Odd-couple coalition wants URS deleted from legacy gTLD contracts

Commercial and non-commercial interests within ICANN have formed a rare alliance in order to oppose the Uniform Rapid Suspension policy in three new legacy gTLD contracts.
The groups want ICANN to delete URS from the .travel, .cat and .pro Registry Agreements, which were all renewed for 10-year terms last week.
The Business Constituency and the Non-Commercial Stakeholders Group put their names to a Request for Reconsideration filed with ICANN yesterday.
The Internet Commerce Association, a member of the BC, filed a separate RfR asking for the same thing yesterday too.
These groups believe that ICANN contracting staff are trying to create consensus policy by the back door, from the top down, by imposing URS on gTLDs that were delegated before the 2012 application round.
URS was created specifically for the new gTLD program and therefore should not apply to legacy gTLDs, they say. The BC/NCSG request states:

Our joint concern… is that a unilateral decision by ICANN contractual staff within the [Global Domains Division] to take the new gTLD registry agreement as the starting point for renewal RAs for legacy gTLDs has the effect of transforming the PDDRP [Post Delegation Dispute Resolution Process] and the URS into de facto Consensus Policies without following the procedures laid out in ICANN’s Bylaws for their creation. To be clear, we take no objection to a registry voluntarily agreeing to adopt RPMs in their contractual negotiations with ICANN.

The ICA has the same objections. It’s primarily concerned that the new contracts set a precedent that will ultimately force URS into the .com space, when Verisign’s contract comes up for renewal.
Both RfRs ask ICANN to delete the URS requirements from the just-signed .pro, .travel and .cat registry agreements.
The requesters suspect that rather than including URS as “the result of even-handed ‘bilateral negotiations'”, it was “staff insistence that the registries accept it to achieve timely registry agreement renewal.”
They want the ICANN board to demand to see the emails that were exchanged during negotiations in order to determine whether the registries were strong-armed into signing up for URS.
The BC/NCSG request is here. The ICA request is here.

XYZ to put global block on domains banned in China

XYZ.com plans to slap a global ban on domain names censored by the Chinese government.
Chinese words meaning things such as “human rights” and “democracy” are believed to be on the block list, which an industry source says could contain as many as 40,000 words, names and phrases.
(UPDATE: Gavin Brown, CTO of XYZ back-end CentralNic, tweeted that the list is nowhere near 40,000 names long.)
The registry seems to be planning to allow the Chinese government to censor its new gTLDs, which include .xyz, .college, .rent, .protection and .security, in every country of the world.
And it might not be the last non-Chinese registry to implement such a ban.
The surprising revelation came in a fresh Registry Services Evaluation Process request (pdf), filed with ICANN on Friday.
The RSEP asks ICANN to approve the use of a gateway service on the Chinese mainland, which the company says it needs in order to comply with Chinese law.
As previously reported, Chinese citizens are allowed to register domains in non-Chinese registries, but they may not activate them unless the registry complies with the law.
That law requires the registry to be located on the Chinese mainland. XYZ plans to comply by hiring local player ZDNS to proxy its EPP systems and mirror its Whois.
But the Chinese government also bans certain strings — which I gather are mostly but not exclusively in Chinese script — from being registered in domain names.
Rather than block them at the ZDNS proxy, where only Chinese users would be affected, XYZ has decided to ban them internationally.
Registrants in North America or Europe, for example, will not be able to register domains that are banned in China. XYZ said in its RSEP:

XYZ will reserve names prohibited for registration by the Chinese government at the registry level internationally, so the Gateway itself will not need to be used to block the registration of of any names. Therefore, a registrant in China will be able to register the same domain names as anyone else in the world.

