Dueling domain blocking services to launch at ICANN 79

Norwegian startup NameBlock is set to launch its suite of brand protection and domain security services later this week, with a somewhat different take on the market to its primary competitor.

Recently appointed CEO Pinky Brand tells me the company plans to formally launch March 1, the day before the ICANN 79 public meeting begins in Puerto Rico.

The company is coming out with two services to begin with — BrandLock, which allows trademark owners to block their marks across multiple TLDs, and AbuseShield, which blocks hundreds of variant domains that are considered at the most risk of abuse.

BrandLock is perhaps most directly comparable to the DPML service offered by Identity Digital, GoDaddy’s AdultBlock, and the multi-registry GlobalBlock service that is also due to formally launch in San Juan next week.

The service requires the buyer to own a verified trademark, and the exact match of that mark will be blocked over a multitude of ccTLDs and gTLDs. Brand said reseller partners may choose to bundle different TLDs thematically or offer them as one-offs.

He said he expects it to retail for $40 to $50 per domain per year, so presumably makes the most sense for the more-expensive TLDs or for buyers who have other reasons to want a block rather than a defensive registration.

The value proposition seems a lot clearer for AbuseShield, which is notable for not requiring a trademark to get protection — it’s more of a security pitch than a brand-protection story.

Under AbuseShield, when a registrant buys a name in a participating TLD, they will be given the option to pay to block a couple hundred potentially abusive variant domains in that same TLD, for a far lower cost than they’d pay to defensively register them individually.

Using data from NameBlock’s majority shareholder iQ Global, the company identifies homographic variants and common “abuse prefixes” — strings such as “login” and “https” — to compile a list of domains to be blocked. A feature called VariantCatcher will automatically block already-registered risky domains at the registry when they expire, for no extra cost.

“We want to make the abuse prevention market much, much wider than it has been before,” Brand said. “You’d pay $89 to $129 a year the block the 100 to 250 variations that we know are most likely to be used by someone to do you harm.”

At first, the service will be available through NameBlock resellers, currently those registrars focused on corporate services, but the company plans to make an API available in a few months that will let retail registrars offer the service as an up-sell in their storefront.

At launch, NameBlock has around 15 resellers, such as MarkMonitor, CSC, 101Domain, Encirca and Gandi, Brand said. Registries for about a dozen TLDs will be on board, but Brand said he expects this to grow to 40 to 50 in a couple months.

CoCCA which makes registry software used by 57 ccTLDs, has already announced its support for NameBlock’s services.

Elsewhere at ICANN 79, you’ll find the Brand Safety Alliance, a GoDaddy-led initiative purveying the new GlobalBlock service, which is more of brand-protection play

As I’ve previously blogged, because portfolio registries GoDaddy and Identity Digital are involved, GlobalBlock can provide blocking coverage in hundreds of TLDs — over 560 at the current count — with prices starting at about $6,000 a year retail.

While GlobalBlock and NameBlock are certainly operating in the same space, there appears to be enough variation between the two services that the market might be able to support both.

Domain universe grows on new gTLDs despite .com shrinkage

The number of domain names on the internet grew by about 600,000 during the fourth quarter of 2023, despite the drag caused by shrinkage in .com and .net, according to Verisign’s latest Domain Name Industry Brief.

There were 359.8 million registered domains at the end of the year across all TLDs, a 0.2% increase over September, the latest DNIB says.

The growth was hampered by declines in Verisign’s own flagship gTLDs, which were down by 1.2 million names over Q3 and a million names year-over year. Verisign blamed softness in China for the declines during its Q4 earnings call last week.

New gTLD reg volume picked up most of the slack, growing by 1.6 million or 5.3% over Q3, and 4.4 million or 15.9% over 2022. This seems to have been largely driven by six-figure increases at a handful of low-cost gTLDs coupled with smaller increases across the board.

ccTLDs grew more modestly, up about 200,000 names or 0.2% quarter over quarter and 5.3 million names, 4%, year over year. There were 138.3 million ccTLD domains at the end of the year. Growth seems to have been tempered by six-figure declines in the likes of .uk and .ru.

