likely negativity from some, the community will realize that there is value to additional new gTLDs and maintaining a competitive landscape. There is still value in innovation, encouraging consumer choice and competition. The community will rise above the negativity to realize that many of the issues we experience in the industry are in fact related to the artificial scarcity of TLDs and that we need to continue to push forward towards completing one of the original missions of ICANN.
Rights Protection Mechanisms move to Phase 2.
Admittedly most of the community has not been paying attention to the Rights Protection Mechanisms (RPMs) Policy Development Process PDP. Currently it is working on Phase 1: Reviewing the RPMs introduced for the 2012 Round of New gTLDs. This work includes looking at the Trademark Clearinghouse, Sunrise Processes, the URS and the Trademark Claims process.
2020 may likely see the beginning of its second phase, the first ever review of the Uniform Dispute Resolution Policy (UDRP).
The UDRP was the first of ICANN’s Consensus Policies, and one that has been in place for more than to decades. Great care must be taken in the review of this policy which most will argue has been ICANN’s most successful policy in its relatively young history. The UDRP not only protects the intellectual property community by going after the bad faith registration and use of gTLD domains, but it also has been instrumental for registries and registrars to stay out of the middle of domain name disputes.
Prior to the UDRP, the one domain name registry/registrar was constantly in court defending itself against claims of contributory infringement and hoping that courts would not impose liability on it for allowing the registration of domain names by cybersquatters and not taking back names when notified about the abuse that was occurring on those names.
The passage of the UDRP drastically changed all of that. Registries and Registrars could extricate themselves from domain name disputes by referring the parties to the UDRP and agreeing to following/implementing the decisions. Courts agreed that following the UDRP served as a shield of liability for those registries and registrars that faithfully followed the policy. The bottom line in my view is that domain name registries and registrars need the UDRP as much as the IP Community.
The DNS Abuse Debate continues.
Although some progress has been made in defining and mitigating DNS Abuse with a number of registries and registrars signing a Framework to Address DNS Abuse, more discussions by the ICANN community will continue to take place both within and outside of ICANN. In my opinion, those registries and registrars that are serious of addressing true DNS abuse, will continue to educate the community on the already positive steps that they have been taking to combat phishing, pharming, malware, botnets, etc. as well a number of other non-DNS abuse issues (illegal pharmaceuticals, child exploitation, etc.).
Other groups will continue to press registries and registrars to do more to combat all sorts of other non-DNS forms of abuse, while others will strenuously argue that the more that is done, the more we threaten the civil liberties of domain name registrants. The community will realize that there is no right side or wrong side in this debate. Each side of those complicated debate is right.
Hopefully, a true sense of “multi-stakeholderism” will arise where domain name registries and registrars continue to mitigate abuse while disassociating themselves from those that are not as serious about combating abuse, ICANN will develop tools that will constructively assist with mitigating abuse (as opposed to focusing on contractual regulations), and the rest of the community will work on how to combat the growing problem without trampling on the rights of registrants. At the end of the day, all of us have a role in protecting end users on the Internet.
Note: I know the ePDP work on Universal Access will of course be ongoing, but I am sure others will give their thoughts on that. From a non-policy perspective, the domain name industry will continue to consolidate. We may very well see more registry/registrar combinations, registries purchasing other registries and private equity investment. We will see some more innovative uses of brand TLDs and others following suit.
Christa Taylor, CMO, MMX
- The predicted 2020 recession will reward agile organizations who embrace machine learning to enhance operational efficiencies, customer experiences and protect corporate profit margins. Naturally, organizations with high operating costs will be the hardest hit with impacts being felt in the second half of 2020.
- The potential recession combined with mounting pressures to increase efficiency will lead to a renewed focus on reaching niche markets to expand business.
- Protection and representation movement of identities will continue to gain strength and momentum in 2020 as more and more people recognize the importance of controlling their own personal data.
- Horizontal and vertical consolidation along with increased synergies will continue throughout the industry.
- The 4th industrial revolution (IoT, VR, AI, BC) will gather momentum and provide additional opportunities for the use of domain names.
- The next round of new gTLD applications will encounter unanticipated challenges causing delays.
- New gTLDs registrations will continue to grow in 2020.