It seems that XYZ plans to keep its banned domain list updated as China adds more strings to its own list, which I gather it does regularly.
Customers outside of China who have already registered banned domains will not be affected, XYZ says.
If China subsequently bans more strings, international customers who already own matching domains will also not be affected, it says.
CEO Daniel Negari told DI: “To be clear, we will not be taking action against names registered outside of China based on Chinese government requests.”
But Chinese registrants do face the prospect losing their domains, if China subsequently bans the words and XYZ receives a complaint from Chinese authorities.
“We treat requests from the Chinese government just like we treat requests from the US government or any other government,” Negari said.
“When we receive a valid government or court order to take action against a name and the government has jurisdiction over the registration, we will take action the registration,” he said.
Up to a third of the .xyz zone — about three hundred thousand names — is believed to be owned by Chinese registrants who are currently unable to actually use their names.
The company clearly has compelling business reasons to comply with Chinese law.
But is giving the Chinese government the ongoing right to ban tens of thousands of domain names internationally a step too far?
ICANN allows anyone to file public comments on RSEP requests. I expect we’ll see a few this time.

ICANN win leaves door open for plural gTLD rethink

ICANN has fought off an appeal by .webs gTLD applicant Vistaprint, in a case that considered the coexistence of singular and plural gTLDs.
While ICANN definitively won the Independent Review Process case, the IRP panel nevertheless invited its board of directors to consider whether Vistaprint should be given a chance to appeal a decision that ruled .webs too similar to .web.
Vistaprint runs a web site building service called Webs.com. It filed two applications for .webs — one “community” flavored, one vanilla — but then found itself on the losing end of a String Confusion Objection filed by rival Web.com, one of the many .web applicants.
It was one of the few instances where a SCO panel decided that a plural string was too confusingly similar to its singular for the two to coexist.
In many other cases, such as .auto(s), .fan(s) and .gift(s), the two strings have been allowed to be delegated.
Not wanting to have to fight for .webs at auction against eight .web applicants — which would likely cost eight figures to win — Vistaprint filed a Request for Reconsideration (which failed), followed by an last-ditch IRP complaint.
But its three-person IRP panel ruled on Friday (pdf) that ICANN did not violate its bylaws by accepting the SCO decision and subsequently rejecting the RfR.
However, the panel handed Vistaprint a silver lining that may eventually give the company what it wants. Even though ICANN won, Vistaprint may not necessarily have lost.
The panel wrote:

the Panel recommends that ICANN’s Board exercise its judgment on the question of whether an additional review mechanism is appropriate to re-evaluate the Third Expert’s determination in the Vistaprint SCO, in view of ICANN’s Bylaws concerning core values and non-discriminatory treatment, and based on the particular circumstances and developments noted in this Declaration, including (i) the Vistaprint SCO determination involving Vistaprint’s .WEBS applications, (ii) the Board’s (and NGPC’s) resolutions on singular and plural gTLDs, and (iii) the Board’s decisions to delegate numerous other singular/plural versions of the same gTLD strings.

In other words, ICANN has been invited to consider whether Vistaprint should be able to appeal, using a similar mechanism perhaps to that which was offered to other applicants that suffered from inconsistent, adverse SCO decisions.
At time when ICANN’s accountability is under international scrutiny, it’s highly likely that the board will give this recommendation some thought.
The IRP declaration does not reflect well on ICANN’s current level of accountability.
As usual, ICANN tried to wriggle out of accountability by attempting to castrate the panel from the outset, arguing again that IRP panels must be “deferential” to the board — that is, assume that its actions were correct by default — and that its declarations are “advisory” rather than “binding”.
And, as usual, the panel disagreed, saying previous IRP cases show this is now “settled” law. It said that it would evaluate the case “objectively and independently”, not deferentially.
But while it said its declaration was binding “in the sense that ICANN’s Board cannot overrule the Panel’s declaration” it agreed with ICANN that it only had the power to “recommend”, rather than order, remedies.
Acknowledging Vistaprint raised important public interest questions, the panel ordered ICANN to pay 40% of IRP costs.
The Vistaprint IRP was one of the things holding up the .web contention set, so Friday’s declaration moves the fabled gTLD one step closer to reality.
If the company gets the ability to appeal its SCO loss, it would add months to the .web runway. If it does not, it will have to remain in the .web contention set, which would head to auction.

