ICANN trying to water down its transparency obligations
ICANN? Trying to be less transparent? Surely not!
The Org has been accused by some of its community members of trying to shirk its transparency obligations with proposed changes to its Documentary Information Disclosure Policy.
The changes would give ICANN “superpowers” to deny DIDP requests, and to deny them without explanation, according to inputs to a recently closed public comment period.
The DIDP is ICANN’s equivalent of a Freedom of Information Act, allowing community members to request documentation that would not be published during the normal course of business.
It’s often used, though certainly not exclusively so, by lawyers as a form of discovery before they escalate their beefs to ICANN accountability mechanisms or litigation.
It already contains broad carve-outs that enable ICANN to refuse disclosure if it considers the requested info too sensitive for the public’s eyes. These are the Defined Conditions for Nondisclosure, and they are used frequently enough that most DIDPs don’t reveal any new information.
The proposed new DIDP broadens these nondisclosure conditions further, to the extent that some commentators believe it would allow ICANN to deny basically any request for information. New text allows ICANN to refuse a request for:
Materials, including but not limited to, trade secrets, commercial and financial information, confidential business information, and internal policies and procedures, the disclosure of which could materially harm ICANN’s financial or business interests or the commercial interests of its stakeholders who have those interests.
The Registries Stakeholder Group noted that this is “broader” than the current DIDP, while the At-Large Advisory Committee said (pdf) it “essentially grants ICANN the right to refuse any and all requests”.
ALAC wrote that “rejecting a request because it includes commercial or financial information or documents an internal policy makes a mockery of this DIDP policy”.
Jeff Reberry of drop-catch registrar TurnCommerce concurred (pdf), accusing ICANN of trying to grant itself “superpowers” and stating:
Extremely generic terms such as “confidential business information” and “commercial information” were added. Frankly, this could mean anything and everything! Thus, ICANN has now inserted a catch-all provision allowing it to disclose nothing.
Other comments noted that the proposed changes dilute ICANN’s responsibility to explain itself when it refuses to release information.
Text requiring ICANN to “provide a written statement to the requestor identifying the reasons for the denial” has been deleted from the proposed new policy.
A collection of six lawyers, all prolific DIDP users, put their names to a comment (pdf) stating that “the change results in less transparency than the current DIDP”.
The lawyers point out that requests that are denied without explanation would likely lead to confusion and consequently increased use of ICANN’s accountability mechanisms, such as Requests for Reconsideration. They wrote:
Simply stated, the Revised Policy allows ICANN to obscure its decision-making and will ultimately cause disputes between ICANN and the Internet community — the complete opposite of the “accountable and transparent” and “open and transparent processes” required by ICANN’s Bylaws.
One change that didn’t get much attention in the public comments, but which certainly leapt out to me, concerns the turnaround time for DIDP responses.
Currently, the DIDP states that ICANN “will provide a response to the DIDP request within 30 calendar days from receipt of the request.”
In practice, ICANN treats this obligation like one might treat a tax return or a college essay — it almost provides its response exactly 30 days after it receives a request, at the last possible moment.
The revised DIDP gives ICANN the new ability to extend this deadline for another 30 days, and I don’t think it’s unreasonable to assume, given past behavior, that ICANN will try to exploit this power whenever it’s advantageous to do so:
In the event that ICANN org cannot complete its response within that 30-calendar-day time frame, ICANN org will inform the requestor by email as to when a response will be provided, which shall not be longer than an additional 30 calendar days, and explain the reasons necessary for the extension of time to respond.
The predictably Orwellian irony of all of the above proposed changes is that they come in response to a community review called the Cross-Community Working Group on Enhancing ICANN Accountability Work Stream 2 (WS2), which produced recommendations designed to enhance accountability and transparency.
Whether they are adopted as-is or further revised to address community concerns is up to the ICANN board of directors, which is of course advised by the staff lawyers who drafted the proposed revisions.
ICANN staff’s summary of the seven comments submitted during the public comment period is due next week.
ICANN refuses to say why it allowed Donuts to buy Afilias
ICANN appears determined to make its decision-making process when it comes to industry consolidation as opaque as possible.
The Org has denied a request from two rival registries for information about how it approved the acquisition of Afilias by Donuts last December, apparently exploiting a loophole in its bylaws.
