Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
ICANN says it can spend quarter-billion-dollar auction fund however it likes
ICANN can tap into its $236 million new gTLD auction fund whenever it wants, and there’s nothing the community can do about it, according to its board of directors.
The board this week said it has a “legal and fiduciary responsibility” over the money, and would be obliged to spend the cash to meet ICANN’s obligations if it ever needed to.
The statement came in a letter to the leaders of a community working group that this week published a set of preliminary recommendations (pdf) for how the money should be distributed.
The group — a cross-community working group or CCWG — laid out a few options for how the money should be administered, either by ICANN alone or in conjunction with a charitable third party, and distributed.
The money was collected from new gTLD applicants that participated in ICANN’s “last-resort” auctions to settle their contention sets. Over half of the money came from Verisign’s winning bid for .web, which is still being contested.
The CCWG said that the money should be used to:
- Benefit the development, distribution, evolution and structures/projects that support the Internet’s unique identifier systems;
- Benefit capacity building and underserved populations, and;
- Benefit the open and interoperable Internet
But the CCWG could not agree among itself whether ICANN Org or community groups such as the GNSO or GAC should be able to grab some of the cash, which is currently held in a special fund, separated from ICANN’s operational budget.
The group asked the board for its opinion, and the board responded (pdf):
ICANN maintains legal and fiduciary responsibility over the funds, and the directors and officers have an obligation to protect the organization through the use of available resources. In such a case, while ICANN would not be required to apply for the proceeds, the directors and officers would have a fiduciary obligation to use the funds to meet the organization’s obligations.
In other words: it doesn’t matter what rules you put in place, it’s our money and we’re duty-bound to spend it if we have to.
The board added, however, that ICANN Org “currently does not foresee a situation where it would need to apply for the proceeds”.
ICANN is pretty well-funded. It would have to hit hard times indeed before it needed to crack open the auction nest egg.
The board also said that supporting organizations and advisory committees would not be able to apply for funding because they’re not legal entities and wouldn’t pass the due diligence.
The CCWG’s initial report is now open for public comment until November 27.
Google abandons its .kid gTLD bid
Google has retreated from the interminable three-way battle for the .kids/.kid gTLDs.
The company this week withdrew its application for .kid, leaving the fight for .kids a two-horse race between Amazon and the not-for-profit DotKids Foundation.
Google’s application was intertwined with the two .kids applications due to a String Confusion Objection, which it won, drawing its bid into contention with DotKids and Amazon.
The contention set was, and arguably still is, due to be settled by an ICANN last-resort auction, but has been repeatedly postponed due to appeals to ICANN by DotKids, which doesn’t think it has the financial clout to beat its rivals.
Most recently, the auction was put on ice again after DotKids asked for ICANN money, then filed a Request for Reconsideration when ICANN refused.
Google’s .kid application had proposed an area for “kid-friendly content”. Registrants would have been vetted in advance of their domains going live to ensure they were established providers of such content.
ICANN number two Atallah is new CEO of Donuts
Akram Atallah, head of ICANN’s Global Domains Division, has quit and joined Donuts as its new CEO, DI has learned.
According to multiple sources, Atallah’s last day at ICANN was yesterday.
While neither company has announced the move yet, I gather that ICANN staff were informed by CEO Goran Marby today.
The news comes just a month after private equity firm Abry Partners, which counts former ICANN CEO Fadi Chehade among its partners, acquired Donuts for an undisclosed sum.
While the revolving door between industry and ICANN is pretty much continuous, Atallah is probably the highest-profile example since Kurt Pritz in 2012 and Peter Dengate Thrush in 2011.
As head of ICANN GDD, he was responsible for all things gTLD. Before the creation of the role, he was COO.
He was also interim president and CEO of the organization on two occasions, keeping the seat warm prior to the arrival of Chehade and Marby,
Atallah and Chehade also worked together in their pre-ICANN days in the software industry.
Donuts is of course the largest new gTLD registry in terms of TLDs, with 241 in its stable.