Vox Pop denies links to free .sucks company

Vox Populi, the .sucks gTLD registry, has told DI that it is not involved with This.sucks, the company offering free .sucks domains, after evidence to the contrary was discovered.
Meanwhile, the president of ICANN’s intellectual property constituency says he’s concerned that the registry may be using This.sucks to try to misrepresent its prices.
This.sucks, as reported yesterday, is currently in pre-launch. It has said it plans to give away up to 10,000 .sucks domains to customers who want to run blog/forum sites commenting on companies, products and other general issues.
Its standard pricing would be $1 per month, a massive discount on the regular $200+ annual registry fee, which would require it to make substantial additional revenue to cover its costs.
That’s assuming it is really an independent company, of course.
Some people think it’s just a front for Vox Pop, and there are compelling reasons to believe they’re correct.
Rob Hall paid for the web site
The most compelling piece of evidence, for me, is that somebody called Robert Hall paid for design of the This.sucks web site.
The one-page launch site was created by a designer responding to an ad on the crowdsourcing web site DesignCrowd.
The title of the solicitation page is “Modern, Bold Web design job. Web brief for Robert Hall, a company in Turks and Caicos Islands”.
Rob Hall is the CEO of Momentous, the company that founded Vox Pop and as far as I know still owns most of it.
He’s the technical contact for .sucks in the IANA database, albeit with a Barbados, rather than Turks and Caicos, address.
The DesignCrowd contest seems to have been submitted around August 26 this year, two days before This.sucks existed as a legal entity in New York state.
Hall seems to have paid $370 for the winning design and $10 to five runners-up.
The site is/was hosted on Vox Pop’s server
Another compelling link between Vox Pop and This.sucks is the server on which their respective domains are hosted — it’s the same box.
According to DomainTools, this.sucks is hosted on a server with just 16 other domains. Four of those — everything.sucks and that.sucks, as well as sister sites this.rocks and that.rocks — belong to This.sucks Inc.
The remaining 12 domains — including buy.sucks, register.sucks, search.sucks — are all .sucks promotional sites owned and operated by Vox Populi.

Berard told DI in an email that Vox Pop has never hosted This.sucks sites:

I suspect that in doing the deal for the premium domain names they wanted, some remained pointed at one of our forwarding servers to which they were first assigned. But, as with the other names they have registered, that will sort itself out over time. We have never hosted their website.

It’s true that DomainTools warns that domains may still be listed for up to two weeks after they have been removed from an IP address.
But I don’t think Vox Pop’s explanation explains how this.rocks and that.rocks wound up listed as hosted on the same IP address as the .sucks domains.
The .rocks gTLD is run by Rightside, not Vox Pop, so I can’t see an obvious reason why they started out pointing to a Vox Pop box.
I asked Berard for clarification on this point but have yet to receive a reply. A This.sucks spokesperson has not responded to an inquiry about the apparently shared hosting.
Caymans link
It also turns out that somebody formed a Cayman Islands company called This.sucks Ltd on August 25 this year, three days before the New York-based This.sucks Inc was registered.
The Cayman company’s registered address is the Georgetown PO Box number for Cayman Law Group Ltd, a boutique law firm with a half-finished web site.
That’s the same address Vox Populi gave ICANN (pdf) when it transferred its Registry Agreement from its original Canadian corporate entity to a Cayman-based one this March.
As far as ICANN is concerned, Vox Pop’s legal address is the same address as the new This.sucks Ltd entity.
The New York entity’s official address is a PO Box at a strip-mall UPS store in small-town New York state.
It might be interesting, but probably not relevant, to note that Cayman Law’s domain name is owned, according to Whois, by a domainer who lost one of the first “-sucks.com” UDRP cases, back in 2003.
I asked Berard if Vox Pop had any links to the Cayman company but have not yet received a reply.
Everything.sucks
This.sucks has the same business model as was proposed by Vox Populi under its “Consumer Advocate Subsidy” program, which it proposed at the start of the year.
The company had planned to find an independent partner that would subsidize .sucks registrations in cases where the registrant was a genuine third-party critic (rather than the company itself).
The price was to be around $10 a year, the domains would be tied to a hosted forum service, and the name of the service would be Everything.sucks.
That domain, as I reported yesterday, now belongs to This.sucks Inc.
But Berard said This.sucks is not the Consumer Advocate Subsidy, for which a partner has not yet been found. He said:

This is not the consumer subsidy program we have hoped to foster with a non-profit, but it certainly is in keeping with the spirit of our effort. An effort, I must note, that continues. Somethings are harder to do than we’d like!