The transaction got the nod from ICANN after its December 17 board of directors meeting, at which the board discussed the deal and gave CEO Göran Marby the nod to go ahead and process the request.
What it didn’t do was pass a formal resolution approving the deal, which seems to have given it the room to wriggle out of its transparency requirements, such as publishing its rationale and briefing materials.
It’s a trick it also used last year when it decided to bar Ethos Capital from acquiring Public Interest Registry.
In response to a Documentary Information Disclosure Process request (pdf) last month, filed by Dot Hotel and Domain Venture Partners, ICANN said:
ICANN org makes available, as a matter of due course, on the ICANN website the resolutions taken, preliminary report, minutes, and the Board briefing materials for each Board meeting… ICANN org has already published all materials for the 17 December 2020 Board meeting.
No new information was published.
The DIDP was filed by two applicants for the new gTLD .hotel, which are competing with applications originally filed by both Donuts and Afilias.
They’d also asked for ICANN’s rationale for allowing Donuts to own two .hotel applications post-acquisition, but ICANN said it had no documents reflecting that rationale.
The .hotel contest is also the subject of an Independent Review Process case and a lawsuit, in which DVP is a plaintiff.
ICANN refuses to release more info on .org deal
ICANN has denied a request from one of its overseers to release more information about the acquisition of .org manager Public Interest Registry.
General counsel John Jeffrey has written to the Address Supporting Organization to say that its request for records is over-broad and exceeds the ASO’s authority.
The ASO had asked for:
any ICANN records which pertain to or provide relevant insight to the process by which ICANN will consider (and potentially approve) the assignment of the .org Registry Agreement, including the process by which input from the affected community will be obtained prior to ICANN’s consideration and potential approval of the assignment.
The ASO is one of the five Decisional Participants that make up the Empowered Community — the body that has technically overseen ICANN since formal ties with the US government were severed a few years ago.
If these terms are unfamiliar, I did a deep-dive on its request a month ago.
One of its powers is to make an Inspection Request, demanding ICANN hand over documentation, but Jeffrey states that such requests are limited to ICANN’s financials and the minutes of its board of directors’ meetings.
There’s no information related to the .org acquisition in its books or minutes, so there’s nothing to hand over, Jeffrey says. Anything else the ASO wants, it’s not allowed to have under the bylaws, the letter (pdf) says.
Despite the ASO’s role in the Empowered Community, it appears that its powers to request information are in many ways inferior to the standard Documentary Information Disclosure Policy, which is open to all.
Jeffrey invited the ASO to narrow its request and re-file it.
ASO uses super powers to demand ICANN turn over .org buyout docs
In an unprecedented move, ICANN’s Address Supporting Organization has exercised its special powers to demand ICANN hand over documents relating to the Ethos Capital acquisition of .org’s Public Interest Registry.
There’s a possibility, however small, that this could be the first shot in a war that could see the PIR acquisition scrapped.
Fair warning, this story is going to get pretty nerdy, which may not be compatible with the fuzzy-headedness that usually accompanies the first working day of the year. We’re heading into the overgrown weeds of the ICANN bylaws here, for which I apologize in advance.
The ASO — the arm of the ICANN community concerned with IP address policy — has asked ICANN Org for access to records concerning the $1.135 billion acquisition of PIR, which has attracted lots of criticism from non-profits, domainers and others since it was announced.
It’s unprecedented, and of interest to ICANN watchers, for a few reasons.
First, this is the ASO making the request. The ASO comprises the five Regional Internet Registries, the bodies responsible for handing out chunks of IP address space to ISPs around the world. It doesn’t normally get involved in policy related to domain names such as .org.
Second, it’s invoking an hitherto untested part of ICANN’s new bylaws that allows the certain community entities that make up the “Empowered Community” to make “Inspection Requests” of ICANN Org.
Third, and perhaps most importantly, there’s a hint of a threat that the ASO and other members of the EC may use their extraordinary powers to attempt to prevent the PIR acquisition from going ahead.
