Recent Posts
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
GoDaddy to start selling graphic.design domains
In an unusual diversification into third-level domains, GoDaddy Registry seems to be planning to sell names under .graphic.design.
The company filed a request with the Public Suffix List yesterday, asking for the domain to be included on the list, so it will be recognized around the internet as a space where third-level names are registerable.
“GoDaddy Registry will be opening graphic.design to individual registrations, through a global network of authorised Registrars, similar to a standard open gTLD,” the request states.
“This inclusion in the PSL is to ensure the correct operation of the zone as an open TLD, such that providers including website, email and Certificate Authorities recognise the individual ownership of the registered domains within the graphic.design DNS zone,” it says.
The request goes on to say the company expects “5,000 to 10,000+” domains to be registered there.
The PSL is used widely by software such as browsers to determine ownership of domains for security purposes, allowing them to recognize, for example, that example1.graphic.design and example2.graphic.design are two different sites with potentially two different owners.
Registries launching third-level spaces is unusual but not unheard of. It happens much more often in the ccTLD space, where some countries have a baffling number of third-level options. In the gTLD space, the trend if anything is in the opposite direction, with third-levels being de-emphasized in favor of second-levels.
GoDaddy acquired .design from Top Level Design in 2021, a part of its massive expansion in the registry business. It’s not doing badly as new gTLDs go, with about 119,000 domains under management at the last count.
GAC spinning up new gTLD curveball at ICANN 79?
ICANN’s Governmental Advisory Committee had a habit of throwing delaying curveballs before and during the 2012 new gTLD application round, and it might be planning a repeat performance before the upcoming 2026 round.
The GAC today assembled at ICANN 79 in Puerto Rico to discuss the latest developments in planning for the next round, and a major concern emerged around ICANN’s response to its request for a cost/benefit analysis.
The GAC had first asked for such an analysis at the Helsinki meeting in 2016, but after the ICANN 78 Hamburg meeting last October noted that it had still not received one.
At ICANN 56, the GAC had asked that an “objective and independent analysis of costs and benefits… drawing on experience with and outcomes from the recent round” should be a prerequisite for a next round going ahead.
After its Hamburg reminder, ICANN threw together a summary (pdf) of three existing documents that it presumably hoped would check that box and shush the GAC or give the GAC an excuse to shush itself.
The documents were the report of the Competition and Consumer Trust Review Team, the Subsequent Procedures PDP Working Group Final Report (which created the policy recommendations for the next round) and ICANN’s Operational Design Assessment of SubPro (which talked about how ICANN would implement those recommendations).
It was a pretty flimsy response, and GACers weren’t buying it, pointing out today that the three documents in question were all produced by the ICANN community or ICANN staff and couldn’t really be said to be “objective and independent”. Nor could they be said to amount to an “analysis of costs and benefits”.
“I had the pleasure to read through the report, and see whether it’s a cost/benefit analysis, and whether it’s an objective and independent analysis,” the GAC rep from Denmark said. “And I must say that my answer or reply to those questions would be no, and a big no.”
Other GAC members in Europe and North America seemed to agree that either the cost/benefit analysis they had asked for still hadn’t been delivered and that perhaps it wouldn’t be great for the GAC’s credibility if it didn’t press the issue.
The UK rep, who was chairing the session, observed that GAC members’ higher-uppers in government, such as ministers, sometimes ask what economic impact gTLD expansion might have and that an answer might be useful.
The contrarian opinion came, as it so often does, from Iran, whose rep suggested that a cost/benefit analysis might be pointless and maybe the GAC should just put the issue to bed.
What happens if the analysis shows the costs outweigh the benefits, he asked, should ICANN just scrap the next application round and 13 years of policy work?
It seems a request for ICANN to pay for an independent cost/benefit analysis of the new gTLD program could make its way into the GAC’s formal advice-delivering communique later in the week, potentially throwing friction into the roll-out of the next round.
In my opinion, there is no real answer to the question of whether the new gTLD program is a net benefit.
Beyond the billions of dollars of economic activity that will be created, whether it’s beneficial is purely a subjective opinion, and paying a bunch of overpriced consultants to wave their hands in the air for a year before spitting out the 300-page PDF equivalent of a Gallic Shrug probably won’t provide any meaningful clarity.
GoDaddy’s GlobalBlock supports blockchain names
GoDaddy’s Brand Safety Alliance has finally released the list of TLDs supported by its new GlobalBlock brand protection service, and it’s notable for including a couple dozen extensions that aren’t real TLDs at all.