I’ve no word yet on where Bruce Jaffe, Donuts’ current CEO, is going, but I’ll update this post when I do.
Jaffe joined Donuts as chief a little over a year ago, replacing founder Paul Stahura.
Presumably, Jaffe was the turnaround guy and with Donuts’ acquisition secured the new owners figured it was time to hire an ops guy.
UPDATE 2022 UTC: Donuts just issued a press release in which it said that Jaffe will remain a senior adviser during the transition. It also said that Atallah starts in his new job November 12.
UPDATE October 10: ICANN said in a statement overnight that VP of DNS industry engagement Cyrus Namazi will head GDD on an interim basis, with support from CTO David Conrad.
ICANN blocks .islam after government veto
After six years, ICANN has finally killed off the applications for the new gTLDs .islam and .halal, due to objections from several governments.
It has also rejected the application for .persiangulf from the same applicant.
The decisions were made by the ICANN board of directors last Wednesday. The resolutions were published Friday night.
The board said: “it is apparent that the vast majority of the Muslim community (more than 1.6 billion members) object to the applications for .HALAL and .ISLAM.”
This actually means that the Organization of Islamic Cooperation, the 57-nation treaty group with a combined 1.6 billion nominal Muslim citizens, objected to the applications.
Several governments with large Muslim populations — including the UAE, Malaysia, Turkey, India and Iran — had also individually told ICANN on the record that they were not happy.
The view from these governments seemed to be that if there’s going to be a .islam, it should be run under the umbrella of a group such as the OIC, rather than some random tuppenny ha’penny gTLD registry.
In Christianity, the comparable gTLD .catholic is run by an affiliate of the world’s oldest pedophile ring, while .bible is being run as a propaganda tool by a group of sexually repressed, homophobic American evangelicals.
The ICANN board said its decision to reject .islam and .halal was in tune with its “core values” to protect the “public interest”.
The decision was based “on its consideration of and commitment to ICANN’s Mission and core values set forth in the Bylaws, including ensuring that this decision is in the best interest of the Internet community and that it respects the concerns raised by the majority of the community most impacted by the proposed .HALAL and .ISLAM gTLDs”.
It’s been avoiding making this decision since at least December 2013.
But it has now voted that the two applications “should not proceed”. It does not appear to have banned organizations from applying for the strings in subsequent application rounds.
The applicant for .islam and .halal was Turkey-based Asia Green IT System. It applications have been “on-hold” since the GAC issued non-consensus advice against them back in April 2013.
The OIC filed Community Objections against both gTLDs with the International Chamber of Commerce, but failed on both counts.
Having failed to see any progress, in December 2015, AGIT filed an Independent Review Process appeal against its treatment by ICANN, and won.
The November 2017 IRP decision held that the “on-hold” status was a “new policy”, unilaterally put in place by ICANN Org, that unfairly condemned AGIT’s applications to indefinite limbo.
The panel ordered ICANN to make its damn mind up one way or the other and pay about $270,000 in costs.
While rejecting the applications may not seem unreasonable, it’s an important example of a minority group of governments getting an essential veto over a gTLD.
Under the rules of the 2012 application round, consensus GAC advice against an application is enough to kill it stone dead.
But the GAC had merely said (pdf):
The GAC recognizes that Religious terms are sensitive issues. Some GAC members have raised sensitivities on the applications that relate to Islamic terms, specifically .islam and .halal. The GAC members concerned have noted that the applications for .islam and .halal lack community involvement and support. It is the view of these GAC members that these applications should not proceed.
That’s non-consensus advice, which is expected to initiate bilateral engagement with ICANN’s board before a decision is made.
In the case of .persiangulf, also applied for by AGIT and also now rejected, the GAC didn’t even give non-consensus advice.
In fact, in its July 2013 Durban communique (pdf) is explicitly stated it “does not object to them proceeding”.