ICANN insists it is working on linkification

Having been accused of ignoring the lack of universal support for new gTLDs in favor of virtue-signalling its support for multilingual domain names, ICANN has now insisted it is working on the problem.

ICANN chair Tripti Sinha said in a letter (pdf) published today that ICANN staff have been “actively engaging” with the software developer community on a “multitude of efforts” aimed at getting Universal Acceptance for all domain names.

She was responding to an October 2023 letter from .tube CEO Rami Schwartz, whose solo research last year uncovered the fact that many major app developers — including WhatsApp maker Meta — were relying on hard-coded TLD lists up to eight years old to validate domains.

This meant domains in the hundreds of TLDs that went live after November 2015 were not being detected as domains, and therefore not automatically “linkified” into clickable links, in many near-ubiquitous apps and web sites.

But Sinha insists that ICANN has been putting resources into the problem, including creating a “technical UA team” that is “actively engaging with technical organizations and communities, raising bug reports, as well as contributing open-source code where possible”.

The team has been participating in hackathons and conferences to push the UA message, she said, and has engaging in web sites such as Stack Overflow (where coders ask each other questions about tricky programming problems) to educate developers.

She named Meta and WordPress as software companies ICANN has been reaching out to directly.

“The ICANN org team has been meeting with META and reported UA related issues to them, including linkification. The team has recently also reported the issues shared by you related to more recently delegated TLDs, including .TUBE,” she told Schwartz. “META continues to look into these issues and is making progress towards resolving them.”

She also pointed out that ICANN and the ICANN-funded Universal Acceptance Steering Group held a Universal Acceptance Day last year and will conduct another this year.

UA Day is actually dozens of individual events — over 50 last year — that took place across the world over the space of a couple of months. This year’s event appears to be equally diverse, with events taking place from March to May across many locations mainly in Asia, Africa and South America.

The UASG supplies PowerPoint presentations and videos to each event to use if they wish, but the focus is very much on the substantially trickier problem of UA for internationalized domain names — domains or email addresses that use non-Latin scripts or diacritics not present in ASCII — rather than the lower-hanging fruit of getting developers to update their TLD lists more frequently.

Even though there hasn’t been a new TLD delegation for a couple of years, there were still almost 30 TLDs deleted from the DNS root last year. The number of valid TLDs changes perhaps more frequently than many developers realize.

Walking down the street somewhere, I once saw a barbershop called “Every Six Weekly”. Crap brand, certainly, but the message lodged itself in my borderline autistic nerd brain — that’s how often society expects me to get my hair cut, every six weeks.

Maybe ICANN should try something like that.

ICANN picks its first ever Supreme Court

After foot-dragging for a decade, ICANN has finally approved a slate of a dozen jurists to act as its de facto Supreme Court.

Its board of directors voted at the weekend to create the first-ever Independent Review Process Standing Panel, a pool of legal experts from which panels in future IRP proceedings — the final appeals process for ICANN decisions under its bylaws — will be drawn.

ICANN has not named the 12 people yet. The names are redacted from the published resolution, presumably because they haven’t signed contracts yet. ICANN said they are “well-qualified” and “represent a diverse breadth of experience and geography”.

The names were put forward by a cross-community working group called the IRP Community Representatives Group, which looked after the application and interview process. A thirteenth CRG pick was deemed “ineligible” by ICANN for undisclosed reasons.

The Standing Panel is intended to make IRPs faster and cheaper by drawing the three-person panel in each case from an established pool of experienced professionals. The panelists will be contracted for staggered terms of service.

The ICANN bylaws have called for the establishment of such a panel for over a decade, but its timely creation was another victim of the lethargy that consumed ICANN for years. The lack of a Standing Panel has been raised by claimants in multiple IRPs, some of which are ongoing.

Elsewhere in IRP policy-making, a separate staff/community working group called the IRP Implementation Oversight Team expects to shortly publish certain revisions to the IRP rules for public comment, but the fact that the legal language of the rules is to be written by the law firm Jones Day, which represents defendant ICANN in IRP cases, has raised some eyebrows.

