ICANN expects “significant” budget impact from coronavirus

The ongoing coronavirus pandemic is expected to have a “significant” impact on ICANN’s budget, according to an update from the organization.

The organization published its expectations of a $140.4 million budget for the fiscal year that begins this July last December, and opened it up for public comments.

In its summary of those comments (pdf), which had a February 25 deadline and therefore were not focused on the pandemic’s potential impact, ICANN said:

the COVID-19 pandemic is affecting significantly the entire world. ICANN expects that its activities and financial position will be significantly impacted as well. The ICANN org is working with the Board to assess and monitor the potential impact to ICANN’s funding, and planned work such as face-to-face meetings, travel, etc.

Any pandemic-related changes to the budget will be published prior to board approval, ICANN said.

So where is ICANN expecting the impact? It’s not entirely clear. I would expect to see some minor gains from slashing its travel budget in the wake of social distance rules, but it’s less obvious where a “significant” shortfall could occur.

ICANN had operational revenue — the money it gets from billing registries and registrars — of $136.8 million in the fiscal year ending June 30, 2019, its most recently reported year (pdf).

Of that total, roughly $56 million came from the market leaders in both segments, Verisign and GoDaddy, both of which have been given glowing analyst coverage since the outbreak began.

One commentator recently wrote that Verisign is “immune” from coronavirus and GoDaddy’s CFO told analysts just last week that he expects the impact of coronavirus to be “minimal” in the first quarter. That could of course change in future.

Almost half of ICANN’s revenue, some $65.7 million, comes from the top 10 registries and registrars.

So is ICANN expecting to see weakness in the long tail, the few thousand accredited registrars and gTLD registries that account for under $1 million in ICANN contributions per year? Is it expecting reduced voluntary contributions from the ccTLDs and Regional Internet Registries?

Will coronavirus cause huge numbers of small businesses to abandon their domains as they go out of business? Will it inspire large numbers of the recently unemployed and quarantined to start up web-based businesses in an attempt to put food on the table? Will it cause large portfolio owners to downsize to save costs?

All of these outcomes seem possible, but these are unprecedented times, and I couldn’t being to guess how it will play out.

No .com price increases this year. Thanks, coronavirus!

Verisign won’t increase prices on .com or any of its other TLDs this year.
The promise comes as part of a package of coronavirus-related measures the company announced on its blog yesterday. Verisign said:

In order to support individuals and small businesses affected by this crisis, Verisign will freeze registry prices for all of our Top-Level Domains (TLDs), including .com and .net, through the end of 2020. In addition, we will soon deploy a program, available to all retail registrars, to provide support and assistance for domain name registrants whose domain names will be expiring in the coming months.

No additional details on the proposed registrant support program were made available.
The pricing news sounds good, especially for high-volume domain owners such as domainers and trademark owners, but it should be noted that in the case of .com it amounts to a mere two-month price freeze.
Under the terms of its current agreement with ICANN, it can’t raise prices at all. The controversial proposed amendments that recently attracted about 9,000 objections, would reinstate price-raising powers.
However, assuming ICANN approves the new contract, which seems likely, Verisign would only be able to up its fees in the final four years of its six-year deal. The first of those four years begins October 20 this year.
Conceivably, it could have announced a 7% price hike for .com on October 21, but the company has now said that it will not.
Verisign also said yesterday that it’s donating an “initial” $2 million to “first responders and medical personnel in the Northern Virginia area, the United Way’s COVID-19 relief efforts, and the Semper Fi & America’s Fund”.
It is also doubling the funding available to the scheme where it matches employees’ charitable donations, which could increase (and incentivize) giving to coronavirus-related causes.