Formally announcing its launch today, the company said GlobalBlock will initially allow trademark owners and others to block their marks and variants in about 600 “extensions” and published the list on its web site.
The term “extension”, as opposed to “TLD”, is important, as the headline number seems to count zones where names are registerable at the third level — so .bar.pro and .cpa.pro and .com.cx and .net.cx, for examples, are individually counted.
I count a total of 457 TLDs on the currently published list, of which 27 are distinct ccTLDs.
But I also about 20 strings that aren’t real TLDs. As well as pseudo-gTLD .it.com, a lot of supported extensions appear to on blockchain naming systems such as Unstoppable Domains (proving, once again, that Unstoppable chose entirely the wrong brand for its service).
The blockchain TLDs currently listed are: .altimist, .anime, .binanceus, .bitcoin, .blockchain, .crypto, .dao, .go, .hi, .klever, .kresus, .manga, .nft, .polygon, .pudgy, .unstoppable, .wallet, .x and .zil.
About 270 of the real gTLDs on the list belong to Identity Digital, with GoDaddy Registry accounting for about 35.
Google Registry has 28 gTLDs on the list, seven of which aren’t even publicly available yet, such as .search and .map. This in either incredibly cheeky — selling blocks in TLDs in which cybersquatting is literally impossible — or a sign that Google plans to release more of its dormant gTLD inventory soon.
Other registries with multi-TLD representation on the list include Global Registry Services, GMO Registry, Internet Naming Co, ZACR and Nominet (though, while .wales and .cymru are currently listed, .uk is not).
Notable by their absence are portfolio registries Radix, XYZ and ShortDot.
UPDATE: This story was updated several hours after publication to remove the reference to Handshake. Unstoppable Domains is the only blockchain naming system to so far be in the GlobalBlock ecosystem.
Police .uk domain takedowns dive in 2023
The number of .uk domain names taken down as a result of requests from law enforcement shrank substantially last year, according to the latest stats from Nominet.
The registry said today that it suspended 1,193 domains in the 12 months to October 31, down from 2,106 in the previous period. It’s a record low since Nominet started tracking the data, for the second year in a row.
As usual, alleged intellectual property violations were the biggest cause of action. The Police Intellectual Property Crime Unit had 717 names taken down, with the National Fraud Intelligence Bureau suspending 321 and the Financial Conduct Authority 116.
While police takedowns were low, domains suspended by Nominet’s proactive Domain Watch anti-phishing technology were up about 20%, from 5,005 to 5,911. Nominet said this is because the tech, which flags possible phishing domains for human review at point of registration, is getting better.
The number of domains suspended because they appeared on threat feeds doubled, from 1,108 in the 2022 period to 2,230 last year, the company said.
Cybersquatting cases in .uk have also been declining, Nominet reported earlier this month.
While correlation does not equal causation, it might be worth noting that .uk registrations overall have been on the decline for some time. There were 10.68 million .uk domains at the end of January, down from 11.04 million a year earlier.
GoDaddy wants to cut the bullshit from .xxx
GoDaddy Registry wants to drop a big chunk of nonsense from the contract governing its .xxx domain, some 20 years after it was applied for as a “Sponsored” gTLD.
It’s asked ICANN if it can kill off its sponsor, the International Foundation For Online Responsibility, and sign up to something closer to the Base New gTLD Registry Agreement, the contract that all new gTLDs from the 2012 application round are on.
GoDaddy’s .porn, .adult and .sex gTLDs have been on a non-sponsored contract for a decade to no complaint, though they haven’t sold nearly as many domains as .xxx.
IFFOR’s board, the IFFOR Ombudsman, and .xxx registrants polled by GoDaddy all agree that the “sponsored” classification is no longer needed, GoDaddy VP Nicolai Bezsonoff told ICANN VP Russ Weinstein (pdf).
The registry wants ICANN to put out a non-sponsored version of the .xxx contract out for public comment.
It looks like a fait accompli. GoDaddy and ICANN have been negotiating the renewal of the .xxx contract, which was due to expire in 2021, for at least three years. It’s difficult to imagine a scenario in which the two parties have not already agreed terms.
Nobody who doesn’t get paid by IFFOR will miss IFFOR. For 20 years it’s been the domain industry’s least-convincing merkin, existing entirely to give original .xxx manager ICM Registry (and then MMX, then GoDaddy, following industry consolidation) the illusion that it had community support for selling porn domains.
