Net 4 India gets unwelcome Christmas gift from ICANN

Struggling Indian registrar Net 4 India has been hit by its third notice of contract breach by ICANN, in a letter delivered Christmas Eve.

Net4 is on ICANN’s naughty list this time due to its alleged violations of ICANN’s transfer and expired domains policies. The breach notice is very similar to that delivered just two weeks earlier, concerning different domains.

ICANN reckons Net4, once India’s largest independent registrar, has in some cases been transferring domains to a partner registrar, OpenProvider, without the consent or knowledge of the registrant.

It’s been asking the company for records proving compliance, which Net4 has apparently not been providing. Therein lies the alleged breach.

Net4 has been persona non grata among many of its customers for several months, with complaints about billing and renewal failures, expirations, and a general lack of customer service availability compounded by the coronavirus pandemic.

The company has also been fighting an insolvency proceeding over millions of dollars in allegedly unpaid debts for years, which has been the subject of an ICANN breach notice for about 18 months.

The Christmas Eve breach notice gives Net4 until January 14 to turn over the relevant records or possibly face termination.

But that might prove moot — the December 10 notice had a deadline of December 31, so the wheels may already be in motion.

Comment Tagged: breach, compliance, ICANN, insolvency, net 4 india, net4, openprovider

Fuji Xerox kills off gTLD after rebrand

Fuji Xerox has become the latest multi-billion-dollar company to ditch its dot-brand gTLD.

The Japanese-American company, a joint venture of Xerox and Fuji, has told ICANN it wants to terminate its registry contract for .fujixerox, and ICANN has indicated its intention to let the string die.

The gTLD was not in use, beyond the mandatory nic.fujixerox placeholder site.

That said, the termination appears to be primarily due to a rebranding as the joint venture fizzles out.

Fuji Xerox is, according to Wikipedia, the world’s oldest Japanese-American joint-venture company, at 59 years old. It’s in the document processing space and had $11 billion in annual revenue.

But the companies said last year they would end the relationship, with Xerox no longer providing its tech, leading to rebranding the company Fujifilm Business Innovation. The dot-brand is clearly no longer needed.

Xerox also owns .xerox, and it’s not using that either. There is no .fuji or .fujifilm.

.fujixerox the first dot-brand to jump off the cliff this year, and the 86th in total.

1 Comment Tagged: dot-brands, fuji, fuji xerox, ICANN, new gTLDs, termination, xerox

EURid suspends 80,000 domains as Brexit transition ends

EURid suspended about 80,00 domain names on Friday, as the UK’s 11 months of Brexit transition came to an end.

All the names were registered to UK-based, non-EU citizens and organizations, which are no longer eligible under registry policy.

“On 1 January 2021 we suspended around 80 000 domain names and send out just over 48 000 notifications to the registrants,” a registry spokesperson told DI today.

From Friday, the domains have not been resolvable, meaning email, web sites and other services using those names are no longer functional.

Affected registrants have a few months to get their records in order, if they wish to to keep them, by transferring them to a EU-based registrant or informing their registrar they’re an EU citizen living in the UK.

They’ll have until a minute before midnight CET March 31 to make the change. A minute later, the domains will move from “suspended” status to “withdrawn” status, at which point they will become unrecoverable.

Withdrawn domains will become available for registration again in 2022.

.eu had 130,114 UK-registered names at the end of September, suggesting about 50,000 domains were relocated at the eleventh hour, despite the eligibility policy being publicized for at least a couple of years.

Losing 80,000 names from its register would mean about a 2.2% decline in overall .eu regs compared to the end of the third quarter.

The UK officially left the EU at the end of January, but operated provisionally under the same trade rules during the transition period.

Comment Tagged: .eu, brexit, eurid

GoDaddy’s female geeks make a bit more than men

Women working at GoDaddy in technology roles on average make a penny more on the dollar than their male counterparts, but their bosses don’t fare nearly as well, according to the company’s latest published diversity data.

The market-leading registrar said last week that on average across the company globally, women make the same amount as men in like roles, but the female techies make $1.01 for every $1.00 the men make.

But women in leadership roles make $0.95 for every dollar made by than their male counterparts, the company said.

Comparable data for 2019 was not available.

However, in its native US, GoDaddy is paying women a penny more on average across all roles, up one cent on the 2019 data.

The reverse trend was true of female employees in leadership roles in the US, where they made $0.95 on the dollar in 2020, compared to $1.02 in the previous year.