An open question to the domain name industry about coronavirus

“Don’t worry. We’ve done this before.”
That was pretty much the first sentence out of my grandmother’s mouth when I called to wish her a happy Mother’s Day.
She was talking about World War II and the immediate post-war years. She’s 94, so she saw both.
She’s no Uncle Albert. I don’t think I’ve ever heard her talk about “The War” before. Not once. But when her grandson called her for the first time in embarrassing months, that was where her mind went straight away.
They couldn’t get oranges, for years, back then. If you were diabetic, you couldn’t get sugar, but they gave you extra butter instead. She developed an aversion to canned pineapple chunks that persists to this day. She still has her ration book, a souvenir of trying times, squirreled away somewhere.
She was in generally good spirits. She knows that Covid-19, if it gets through the front door of her granny flat, will very likely be the end of her. Her mind is fully intact, but her body is all kinds of fucked up. But she and the family members who bring her food are taking the proper precautions. And, she said, she’s been self-isolating since November anyway. What’s another 12 weeks?
The WWII comparison was not at all surprising to hear, of course. A lot of us have been thinking similar things. The media is currently resplendent with uplifting examples of what we Brits refer to as the “Blitz spirit” — unity and stoicism in the face of overwhelming adversity.
There are significant differences, of course.
The enemy now is not an identifiable political faction with a skull on its cap, but a remorseless, invisible beastie. The Allies are not a collection of like-minded liberal nations, but literally the entire human species.
The baddies don’t want to shoot you. They want to infiltrate your nasal cavity and make you accidentally kill your parents with a hug. You kill them with soap.
Back then, we required young men to travel overseas to kill and potentially die to serve the greater good. We asked the women they left behind to take to the factory floors and work traditionally male jobs. Now, all we ask of them is that they don’t go down the pub on a Saturday night, and apparently sometimes even that’s too big of an ask.
Society is asking me to work from home during the day and do nothing more than watch TV and play Xbox in the evenings. Fine. I can do that. I was doing that anyway. This, apparently, is how my generation gets to save lives.
It doesn’t feel like much of a sacrifice.
Worldwide, people are sitting alone at home, twiddling their thumbs, watching slightly-less-than-hi-def Netflix, and wondering how they can do more to make a positive difference in this civilizational battle.
In the domain industry, we’ve recently seen the Internet Commerce Association attempt to help out people who are financially struggling due to coronavirus with its #DomainAssist Twitter campaign.
I’m not sure how effective it’s going to be, but ICA members have money, are trying to make a difference, and I’m certainly not going to knock them for it.
But there is one battle that the domain industry is uniquely positioned, and maybe even obligated, to fight.
That’s the fight against misinformation.
The World Health Organization started alerting the world to the Covid-19 “infodemic” in early February.
“We’re not just fighting an epidemic; we’re fighting an infodemic,” WHO director-general Tedros Adhanom said at the Munich Security Conference February 15. “Fake news spreads faster and more easily than this virus, and is just as dangerous.”
Hear that? The world’s top doc says that misinformation is just as dangerous as something that could kill your grandmother.
Just as crime flourished in London during the Blitz, 21st century fraudsters have been quick to take advantage of the coronavirus panic.
The fake news ranges from the harmlessly satirical — a quarantined Tom Hanks being supplied with a volleyball for company — to the life-threatening — tales of how ingesting silver, taking cocaine or drinking bleach can protect your from the virus.
In India, fake news is persuading people to drink cow piss.
Some of these scammers are just conspiracy theorists raging against the Big Pharma machine. Others are actively trying to make money hawking bogus and dangerous fake vaccines and cures. In the era of pandemic, they’re just as bad as each other.
It’s serious stuff. An infected person who thinks they’ve ingested the magic cure is less likely to take the proper precautions and more likely to transmit the virus to others, who will transmit it to others, who will transmit it to others… and then a bunch of people die.
So far, the WHO and other health authorities have rightly been focused largely on the social media platforms where the majority of this bogosity spreads.
The likes of Facebook, Twitter and Google have made changes to their usage policies or content-promotion algorithms in response to the crisis.
Twitter has banned tweets that go against the official guidance on reducing the spread of the virus. Facebook is promoting authoritative news sources and fact-checking misinformation. Google searches for coronavirus return curated, science-based info embedded in the results page, and banned coronavirus-related advertising. YouTube is taking down videos peddling dangerous misinformation.
The social media side of the technology industry certainly seems to be backtracking on its usual “we just a neutral platform” stance.
But it’s not just happening on social media. Many of these posts lead to web sites that are harmful. Some are simple frauds and phishing attacks. Others promote fake cures or urge readers to ignore the official science-based advice.
These web sites use domain names. Thousands have been registered in recent weeks.
NewsGuard has identified dozens of web sites that are promoting coronavirus misinformation. Fact-checking sites such as the AFP and Snopes have identified many more.
So here’s my open question, which I pose to every registry, registrar and reseller reading this:
If you are told about a domain name under your management that is publishing dangerous misinformation, will you take it down?
I’d like to think I know the answer to this question already, but I’m not sure I do.
Registries and registrars are notoriously reluctant to act on complaints about the contents of web sites. Many require a court order before taking action.
During peace time, worthy principles such as free speech, privacy, and legal due process all play a role in this kind of decision-making.
The latest version of the Framework to Address DNS Abuse lists four types of content that its dozens of domain-industry signatories “should” (as opposed to “must”) act on — child sex abuse material, illegal opioid sales, human trafficking, and credible incitements to violence.
The underlying principle leading to this list is “the physical and often irreversible threat to human life”.
I’m reminded of the ethical conundrum faced by EasyDNS and CEO Mark Jeftovic back in 2014, when the company changed its usage policies after a guy died due to fake pharma bought via a domain under its management.
“In one case we have people allegedly pirating Honey Boo Boo reruns and on the other we have people dying. We don’t know where exactly, but the line goes somewhere in between there,” Jeftovic wrote at the time.
I don’t wish to pick on EasyDNS or Jeftovic — changing one’s mind in the face of new evidence is an admirable trait — but I think his quote poses the question quite well.
There’s a line where free speech ends and incitement to virological violence begins.
Figuring out where that line is is something the domain name industry is going to have to get to grips with, fast.