ICM created IFFOR when it applied for .xxx in 2003 during ICANN’s well-intentioned but poorly considered and ill-fated “sponsored TLD” round, where applicants had to show they had support from a community related to their chosen string.
Because the porn industry, particularly in the US, hated the idea of a .xxx domain — erroneously believing governments would force all porn sites into it and then shut it down — ICM was forced to pull a community out of its backside. And thence IFFOR was born.
IFFOR was designed to be a mini-ICANN. It was to have a board, policy-making committees, an ombudsman, oversight, transparency, etc. Its foundational documents (pdf), list 14 obligations, most of which were never fulfilled to any meaningful extent.
Judging by its web site, it’s never made a single policy since it was formed in 2011. But we can’t be sure, because the web site has been poorly maintained (a breach of the first of its original 14 commitments), with no board minutes published for the last six years (despite employing a full-time staffer on a $60,000 salary who, tax forms say, works 40 hours a week).
It did come up with something called a “Policy Engine” for new gTLD registries around the time of the 2012 round, but discontinued it a year later when nobody wanted it.
IFFOR, a not-for-profit registered in California, was supposed to receive $10 from ICM for every registered, resolving .xxx domain and use a portion of that to issue grants to worthy causes related to its mission — child protection, free speech, and so on.
While IFFOR did announce two $5,000 awards in 2013, its tax filings have not reported a single penny spent on grants since 2011. Nada.
IFFOR’s charter seems to have been renegotiated behind the scenes at some point, when .xxx turned out to not be quite the internet cash machine its founders had hoped for. From 2011 to 2014 it was rolling in cash — getting over $1 million from ICM in 2013 — but from 2016 it’s been receiving a flat $100,000 a year, most of which is spent on director salaries.
At around the same time, instead of issuing cash grants, IFFOR started producing an “educational program” for UK schools called AtFirstSite. Aimed at 11 to 14-year-olds, it covers topics such as sexting, dick pics and online pornography, with a clear emphasis on keeping young teens safe online.
AtFirstSite carried a price tag of £150, but the revenue lines on tax forms since 2016 suggest none were ever sold. Instead, the program was given for free to schools that asked for it and this was called a “grant”, to satisfy IFFOR’s grant-giving mandate.
The program — which consists of a PDF and a PowerPoint presentation — is now free, and can be downloaded here , if you want to bemuse an 11-year-old with a reference to Rihanna and Chris Brown’s destructive relationship, which ended before they were born.
Closing IFFOR is not going to cause anyone to lose any sleep, but it will nevertheless be interesting to see whether anyone objects to .xxx losing its “sponsored TLD” status when ICANN opens the contract to public comment.
Dueling domain blocking services to launch at ICANN 79
Norwegian startup NameBlock is set to launch its suite of brand protection and domain security services later this week, with a somewhat different take on the market to its primary competitor.
Recently appointed CEO Pinky Brand tells me the company plans to formally launch March 1, the day before the ICANN 79 public meeting begins in Puerto Rico.
The company is coming out with two services to begin with — BrandLock, which allows trademark owners to block their marks across multiple TLDs, and AbuseShield, which blocks hundreds of variant domains that are considered at the most risk of abuse.
BrandLock is perhaps most directly comparable to the DPML service offered by Identity Digital, GoDaddy’s AdultBlock, and the multi-registry GlobalBlock service that is also due to formally launch in San Juan next week.
The service requires the buyer to own a verified trademark, and the exact match of that mark will be blocked over a multitude of ccTLDs and gTLDs. Brand said reseller partners may choose to bundle different TLDs thematically or offer them as one-offs.
He said he expects it to retail for $40 to $50 per domain per year, so presumably makes the most sense for the more-expensive TLDs or for buyers who have other reasons to want a block rather than a defensive registration.
The value proposition seems a lot clearer for AbuseShield, which is notable for not requiring a trademark to get protection — it’s more of a security pitch than a brand-protection story.
Under AbuseShield, when a registrant buys a name in a participating TLD, they will be given the option to pay to block a couple hundred potentially abusive variant domains in that same TLD, for a far lower cost than they’d pay to defensively register them individually.
Using data from NameBlock’s majority shareholder iQ Global, the company identifies homographic variants and common “abuse prefixes” — strings such as “login” and “https” — to compile a list of domains to be blocked. A feature called VariantCatcher will automatically block already-registered risky domains at the registry when they expire, for no extra cost.