Michele Neylon, CEO, Blacknight
I suspect we’ll see more consolidation across the domain and hosting space. Afilias will probably acquire a few more under-performing registry operators. Some will already be on their platform, while others will be using their competitors. CentralNic will continue to acquire companies that fit with their portfolio of services.
There’ll be more mergers and acquisitions across the hosting and domain registrar space with a small number of companies dominating most developed markets.
The PIR acquisition by Ethos Capital will close and the sky won’t fall. PIR will increase their wholesale price by a few percentage points which will upset domain investors. There’ll be increased calls on ICANN to take action, but these will be rebutted.
More country code operators will start using AI to combat abusive registrations. In some cases I suspect we’ll see more stringent registrant validation and verification policies being introduced, though many ccTLD operators will find it hard to balance maintaining new registration volumes while also increasing the overall “quality” of the registration base.
There’ll be an increase in internet shutdowns in less-developed democracies, while governments in Europe and elsewhere will increase pressure on social media companies to stop the spread of propaganda. Internet infrastructure companies will come under more pressure to deal with content issues.
As we enter a new decade the role of the internet in our daily lives, both business and personal will continue to grow.
The big challenges that lie ahead are going to be complex. Without increasing security there’s a tangible risk that consumers will lose trust in the system as a whole and governments will want to impose more regulations to ensure that. One of the challenges is going to be balancing those increased levels of security and consumer confidence while not stifling innovation.
It’s going to be a fun future!
Dave Piscitello, Partner, Interisle Consulting Group
Expect increased scrutiny of the domain registration business. Our study and others to follow will continue to expose enormous concentrations of abuse and criminal domain registrations at a small number of registrars.
Domains registered using bulk registration services will attract the most attention. We call these “burner domains”, because cybercriminals use these in a “register, use, and abandon” fashion that’s similar to how drug dealers use disposable or burner mobile phones.
Governments will become more insistent that ICANN does more than acknowledge their recommendations and then defer adoption. They will increase pressure to validate domain registration data and legitimate businesses will happily comply with the additional validation overhead because of the abuse mitigation benefits they’ll receive.
There’s a possibility that a government other than the EU will adopt a data protection regulation that exposes the flawed logic in the ill-conceived Temp Spec “one redaction fits all”. Having decided to “run with GDPR”, what will ICANN do when faced with a government that insists that email addresses be made public?
The governance model will also fall under scrutiny, as the “multi” in multi-stakeholder appears to be increasingly dominated by two stakeholder interests and public interest barely receives lip service.
Ben Crawford, CEO, CentralNic
- There will be more creative ways to bake identity, cyber security, crime prevention and policing, and IP protection measures into domains and registration services
- More registries will be auctioning their own deleting domains
- Large tech firms, finance players and telcos will play and increasing role in the domain industry
- Further consolidation of gTLDs as the bigger registry operators continue to acquire some of the smaller ones
- More regulations impacting the domain name industry
- Smart independents like .XYZ, Radix and .ICU (which went from zero to 4+ million DUMs in 18 months) will continue to dominate the nTLD space (without blowing $100m on the rights to their TLDs)
Jothan Frakes, Executive Director, Domain Name Association
Consolidation will continue — look for a lot of M&A activity and corporate development. Lots of moves and role changes with people changing companies as the consolidation occurs. With change comes great opportunity, and there will be a lot of change.
The industry is kicking off the year with oomph — the new location and format for NamesCon, billed as as the Domain Economic Forum in Austin. The event looks promising, as it begins refreshed and demonstrates the strengths of the team who produce Cloudfest. Austin, like Las Vegas, is a mecca for tech startups, but larger, so hopefully the convenience of the venue to the local tech companies, along with with GoDaddy demonstrating a heavier presence at the event this year will be a big lure to attract more new faces to this great industry (and event).
There will be more focus on making things easier for new customers to use and activate services on domain names. Cool technologies such as DomainConnect or other methods that enable “app store” type activation of domain names will continue to make it simpler for a domain name owner to activate, build and use their domains. This is a crucial evolutionary step in the business, as it plays a significant role in renewal rates and overall customer growth.