More ICANN events cancelled for May

ICANN has cancelled its annual GDD Industry Summit and DNS Symposium, which had been scheduled to take place in Paris, France, in May.
“The decision to cancel these events was made in light of the rapidly evolving COVID-19 virus outbreak and, for the GDD Summit, included conversations with the Contracted Parties House,” ICANN said in a statement.
The two events had been due to take place back to back from May 3 to 6 and May 7 and 8, respectfully.
The GDD event is for commercial members of the domain name industry — registries and registrars — while the Symposium focuses on the technical side of the industry and had planned to focus on DNS security.
It appears that, unlike ICANN 67, neither is being replaced with a virtual meeting.

More domain industry response to coronavirus

It’s beginning to look like home-working has become the norm, rather than the exception, in the domain name industry.
Following on my post Monday, here are the latest companies and organizations to provide updates on their responses to the coronavirus pandemic.

• ICANN has told its staff in Brussels, Geneva and Singapore to work from home, while recommending that its guys in Istanbul, LA and Washington DC do the same. Staff in Montevideo and Nairobi, where confirmed cases of the virus are pretty light, will carry on as normal for now. The edict will be in effect until March 31. One imagines there’s a good chance it could be renewed.
• In the UK, Nominet said yesterday that it has “initiated home-working across all our teams from today” and expects “business as usual”. All in-person events through the end of May have been postponed.
• In Ireland, registry IEDR said that it closed its offices in Dublin on Friday and may reopen March 30, pending further government guidance. Like other registries, IEDR said it’s already well-equipped for staff to work remotely.
• Also in Ireland, registrar Blacknight Solutions tells me its team are also now working from home.
• Canada-based registrar Tucows said: “On Sunday March 8, Tucows’ executive leadership announced that all employees who could conceivably work from home were encouraged to do so in the week that followed. On Monday, it looked like an overabundance of caution but by Thursday morning it seemed prescient.” While there is expected to be no impact to the registrar side of the house, the Ting Internet ISP arm has cancelled and rescheduled all home egineering visits, which obviously could cause customer disruption.
• French registrar Gandi, operating under some of the world’s most stringent government guidelines, said yesterday its staff are naturally enough now all working from home.
• Not strictly domain industry, but the World Intellectual Property Organization said yesterday it has limited access to its Geneva headquarters to only “essential” staff.
• US-based registrar MarkMonitor said Monday it has implemented a remote-working regime for its staff.

Given how dog-bites-man such announcements have rapidly become, I doubt I’ll be following up this series of posts again, unless something truly extraordinary happens. It’s pretty safe to assume that before long almost everyone in the industry will be working from home.