“We want to make the abuse prevention market much, much wider than it has been before,” Brand said. “You’d pay $89 to $129 a year the block the 100 to 250 variations that we know are most likely to be used by someone to do you harm.”
At first, the service will be available through NameBlock resellers, currently those registrars focused on corporate services, but the company plans to make an API available in a few months that will let retail registrars offer the service as an up-sell in their storefront.
At launch, NameBlock has around 15 resellers, such as MarkMonitor, CSC, 101Domain, Encirca and Gandi, Brand said. Registries for about a dozen TLDs will be on board, but Brand said he expects this to grow to 40 to 50 in a couple months.
CoCCA which makes registry software used by 57 ccTLDs, has already announced its support for NameBlock’s services.
Elsewhere at ICANN 79, you’ll find the Brand Safety Alliance, a GoDaddy-led initiative purveying the new GlobalBlock service, which is more of brand-protection play
As I’ve previously blogged, because portfolio registries GoDaddy and Identity Digital are involved, GlobalBlock can provide blocking coverage in hundreds of TLDs — over 560 at the current count — with prices starting at about $6,000 a year retail.
While GlobalBlock and NameBlock are certainly operating in the same space, there appears to be enough variation between the two services that the market might be able to support both.
Freename tries to bridge DNS and blockchain
Swiss blockchain naming startup Freename has released a service it says it hopes will help make blockchain-based naming systems easier to integrate with the traditional DNS.
It’s called NOTO, and it has launched in closed beta this week.
Freename says NOTO crawls blockchain naming systems (currently its own Freename service, Ethereum Name Service, Handshake Name Service and Unstoppable) to compile lists of domains, and then making those lists of domains available to developers either via an API or downloadable zone files that look like regular zone files.
The idea seems to be that developers using traditional DNS can stay in their comfort zone and don’t have to do the work of figuring out complexities of the blockchain. It hopes makers of browsers, search engines, DNS resolution services and such will be able to more easily add “Web3” support to their software.
Freename also reckons there’s an intellectual property protection story, with trademark owners potentially more easily able to monitor blockchain naming services for abuse.
Olive retires from ICANN
David Olive, senior VP of policy development and support, will retire from ICANN at the end of May, the Org announced today.
Olive joined ICANN in February 2010 after 20 years with Fujitsu and has led his department ever since.
He also was the first managing director of ICANN’s office in Istanbul, though he’s been running the Washington DC office since 2021, ICANN said.
No immediate replacement was announced, but there’s a few months to go before he actually leaves the job.
Whois policy published without life-saving disclosure rule
ICANN has updated its Registration Data Policy, the rules that govern what data registries and registrars need to collect from registrants and when to publish or supply it through Whois lookups or disclosure requests.
When it becomes enforceable in August next year, the new RDP will make full-fat ICANN Whois policy compliant with EU privacy law for the first time since the General Data Protection Regulation came into effect in May 2018.
But the new policy, which replaces a functionally very similar temporary policy, is notable not only for the extraordinary amount of time it took to produce, but also for not containing a disputed requirement for registrars and registries to quickly turn over private Whois data when human life is at risk.
The policy dictates what contact information registrars must collect from their customers, what they must share with their registries, escrow agents and others, and what they must redact in the public Whois (or Registration Data Directory Services, as it will become known when Whois is retired next January).
It also says that registries and registrars must acknowledge private data disclosure requests no more than two business days after receipt and respond to the requests in full less than 30 calendar days after that, barring delays caused by “exceptional circumstances”.
But, due purely to ICANN community politicking, the policy for now omits previously considered language on “urgent” disclosure requests for use in “circumstances that pose an imminent threat to life, of serious bodily injury, to critical infrastructure, or of child exploitation”.
I’d like to think such circumstances are incredibly rare, but if there’s a situation where a Whois disclosure could help prevent a bomb going off at a major internet exchange, a trans rights activist being hounded into suicide, or a little kid getting raped on a livestream, the new ICANN policy does not account for that.
The version of the policy published in July last year (pdf) did include an urgent requests provision, requiring contracted parties to either turn over the data or tell the requester to get lost within 24 hours of receipt.
But it also contained a bunch of exceptions that could allow registrars to extend that deadline by up to three business days. When weekends and public holidays are taken into account, this could mean as much as a full calendar week to process an “urgent”, potentially life-saving request.
