Latest news of the domain name industry

Recent Posts

Lawyer ban coming to ICANN

Kevin Murphy, October 17, 2024, Domain Policy

Tell us who you’re working for, or get out.

That’s the message, mainly targeting lawyers in private practice, underpinning a proposed change to the rules governing participating in ICANN policy-making proceedings.

The Org has published a new “discussion draft” of a Community Participant Code of Conduct Concerning Statements of Interest, which proposes closing a loophole that currently allows lawyers to keep their clients’ identities secret.

Today, everyone who participates in policy-making has to file a Statement of Interest, disclosing among other things their employers and/or clients, so their fellow volunteers know who they’re dealing with.

But there’s an exemption where “professional ethical obligations prevent you from disclosing this information”.

The new proposals would remove this exemption. The text (pdf) reads:

withholding relevant information about the interests involved in the deliberations could impair the legitimacy of ICANN’s processes. When disclosure cannot be made, the participant must not participate in ICANN processes on that issue.

This rule would also apply, for example, to participants from companies that are secretly working on technology patents relevant to the area of policy work, ICANN said.

Imagine an employee of a Big Domains firm pushing hard for a change to Whois policy while their employer is covertly intending to patent elements of the technology that would be needed to implement that policy.

The other example I’ve been given is of a lawyer in private practice who’s representing a company that intends to apply to ICANN for a new gTLD in the Next Round, where disclosing the desired string might be unwise.

If Pepsi is planning to apply for .pepsi, thinking it will give it a competitive advantage over Coca-Cola, having its outside counsel essentially announce that fact to the world could tip off its rival to start working on its .coke application.

In both those situations, the proposed new SOI policy would ask the would-be volunteer to either disclose or recuse. If discovered to have lied about their interests, they could be banned from all future ICANN policy-making work.

The proposals also target those working for trade groups who keep their member lists private. The document states:

If participants are participating on behalf of a trade association, consortium, or similar organization, those participants are urged to identify where other participants within ICANN can locate pertinent information about the membership or funding of that organization.

The proposals appear to have originated with ICANN Org after community efforts to reach consensus on SOIs failed.

A GNSO working group called CCOICI, for Council Committee for Overseeing and Implementing Continuous Improvement, after internal disagreements last year recommended keeping the lawyer loophole.

But when it came to a GNSO Council vote almost exactly a year ago, the Contracted Parties House (registries and registrars) unanimously rejected the CCOICI recommendations, precisely because of the loophole.

The Non-Contracted Parties House gave the changes their unanimous approval.

CPH members’ interests are of course generally known by virtue of the fact that they’re CPH members, representing their employers.

As I reported back in March, the CPH continues to think the SOI rules need strengthening, and that position is shared by members of the influential Governmental Advisory Committee.

The proposals are open for public comment until December 2.

Plurals ban policy handed to ICANN board

Kevin Murphy, September 26, 2024, Domain Policy

The GNSO Council has approved a blanket ban on singular and plural versions of the same word being delegated as gTLDs in future and passed it to the ICANN board of directors for final consideration.

The proposed policy would prevent anyone applying for the singular/plural equivalent of an existing gTLD, and would put future applications for single/plural clashes into contention sets where only one would survive.

The ban would prevent a future .kitchens, for example, because there’s already a .kitchen, and there could be no .motorcycle gTLD because there’s already a .motorcycles.

It would also mean that if there are future applications in the same round for .podcast and .podcasts, for example, they would be placed in the same contention set, likely go to auction, and only one would be delegated.

Applicants would also be banned from applying for singular/plural variants of the few dozen strings found on a “limited blocked name list” that comprises mainly the names of internet policy organizations including ICANN, the IETF and the GNSO.

That list also includes dictionary words such as “onion”, “invalid”, “test”, “internal” and “local”, so there could never be a .onions or .locals gTLD under the policy.

ICANN would decide whether two strings are “the singular or plural version of the same word in the same language” by reference to a dictionary.

The idea behind the ban is mitigating abusive registrations that could be used in, for example, phishing attacks, as well as lazy gTLD applicants that might hope to piggyback on the success of their single/plural rival.