We’ll see further innovation in the use of domain names become more mainstream. IoT, GPS/Geo, AI, Bots, voice, AR/VR and other technologies will drive expanded use of domain names. Even Blockchain, which seems to have gotten more pragmatic about purpose, has a lot of promise with how it can interact with DNS now that the hype has scaled back and the designated drivers that remain are plowing forth with their efforts to deliver on the core purpose/benefits they set out to deliver.
Domains, as well as the cool things that you can do with them, will continue to be a growing business that enables people and organizations to build and do great things.
A very happy new year to all DI readers and supporters!
Q3 industry growth driven by .tk, .com and .icu
The domain name industry grew by 5.1 million names in the third quarter, according to the latest Domain Name Industry Brief from Verisign.
September ended with 359.8 million names across the board, the DNIB (pdf) shows.
Half of the growth came from Tokelau’s .tk, which is handed out for free by Freenom and is where domains never delete. It grew by 2.6 million names to 25.1 million in the quarter.
Next biggest grower was Verisign’s own .com, which grew by 1.5 million names to end September with an even 144 million. Its red-headed sibling, .net, lost 200,000 names over the same period and ended the quarter on 13.4 million.
Excluding .com and .tk leaves just one million names worth of net growth across the remainder of the industry, which comprises another 1,515 TLDs.
Taiwan’s .tw, which has been going through a bit of a spurt over the last year or so, added 300,000 domains, but .uk, which was a driver in Q2, was flat at 13.3 million.
New gTLDs grew by one million during the quarter, ending at 24 million, according to the DNIB.
That appears to have been driven almost entirely by ShortDot’s cheapo .icu, which has been flying off the shelves in China all year. Zone file records show it added over a million domains in Q3. It currently has 4.2 million names in its zone.
When these domains start to drop, it will likely be on a scale to materially affect the overall industry numbers in future DNIBs.
Warning (or threat?) prices must go up or .org will suffer DAYS of downtime
Public Interest Registry’s new commercial owner will have to raise domain prices significantly, or .org web sites will suffer over three days of downtime every year, one of its subcontractors has warned.
The claim came in a surprising, confusing letter (pdf) to ICANN’s top brass from Packet Clearing House, a major provider of DNS Anycast services.
PCH claims that Ethos Capital, which is in the process of buying PIR from the Internet Society for $1.135 billion, can only make a profit on the deal if it significantly ups the price of .org domains while simultaneously cutting infrastructure spending.
But its numbers don’t make a whole heck of a lot of sense to me, unless you interpret them as a threat to throw .org under a bus.
PCH is a non-profit company in the business, partly, of selling DNS Anycast services. This is the technology that allows domain names to be resolved by a server as close to the end user as possible, cutting down on internet travel time and load-balancing resolution across the world.
For 15 years, it has been providing such services to Afilias, which is the back-end registry services provider for .org and hundreds of other TLDs. Some of the money PIR makes selling .org domains therefore flows from PIR to Afilias to PCH.
While PCH is hardly a household name, even in the domain name industry (in almost 10 years, I’ve mentioned its name once), the letter, sent last week and published by ICANN last night, attempts to open the kimono a little to reveal how much it costs to reliably resolve a major gTLD.
According to PCH, “annual operational cost necessary to ensure the reliable and performant availability of .ORG” has grown from $11 million in 2004 to $30 million today.
Does that mean Afilias pays PCH $30 million a year to help resolve .org? No.
PCH says that in 2019, $1.3 million will come “indirectly from .ORG registration revenue”, with the remaining $29 million “met through tax-deductible contributions from PCH’s many donors”.
As a non-profit, PCH accepts donations from more than 30 listed sponsors, including Afilias and ICANN, as well as household names such as Amazon, Google and Netflix.
According to PCH’s letter, if .org is transferred into for-profit control, this $29 million will dry up. The letter states:
Under IRS tax law, tax-deductible donations to non-profits cannot accrue to the benefit of a for-profit. Therefore if .ORG is transferred to a for-profit entity, we cannot ask our donors to continue to subsidize its operation, 96% of .ORG’s current operational funding will disappear, and the reliability of its operation will sink from that of .COM and .NET to the least-common-denominator of commodity domains, which generally suffer several days of outage per year.
It estimates .org’s potential downtime at 3.12 days per year. It’s not saying that would happen in one big 72-hour chunk, but it still averages out at about 12 minutes per day
This amount of interruption would put PIR firmly on ICANN’s naughty step when it comes to the registry’s contractual uptime commitments — it has to provide 100% DNS service availability every month, under pain of losing its contract.