Before we unpick all of this, this is what the ASO has sent to ICANN, according to its December 31 statement:
As a Decisional Participant in the Empowered Community and pursuant to ICANN Bylaws section 22.7, the ASO hereby submits this Inspection Request to inspect the records of ICANN, including minutes of the Board or any Board Committee, for the purpose of determining whether the ASO’s may have need to use its empowered community powers in the near future relating to the potential assignment of the .org Registry Agreement. For this purpose, the ASO seeks to inspect any ICANN records which pertain to or provide relevant insight to the process by which ICANN will consider (and potentially approve) the assignment of the .org Registry Agreement, including the process by which input from the affected community will be obtained prior to ICANN’s consideration and potential approval of the assignment.
The Empowered Community is the entity that replaced the US government as ICANN’s primary overseer, following the IANA transition in late 2016.
Its members cover the breadth of the ICANN community, comprising the ASO, Generic Names Supporting Organization, Country Code Names Supporting Organization, Governmental Advisory Committee and At-Large Advisory Committee. Each member is a “Decisional Participant”.
Since the transition, its only real functions have been to approve appointments to the ICANN board of directors and to rubber-stamp the budget, but it does have some pretty powerful tools at its disposal, such as the nuclear ability to fire the entire board.
One of the powers enjoyed by each Decisional Participant, which has never been invoked publicly, is to make an Inspection Request — a demand to see ICANN’s accounts or documents related to the board’s decisions.
In this case, the ASO wants “records which pertain to or provide relevant insight to the process by which ICANN will consider (and potentially approve) the assignment of the .org Registry Agreement”.
But will it get this information? It seems the Inspection Request bylaw is a little bit like ICANN’s longstanding freedom-of-information commitment, the Documentary Information Disclosure Policy, with some key differences that arguably make the IR process less transparent.
Like DIDP, the IR process gives ICANN Org a whole buffet of rejection criteria to choose from. It can refuse requests for reasons of confidentiality or legal privilege, for example, or if it thinks the request is overly broad.
It can also reject a request if “is motivated by a Decisional Participant’s financial, commercial or political interests, or those of one or more of its constituents”, which makes the fact that this request is coming from the ASO particularly interesting.
If the GAC or the GNSO or the ccNSO, or even the ALAC, had made the request, ICANN could quite reasonably have thrown it out on the basis of “commercial or political interests”.
That’s not the case with the ASO, which makes me wonder (aloud, it seems) whether the ASO had received any nudges from other members of the EC before filing the request.
Inspection Requests also differ from DIDP in that any documents that are turned over are not necessarily published, and ICANN can also force the Decisional Participant to file a non-disclosure agreement covering their contents.
ICANN can even demand that an ASO member shows up at its Los Angeles headquarters in person to read (and, if they want, copy) the docs in question.
In short, ICANN has a lot of wriggle room to refuse or frustrate the ASO’s request, and it has a track record of not being particularly receptive to these kinds of demands.
The grey-hairs out there will recall that Karl Auerbach, one of its own directors, was forced to sue the organization back in 2002, just in order to have a look at its books.
But what’s perhaps most tantalizing about the ASO’s request is its excuse for wanting to inspect the documents in question.
It says it need the info “for the purpose of determining whether the ASO’s [sic] may have need to use its empowered community powers in the near future relating to the potential assignment of the .org Registry Agreement”.
One way of interpreting this is that the ASO needed to state a reason for its request and this is pretty much all it’s got.
But what powers does the Empowered Community have that could potentially cover the acquisition of PIR by Ethos? It certainly does not have the power to directly approve or reject the transfer of control of a gTLD contract.
The EC has nine bulleted powers in the ICANN bylaws. Some of them are explicitly about things like budgets and bylaws amendments, which could not possibly come into play here. I reckon only four could feasibly apply:
(i) Appoint and remove individual Directors (other than the President);
(ii) Recall the entire Board;
…
(viii) Initiate a Community Reconsideration Request, mediation or a Community IRP; and
(ix) Take necessary and appropriate action to enforce its powers and rights, including through the community mechanism contained in Annex D or an action filed in a court of competent jurisdiction.
Short of lawyering up or having the entire board taken out and shot, it seems like the most likely power that could be invoked at first would be the Community Reconsideration Request.
Judging by the bylaws, this is virtually identical to the normal Request for Reconsideration process, a process which very rarely results in ICANN actually reconsidering its decisions.