The policy recommendation was written by a “Small Team Plus” of 15 community volunteers after the ICANN board last year rejected the GNSO’s original singular/plural policy, which would have made exceptions to the ban based on the applicant’s “intended use” of the gTLD.

An example given was that if one applicant applied for .spring to represent the meteorological season and another applied for .springs to represent flexible coils of metal, the latter would not be judged a plural of the former.

But the board was worried that if ICANN had to make a call on “intended use”, ICANN would also have to monitor and enforce the use of the gTLD in future, breaking its bylaws promise not to regulate internet content.

Under the revised policy recommendation, .spring and .springs would be ruled as singular/plural equivalents of each other, regardless of how they were going to be marketed.

While the Small Team was not unanimous in its consensus recommendation, the GNSO Council was unanimous in approving it at its monthly meeting last week. The language will now be sent to the ICANN board for approval or rejection.

Community revolts over ICANN’s auction proceeds power grab

Kevin Murphy, April 30, 2024, Domain Policy

Parts of the ICANN community have revolted over ICANN’s move to make it easier to turn off the mechanisms used to appeal its decisions.

Both registries and registrars, along with their usual opponents in the business and intellectual property communities, have told the Org that a proposal to change its foundational bylaws are overly broad and creates new powers to diminish ICANN’s accountability.

Meanwhile, the Intellectual Property Constituency seems to have escalated its beef with ICANN related to the proposals, entering into a Cooperative Engagement Process with ICANN. CEP is usually, but not always, a precursor to an expensive, quasi-judicial Independent Review Process case.

The row relates to the Grant Program, which launched a month ago and will see ICANN hand out $217 million it gained from auctioning registry contracts during the 2012 new gTLD program application round.

The rules of the program were developed by the Cross-Community Working Group on New gTLD Auction Proceeds.

The CCWG was afraid that ICANN might wind up frittering away most of the money on legal fees unless unsuccessful grant applicants, and third parties, were banned from appealing grant decisions they didn’t like. So its Recommendation 7 proposed a bylaws amendment that would prevent the Independent Review Process and Request for Reconsideration process from being used with reference to the Grant Program.

What ICANN came up with instead is a bylaws amendment that could be applied not only to the Grant Program, but also potentially to any future activities.

Specifically, ICANN’s proposed amendment gives future CCWGs, assuming they have sufficient community representation, the ability to recommend exceptions to the accountability mechanisms, which ICANN could then accept without having the amend the bylaws every time.

But almost every constituency that has filed an opinion on the proposals so far thinks ICANN has gone too far.

The IPC said says ICANN’s proposal is “unacceptably broad and exceeds what is necessary to give effect to Recommendation 7” adding:

The IPC is also concerned that making such a broad Bylaws amendment could have the consequence of normalizing the idea of removing access to accountability mechanisms, rather than this being an exceptional event. This is not something that should be encouraged.

The Registries Stakeholder Group said the proposal “creates an alternative path for amending the Bylaws that contradicts the existing amendment processes”

“The Accountability Mechanisms are foundational to ICANN’s legitimacy. Access to Accountability Mechanisms should be prevented only in rare circumstances with the clear support of the Empowered Community,” it added.

The Registrar Stakeholder Group concurred, writing:

Robust Accountability Mechanisms are a lynchpin of ICANN’s broader accountability structure. They should only be disallowed, if ever, in very specific circumstances, and as a result of the full bylaw amendment process. The proposed bylaws amendment vests CCWGs with the power to disallow Accountability Mechanisms which we believe is inappropriate.

Several commenters pointed out that CCWGs are less formal ICANN policy-making structure, with fewer checks and balances than regular Policy Development Processes.

The only dissenting view came from the At-Large Advisory Committee, which said it “strongly supports” ICANN’s proposed amendment, writing:

Although any limitation in accountability is potentially onerous, the ALAC is comfortable that the three conditions proposed in the amendment only allow such limitations in situations where a more specific Bylaw limitation would also be approved by the Empowered Community.

In a related development, the IPC has taken the highly unusual move of entering CEP with ICANN, suggesting it is on the IRP path.