DNS Women barred from ICANN funding?

A networking group set up to support women in the domain name industry, especially in the developing world, may be banned from applying for ICANN funding under rules published earlier this week.

Concerns have been raised that DNS Women may be excluded from the $10 million in non-profit Grant Program funding ICANN is making available this year because its CEO participated in the program’s community rule-making process.

ICANN’s rules, written by Org staff based on the recommendations of the Cross-Community Working Group on New gTLD Auction Proceeds (CCWG-AP), ban anyone from applying for grants — set at between $50,000 and $500,000 — if they have potential conflicts of interest.

Participation in the CCWG-AP is listed as one such conflict:

No person that participated as a member (including temporary member appointments) of the Cross-Community Working Group on New gTLD Auction Proceeds (CCWG-AP) is eligible to apply for or be included within funded proposal activities as principals, advisors, or in other roles. Grants may not be awarded to businesses and organizations owned in whole or in part by the CCWG-AP members or their family members. Grant funding may not be used to pay compensation to CCWG-AP members or their family members.

DNS Women is currently led by Vanda Scartezini, who was a member of CCWG-AP representing the At-Large Advisory Committee. She’s written to ICANN to express surprise to find herself suddenly unable to apply for funding. ICANN has responded with a pointer to the CCWG-AP’s recommendations, where the language closely mirrors that found in the new application rules as implemented.

But if Scartezini has shot herself in the foot, she may not be alone. According to the CCWG-AP’s final report, there may have been almost enough foot-shooting to create a Paralympic football team.

Of the 22 people who participated as full members of the group — and would be therefore barred from financially benefiting from grants — 10 people answered “yes” or “maybe” when asked to disclose whether they or their employer expected to apply for funding (almost all, including Scartezini, were “maybes”).

The $10 million tranche available this year comes from a $217 million fund ICANN raised auctioning off contested gTLDs following the 2012 application round.

GoDaddy service to let you block domains in over 650 TLDs

GlobalBlock, a domain blocking service introduced to little fanfare by GoDaddy Registry and Identity Digital in June, is planning to launch next month with support from over 650 gTLDs and ccTLDs.

Built on the successes of GoDaddy’s AdultBlock and Identity Digital’s DPML, the new service was supposed to launch last week under the banner of the Brand Safety Alliance, but was delayed until January.

GlobalBlock enables trademark owners to pay one fee to block their marks across all participating TLDs, saving money on defensive registrations. Company names and celebrity names are also covered. A premium version, GlobalBlock+ also covers typos and IDN homographs.

It’s not just gTLD registries that have signed up. Nominet is participating, as is CoCCA. BSA is promising some pretty obscure ccTLDs will be part of the service.

In what appears to be a game-changing innovation, a feature of the service called Priority Autocatch seems set to stop cybersquatters and phishers from drop-catching domains that match strings protected by the block list.

Say you’re Facebook and you see some scumbag has registered facébook.ninja, if you’re subscribed to GlobalBlock+, the AutoCatch feature will see the domain removed from the available pool when it expires, rather than dropping so a second ne’er-do-well can register it.

GlobalBlock appears to be the reason no fewer than 35 registries covering over 300 gTLDs have recently asked ICANN for permission to launch a “Label Blocking Service” via the Registry Service Evaluation Process.

There’s money in blocking services. GoDaddy is making millions from AdultBlock. Some research I’ve been doing recently suggests some registries might be making more from blocks and defensive registrations than they are from regular domain sales.

For registries with small TLD portfolios, blocking services generally offer a poor value proposition. Services like DPML, which covers hundreds of TLDs, or AdultBlock, which covers all the porny ones, have been successful.

The BSA is offering brand owners a lot of carrots to get them to sign up early.

First, if you already have an AdultBlock or DPML subscription, your marks are already pre-validated. GoDaddy is also offering a 50% discount on AdultBlock until January 30; AdultBlock and DPML subscribers get 10% off GlobalBlock until April 30.