Why does this matter?
Whether This.sucks is a cloaked registry effort is important to intellectual property interests, which have claimed that subsidized .sucks prices are part of a “shakedown scheme” targeting trademark owners.
The IPC has long suspected that Everything.sucks was just going to be a case of Vox Pop hiding a registry service in a supposedly, but not actually, independent third-party company.
Brand owners that want to register their brand.sucks domain often have to pay over $2,000 a year, but the proposed subsidy would bring that price down to $10 as long as the registrant was not the trademark owner.
IPC president Greg Shatan told DI yesterday:

Any inkling that Vox Pop and This.sucks were linked and pretending not to be, and actively denying it, would be of great concern, not just to the IPC but to the ICANN community at large. It’s all highly suspicious. It’s very hard to believe that it is what they are claiming it is.
…
The concern centers on an apparent attempt to misrepresent their pricing and hide how much Vox Pop is actually being paid by brand owners vs. other registrants for domain registrations.
Any plans to monetize this.sucks sites would also be of considerable interest. The non-commercial nature of “sucks” sites (generically speaking) is often cited in response to cybersquatting concerns. I’m not sure how this would change that equation.

Back in March, as .sucks was getting ready to launch, the IPC wrote to ICANN to say Vox Pop was trying to “conspire with an (alleged) third party to ‘subsidize’ a complaint site should brand owners fail to cooperate in Vox Populi’s shakedown scheme”.
The IPC wrote (pdf):

Through this “subsidy,” Vox Populi effectively shows brand owners that, if they fail to register at an exorbitant price, a third party will be able to register for a pittance. This is an essential element of Vox Populi’s coercive scheme.

The IPC also claimed that the proposed subsidy would count as a “registry service” under the terms of Vox Pop’s contract and would therefore need approval by ICANN.
Berard told DI on Thursday, quite unambiguously, that This.sucks is “not a registry service”.
If This.sucks isn’t being financially supported by Vox Pop, it’s going to have to find a lot of revenue.
With a $199 basic registry fee, a 10,000-domain giveaway would cost almost $2 million.
Given that This.sucks is actively courting registrants of brand names — many of which are likely to appear on Vox Pop’s premium list — the cost could be literally 10 times as much.
Vox Pop has made it clear that it’s a subsidy, not a registry discount.
In a July blog post addressing perceived inaccuracies in the media coverage of .sucks, Berard wrote:

Whether a registration is subsidized, the price to the registrar and registry is unaffected. That is the nature of a subsidy. Neither is the program to be offered by the registry. We are talking to a number of free speech advocates and domain name companies to find the right partner.
When we do, likely sometime in the Fall, we will make sure that the information is clear and available so that, well, you can look it up.

(Thanks to George Kirikos for the tip about the existence of the Cayman company)

.gay flunks community review for second time

dotgay LLC has failed in its bid to eliminate its competitors for the new gTLD .gay for the second time.
After an unprecedented re-run of its Community Priority Evaluation, the applicant scored just 10 out of the 16 available points.
That’s exactly the same as it scored the first time around, exactly one year ago, still four points short of success.
For the second time, dotgay scored zero from a possible four points on the “Nexus” criteria — the link between the string “gay” and the community dotgay wants to serve.
The CPE panel decision reads:

The Panel has determined that more than a small part of the applicant’s defined community is not identified by the applied-for string, as described below, and that it therefore does not meet the requirements for Nexus.
…
The Panel has determined that the applied-for string does not sufficiently identify some members of the applicant’s defined community, in particular transgender, intersex, and ally individuals