But why would those PCH contributions dry up?
Is PCH seriously saying that its donors are chucking in $29 million a year specifically to subsidize .org resolution services? Why on Earth would they do that, when .org brings in revenue of over $90 million per year and PIR only pays Afilias $18 million for registry services?
PCH provides Anycast for 243 gTLDs and 120 ccTLDs. The vast majority of these are managed by for-profit entities. There simply are not 243 non-profit gTLDs out there. Not even close.
In fact, most of the gTLDs PCH serves appear to be for-profit Afilias clients, including many dot-brands.
Goodness knows how PCH segments its income and expenditure, but it seems very likely that PCH’s donors are already financially helping to provide resolution services for commercial registries.
Could we interpret this letter as a threat to deliberately degrade .org’s performance, should the Ethos transaction go through? I’m not sure, but I think it’s a plausible read.
Regardless, we have to take PCH’s claims about the loss of sponsorship money at face value if we want to follow the rest of its calculations.
If the .ORG domain is sold for USD 1.135B, wholesale price and number of domains remain unchanged over the remaining nine years of the delegation (USD 900M gross), and operational reliability is maintained (at a cost of USD 270M), the buyer would take a net loss of USD 470M, or -6.33% CAGR. Private equity does not purposefully enter into loss-making deals. We may therefore conclude that the above scenario is not the intended outcome of the proposed sale.
That calculation seems to assume that PIR/Ethos/Afilias picks up the slack caused by the loss of the purported $29 million subsidy, rather than continuing to pay $1.3 million per year.
But PCH goes on to calculate that Ethos could make a profit on the acquisition only if it raises prices at over 10% a year AND refuses to chip in the missing $29 million.
If the .ORG domain is sold for USD 1.135B, prices are increased by 10% annually (USD 1.357B gross), and operational spending is slashed by 99%, (USD 2.7M), the buyer would make a net gain of USD 220M, or 1.99% CAGR, while increasing down-time to more than three days per year.
1.99% CAGR is not a return for which private equity would typically take this magnitude of risk. The unavoidable conclusion is that any private equity buyer who spends $1.135B to buy the .ORG domain must not only increase prices by more than 10% annually, but also cut operational costs to the minimum levels we see available at the low end of the market, with disastrous consequences for .ORG registrants and the public who depend upon them.
Again, all of these calculations appear to rely upon the notion that $29 million of voluntary donations from Amazon, Netflix, IBM, et al disappear when the acquisition is finalized.
It’s difficult to say how much PCH spends on its DNS infrastructure across the board, or how it accounts for its donations. The company does not make any financial information available on its web site.
Wikipedia reports, in an edit apparently made by PCH executive director Bill Woodcock, that the company had revenue of $251 million last year.
I assume the vast majority of that comes from and supports its primary business, which is building and maintaining internet exchange points around the world.
The only 990 tax return I could find for a “Packet Clearing House” in the San Francisco bay area shows an entity with barely $2 million of revenue in 2018.
To return to the letter, PCH concludes:
Three days per year of interrupted communications for millions of not-for-profit organizations would unacceptably damage the stability and functionality of the Internet, and more broadly of society globally.
We believe that stability and functionality should be central to any consideration by ICANN of change of control or contract modifications in relation to the .ORG TLD. As we demonstrate, the proposed transaction, or any financially-similar one, guarantees a disastrous effect on stability. Please do not approve it.
It’s a pretty shocking request, coming from an organization with a 15-year relationship with .org.
Perhaps PCH is concerned that PIR, under new management, will dump Afilias as back-end provider, leading to a loss of business for itself? Maybe, but that only appears to be a piddling $1.3 million out of a $251 million budget.
A more pressing question is arguably whether ICANN, which is currently probing ISOC and Ethos for additional information about the acquisition, finds PCH’s arguments persuasive.
ICANN has so far proved unresponsive to community concerns about pricing, but technical stability is its absolute raison d’etre. If there’s any risk at all that .org will start regularly missing its uptime targets, ICANN is duty bound to take those concerns seriously.
GoDaddy girls often make more money than the men
Women in some roles at GoDaddy are making more money than their male counterparts, according to data released by the registrar today.