This appears to have been a not atypical GAC screw-up. The minutes of the Durban meeting, published months later, showed that the Gulf Cooperation Council states had in fact objected — there’s a bit of a dispute in that part of the world about whether it’s the “Persian Gulf” or “Arabian Gulf” — so the GAC would have been within its rights to publish non-consensus advice.
This all came out when the GCC filed its own IRP against ICANN, which it won.
The IRP panel in that case ordered ICANN to outright reject .persiangulf. Two years later, it now has.
While the three gTLDs in question are now going into “Will Not Proceed” status, that may not be the end of the story. One “Will Not Proceed” applicant, DotConnectAfrica, has taken ICANN to court in the US over its .africa application.
Nominet to donate over $260,000 to Children In Need
UK ccTLD registry Nominet said today that it will donate £1 ($1.31) for every domain registered to the charity Children In Need.
The initiative, which runs from today until November 19, is being backed up with a £200,000 ($261,000) minimum donation commitment.
Every paid-for domain in .co.uk, .uk, .me.uk and .org.uk will count.
The .uk space typically has been doing about 125,000 to 130,000 new regs per month recently, across all subdomains and direct .uk, so we’re looking at a potentially substantial donation here.
The money raised will help fund technology-related youth projects across the UK, Nominet said.
Judging by today’s press release, non-profit Nominet is calling itself a “profit with a purpose” company nowadays.
Children In Need is a charity run by the BBC. It broadcasts a fundraising telethon every year, typically raising tens of millions of pounds.
This year’s show is being broadcast November 16.
CentralNic buys .fans for peanuts
CentralNic has acquired the flailing new gTLD .fans for an undisclosed sum.
The value of the deal was low enough that publicly traded CentralNic was not obliged to disclose the purchase to the market, CEO Ben Crawford confirmed.
The ICANN contract seems to have changed hands — transferred to a CentralNic subsidiary call Fans TLD Ltd — back in August.
We revealed back in May that CentralNic was acting as a caretaker for .fans, and sister TLD .fan, after original registry Asiamix Digital failed to make enough money to keep the business going.
.fan, which Asiamix bought from Donuts but never launched, was sold back to Donuts in June.
Donuts took .fan to sunrise last week and plans to take it to general availability in December.
.fans domains, meanwhile, have been in registrar storefronts since 2015, but the current tally of registered domains is barely above 1,600.
Domains are still selling for around the $100 mark, roughly double the expected retail price of .fan.
Is auDA’s new marketing windfall working?
Australian ccTLD .au appears to be growing at a faster rate after registry auDA cut its wholesale prices and devoted millions of dollars to marketing.
While the numbers are by no means conclusive, in the three months after the new business model came into effect .au grew almost twice as much as in the comparable year-ago period.
At the end of June, auDA switch its back-end registry from Neustar to Afilias.
It cut its wholesale price by 10% and said it would invest AUD 8 million ($5.7 million) over four years into a marketing and innovation fund.
The fund offers financial incentives to registrars and resellers that promote .au domains.
Growing .au’s market share is one of the defined objectives of the program, and stats collected by DI show it might be working.
In the three months between June 28 (two days before the transition to Afilias) and September 28, the number of reported .au domains went up from 3,153,432 to 3,163,998, an increase of 10,566 domains.
In the immediately prior three months, registered domains actually declined by 1,150.
In the same period June-September period of 2017, domains were up by 5,734, about half the level of this year.
So is the new regime succeeding in growing numbers more rapidly? Maybe. It’s probably too early to tell for sure.
Any increase in DUM could be offset by declines from domain investors, if a proposed policy change about who is allowed to register domains comes into effect.
The numbers above have two caveats: 1) they’re based on the running total published more or less live on auDA’s web site, so should be considered ball-park as they may have been collected at different times during the day, and 2) it’s possible that Afilias and Neustar report numbers from their back-ends differently, which might mean comparisons of numbers reported before and after the transition are unfair.
Google adds censorship workaround to Android devices
Google is using experimental DNS to help people in censorious regimes access blocked web sites.