As I explained a year ago, when the first CPE panel flunked the applicant for exactly the same reason, dotgay’s proposed community included lots of people who would not necessarily describe themselves as “gay”.
You, possibly, for example.
If you’re an “ally” of gay people, by for example supporting equal rights, then you would qualify as “gay” under dotgay’s definition.
If you’re transgender or intersex, you would similarly captured by this definition. The panel said:

Despite the applicant’s assertions to the contrary, its own evidence here shows that “gay” is most commonly used to refer to both men and women who identify as homosexual, and not necessarily to others. The applicant’s “umbrella term” argument does not accurately describe, for example, the many similar transgender stories in the mass media where “gay” is not used to identify the subject. In these cases, “transgender” is used because “gay” does not identify those individuals.

The panel concluded that .gay “does not identify or match” the target community, and scored it zero.
dotgay had a second roll of the dice because the first CPE panel was found to have committed a process error by not sufficiently verifying the company’s many dozens of letters of support from gay advocacy organizations.
However, this error did not relate to the Nexus criteria, so a victory was always going to be a long shot.
The .gay gTLD is now heading to auction, where Minds + Machines, Rightside and Top Level Design are the other bidders.
You can read the new decision in PDF format here.

Chehade outlines five ways ICANN could die

Aarrgh! We’re all going to die!!!!1
ICANN CEO Fadi Chehade has outlined five ways in which the internet could fall to pieces if the IANA transition fails, and they all seem really horrible.
Chehade presented the list at a telephone meeting of leaders of ICANN supporting organizations and advisory committees yesterday.
I don’t know what was said yet, but I can guess the tone from one of Chehade’s accompanying slides:

5 Risks we face if the IANA Stewardship Transition is Delayed/Fails:
I. ICANN’s community may fracture or fray slowly, becoming divided, acrimonious, bitter — potentially risking ICANN’s stability, effectiveness — and impacting the participation of global stakeholders
II. The technical operating communities using IANA may go separate ways, with the IETF and the Numbering communities choosing to take their business elsewhere — ending the integrity of the Internet’s logical infrastructure
III. Governments (encouraged by G77) may lead an effort starting at this year during the WSIS review to shift Internet Governance responsibilities to a more stable and predictable inter-governmental platform
IV. Key economies that shifted positions since NTIA’s announcement in March 2014 may reverse their support for ‘one Internet’ logical infrastructure coordinated by ICANN
V. The resilience and effectiveness of the multistakholder model will be questioned by those seeking solutions to the emerging Internet Governance issues in the economic and societal layer (e.g. cyber security, trade, privacy, copyright protections, etc.)

Judging by the slides, ICANN reckons that the community needs to have its transition proposal delivered by December, if ICANN is to meet the current September 30, 2016 transition deadline.
There are a whole host of sessions devoted to the transition at the forthcoming public meeting in Dublin.
The transition process is currently in a very tricky spot because the ICANN board of directors does not agree with the community proposals to restructure ICANN.

URS arrives in three legacy gTLDs

The legacy gTLDs .cat, .pro and .travel will all be subject to the Uniform Rapid Suspension policy from now on.
Earlier this week, ICANN approved the new Registry Agreements, which are based on the new gTLD RA and include URS, for all three.
URS is an anti-cybersquatting policy similar to UDRP. It’s faster and cheaper than UDRP but has a higher burden of proof and only allows domains to be suspended rather than transferred.
The inclusion of the policy in pre-2012 gTLDs caused a small scandal when it was revealed a few months ago.
Critics, particularly the Internet Commerce Association, said that URS (unlike UDRP) is not a Consensus Policy and therefore should not be forced on registries.
ICANN responded that adding URS to the new contracts came about in bilateral negotiations with the registries.
The board said in its new resolutions this week:

the Board’s approval of the Renewal Registry Agreement is not a move to make the URS mandatory for any legacy TLDs, and it would be inappropriate to do so. In the case of .CAT, inclusion of the URS was developed as part of the proposal in bilateral negotiations between the Registry Operator and ICANN.

The concern for ICA and others is that URS may one day be forced into the .com RA, putting domainer portfolios at increased risk.