In technical positions in the US, female employees are making on average $1.03 for every $1 men make, GoDaddy said. Women in leadership positions make two cents more than men.
But women in non-techie, non-leadership jobs make a penny less than males, the company said.
“The 2019 global salary data shows that GoDaddy is paying men and women at parity across the company, when comparing men and women in like roles,” GoDaddy said.
The new data also shows that 29% of GoDaddy employees globally are female, which is the same as last year.
But the proportion of women in technical jobs decreased by two points to 17%.
Meanwhile, 36% of non-technical roles are staffed by women, up one point from 2018.
In the US, the female contingent was a little higher — 30% overall, 19% of techies and 37% of non-techies.
The male-female mix at GoDaddy appears to be in the same ballpark as what we generally see with attendance statistics coming out of ICANN meetings — roughly 70/30.
GoDaddy started publishing this data five years ago as part of a plan to foster diversity, reduce unconscious bias, and generally get away from its roguish foundational image as a company that flogged millions of domains with “GoDaddy Girls” — usually busty spokesmodels in skimpy clothing.
Amid .org controversy, Cerf predicts the death of all domains
As the debate about the sale by the Internet Society of .org registry PIR to a private equity company passionately continues, one reason put forward to defend the deal doesn’t appear to have been given much attention: it seems ISOC doesn’t have much confidence in the longevity of the domain name industry.
Reducing ISOC’s exposure to a single revenue source has been expressed as a pro for the deal by several supporters, but was perhaps best stated by Vint Cerf — ISOC founder, former ICANN chair, and Google’s chief internet evangelist — on an ISOC mailing list posting last week. Cerf wrote:
The domain name business started in 1992. There is not assurance that it will go one indefinitely — something new will likely come along. It would be good for ISOC to be able to continue its work without specific dependence on a single TLD’s commercial viability.
It’s perhaps not a particularly controversial statement. Nothing lasts forever. Everything dies. Whether it’s climate-related human extinction, a robot uprising, the zombie apocalypse, or the inevitable heat death of the universe, something’s definitely going to kill off DNS eventually.
I expect Cerf was more probably referring to a new technology that will come along to replace the need for domains altogether.
But is it a pressing reason to flog Public Interest Registry in 2019?
Maybe. It’s no secret that volume growth across the domain market is not great. Verisign’s latest Domain Name Industry Brief showed most growth in the second quarter driven by anomalies.
Even .org itself is struggling. Look at this chart, that tracks .org domains under management in the last few years.
You’ll see that DUM peaked at 11.4 million names in early 2016. That was after a couple of anomalous spikes that I speculate were related to pricing promotions or marketing campaigns.
It only took a few years for the gTLD to shed these gains.
Before the spikes, .org was at 10.6 million DUM. By July this year, it was at 10.5 million. Not pictured, the just-published transaction reports for August show the loss of about 30,000 more domains, bringing the TLD to its lowest level since October 2014.
Roughly speaking, for every domain it loses, PIR’s top line shrinks by a little under $10. A million domains lost is $10 million in lost revenue.
And this is a period in which PIR did not increase its prices, despite being permitted to do so by 10% per year.
Some amount of recent shrinkage could be accounted for by PIR’s “Quality Performance Index”, which seeks to reduce abusive .org registrations. But that’s only been in place since this June.
So, ISOC and Cerf perhaps have a right to be pessimistic.
And if the decline in volumes continues, it is perhaps inevitable that PIR’s new owner will have to increase prices just to keep revenues from going down in line with DUM.
DI Leaders Roundtable #3 — What did you think of ICANN 66?
It’s time for the third in the series of DI Leaders Roundtables, in which I pose a single question to a selection of the industry’s thought leaders.
With ICANN 66 taking place a couple of weeks ago in Montreal, Canada, a multitude of topics came under public discussion, among them: DNS abuse, the .amazon gTLD application, access to Whois data and geographic names protections.
So, this time around, I asked:
What was your biggest takeaway from ICANN 66?
And this, in no particular order, is what they said:
Frank Schilling, CEO, Uniregistry
What a great industry… So many stable players with fresh ideas. Innovators who cross pollinate and stay with the industry in spite of the fact that there is no new gold and obvious money-making opportunity at the moment. Many stable operators trying new things and growing the industry from the inside out.