.org decision delayed another month

ICANN has been given another month to decided whether or not to approve Ethos Capital’s proposed $1.13 billion acquisition of Public Interest Registry from the Internet Society.
PIR said today that it has agreed to give ICANN until April 20 to give it the yay or nay on the controversial deal.
It seems the disruption and distraction caused by the coronavirus pandemic played at least a small role in the decision. PIR said:

To ensure ICANN and the California Attorney General’s office, with which we have been communicating, have the time they need to address any outstanding questions regarding the transaction, especially in light of current events, we have agreed to an ICANN deadline extension to April 20th. We look forward to ICANN’s decision by this date.

Yesterday, opponents of the deal suggested that the acquisition could interfere with the global pandemic response, but PIR has dismissed these claims today as “misleading and alarmist” and “deceiving the public”.
Meanwhile, PIR has updated the proposed contractual Public Interest Commitments that it believes will address some of its critics’ concerns.
Future changes to the PICs will be subject to ICANN’s public comment process, the company said. This is presumably designed to calm fears that the registry will simply dump the PICs next time its contract comes up for renegotiation.
Given the level of confidence in the efficacy of the public comment process — which I would argue is currently close to zero — I doubt this new promise will have its intended effect.
PIR has also taken on criticism that its proposed .ORG Stewardship Council, designed to make sure .org continues to be managed in the public interest, could easily be captured by Ethos yes-men.
Now, instead of appointing the first five members of the council itself, Ethos will instead recruit an “internationally-recognized executive search firm” to find five suitable candidates from stakeholder groups including ICANN’s Non-Commercial Stakeholder Group and At-Large Advisory Committee.
Those nominations will still be subject to final approval by the PIR board, however, so again I think the deal’s critics will still have complaints to cling to.
PIR expects to announce further details of the council selection process next Monday, March 23.

Delay .org deal because of… coronavirus? Gimme a break

Opponents of Public Interest Registry’s proposed acquisition by Ethos Capital are now claiming that ICANN should delay approval of the deal due to coronavirus.
A statement, released yesterday by digital rights group Access Now with the apparent approval of several other like-minded groups, outlines a few reasons why coronavirus means ICANN should reject, or at least delay its consideration of, the deal.
ICANN is currently working towards a March 20 deadline to deliver its verdict.
Peter Micek, general counsel for Access Now, said in the statement:

Far from routine, this transfer would further imperil crucial channels of trusted information in a precarious time. From Médecins Sans Frontières to Wikipedia to many of the world’s hospitals, organizations that disseminate accurate health information and connect affected communities with public resources depend on the .ORG domain. Now is not the time to shift the ground beneath their online activities.

Could a $0.97 increase in the cost of wikipedia.org this year see Wikipedia’s hive mind crumble and turn into the digital equivalent of Jenny McCarthy’s brain? Will it prompt MSF volunteers to retreat, screaming, from the front lines? I don’t think so.
The statement goes on to suggest that China would be able to use its substantial financial and political clout to lean on Ethos’ secretive backers to something something something coronavirus. Kenneth Roth, executive director of Human Rights Watch said:

The Chinese government routinely uses economic pressure to censor critics or inconvenient information, such as about its disastrous early cover-up of the coronavirus outbreak. Investors in the private equity firm that wants to buy the .ORG domain inevitably will have economic interests that Beijing could threaten.

While there may well be a nugget of truth in there, I fail to see how it applies to the current pandemic. Is the argument that China will pressure Ethos’ billionaire money men to close down domains belonging to organizations disseminating accurate Covid-19 information? It seems a stretch.
China already has substantial powers to shut down domains within its own borders, and requires registries operating in the country to comply with Draconian censorship rules. I’m not aware of any cases of these existing powers being exercised against domains globally.
A third argument is that ICANN is using coronavirus as a convenient smokescreen to quietly approve the acquisition while everyone else is busy ram-raiding corner stores for toilet paper.
Daniel Eriksson, head of technology at Transparency International, said in the statement:

If this transfer goes ahead during the current crisis as planned, we’ll look back on it as an example of vested interests taking advantage of the extraordinary situation created by the COVID-19 pandemic to further their own concerns at the expense of the broader good of society. We need to be vigilant against any such actions, and this is precisely the role of many civil society organizations that have a watchdog function. We need maximum transparency and integrity around the sale of .ORG, and that is simply not possible if the sale is rushed through at a moment when peoples’ attention is elsewhere.