Viking victor in .cruise gTLD auction

Viking River Cruises has emerged as the winner of the .cruise new gTLD contention set.
It seems to have beaten Cruise Lines International Association, which has withdrawn the only competing application, in an auction.
Both applicants originally proposed a single-registrant model, in which only the registry could own domains, but changed their plans after ICANN adopted Governmental Advisory Committee advice against so-called “closed generic” gTLDs.
There was controversy in July when CLIA claimed Viking had waited too long to change its proposed registration policies.
The group accused Viking of deliberately delaying the contention set.
ICANN, however, rejected its argument, saying applicants can submit change requests at any time.
Viking’s updated application seems to envisage something along the lines of .travel, where registration is limited to credentialed industry members, defined as:

Applicant and its Affiliates, agents, network providers and others involved in the delivery of cruise-related services, including without limitation: companies that hold a license from a governmental or regulatory body to offer cruise services, companies that provide services or equipment to cruise providers, as well as consultants, resellers, engineers, etc., working with the cruise industry.

Viking is already the registry for its dot-brand, .viking.

ICANN: we won’t force registrars to suspend domains

In one of the ongoing battles between registrars and the intellectual property lobby, ICANN’s compliance department seems to have sided with the registrars, for now.
Registrars will not be forced to suspend domain names when people complain about abusive or illegal behavior on the associated web sites, according to chief contract compliance office Allen Grogan.
The decision will please registrars but will come as a blow to the likes of music and movie studios and those who fight to shut down dodgy internet pharmacies.
Grogan yesterday published his interpretation of the 2013 Registrar Accreditation Agreement, specifically the section (3.18) that obliges registrars to “investigate and respond appropriately” abuse reports.
The IP crowd take this to mean that if they submit an abuse report claiming, for example, that a web site sells medicines across borders without an appropriate license, the registrar should check out the site then turn off the domain.
Registrars, on the other hand, claim they’re in no position to make a judgment call about the legality of a site unless presented with a proper court order.
Grogan appears to have taken this view also, though he indicated that his work is not yet done. He wrote:

Sometimes a complaining party takes the position that that there is only one appropriate response to a report of abuse or illegal activity, namely to suspend or terminate the domain name registration. In the same circumstances, a registrar may take the position that it is not qualified to make a determination regarding whether the activity in question is illegal and that the registrar is unwilling to suspend or terminate the domain name registration absent an order from a court of competent jurisdiction. I am continuing to work toward finding ways to bridge these gaps.

It’s a testament to how little agreement there is on this issue that, when we asked Grogan back in June how long it would take to provide clarity, he estimated it would take “a few weeks”. Yet it’s still not fully resolved.
His blog post last night contains a seven-point checklist that abuse reporters must conform to in order to give registrars enough detail to with with.
They must, for example, be specific about who they are, where the allegedly abusive content can be found, whose rights are being infringed, and which laws are being broken in which jurisdiction.
It also contains a six-point checklist for how registrars must respond.
Registrars are only obliged to investigate the URL in question (unless they fear exposure to malware or child abuse material), inform the registrant about the complaint, and inform the reporter what, if anything, they’ve done to remediate the situation.
There’s no obligation to suspend domains, and registrars seem to have great leeway in how they treat the report.
In short, Grogan has interpreted RAA 3.18 in a way that does not seem to place any substantial additional burden on registrars.
He’s convening a roundtable discussion for the forthcoming ICANN meeting in Dublin with a view to getting registrars to agree to some non-binding “voluntary self-regulatory” best practices.

ICANN going to Panama for 56th meeting

Panama has been selected as the venue for ICANN’s 56th public meeting.
The ICANN board of directors approved the location a few days ago.
The meeting will be held in June next year in Panama City.
ICANN 56 falls between the March meeting in Marrakech, Morocco and October’s meeting in San Juan, Puerto Rico.
The final meeting of 2015 happens in Dublin, Ireland in a couple of weeks.
The structure of ICANN meetings changes next year, so the Panama gathering will be the first example of a four-day schedule that eschews traditional sessions such as the opening ceremony and public forum.