Michele Neylon, CEO, Blacknight
The biggest single topic was “abuse”. It’s not a “new” topic, but it’s definitely one that has come to the fore in recent months.
Several of us signed on to a “framework to address abuse” in the run up to the ICANN meeting and that, in many respects, may have helped to shift the focus a little bit. It’s pretty clear that not all actors within the eco system are acting in good faith or taking responsibility for their actions (and inactions). It’s also pretty clear that a lot of us are tired of having to pay the cost for other people’s lack of willingness to deal with the issues.
Calls for adding more obligations to our contracts are not welcome and I don’t think they’ll help deal with the real outliers anyway.
There’s nothing wrong in theory with offering cheap domain names but if you consciously choose to adopt that business model you also need to make sure that you are proactive in dealing with fraud and abuse.
Ben Crawford, CEO, CentralNic
That M&A has become the dominant business activity in the domain industry.
Milton Mueller, Professor, Georgia Tech
My takeaways are shaped by my participation on the EPDP, which is trying to build a “standardized system of access and disclosure” for redacted Whois data. The acronym is SSAD, but it is known among EPDP aficionados as the “So-SAD.” This is because nearly all stakeholders think they want it to exist, but the process of constructing it through an ICANN PDP is painful and certain to make everyone unhappy with what they ultimately get.
The big issue here concerns the question of where liability under the GDPR will sit when private data is released through a So-SAD. Registrars and registries would like to fob off the responsibility to ICANN; ICANN tells the world that it wants responsibility to be centralized somehow in a So-SAD but ducks, dodges and double-talks if you ask it whether ICANN org is willing to take that responsibility.
ICANN’s CEO, who fancies himself a European politician of sorts, has driven the EPDP team batty with a parallel process in which he ignores the fact that the EPDP team has all stakeholders represented, lawyers from contracted parties and data users, and privacy experts on it, as well as formal legal advice from Bird and Bird. Instead he feels compelled to launch a parallel process in which ICANN org goes about trying to make proposals and then ask European authorities about them. He has asked a bunch of techies unaware of the policy issues to design a So-SAD for us and is now badgering various European agencies for “advice” and “guidance” on whether such a system could centralize legal responsibility for disclosure decisions. The parallel process, known as the Strawberry team, was featured in the public meeting on Whois reform as if it was of equal status as the formally constituted EPDP.
But a great ICANN 66 takeaway moment occurred during that moment. The European Commission’s Pearce O’Donoghue told the assembled multitudes that a SoSAD “WOULD NOT…REMOVE THE LIABILITY OF THE DATA CONTROLLER, WHICH IS THE REGISTRAR OR THE REGISTRY. SO WE WOULD HAVE A QUESTION AS TO WHETHER IT IS ACTUALLY WORTH THAT ADDED COMPLEXITY.” So, bang, the request for European advice blew up right in Goran Marby’s face. Not only did he get a critical piece of advice on the most important issue facing the SoSAD and the EPDP, but he got it without going through the elaborate parallel process. No doubt there is now furious behind the scenes lobbying going on to reverse, change or step back from O’Donoghue’s comment. Marby has been quoted (and directly seen, by this writer) as claiming that with the submission of the Strawberry team’s formal request for “guidance” from the European Data Protection Board being submitted, he is now “done” with this. Let’s hope that’s true. My takeaway: ICANN org and all of its fruity concoctions needs to get out of the way and let the PDP work.
The final EPDP-related takeaway is that the biggest decision facing the EPDP as it makes policy for the So-SAD is who makes the disclosure decision: registrars who hold the data, or ICANN? Everyone agrees with centralizing the process of requesting data and hooking up to a system to receive it. But who makes the decision is still contested, with some stakeholders wanting it to be ICANN and others wanting it to reside with the contracted parties. It seems obvious to me that it has to be the registrar, and we should just accept that and get on with designing the So-SAD based on that premise.
Jothan Frakes, Executive Director, Domain Name Association
A few: WHOIS (or Lookup) remains challenging territory, registries and registrars > are not inactive about addressing abuse while avoiding becoming content police, and poutine is delicious.
Christa Taylor, CMO, MMX
Recent Comments