The IPC had filed a Request for Reconsideration late last year, at a time when it appeared that ICANN had outright rejected Recommendation 7 (having previously approved it), but ICANN’s board threw it out mostly on the grounds that the IPC could not show it had been harmed, which the IPC found curious.

If the IPC were to go to IRP, it would be unprecedented. The mechanism has only ever been used by companies defending their commercial interests, never by one of ICANN’s own community groups on a matter of principle.

ICANN content policing power grab may be dead

Kevin Murphy, April 3, 2024, Domain Policy

A move by ICANN to grant itself more formal “content policing” powers may be dead, after the community was split on the issue and governments failed to back the move.

The Governmental Advisory Committee yesterday sent comments essentially opposing, for now at least, the idea of ICANN reforming its bylaws to give it more powers over internet content, making it very unlikely that ICANN would be able to get such amendments approved by its community overseers.

The comments came a few days after ICANN extended the deadline for responses to a December 2023 consultation on whether applicants in the next new gTLD round should be able to sign up to so-called Registry Voluntary Commitments that regulate content in their zones.

RVCs would be an appendix to ICANN Registry Agreements which would commit a registry to, for example, ban certain types of registrant or certain types of content from domains in their gTLDs.

They’re basically a rebadged version of the Public Interest Commitments found in RAs from the 2012 round, in which the likes of .sucks agreed to ban cyberbullying and .music agreed to ban piracy.

But they’ve got ICANN’s board and lawyers worried, because the Org’s bylaws specifically ban it from restricting or regulating internet content. They’re worried that the RVCs might not be enforceable and that ICANN may wind up in litigation as a result.

ICANN has therefore proposed a framework (pdf) in which RVCs would be enforced by ICANN only after an agreed-upon third-party auditor or monitor found that a registry was out of compliance.

The board sent out several pages of questions to all of its Supporting Organizations and Advisory Committees in December, asking among other things whether the bylaws needed to be amended to clarify ICANN’s role, but the responses were split along traditional lines.

Registries and registrars were aligned: there’s no need for a bylaws change, because ICANN should not allow RVCs that regulate content into its contracts at all.

“ICANN should maintain its existing bylaws which exclude content from its mission, and allowing any changes to this could be a slippery slope opening ICANN to becoming a broader ‘content police’,” the Registrars Stakeholder Group said in its response, giving this amusing example:

An example of a content restriction is provided in the proposed implementation framework for .backyardchickens (e.g. no rooster-related content). Restricting rooster-related content would require a significant amount of policing, and could even prohibit valuable content that would benefit such a TLD. For example, a backyard hen farmer might want to promote the pedigree lineage of the roosters that helped sire the hens, show pictures of the roosters that were the fathers, etc. All of this could in theory be prohibited,but would also require review and subjective analysis. This would be a very slippery slope for ICANN, and a substantial departure from its mission. Restricting rooster content would then put ICANN in the place of enforcing laws that prohibit backyard roosters, rather than relying upon the competent government authorities charged with overseeing residential animal husbandry.

The Non-Commercial Stakeholders Group was more strident in its tone, even raising the possibility of legal action if ICANN went down the content policing route, saying “the best way for the Board to address content-related PICs and RVCs is to make it clear that it will reject them categorically.” It added:

The prohibition on content regulation in ICANN’s mission is extremely important and very clear. Mission limitations were a critical part of the accountability reforms that were required before ICANN would be released from US government control in 2016… NCSG will mount a legal challenge to any attempt to dilute this part of the mission.

The opposing view was held by the Business Constituency, the Intellectual Property Constituency, and the At-Large Advisory Committee, which is tasked with representing the interests of ordinary internet users.

They all said that ICANN should be able to allow content-related RVCs in registry contracts, but the IPC and BC said that no bylaws amendment is needed because the bylaws already have a carve-out that enables the Org to enforce PICs in its agreements. The ALAC said a bylaws amendment is needed.

“There is a distinction between ICANN regulating, i.e imposing ‘rules and restrictions on’ services and content, versus the registry operator voluntarily proposing and submitting to such rules and restrictions,” the IPC wrote.

“There is also a distinction between ICANN directly enforcing such rules and restrictions on third parties, i.e. registrants, versus ICANN holding a registry operator to compliance with the specifics of a contractual commitment,” it added.