In tech, the ratio approached parity, with women getting $1.01 on the dollar, compared to $1.03 in 2019.

Women make up 30% of GoDaddy employees, 33% of leadership, but only 19% of techies, the report says. Those are all slight improvements on 2019.

Comment Tagged: godaddy

Donuts acquisition of Afilias closes, integration work begins

Donuts’ acquisition of Afilias closed without incident on December 29, the companies announced last week.

The registries said that registrants and registrar partners should not see any immediate disruption, but added that it’s now working on an integration plan that should see some changes over the longer term.

“Our combined teams can now begin developing an integration plan, with a goal of minimizing disruption to those we serve,” Akram Atallah, Donuts’ CEO, said in a press release. “We expect no changes in the short term, and ample notice on any changes that are decided.”

Atallah has previously told DI that it’s likely that Afilias’ owned and operated TLDs will likely be transferred to Donuts’ registry back-end, which is hosted on the Amazon cloud.

He also said that services such as the Domain Protected Marks List, currently available in 240+ Donuts gTLDs, should soon become available in Afilias’ 20-odd.

The deal, for an undisclosed sum, was subject to scrutiny by ICANN, which could have blocked it, but its board of directors considered the merger last month with no resolution passed.

Comment Tagged: acquisition, afilias, donuts, ICANN

GoDaddy pranks employees with “insensitive” phishing test

GoDaddy has apologized to its staff after teasing them with a $650 Christmas bonus that turned out to be nothing but a test of whether they could be duped into handing over their sensitive personal info.

Employees worldwide reportedly received emails promising the bonus December 14 from an official-looking but presumably spoofed address.

Those who clicked through and filled out a form with their personal data received a second email a few days later informing them they’d actually just failed a “phishing test” and would “need to retake the Security Awareness Social Engineering training.”

Around 500 staff reportedly failed the test.

But many were pissed off that the company would dangle a bonus, only to snatch it away, just a week before Christmas and at a time when the coronavirus pandemic has caused many to fear for their livelihoods.

While GoDaddy rode out the pandemic just fine, it laid off hundreds, regardless.

After the prank last week attracted media attention, the company apologized to its employees, saying in a statement sent to the AFP:

GoDaddy takes the security of our platform extremely seriously. We understand some employees were upset by the phishing attempt and felt it was insensitive, for which we have apologised. While the test mimicked real attempts in play today, we need to do better and be more sensitive to our employees.

I sincerely hope nobody spent their illusory $650 in the days before the test was revealed.

Comment Tagged: coronavirus, godaddy, pandemic, phishing

US sneaks public Whois demands into pandemic relief bill

Outgoing US president Donald Trump has signed into law a coronavirus relief bill and spending package that contains a surprise instruction for the government to pursue open access to Whois records.

The Consolidated Appropriations Act of 2021 is focused on federal spending for fiscal 2021, with billions set aside for pandemic-related economic stimulus. It’s the bill you may recall Trump refused to sign for several days on the purported basis that it only provided Americans with a piddling $600 check.

An accompanying document contains encouragement for the National Telecommunications and Information Administration to “to require registrars and registries based in the United States to collect and make public accurate domain name registration information”.

It also asks the NTIA to continue to work within ICANN’s Governmental Advisory Committee to help create “a global access model that provides law enforcement, intellectual property rights holders, and third parties with timely access to accurate domain name registration information”.

The text can be found in a joint explanatory statement (pdf) accompanying the act. It’s not on the statute books as such, but it does tell NTIA how to spend the money it’s been allocated.

The full text relevant to the domain name industry reads:

NTIA is directed, through its position within the Governmental Advisory Committee o work with I CANN to expedite the establishment of a global access model that provides law enforcement, intellectual property rights holders, and third parties with timely access to accurate domain name registration information for legitimate purposes. NTIA is encouraged, as appropriate, to require registrars and registries based in the United States to collect and make public accurate domain name registration information.

As ICANN notes in its analysis, the first sentence is not telling NTIA to do anything it hasn’t been doing since the European Union’s General Data Protection Regulation came into effect two and a half years ago.

The NTIA and GAC have been involved in efforts to create a privacy workaround for rights holders and law enforcement, which in September came up with the widely panned SSAD proposals. ICANN is currently pleading with the EU for clarity on whether it would even be legal.

The second sentence is perhaps a bit more worrying, dangling as it does the possibility of American registries and registrars having to either break EU law or implement a much more complex Whois infrastructure.