Alphabet sister company Jigsaw this week released an Android app called Intra, which enables users to tunnel their DNS queries over HTTPS to compatible servers, avoiding common types of on-the-wire manipulation.
The company reportedly says it has been testing the app with Venezuelan dissidents recently.
The feature will also be built in to the next version of Android — known as Android 9 or Android Pie — where it will be called Private DNS.
The app is designed for people who for one reason or another are unable to update their device’s OS.
Intra and Private DNS use “DNS over HTTPS”, an emerging protocol Google and others have been working on for a while.
As it’s non-standard, end users will have to configure their devices or Intra apps to use a DoH-compatible DNS server. The public DNS services operated by Google (8.8.8.8) and Cloudflare (1.1.1.1) are both currently compatible.
The release comes even as Google faces controversy for allegedly kowtowing to the Chinese government’s demands for censored search and news results.
You may notice that the new app is being marketed via a .org web site, rather than Google’s own .app gTLD, but intra.app takes visitors directly to the Intra page on the Google Play store.
Spammy .loan makes Alibaba fastest-growing and fastest-shrinking registrar in June
Chinese registrar Alibaba was both the fastest-growing and fastest-shrinking registrar in June, purely due to its dalliance with hundreds of thousands of cheap .loan domain names.
Stats compiled by DI from the latest monthly registry reports show that Alibaba’s Singapore-based registrar — which has only been active for a year — grew its domains under management by 720,669 in June, almost four times as many as second-placed NameCheap.
The huge increase was due to Alibaba’s DUM in .loan doubling in June, going from from 621,851 to 1,274,532. Another 50,000 extra domains came from .win.
Both .loan and .win are run by registry GRS Domains, the company that replaced Famous Four Media as manager of the Domain Venture Partners gTLD portfolio.
According to SpamHaus, .loan has a “badness” of just shy of 90%, based on a sample size of 45,000 observed domains. SpamHaus has .win at almost 39% bad.
GRS has promised to turn its portfolio around and cut off its deep-discounting promotions effective August 20. The June figures reflect a time when discounts were still in place.
The Singapore Alibaba had DUM of 1,771,730 at the end of June.
At the bottom end of the June league table was a second Alibaba accrediation, Beijing-based Alibaba Cloud Computing (aka HiChina or net.cn), which had a net DUM loss of 266,411, after seeing 345,268 deletes in .loan (along with 45,000 deletes in .xyz and 35,000 in .xin).
The second biggest loser was AlpNames, which is owned by the same people as Famous Four, which deleted over 114,000 names in the month. The vast majority of these names were in FFM/GRS gTLDs, including .loan.
The main, earliest Alibaba accreditation, Alibaba Cloud Computing (Beijing), which has zero exposure to new gTLDs, grew by 69,794 domains to end June as the seventh fastest-growing registrar with DUM of 7,672,594.
As of a couple weeks ago, Alibaba has a fourth ICANN accreditation, Alibaba Cloud US LLC, but that obviously does not figure into the June numbers.
Here’s the top 10 registrars for June by DUM growth:
[table id=52 /]
And the bottom 10:
[table id=53 /]
You may notice that in both tables the net change column is not equal to the sum of adds and net transfers minus deletes. This is because, per ICANN contract, domains still in their five-day Add Grace Period are counted in DUM but not in adds, so many adds slip over into the following month.
Here’s what ICANN’s boss is saying about Whois access now
Should ICANN become the sole source for looking up private domain registrant data? That’s one of the options for the post-GDPR world of Whois currently being mulled over on Waterfront Drive.
ICANN CEO Goran Marby laid out some of ICANN’s current thinking on the future of Whois last week at an occasionally combative meeting in Los Angeles.
One idea would see ICANN act as a centralized gatekeeper for all Whois data. Another could risk ICANN becoming much more tightly controlled by governments.
I’ve listened to the recordings, read the transcripts, chatted to participants, and I’m going to attempt to summarize what I believe is the current state of play.