The last community group to submit a response, fashionably late, was the GAC, which filed its response yesterday having reviewed all the other responses submitted so far. The GAC arguably has the loudest voice at ICANN, but its comments were probably the least committed.

The GAC said that ICANN should only go ahead with a bylaws amendment if it has community backing, but that the community currently lacks consensus. It said, “at this stage there are not sufficient elements to justify commencing a fundamental bylaws amendment to explicitly enable the enforcement of content-related restrictions”.

However, the GAC still thinks that RVCs “will continue to serve as tools for addressing GAC concerns pertaining to new gTLD applications during the next round” and that it wants them to be enforceable by ICANN, with consequences for registries found in breach.

The GAC said that it “will continue to explore options to address this important question”.

This all means that ICANN is a long way from getting the community support it would need to push through a bylaws amendment related to content policing. That’s considered one of the “Fundamental Bylaws” and can only be changed with substantial community support.

Such amendments require the backing of the Empowered Community. That’s the entity created in 2016 to oversee ICANN after it severed ties with the US government. It comprises individuals from five groups — the GAC, the GNSO, the ccNSO, the ALAC and the Address Supporting Organization.

For a fundamental bylaws amendment to get over the line, at least three of these groups must approve it and no more than one must object.

With the GNSO, given its divisions, almost certainly unable to gather enough affirmative votes, the GAC seemingly on the fence, and the ASO and ccNSO recusing themselves so far, only the ALAC looks like a clear-cut yes vote on a possible future bylaws amendment.

Perhaps that’s why ICANN chair Tripti Sinha has written to the ASO and ccNSO in the last few days to ask them whether they’d like to think again about ducking out of the consultation, giving them an extra two weeks to submit comments after the original March 31 deadline.

The ccNSO handles policy for country-code domains and the ASO for IP addresses. Both have previously told ICANN that gTLD policy is none of their business, but Sinha has urged them both to chip in anyway, because “the ICANN Bylaws govern us all”.

ICANN 79: anonymous trolls and undercover lawyers

Kevin Murphy, March 14, 2024, Uncategorized

Transparency, an ICANN watchword since day one, was a noticeable thematic undercurrent at the community’s 79th public meeting in Puerto Rico last week.

The problem of lawyers representing unnamed clients in policy-making groups was raised in several fora, while another section of the community seems to have separately been infiltrated by the same kind of anonymous trolls that plagued ICANN during its infancy.

Governments were especially keen that the GNSO clean house by tightening up its disclosure rules, following an abortive attempt at reform at the Hamburg meeting last October, and they found allies in the Contracted Parties House, which had killed off the reform after deciding it did not go far enough.

Under the current GNSO rules of engagement, everyone who volunteers to participate in policy-making has to file a Statement of Interest, disclosing information such as their employer, community group affiliations, and so on. Among other things, volunteers are asked:

Do you believe you are participating in the GNSO policy process as a representative of any individual or entity, whether paid or unpaid? Please answer “yes” or “no.” If the answer is “yes,” please provide the name of the represented individual or entity. If professional ethical obligations prevent you from disclosing this information, please so state.

The exemption is believed to be designed primarily for American lawyers in private practice, some of whom say they may sometimes be ethically prevented from disclosing the identity of their clients.

But this creates problems for community volunteers, and for the rest of us.

For policy-makers: sometimes, in a working group, you won’t know who you’re really arguing with. The guy opposite, in the expensive suit who keeps inexplicably rubbing her nostrils, could be a mouthpiece for almost any corporation, industry association, or government.

For the rest of us: we don’t know who is really making the policies that impact how domain names are sold, managed, and regulated. Those may seem trivial issues in the grand scheme of things, but they touch on issues such as free speech, data privacy, and how much money comes out of your pocket when you buy a domain.

An attempt last year by the GNSO to update its SOI rules was shot down by the Contracted Parties House because the proposed changes kept the lawyer disclosure exemption.

The Non-Contracted Parties House gave the changes their unanimous approval.

The GNSO Council Committee for Overseeing and Implementing Continuous Improvement, which came up with the changes, looked at 351 SOIs from two recent large policy working groups and found that “a maximum of 0.03% members were making use of the exemption.”