But, as ICANN notes, the words “encouraged, as appropriate” are doing a lot of heavy lifting in that sentence, saying “encouragement is aspirational; it is not a mandate”.

However, ICANN appears to be treating it as a warning shot, with head of compliance Jamie Hedlund writing:

It appears to hint that if NTIA and the ICANN community can’t develop a robust access model, Congress could entertain more forceful measures that would impose requirements on U.S.-based registries and registrars to collect and publish domain name registration information.

It seems the NTIA has the wink to cause mischief, should ICANN not deliver what intellectual property lobbyists want.

Comment Tagged: coronavirus, covid-19, gdpr, ICANN, ntia, pandemic, privacy, whois

Verisign drops half a mill on pandemic relief

Verisign has donated over half a million dollars to pandemic-related causes, the company announced last week.

The donations are aimed at relieving economic side-effects of the pandemic such as food poverty and unemployment.

The .com registry operator said in a blog post it has given $275,000 to food banks in Washington DC, Maryland, Virginia, and Delaware where most of its US operations are based, and in Fribourg, Switzerland, its European HQ.

It’s also given $250,000 to Virginia Cares, an initiative dedicated to retraining unemployed Virginians for in-demand jobs in the tech sector.

Verisign was of course an inadvertent beneficiary of the pandemic, as lockdown regimes worldwide led to a boost in domain registrations as businesses such as bars and cafes moved online.

Comment Tagged: .com, coronavirus, covid-19, pandemic, verisign

Mixed messages from ICANN on pandemic travel in 2021

ICANN still hasn’t formally cancelled its public meeting in Cancun, Mexico next March, but it appears to be planning for scheduled in-person gatherings to not resume until the fourth quarter of next year.

While nobody in their right mind seems to believe ICANN 70 will go ahead anywhere other than virtually — and ICANN’s top brass acknowledged in October that a face-to-face community forum appeared highly unlikely — the Org has still not announced that it will be the fourth consecutive meeting to be held via Zoom.

But two recently published documents show that ICANN doesn’t see travel getting back to normal any time soon, though its expected timing is ambiguous.

First, the proposed budget for fiscal 2022, which was published on Friday, envisages pandemic-related travel restrictions for only “the first nine months” of its current FY21, which ends June 30 next year.

That means that ICANN, at least in its travel budget, still thinks there’s a chance that international travel may be an option as early as April next year. Its travel budget for this year is $4.7 million, which certainly suggests one normal public meeting.

That would rule out Cancun, but leaves open the possibility that June 14-17 public meeting in The Hague could actually go ahead.

The budget also assumes a normal level of travel spending for the whole of FY22, which would mean ICANN 72 in Seattle — a mere domestic flight for most ICANN staff and a good portion of the domain industry — would also take place in-person next October.

But a resolution passed by the ICANN board of directors last Thursday appears to have a more pessimistic outlook.

The board at that meeting approved the continuation of contingency plans for signing the cryptographic keys at the root of the DNS that would eliminate the need for travel until the fourth quarter of calendar 2021.

Normal, quarterly root Key-Signing Key ceremonies require a small number of trusted “secret key holders” to be flown from around the world into facilities in the US, carrying physical keys, to ensure the integrity of the process.

But those rules were tweaked under coronavirus lockdown last April to allow IANA employees to sub in for these key-holders.

Understanding that the pandemic wasn’t going away any time soon, but perhaps with hindsight on the optimistic side, the KSK ceremony in April generated three quarters’ worth of keys in advance, enabling root DNSSEC until the end of March 2021.

Last Thursday, the ICANN board resolved to again bulk-generate keys during its next ceremony, to be held some time in the first quarter. The plan states:

The coronavirus pandemic is expected to continue to significantly impact operations well into 2021. To limit the impact on the ability to hold quarterly key ceremonies, the plan again provides for generating signatures for an extended nine-month period. This relieves the need to hold a subsequent key signing ceremony until the fourth quarter of 2021.

So, while the proposed budget thinks travel could return to normal by April, the KSK plans are thinking October could be the best-case scenario.

Vaccines appear to be the key, as you might expect:

Staff will continue to monitor the pandemic and prepare for all possible scenarios for this ceremony in accordance with the graduated approach. Should widespread vaccination programs prove to be successful, and international travel limitations be relaxed, it is conceivable a late-2021 ceremony could be conducted in its normal format with international in-person participation.

I’m going to go out on a limb and suggest that the chances of a normal in-person ICANN meeting going ahead before Seattle are pretty slim.