As regular DI readers know, post-GDPR Whois policy is currently being debated to a tight deadline by an Expedited Policy Development Process working group.
The work has been a tough slog, and there seems to be little hope of the EPDP closing all of its outstanding issues before its first conclusions are due under three weeks from now.
One of the outstanding issues not yet addressed in any depth by the group is the potential creation of a “unified access model” — a standardized way cops, trademark owners, cybersecurity professionals and others could look at the same Whois data they could look at just a few months ago.
While the EPDP has carried on deferring discussion of such a model, ICANN Org has in parallel been beavering away trying to figure out whether it’s even going to be legally possible under the new European privacy law to open up Whois data to the people who want to see it, and it’s come up with some potentially game-changing ideas.
After weeks of conference calls, the EPDP working group — made up of 30-odd volunteers from all sections of the ICANN community — met in LA for three days last week to get down to some intensive face-to-face arguments.
I gather the meeting was somewhat productive, but it was jolted by the publication of an ICANN blog post in which Marby attempted to update the community on ICANN’s latest efforts to get clarity on how GDPR legally interacts with Whois.
Marby wrote that ICANN “wants to understand whether there are opportunities for ICANN, beyond its role as one of the ‘controllers’ with respect to WHOIS or its contractual enforcement role, to be acknowledged under the law as the coordinating authority of the WHOIS system.”
What did ICANN mean by this? While “controller” is a term of art defined in mind-numbing detail by the GDPR, “coordinating authority” is not. So ICANN’s blog post was open to interpretation.
It turns out I was not the only person confused by the post, and on Tuesday afternoon last week somebody from the EPDP team collared Marby in the corridor at ICANN HQ and dragged him into the meeting room to explain himself.
He talked with them for about an hour, but some attendees were still nonplussed — some sounded downright angry — after he left the room.
This is what I gleaned from his words.
No End-Runs
First off, Marby was at pains to point out, repeatedly, that ICANN is not trying to bypass the community’s Whois work.
It’s up to the community — currently the EPDP working group, and in a few weeks the rest of you — to decide whether there should be a unified access model for Whois, he explained.
What ICANN Org is doing is trying to figure out is whether a unified access model would even be legal under GDPR and how it could be implemented if it is legal, he said.
“If the community decides we should have a policy about a unified access model, that’s your decision,” he told the group. “We are trying to figure out the legal avenues if it’s actually possible.”
He talked about this to persons unknown at the European Commission in Brussels last month.
Whatever ICANN comes up with would merely be one input to the community’s work, he said. If it discovers that a unified access model would be totally illegal, it will tell the community as much.
Marby said ICANN is looking for “a legal framework for how can we diminish the contracted parties’ legal responsibility” when it comes to GDPR.
So far, it’s come up with three broad ideas about how this could happen.
The Certification Body Idea
GDPR sections 40 to 43 talk about the concepts of “codes of conduct” and “certification bodies”.
It’s possible that ICANN was referring to the possibility of itself becoming a certification body when it blogged about being a “coordinating authority”. Marby, during the EPDP meeting, unhelpfully used the term “accreditation house”.
These hypothetical entities (as far as I know none yet exist) would be approved by either national data protection authorities or the pan-EU European Data Protection Board to administer certification schemes for companies that broadly fall into the same category of data processing businesses.
It seems to be tailor-made for ICANN (though it wasn’t), which already has accreditation of registries and registrars as one of its primary activities.
But this legal avenue does not appear to be a slam-dunk. ICANN would presumably have to persuade a DPA or two, or the EDPB, that giving third parties managed access to citizens’ private data is a good thing.
You’d think that DPAs would be dead against such an idea, but the EU members of ICANN’s Governmental Advisory Committee have put their names to advice stating that Whois should remain accessible under certain circumstances, so it’s not impossible they could see it ICANN’s way.
The C.R.A.P. Idea
Marby’s second idea for taking some of the GDPR burden off the shoulders of contracted parties is to basically make ICANN a proxy, or man-in-the-middle, for Whois queries.