I think that means just one person.

But the scale of the issue is irrelevant compared to the principle, according to some.

Swiss GAC rep Jorge Cancio noted during a session with the CPH last week, “even if there’s a very small number of cases where people use some exceptions for not explaining whom they are working for, even if it’s just 10 people out of 1,000 participants, this already tarnishes the whole of the system”.

Registries Stakeholder Group chair Sam Demetriou concurred: “We believe in and we are strong supporters of the multistakeholder model, but in order for a model to be multistakeholder, you need to know who those stakeholders are. It is inherent in the entire system and the definition.”

The GAC’s position is that everyone participating in policy-making needs to be up-front about their interests, in accordance with global norms. In a session with the GNSO Council, UK rep and vice-chair Nigel Hickson urged the GNSO to sort out the SOI issue before ICANN meets again, set for Kigali this June, because ministers will be present, wanting answers.

Separately at ICANN 79 last week, there was a parallel debate going on about whether a group affiliated with ICANN should force its members to even file SOIs at all.

The Universal Acceptance Steering Group isn’t technically an ICANN body — a Supporting Organization or Advisory Committee — but it is funded and supported by ICANN and carries out ICANN work. It’s been around since 2015 but so far hasn’t required members to submit SOIs.

As anyone who attended or remotely lurked on the ICANN 79 Public Forum last week will know, the UASG came in for a lot of criticism, mostly from remote participants, some of whom have managed to pull off the near-miraculously impressive achievement of having a non-existent Google footprint.

I’m not of course suggesting that some of the people in the Public Forum chat room were trolls using pseudonyms, but… actually, yes, that is what I am suggesting.

These participants had beef with the UASG for imposing a new strict SOI requirement — rules coming into force right now give participants a few months to file their SOIs or get kicked off the UASG mailing list — and suggested UASG leadership had broken with ICANN rules by unilaterally imposing the requirement.

Said mailing list is notable for being lightly used, but with occasional traffic spikes, usually during discussions of anything related to elections or UASG leadership, from participants using free webmail addresses and often what appear to be joke names (Yisrael Memshelet, really?).

Sometimes, these participants have helped steer the mailing list discussion, and at least one question from an aforementioned Google-resistant remote participant was read out at last week’s Public Forum and responded to (kinda) by a board member. ICANN received so many remote UASG questions during the Public Forum that it said it would provide a consolidated written response after the meeting.

It seems ICANN is suffering from twin related transparency problems right now — lawyers who don’t want to reveal their clients, and trolls who don’t want to reveal their identities — neither of which is ideal for its legitimacy.

Whois policy published without life-saving disclosure rule

Kevin Murphy, February 23, 2024, Domain Policy

ICANN has updated its Registration Data Policy, the rules that govern what data registries and registrars need to collect from registrants and when to publish or supply it through Whois lookups or disclosure requests.

When it becomes enforceable in August next year, the new RDP will make full-fat ICANN Whois policy compliant with EU privacy law for the first time since the General Data Protection Regulation came into effect in May 2018.

But the new policy, which replaces a functionally very similar temporary policy, is notable not only for the extraordinary amount of time it took to produce, but also for not containing a disputed requirement for registrars and registries to quickly turn over private Whois data when human life is at risk.

The policy dictates what contact information registrars must collect from their customers, what they must share with their registries, escrow agents and others, and what they must redact in the public Whois (or Registration Data Directory Services, as it will become known when Whois is retired next January).

It also says that registries and registrars must acknowledge private data disclosure requests no more than two business days after receipt and respond to the requests in full less than 30 calendar days after that, barring delays caused by “exceptional circumstances”.

But, due purely to ICANN community politicking, the policy for now omits previously considered language on “urgent” disclosure requests for use in “circumstances that pose an imminent threat to life, of serious bodily injury, to critical infrastructure, or of child exploitation”.

I’d like to think such circumstances are incredibly rare, but if there’s a situation where a Whois disclosure could help prevent a bomb going off at a major internet exchange, a trans rights activist being hounded into suicide, or a little kid getting raped on a livestream, the new ICANN policy does not account for that.