For vaccination programs to be successful, we’re going to need a combination of competent governments capable of handling an unprecedented logistical challenge and a largely sane, rationale populace willing to go under the needle en masse. I’m afraid I don’t have that much faith in humanity.

Even if everything goes smoothly, we’re still looking at the vaccine rollout taking a long time indeed. I live in the UK, the first country to roll out vaccinations at scale, and I don’t anticipate getting the jab for six months or more.

An unofficial calculator tool estimates that a middle-aged Brit with no diagnosed preexisting conditions cannot reasonably expect to get a vaccine until July 2021, assuming the UK manages to quickly ramp up to one million vaccinations per week and 70% of those eligible choose to take the shot.

If that’s true elsewhere in the world, and vaccination becomes a passport to travel, then any hypothetical June face-to-face ICANN meeting could resemble a senior care home or retirement village even more than usual.

Not so much Club Med as a Saga Holiday.

And none of this takes into account the potential impact of the super-spreadable new coronavirus strain discovered to be hugely prevalent in the UK last week.

While it’s early days, it seems there’s a significant possibility that what I’m calling the limeyvirus (because what goes better with Corona than lime?) is going to significantly impact travel worldwide in the coming months.

Comment Tagged: .travel, cancun, coronavirus, covid-19, ICANN, icann 70, icann 71, icann 72, pandemic, seattle, the hague

ICANN predicts rosy post-pandemic domain industry — time to start panicking?

Having totally misjudged the impact of the coronavirus pandemic on the domain name industry and its own budget, ICANN is now forecasting a rosy (post-pandemic?) fiscal 2022.

The Org has just published its proposed budget for the 12 months beginning July 1, 2021, predicting decent growth in transactions for new and legacy gTLDs, along with a modest increase in new registrars.

It’s also predicting that international travel will be back to normal, with three full in-person public meetings going ahead as usual.

ICANN is planning to receive $144.4 million in FY22, up slightly from the $140 million it expects to receive in the current financial year.

The FY22 number is boosted by a $4 million bung from Verisign, negotiated as part of the .com contract renewal, which lifted the price freeze.

It’s predicting a 3% increase in legacy gTLD registry transaction fees to $52.8 million and a 6% increase in legacy gTLD registry transaction fees to $5.1 million.

Registrar transaction fees for legacy gTLDs is expected to be up 4% to $33.4 million, with registrar fees for new gTLDs is predicted to rise 5% to $4.2 million.

Altogether, that’s $3 million extra in transaction fees — paid whenever a domain is registered, renewed or transferred — compared to its expected FY21 performance.

But that’s offset by a $600,000 predicted decline in fixed registry fees, due to an expected loss of 15 new gTLD registries (most likely dormant dot-brands) in the period. It expects to end the year with 1,141 fee-paying registries.

ICANN expects its pool of accredited registrars to bounce back a little, adding 28 in FY22 having lost an expected 121 in FY21. It expects to end FY22 with 2,356 registrars on its books.

The proposed budget also sheds light on how ICANN expects the remainder of coronavirus-afflicted FY21 playing out.

It currently expects its top line for the year to June 30, 2021 to be $140 million, compared to the $129.3 million it predicted in the FY21 budget approved in May this year.

But that budget had been slashed in April by 8% from its original draft, published a year ago. It had planned for $140.4 million, but reduced expectations by $11.1 million due to the coronavirus pandemic.

In April, before the extent of the lockdown bump experienced by many registries and registrars became clear, ICANN said:

ICANN org funding may be impacted because the economic crisis stemming from the pandemic has the potential to impact the funding from domain name registrations and contracted parties through the end of FY20 and into the first months of FY21.

Today, it’s saying the impact from coronavirus was “less than expected” and generally forecasting “stable” and more or less business as usual in FY22.

ICANN had budgeted for $85.5 million in transaction fees from all sources in the current year, but now it expects that to come in at $92.6 million, much closer to its December 2019 estimate of $94.7 million.

It had expected to see transaction fees from new gTLDs at both registry and registrar levels to be down by a third, at $8 million, but that number’s now expected to come in at $8.9 million. Likewise, the budget predicted a legacy gTLDs dip of 2.3% to $77.5 million, rather than the $86.2 million it now thinks is heading its way.

I should probably point out for future reference that the proposed budget for FY22 was published Friday, the day before the new strain of ultra-infectious coronavirus was discovered in the UK. Who knows what the impact of that might be.

The budget is open for public comment for two months here.

1 Comment Tagged: budget, coronavirus, covid-19, ICANN, pandemic