Again, this seems like a stretch. The announcement of the acquisition predates the discovery of Covid-19 by weeks, and it has been subject to intense scrutiny, engagement, comment and unprecedented — albeit imperfect — levels of transparency ever since. This is an acquisition being negotiated to a large extent in the public square.
I’ll be generous and suggest a fourth explanation: this is probably just a poor-taste (but, let’s face it, successful) attempt to grab headlines by linking the #SaveDotOrg campaign, however thinly, to the pandemic currently occupying the world’s collective conscious.
There are plenty of good arguments that could be — and are being — made in favor of further delay and scrutiny of the deal, but I don’t think coronavirus is one of them.

Not every coronavirus domain registrant is a douchebag

While there are plenty of domain registrants apparently trying to make a quick buck out of the coronavirus pandemic, I’ve managed to dig up several that appear to have less parasitical motives.
I spent some time today poking around gTLDs where one might reasonably expect to find coronavirus information, products or services. In each TLD, I looked up the second-level strings “coronavirus”, “covid-19” and “covid19”. I did not check any ccTLDs, IDNs or geographic gTLDs.
In the large majority of gTLD cases, the domain was parked, offered for sale, or displayed default web host information.
Some were being monetized in other ways, and at least one appears to be actively dangerous to public health.
These are the ones that don’t seem to be purely out to make a quick buck or get people killed:

• covid19.health — a web site, attributed to one Steven Liu, has been produced containing interactive data about the current state of worldwide infections, deaths and recoveries.
• coronavirus.live — redirects to the pandemic data page at the Center for Systems Science and Engineering at Johns Hopkins University, which resembles a scene from War Games (1983).
• covid19.news, covid-19.news, covid-19.live and covid19.live — all redirect to covid2020.com, a web site run by somebody going by “CovidDataGirl” that appears to be at the very least a serious attempt to build a web site containing actual information. It does, however, also solicit small “buy me a coffee” donations to support the site, so it might not be fully altruistic.
• covid-19.com — frames Chinese-languages news and data about the outbreak from two other web sites, as it has since day one. I can’t fully verify the sources are legit, but they appear to be at first glance.
• coronavirus.com — this has been registered since 2002 and reportedly belongs to GoDaddy following its recent acquisition of Frank Schilling’s portfolio. It bounces visitors to the World Health Organization’s coronavirus web page. GoDaddy didn’t really have any choice here — any appearance of an attempt to monetize would have been public relations suicide.
• coronavirus.app — more hard data overlaid onto a fairly slick world map.
• covid19.care and covid19.today — somebody is attempting or has attempted to make a useful web site here, but it’s either a work in progress or abandoned.
• covid19.consulting — bare-bones pandemic data.
• coronavirus.media — a news aggregator that looks like it was abandoned over a month ago.
• coronavirus.rehab — all the information is copy-pasted from sources such as WHO and Johns Hopkins, or fed in via open news APIs, but at least it’s therefore factual and there does not appear to be any overt attempt at monetization.
• covid-19.rehab — Russian news aggregator with no obvious monetization.
• coronavirus.horse — I had no particular reason to check this one out, other than I know the internet’s penchant for putting wacky stuff on .horse domains. To my surprise, it resolves, bouncing users to the nightmare fuel at the aforementioned Johns Hopkins site.

There were no registered domains in tightly restricted spaces such as .loan, .insurance and .pharmacy, as you might expect.
And now the bad news.
I found no clearly non-douchey uses in .blog, .doctor, .center, .clinic, .education, .equipment, .fit, .fitness, .flights, .healthcare, .hospital, .lawyer, .supplies, .supply, or .wiki. Just parking, sales and host default pages.
Sadly, coronavirus.science is being used by a bunch of irresponsible quacks to peddle dangerous pseudoscience.
I found one Spanish-language splog at coronavirus.consulting and an Amazon affiliate page selling hand sanitizer and face-masks at coronavirus.equipment.
One guy has registered one of the three strings in at least 10 different new gTLDs — including .deals, .host and .enterprises — each of which invites visitors to click on a link to the next in a never-ending cycle. None of the pages are monetized.
Somebody is attempting to make money selling merchandise featuring a cartoon cat in a face mask at coronavirus.shop and coronavirus.rocks. I have mixed feelings on this one, but I am a sucker for cats.
I was close to featuring the three .org domains in the “good” list above, as they actually present a great deal of content related to coronavirus, but they appear to belong to the same guy who’s currently arguing with Andrew Allemann on Domain Name Wire about whether it’s acceptable for domainers to profit from tragedy.
For the record, I agree with Allemann: serious domain investors should never attempt to exploit these kinds of crises for financial gain. Not coronavirus, not anything. It casts the entire profession in a terrible light and will probably harm domainers’ collective interests in the long run.
There’s a reason the Internet Commerce Association has a code of conduct banning such activity.
It’s a lot easier to ignore their complaints about, say, price increases in .com or .org, if you can easily characterize domainers as a bunch of ambulance-chasing assholes. Verisign has already done this and ICANN could well be next.