The major difference is that at least three of the five members of the Empowered Community has to vote in favor of filing such a request, and no more than one may object.
If they manage to muster up this consent — which could take many weeks — the fact that the reconsideration request comes from the “Community” rather than a single entity appears to make substantially no difference to how it is rejected considered by ICANN.
Threatening ICANN with a Community Reconsideration Request is a little like threatening to jump through an increasingly narrow series of hoops, only to find the last one leads into a pit filled with ICANN lawyers with laser beams attached to their heads.
A Community Independent Review Process, however, is a different kettle of snakes.
It’s substantially the same as a regular IRP — where ICANN’s fate is decided by a panel of three retired judges — except ICANN has to pay the complainant’s legal fees as well as its own.
ICANN’s track record with IRPs is not fantastic. It can and does lose them fairly regularly.
Could the ASO’s letter be the first portent of a community-led IRP bubbling up behind the scenes? Could such a move delay the PIR acquisition, putting Ethos’ plan for a profit-driven, price-raising .org on hold for a year or two? It’s certainly not impossible.
Anger as ICANN splashes out $160,000 on travel
Should representatives of Facebook, Orange, Thomson Reuters, BT and the movie industry have thousands of ICANN dollars spent on their travel to policy meetings?
Angry registrars are saying “no”, after it emerged that ICANN last month spent $80,000 flying 38 community members to LA for a three-day intersessional meeting of the Non-Contracted Parties House.
It spent roughly the same on the 2015 meeting, newly released data shows.
ICANN paid for fewer than 10 registries and registrars — possibly as few as two — to attend the equivalent Global Domains Division Summit last year, a few registrars told DI.
The numbers were released after a Documentary Information Disclosure Policy request by the Registrars Stakeholder Group a month ago, and published on Friday (pdf).
It appears from the DIDP release that every one of the 38 people who showed up in person was reimbursed for their expenses to the tune of, on average, $2,051 each.
The price tag covers flights, hotels, visa costs and a cash per diem allowance that worked out to an average of $265 per person.
ICANN also recorded travel expenses for another two people who ultimately couldn’t make it to the event.
The NCPH is made up of both commercial and non-commercial participants. Many are academics or work for non-profits.
However, representatives of huge corporations such as Facebook and BT also work in the NCPH and let ICANN pick up their expenses for the February meeting.
Lawyers from influential IP-focused trade groups such as the Motion Picture Association of America and International Trademark Association were also happy for ICANN to pay.
One oddity on the list is the CEO of .sucks registry Vox Populi, who is still inexplicably a member of the Business Constituency.
MarkMonitor, a corporate registrar and Thomson Reuters subsidiary that attends the Intellectual Property Constituency, also appears.
Despite $80,000 being a relatively piddling amount in terms of ICANN’s overall budget, members of the Contracted Parties House — registries and registrars — are not happy about this state of affairs as a matter of principle.
ICANN’s budget is, after all, primarily funded by the ICANN fees registries and registrars — ultimately registrants — must pay.
“CPH pays the bills and the non-CPH travels on our dime,” one registrar told DI today.
One RrSG member said only two registrars were reimbursed for their GDD Summit travel last year. Another put the number at five. Another said it was fewer than 10.
In any event, it seems to be far fewer than those in the NCPH letting ICANN pick up the tab.
It’s not entirely clear why the discrepancy exists — it might be just because fewer contracted parties apply for a free ride, rather than evidence of a defect in ICANN expenses policy.
The NCPH intersessional series was designed to give stakeholders “the opportunity, outside of the pressures and schedule strains of an ICANN Public Meeting to discuss longer-range substantial community issues and to collaborate with Senior ICANN Staff on strategic and operational issues that impact the community”, according to ICANN.
ICANN will post more uncensored .africa info
ICANN has committed to post more unredacted documents from its Independent Review Process case with DotConnectAfrica, following a request from DI.
The organization told DI today that it will publish the documents on its web site by August 31, in response to our July 27 Documentary Information Disclosure Request.
I’d asked ICANN to publish, unredacted, the entire declaration of the IRP panel, along with all equally unredacted exhibits and hearing transcripts.