“What would happen if ICANN Org legally is the only place you can ask a question through?” he said. “And the only ones that the contracted parties actually can answer a question to would be ICANN Org? Would that move the legal responsibility away from the contracted parties to ICANN Org?”
In many ways, this is typical domain industry tactics — if there’s a rule you don’t want to follow, pass it off to a proxy.
This model was referred to during the session by EPDP members as the “hub and spoke” or “starfish”. I think the starfish reference might have been a joke.
Marby, in a jocular callback to the “Calzone” and “Cannoli” Whois proposals briefly debated in the community earlier this year, said that this model had a secret ICANN-internal code-name that is “something to do with food”.
Because whenever I’ve tried to coin a phrase in the past it has never stuck, I figure this time I may as well go balls-out and call it the “Cuisine-Related Access Plan” for now, if for no other reason than the acronym will briefly annoy some readers.
Despite the name I’ve given it, I don’t necessarily dislike the idea.
It seems to be inspired by, or at least informed by, side-channel communications between Marby and the Intellectual Property Constituency and Business Constituency, which are both no doubt mightily pissed off that the EPDP has so far proven surprisingly resilient to their attempts to get Whois access into the policy discussions as early as possible.
Two months ago, a few influential IP lawyers proposed to Marby (pdf) a centralized Whois model in which registrars collect data from registrants then pass it off to ICANN, which would be responsible for deciding who gets to see it.
Forget “thin” versus “thick” Whois — this one would be positively, arguably dangerously, obese. Contracted parties would be relegated to “processors” of private data under GDPR, with ICANN the sole “controller”.
Benefits of this would include, these lawyers said, reducing contracted parties’ exposure to GDPR.
It’s pretty obvious why the IP lobby would prefer this — ICANN is generally much more amenable to its demands than your typical registry or registrar, and it would very probably be easier to squeeze data out of ICANN.
While Marby specifically acknowledged that ICANN has taken this suggestion as one of its inputs — and has run it by the DPAs — he stopped well short of fully endorsing it during last week’s meeting in LA.
He seemed to instead describe a system whereby ICANN acts as the gatekeeper to the data, but the data is still stored and controlled at the registry or registrar, saying: “We open a window for access to the data so the data is still at the contracted parties because they use that data for other reasons as well”.
The Insane Idea
The third option, which Marby seemed to characterize as the least “sane” of the three, would be to have Whois access recognized by law as a public interest, enabling the Whois ecosystem to basically ignore GDPR.
Remember, back on on GDPR Day, I told you about how the .dk ccTLD registry is carrying on publishing Whois as normal because a Danish law specifically forces it to?
Marby’s third option seems to be a little along those lines. He specifically referred to Denmark and Finland (which appears to have a similar rule in place) during the LA session.
If I understand correctly, it seems there’d have to be some kind of “legal action” in the EU — either legislation in a member state, or perhaps something a little less weighty — that specifically permitted or mandated the publication of otherwise private Whois data in gTLD domains.
Marby offered trademark databases and telephone directories as examples of data sets that appear to be exempt from GDPR protection due to preexisting legislation.
One problem with this third idea, some say, is that it could bring ICANN policy under the direct jurisdiction of a single nation state, something that it had with the US government for the best part of two decades and fought hard to shake off.
If ICANN was given carte blanche to evade GDPR by a piece of legislation in, say, Lithuania, would not ICANN and its global stakeholders forever be slaves to the whims of the Lithuanian legislature?
And what if that US bill granting IP interests their Whois wet dream passes onto the statute books and ICANN finds itself trapped in a jurisdictional clusterfuck?
Oh, my.
Fatuous Conclusion For The Lovely People Who Generously Bothered To Read To The End
I’m not a lawyer, so I don’t pretend to have a comprehensive understanding of any of this, but to be honest I’m not convinced the lawyers do either.
If you think you do, call me. I want to hear from you. I’m “domainincite” on Skype. Cheers.
Recent Comments