BSA says that pricing for GlobalBlock and the initial list of TLDs will be released in early January. Wholesale pricing will go up probably every six months as new TLDs are added, but customers will only pay the increased price upon renewal while benefiting from the added blocks.

General availability pricing begins February 15.

Did I find a murder weapon in a zone file?

Registrars are usually very reluctant to police the content of web sites by taking down domains they manage, but they quite often make an exception when the web site in question calls for violence. But what if the site itself attempts to physically harm visitors through their screens?

It sounds a bit mad, but I think I’ve found such a site.

I recently randomly came across a domain name that caught my eye while scrolling through a zone file. I’m not going to reveal the domain here, but it consisted of three words across the dot and could be taken as an instruction to “murder” a specific, but unnamed, individual.

Expecting humor, I visited the domain out of curiosity and was confronted by a blank page that rapidly flashed between two background colors, creating a strobe effect. There was no other content.

My first impression was that the site had been created in order to trigger seizures in photosensitive epileptics. The CSS seemed to confirm that the strobe effect fell within the frequency range that the charity Epilepsy Action says can cause such seizures.

This raised an interesting question: could this be considered “DNS abuse”?

The DNS Abuse Institute’s definition (pdf) says DNS Abuse consists of “malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS Abuse)”.

DNSAI says registries and registrars “must” act on these five categories of abuse, but it adds that there are some categories of web content where registrars “should” take action. Its Framework to Address Abuse, which has been endorsed by dozens of registries and registrars, states:

Specifically, even without a court order, we believe a registry or registrar should act to disrupt the following forms of Website Content Abuse: (1) child sexual abuse materials (“CSAM”); (2) illegal distribution of opioids online; (3) human trafficking; and (4) specific and credible incitements to violence. Underlying these Website Content Abuses is the physical and often irreversible threat to human life.

Epileptic seizures can be fatal. A school friend of mine did not make it out of his teens due to one. Even when non-fatal, they are dangerous and clearly unpleasant.

So if a site encouraging physical violence “should” be taken down, what about a site that seems designed to actively physically attack individuals, no incitement required? That’s a reasonable question, right?

I filed an abuse report with the registrar managing the domain and was told it did not violate its acceptable use policies.

Attacking epileptics with flashing images sent online has been a criminal offence in the UK since October 26, when the controversial Online Safety Act 2023 was enacted.

A component of the Act is named Zach’s Law, after an eight-year-old boy who in 2020 was attacked with flashing images by internet wankers after he carried out a sponsored walk for the Epilepsy Society.

The Act makes it illegal to send a flashing image to somebody you know is epileptic with the intent to harm them. You can get up to five years imprisonment and a fine.

ICANN accused of power grab over $271 million auction fund

ICANN has acted outside of its powers by ignoring community policy recommendations and leaving its $271 million gTLD auction windfall open to being frittered away on lawyers, according to community members.

The Intellectual Property Constituency of the GNSO has filed a formal Request for Reconsideration over a board resolution passed at ICANN 78 last month in Hamburg, and other constituencies may add their names to it shortly.

The row concerns the huge cash pile ICANN was left sitting on following the auction of 17 new gTLD contracts between 2014 and 2016, which raised $240 million (as of July, around $271 million after investment returns and ICANN helping itself to a portion to fund its operations reserve).

It was decided that the money should be used to fund a grant program for worthy causes, with organizations able to apply for up to $500,000 during discrete rounds, the first of which is due to open next year with a $10 million pot. Around $220 million is believed to be earmarked for the grant program over its lifetime.

But the Cross Community Working Group for Auction Proceeds (CCWG-AP) that came up with the rules of the program was concerned that unsuccessful applicants, or others chagrined by ICANN’s grant allocations, might challenge decisions using ICANN’s accountability mechanisms.

This would cause money earmarked for worthy causes to be spaffed away on lawyers, which the CCWG-AP wanted to avoid, so it recommended that ICANN modify its fundamental bylaws to exclude the grant program from mechanisms such as the Independent Review Process, which usually incurs high six-figure or seven-figure legal fees.