For that reason, the Governmental Advisory Committee wrote to ICANN (pdf) last August to ask it to revisit the policy language, chuck out the reference to “business” days, and stick to a 24-hour response window
The original Expedited Policy Development Process Working Group that came up with the policy recommendations had not specified how long registrars and registries should have to respond to urgent disclosure requests, punting that decision to the Implementation Review Team that drafted the final language.
An August 2022 draft (pdf) put out for public comment made the response window two business days, with a possible one-day extension, but this was reduced to 24 hours last year in what registrars describe as a “significant compromise” given the operational reality of responding to disclosure requests.
In August last year, the Registrars Stakeholder Group told ICANN (pdf) that its members “are committed to responding to Urgent requests in the most swift and expeditious manner possible” but said it objected to the GAC’s last-minute demands for the urgent disclosures policy to be rewritten.
From the registrars’ perspective, handling disclosure requests for personal data is not a simple ask. It’s a legal decision, balancing the privacy rights of the registrant with the rights of others to access that information.
Get it wrong, and you’re open to litigation and fines substantial enough to be expressed as a percentage of your revenue. And, money aside, who wants to be the guy who, for example, accidentally helps the Iranian morality police murder a bunch of schoolgirls for wearing the wrong type of hat?
But the argument between the registrars and the governments comes down to issues of ICANN process. Both the GAC and the RrSG claimed the urgent disclosures bunfight highlights deficiencies in ICANN multistakeholderism, but for different reasons.
ICANN’s response to this disagreement was to remove the urgent requests clauses from the policy altogether, in the hope that further talks can find a solution. Chair Tripti Sinha wrote to the RrSG and GAC a couple weeks ago to tell them:
the Board concluded that it is necessary to revisit Policy Recommendation 18 concerning urgent requests in the context of situations that pose an imminent threat to life, serious bodily harm, infrastructure, or child exploitation, and the manner in which such emergencies are currently handled. For this, we believe that consultation with the GNSO Council is required.
ICANN has essentially kicked the can, which was what the GAC had asked for. The RrSG wanted the July 2023 language (one-plus-three days) or August 2022 language (two-plus-one days) published in the final policy.
It’s stuff like this that makes one scratch one’s head, stroke one’s chin, and wonder whether ICANN really is fit for purpose.
There were 2,312 days between the day the European Commission first proposed the GDPR to the day it became effective in all EU member states.
But 2,590 days will have passed between the day the GNSO Council initiated the EPDP and the day the new Registration Data Policy will become effective on all contracted parties, next August.
The lumbering, then-28-state European Union was faster at passing policy than ICANN, even when ICANN was using an “expedited” process.
And what ICANN eventually came up with couldn’t even agree on ways to help tackle murder, economic catastrophes, and the rape of kids.
UK gov takes its lead from ICANN on DNS abuse
The UK government has set out how it intends to regulate UK-related top-level domain registries, and it’s taken its lead mostly from existing ICANN policies.
The Department for Science, Innovation and Technology said last year that it was to activate the parts of the Digital Economy Act of 2010 that allow it to seize control of TLDs such as .uk, .london, .scot, .wales and .cymru, should those registries fail to tackle abuse in future.
It ran a public consultation that attracted a few dozen responses, but has seemingly decided to stick to its original definitions of abuse and cybersquatting, which were cooked up with .uk registry Nominet and others and closely align to industry norms.
DSIT plans to define abuse in the same five categories as ICANN does — phishing, pharming, botnets, malware and vector spam (spam that is used to serve up the first four types of attack) — in its response to the consultation, published yesterday (pdf).
But it’s stronger on child sexual abuse material than ICANN. While registries and registrars have developed a “Framework to Address Abuse” that says they “should” take down domains publishing CSAM, ICANN itself has no contractual prohibitions on such content.
DSIT said it will require UK-related registries to have “adequate policies and procedures” to combat CSAM in their zones. The definition of CSAM follows existing UK law in being broader than elsewhere in the world, including artworks such as cartoons and manga where no real children are harmed.
DSIT said it will define cybersquatting as “the pre-emptive, bad faith registration of trade marks as domain names by third parties who do not possess rights in such names”. The definition omits the “and is being used in bad faith” terminology used in ICANN’s UDRP. DSIT’s definition includes typosquatting.
In response to the new document, Nominet tweeted:
The response highlights that Government recognises the work registries already do to support law enforcement agencies prevent the registration of domains to carry out illegal activity and "expect the existing voluntary arrangements to be used as the first port of call".
— Nominet (@Nominet) February 23, 2024
DSIT said it will draft its regulations “over the coming months”.
Recent Comments