The version of the policy published in July last year (pdf) did include an urgent requests provision, requiring contracted parties to either turn over the data or tell the requester to get lost within 24 hours of receipt.

But it also contained a bunch of exceptions that could allow registrars to extend that deadline by up to three business days. When weekends and public holidays are taken into account, this could mean as much as a full calendar week to process an “urgent”, potentially life-saving request.

For that reason, the Governmental Advisory Committee wrote to ICANN (pdf) last August to ask it to revisit the policy language, chuck out the reference to “business” days, and stick to a 24-hour response window

The original Expedited Policy Development Process Working Group that came up with the policy recommendations had not specified how long registrars and registries should have to respond to urgent disclosure requests, punting that decision to the Implementation Review Team that drafted the final language.

An August 2022 draft (pdf) put out for public comment made the response window two business days, with a possible one-day extension, but this was reduced to 24 hours last year in what registrars describe as a “significant compromise” given the operational reality of responding to disclosure requests.

In August last year, the Registrars Stakeholder Group told ICANN (pdf) that its members “are committed to responding to Urgent requests in the most swift and expeditious manner possible” but said it objected to the GAC’s last-minute demands for the urgent disclosures policy to be rewritten.

From the registrars’ perspective, handling disclosure requests for personal data is not a simple ask. It’s a legal decision, balancing the privacy rights of the registrant with the rights of others to access that information.

Get it wrong, and you’re open to litigation and fines substantial enough to be expressed as a percentage of your revenue. And, money aside, who wants to be the guy who, for example, accidentally helps the Iranian morality police murder a bunch of schoolgirls for wearing the wrong type of hat?

But the argument between the registrars and the governments comes down to issues of ICANN process. Both the GAC and the RrSG claimed the urgent disclosures bunfight highlights deficiencies in ICANN multistakeholderism, but for different reasons.

ICANN’s response to this disagreement was to remove the urgent requests clauses from the policy altogether, in the hope that further talks can find a solution. Chair Tripti Sinha wrote to the RrSG and GAC a couple weeks ago to tell them:

the Board concluded that it is necessary to revisit Policy Recommendation 18 concerning urgent requests in the context of situations that pose an imminent threat to life, serious bodily harm, infrastructure, or child exploitation, and the manner in which such emergencies are currently handled. For this, we believe that consultation with the GNSO Council is required.

ICANN has essentially kicked the can, which was what the GAC had asked for. The RrSG wanted the July 2023 language (one-plus-three days) or August 2022 language (two-plus-one days) published in the final policy.

It’s stuff like this that makes one scratch one’s head, stroke one’s chin, and wonder whether ICANN really is fit for purpose.

There were 2,312 days between the day the European Commission first proposed the GDPR to the day it became effective in all EU member states.

But 2,590 days will have passed between the day the GNSO Council initiated the EPDP and the day the new Registration Data Policy will become effective on all contracted parties, next August.

The lumbering, then-28-state European Union was faster at passing policy than ICANN, even when ICANN was using an “expedited” process.

And what ICANN eventually came up with couldn’t even agree on ways to help tackle murder, economic catastrophes, and the rape of kids.

ICANN bans closed generics for the foreseeable

Kevin Murphy, January 23, 2024, Domain Policy

There will be no applications for closed generic gTLDs in the 2026 application round, ICANN has confirmed.

While the Org has yet to publish the results of last weekend’s board meeting, chair Tripti Sinha has written to community leaders to let them know that companies won’t be able to apply for exclusive-use, non-trademark strings for the foreseeable future.

The ban follows years of talks that failed to find a consensus on whether closed generics should be permitted, and subsequent advice from the Governmental Advisory Committee, backed up by the At-Large Advisory Committee, that they should not.

Apparently quoting board output from its January 21 meeting, Sinha wrote (pdf):

the Board has considered the GAC Advice and has determined that closed generic gTLD applications will not be permitted until such time as there is an approved methodology and criteria to evaluate whether or not a proposed closed domain is in the public interest.

Closed generics were permitted — or at least not explicitly outlawed — in the 2012 application round, but were retroactively banned by ICANN following GAC advice in 2013, stymying the plans of dozens of applicants.