Aware that ICANN enjoys invoking its “Defined Conditions for Non-Disclosure” in order to stop material being released sometimes, I added “that the public interest and transparency benefits to ICANN of disclosing this information far outweigh any benefit that could be accrued by invoking the Defined Conditions for Non-Disclosure”.
In response, ICANN said today (pdf) that it evaluates the public interest when processing DIDP requests, adding:
we have determined that to the extent additional information warrants disclosure and can be released without further consultation with third parties ICANN will publish that unredacted information no later than 31 August 2015. We will send you an email notification upon that publication. To the extent that disclosure of some information designated as confidential by third parties may be warranted and requires further consultation with third parties, or consultation with other third parties not previously consulted, ICANN has already initiated that consultation process. ICANN will publish such further unredacted information promptly upon, and to the extent that we receive, authorization from the relevant parties to release the information, and will send you an email notification upon that publication.
Since the DIDP was filed, ICANN has published over 700 pages of redacted transcripts from two in-person IRP hearings that took place in May.
Today, it also published a letter from DCA’s competing .africa applicant, ZA Central Registry, comprising an ultimately unsuccessful request for a couple of seats at the hearing.
What has not yet been published are the IRP exhibits showing exactly what ICANN did to oil the gears for ZACR’s application.
Due to Kieren McCarthy’s articles at The Register and ICANN’s subsequent admissions, we know that ICANN staff drafted a letter that the African Union Commission could use to express its support for ZACR in the correct format.
However, the IRP exhibits that would give clarity into what exactly ICANN sent and why remain redacted.
Communications between ICANN and InterConnect, which ran the Geographic Names Panel, and references to the Kenyan government’s did-they-didn’t-they support for DCA also remain redacted.
Man writes to ICANN with Whois look-up
A second person has asked ICANN for “a list of all registered domains”, using the organization’s freedom of information policy.
Jorge Sabate made a Documentary Information Disclosure Policy filing (pdf) last December, published this week, in which he made the request. He added:
If you are unable to provide the whole information, i would like to know the dste [date] was created the domain name christiansmith.com
That’s right. Sabate’s method of doing a Whois look-up on a single domain name appears to involve asking ICANN for a database of all 200 million registered domain names.
He’s not the first person to use the DIDP to make such a strange request. One Barry Carter asked for the same list last September, and was similarly unsuccessful.
No such database exists, of course, so ICANN had to rebuff both men.
But to answer your question, Mr Sabate: christiansmith.com was originally registered November 13, 1998.
ICANN rejects porn domain info request
ICANN has turned down a request from porn trade group the Free Speech Coalition for more information about the .xxx top-level domain application, including a list of its pre-registrations.
The organization sent a letter (pdf) to the FSC’s director Diane Duke last week, saying that the materials it requested about ICM Registry and IFFOR, its sponsorship body, are confidential.
This would make the information exempt from ICANN’s Documentary Information Disclosure Policy.
The FSC had specifically requested:
1. The list of the IFFOR Board members;
2. The list of proposed members of the Policy Council;
3. IFFOR’s Business Plan/Financials;
4. Business Plan/Financials Years 1‐5 utilizing 125,000 Initial Registrations;
5. The list of .XXX sTLD pre-registrants who have been identified to ICANN; and
6. ICM’s Proof of Sponsorship Community Support as submitted to ICANN.
According to ICANN, ICM was asked if it would like to lift the confidentiality restrictions and ICM did not respond.
The FSC believes that many of .xxx’s 180,000+ pre-registrations are defensive in nature, made by pornographers who would really prefer that the TLD is never approved, which ICM disputes.
Man asks ICANN for “list of all domains”
A man has used ICANN’s freedom of information procedure to ask for “a list of all registered domains”, forcing the organization to politely decline.
Barry Carter wrote (pdf):
Per http://www.icann.org/en/transparency/didp-en.htm please provide me a list of all registered domains (including all public registrant information). If you are unable to provide this information, please let me know why.
As you might imagine, with the number of registered domains in the gTLDs and ccTLDs numbering in the hundreds of millions, that’s what you might call a Big Ask.
ICANN’s response (pdf) patiently explains that it doesn’t have such a list and that assembling one would constitute an unreasonable request under its Documentary Information Disclosure Policy.
Still, worth a shot, eh?
Recent Comments