ICANN seemed to accept this recommendation — formally approving it in June last year — until ICANN 78, when the board approved a surprise U-turn on this so-called Recommendation 7.

The board said it was changing its mind because it had found “alternative ways” to achieve the same objective, “including ways that do not require modification to ICANN’s core Bylaws on accountability”. The resolution stated:

As a result, the Board is updating its action on Recommendation 7 to reflect that ICANN org should implement this Recommendation 7 directly through the use of applicant terms and conditions rather than through a change to ICANN’s Fundamental Bylaws.

This left some community members — and at least one ICANN director — scratching their heads. Sure, you might be able to ban grant applicants from using the IRP in the program’s terms and conditions, but that wouldn’t stop third parties such as an applicant’s competitors from filing an IRP and causing legal spaffery.

The board was well aware of these concerns when it passed the resolution last month. Directors pointed out in Hamburg that ICANN is still pursuing the bylaws amendment route, but has removed it as a dependency for the first grant round going ahead.

This left some community members nonplussed — it wasn’t clear whether ICANN planned to go ahead with the program ignoring community recommendations, or not. The reassuring words of directors didn’t seem to tally with the language of the resolution.

So the IPC took the initiative and unironically invoked an accountability mechanism — the RfR — to get ICANN to change its mind again. I gather the request was filed as a precaution within the 30-day filing window due to the lack of clarity on ICANN’s direction.

The RfR states:

the impetus behind the Bylaws change was to prevent anyone from challenging grant decisions, including challenges from parties not in contractual privity with ICANN. The Board’s hasty solution would only prevent contracting grant applicants from challenging decisions; it would not in any way affect challenges by anyone else – including anyone who wished to challenge the award of a grant. The grant program could be tied in knots by disgruntled parties, competitive organizations or anyone else who wished to delay or prevent ICANN from carrying out any decision to grant funds. This is exactly what the CCWG-AP sought to prevent

The IPC says that by bypassing the bylaws amendment process, which involves community consent, the ICANN board is basically giving itself the unilateral right to turn off its bylaws-mandated accountability mechanisms when it sees fit. A power grab.

It wants the Hamburg resolution reversed.

Discussing the RfR a few days before it was filed, other members of the GNSO Council suggested that their constituencies might sign on as fellow complainants if and when it is amended.

RfRs are handled by ICANN’s Board Accountability Mechanisms Committee, which does not currently have a publicly scheduled upcoming meeting.

Domain universe grows despite .com drag

The number of registered domain names in the world grew by 2.7 million in the third quarter, despite market-leading .com shrinking, according to Verisign’s latest Domain Name Industry Brief.

There were 359.3 million domains across all TLDs at the end of September, according to the DNIB. up from 356.6 million at the end of June.

Over the same period, .com shrunk by half a million names as Verisign faces challenges from exposure to erratic demand from China.

New gTLD volumes were up by 2.1 million names to end the quarter at 30.2 million. Judging by zone files, at least half of these new names seem to be cheap, low-quality regs in the likes of .top and .cfd.

Total ccTLD names were 138.1 million at the end of the quarter, up by a million. All of the top 10 ccTLDs grew or were flat, except .uk, which lost about a hundred thousand names.

GoDaddy domains revenue crosses half a billion

GoDaddy sold more than half a billion dollars of domain names in the third quarter even as volumes slightly decreased, according to its latest earnings release.

The company had domains revenue of $508.2 million in Q3, compared to $494 million a year ago and $492.7 in the second quarter, according to regulatory filings. The aftermarket revenue component was down 2% at $107 million.

It had 84 million domains under management at the end of the quarter, compared to 84.2 million at the end of June. About three quarters of GoDaddy’s DUM are in gTLDs and about 60% are in .com, according to registry reports.

Overall, GoDaddy’s revenue was up 3.5% compared to a year ago at $1.07 billion. Net income was $131 million compared to $100 million a year ago.