Ironically, it was the clumsy wording of the 2013 advice that saw the debate re-open a few years ago, with the initiation of a closed-doors, Chatham House Rules “facilitated dialogue” between the pro- and anti- camps, which also failed to reach a consensus.

By drawing a line under the issue now, ICANN has finally officially removed closed generics as a potential delaying factor on the next gTLD application round, which is already 13 years late.

ICANN accused of power grab over $271 million auction fund

Kevin Murphy, November 28, 2023, Domain Policy

ICANN has acted outside of its powers by ignoring community policy recommendations and leaving its $271 million gTLD auction windfall open to being frittered away on lawyers, according to community members.

The Intellectual Property Constituency of the GNSO has filed a formal Request for Reconsideration over a board resolution passed at ICANN 78 last month in Hamburg, and other constituencies may add their names to it shortly.

The row concerns the huge cash pile ICANN was left sitting on following the auction of 17 new gTLD contracts between 2014 and 2016, which raised $240 million (as of July, around $271 million after investment returns and ICANN helping itself to a portion to fund its operations reserve).

It was decided that the money should be used to fund a grant program for worthy causes, with organizations able to apply for up to $500,000 during discrete rounds, the first of which is due to open next year with a $10 million pot. Around $220 million is believed to be earmarked for the grant program over its lifetime.

But the Cross Community Working Group for Auction Proceeds (CCWG-AP) that came up with the rules of the program was concerned that unsuccessful applicants, or others chagrined by ICANN’s grant allocations, might challenge decisions using ICANN’s accountability mechanisms.

This would cause money earmarked for worthy causes to be spaffed away on lawyers, which the CCWG-AP wanted to avoid, so it recommended that ICANN modify its fundamental bylaws to exclude the grant program from mechanisms such as the Independent Review Process, which usually incurs high six-figure or seven-figure legal fees.

ICANN seemed to accept this recommendation — formally approving it in June last year — until ICANN 78, when the board approved a surprise U-turn on this so-called Recommendation 7.

The board said it was changing its mind because it had found “alternative ways” to achieve the same objective, “including ways that do not require modification to ICANN’s core Bylaws on accountability”. The resolution stated:

As a result, the Board is updating its action on Recommendation 7 to reflect that ICANN org should implement this Recommendation 7 directly through the use of applicant terms and conditions rather than through a change to ICANN’s Fundamental Bylaws.

This left some community members — and at least one ICANN director — scratching their heads. Sure, you might be able to ban grant applicants from using the IRP in the program’s terms and conditions, but that wouldn’t stop third parties such as an applicant’s competitors from filing an IRP and causing legal spaffery.

The board was well aware of these concerns when it passed the resolution last month. Directors pointed out in Hamburg that ICANN is still pursuing the bylaws amendment route, but has removed it as a dependency for the first grant round going ahead.

This left some community members nonplussed — it wasn’t clear whether ICANN planned to go ahead with the program ignoring community recommendations, or not. The reassuring words of directors didn’t seem to tally with the language of the resolution.

So the IPC took the initiative and unironically invoked an accountability mechanism — the RfR — to get ICANN to change its mind again. I gather the request was filed as a precaution within the 30-day filing window due to the lack of clarity on ICANN’s direction.

The RfR states:

the impetus behind the Bylaws change was to prevent anyone from challenging grant decisions, including challenges from parties not in contractual privity with ICANN. The Board’s hasty solution would only prevent contracting grant applicants from challenging decisions; it would not in any way affect challenges by anyone else – including anyone who wished to challenge the award of a grant. The grant program could be tied in knots by disgruntled parties, competitive organizations or anyone else who wished to delay or prevent ICANN from carrying out any decision to grant funds. This is exactly what the CCWG-AP sought to prevent

The IPC says that by bypassing the bylaws amendment process, which involves community consent, the ICANN board is basically giving itself the unilateral right to turn off its bylaws-mandated accountability mechanisms when it sees fit. A power grab.

It wants the Hamburg resolution reversed.

Discussing the RfR a few days before it was filed, other members of the GNSO Council suggested that their constituencies might sign on as fellow complainants if and when it is amended.