Roundup: domain industry starts to respond to coronavirus pandemic

With much of the world already laboring under coronavirus-related movement and assembly restrictions, many domain industry companies have started to publicly outline their business continuity plans.
Some companies have already implemented blanket home-working rules, while others are ready to pull the trigger on such regimes just as soon as local government policy or other circumstances require it.
Here’s a roundup of what some of these companies have said over the last few days.
It’s not an exhaustive list — I’m sure many companies have unannounced contingencies in place — and it should be noted that some of these announcements may well be out of date already, due to the speed at which the virus risk, and government responses to it, are changing.

• In Italy, the nation hardest-hit by the virus outside of China, local ccTLD registry Registro.it said: “Due to the current health emergency, there may be delays in the processing of legal and administrative procedures in the coming days. Activities related to the registration and maintenance of domains will be carried out as usual”.
• NIC Chile, the .cl registry, has imposed a ban on outsiders attending its offices, effective today, “in order to safeguard the health of its clients and officials”.
• Portugal’s Associação DNS.PT, the .pt registry, has gone a step further, saying Friday that it has already adopted remote working. It added that it was not aware of any confirmed cases and that it expected business to continue as normal.
• An undated notice on DNS Belgium’s web site states: “To guarantee maximum business continuity, we temporarily close our office and all work from home.”
• Dutch ccTLD registry SIDN said Friday that “most” of its employees are working from home, and it will minimize in-person contacts to “strictly necessary” meetings. It does not expect disruption to services.
• Austrian Nic.at said that employees “who are not tied to the Vienna or Salzburg office locations due to their work can work from home by telework”, adding “strict hygiene measures apply in the offices”.
• In Denmark, DK-Hostmaster said that customer support will now be conducted purely via email, with phone support suspended until March 27.
• It’s the same story in Poland for .pl domains, according to a notice on the NASK web site.
• Afilias said Thursday that it has contingency plans in place to keep its registry business ticking over even if staff fall ill or office closures are mandated. It’s also stepped up office cleaning and made hand sanitizer available to staff. Employees will be able to home-work should the need arise, the company said.
• Corporate registrar family Com Laude said that it’s updated its business continuity and disaster recovery plans to account for the pandemic threat, including providing remote-working solutions for its staff.
• Network Solutions, part of Web.com, told customers Friday that its workforce is geared up to work from home too, and that customer service should be unaffected during the crisis.
• British registrar Astutium said it won’t book any in-person meetings with clients for the next 90 days, and that if anyone shows up for an already-booked meeting they will be required wash thoroughly before they’re let through the door.

I’ve not heard any reports yet of members of the industry with confirmed infections. So that’s good.

At ICANN 67, nobody knew you’re a dog

Want to see what your fellow ICANN 67 attendees looked like on the other side of the Zoom chat room?
The meeting may have been held entirely remotely, but that hasn’t stopped the ICANN org from populating its Flickr page with a big wedge of photos, one of which seems to prove the old adage that “On the internet, nobody know’s you’re a dog.”

Photo credit: @icannphotos
At regular, face-to-face ICANN meetings, there’s a professional photographer doing the rounds, doing his or her level best to make jet-lagged, bearded. middle-aged men sitting in circles at laptops look thrusting and dynamic.
This time, it was largely up to remote participants to submit their own mug shots, taken in their home offices, kitchens, and lounges, for your viewing delight. And what a jolly nice bunch of people they look.
The batch of photos from 67 also includes a number taken on-site at ICANN’s Los Angeles headquarters, which had been hastily rigged up to act as the meeting’s hub after the face-to-face meeting in Cancun, Mexico was cancelled over coronavirus fears.
Here.