RfRs are handled by ICANN’s Board Accountability Mechanisms Committee, which does not currently have a publicly scheduled upcoming meeting.

ICANN rejects a whole bunch of new gTLD policy stuff

Kevin Murphy, September 14, 2023, Domain Policy

ICANN has delivered some bad news for dot-brands, applicants from poorer countries, and others, at the weekend rejecting several items of new gTLD policy advice that the community spent years cooking up.

The board of directors on Sunday approved a scorecard of determinations, including the rejection (or non-adoption) of seven GNSO recommendations that it deems “would not be in the best interests of the ICANN community or ICANN”.

In reality, it’s the latter that seems to have been foremost in the board’s mind; most of the rejections appear to be geared toward reducing ICANN Org’s legal or financial exposure.

Notably, dot-brands are denied some of the relief from cumbersome or expensive requirements that the GNSO had wanted rid of.

The board rejected a recommendation that would exempt them from the Continued Operations Instrument — a financial bond used to pay an Emergency Back-End Registry Operator should the applicant go out of business.

“[T]he Board is concerned that an exemption from an COI for Spec 9 applications would have financial impact on ICANN since there would be no fund to draw from if such a registry went into EBERO,” the board wrote.

It also rejected a request to exempt dot-brands from rules requiring them to contractually ban and monitor abuse in their TLDs. The GNSO had argued that single-registrant TLDs do not suffer abuse, but the board said this could lead to abuse from compromised domains going unaddressed.

“The Board concludes that Recommendation 9.2, if implemented, could lead to DNS abuse for second-level registrations in a single-registrant TLD going unaddressed, unobserved, and unmitigated,” it said.

Applicants hoping to benefit from the Applicant Support Program — which in 2012 offered heavily discounted application fees to poorer applicants — also got some bad news.

The GNSO wants the support to extend to other costs such as application-writing services and lawyers, which naturally enough put the frighteners on the board, which noted “such expansion of support could raise the possibility of inappropriate use of resources (e.g. inflated expenses, private benefit concerns, and other legal or regulatory concerns)”.

The board also rejected a couple of recommendations that could be seen as weakening its role as ultimate authority over all things gTLD.

It rejected a proposal to remove the controversial covenant not to sue (CNTS) from the application process unless other recommendations related to appeals processes are implemented.

ICANN said that because it has not yet approved these other recommendations, it has rejected this recommendation.

The board also rejected a recommendation that would have limited its ability to reject a gTLD application to only when permitted to do so by the rules set out in the Applicant Guidebook.

The idea was to prevent applications being arbitrarily rejected, but the board said this “may unduly limit ICANN’s discretion to reject an application in yet-to-be-identified future circumstance(s)”.

The rejections invoke part of the ICANN bylaws that now requires the GNSO Council to convene and either affirm or amend its recommendations before discussing them with the board. Presumably this could happen at ICANN 78 next month.

The bylaws process essentially gives the board the ultimately authority to throw out the GNSO recommendations if it can muster up a two-thirds supermajority vote, something it rarely has a problem achieving.

Buckridge to replace Shears on ICANN board

Kevin Murphy, September 4, 2023, Domain Policy

Chris Buckridge will replace Matthew Shears on ICANN’s board of directors next month.

The Non-Contracted Parties House of ICANN, their arses burned by an August 18 finger-wagging from ICANN chair Tripti Sinha, somehow managed to narrow down a slate of four candidates to just one by Sinha’s end-of-month deadline, despite seeming to be at a very early stage of the election process just last week.

Buckridge will fill seat 14, reserved for a member of the NCPH and one of two GNSO-picked seats.

He was one of the preferred candidates of the Non-Commercial Stakeholders Group, which along with the Commercial Stakeholders Group makes up the NCPH.

The CSG had rejected the NCSG’s original preference to reappoint Shears, who joined the board in 2017, for a third and final term.

Buckridge comes from the Regional Internet Registry world. He was with RIPE NCC from 2006 until this June in a variety of external relations roles, dealing with European governments and regulators, which seems like a pretty good qualification for an ICANN directorship.

Sinha had written to the NCPH leaders last month to complain that they had failed to pick a director, missing an April deadline, and demanded they name a name before the end of August.