Controversial TLD blocking still controversial

ICANN and its Governmental Advisory Committee have yet to reach agreement on when and how governments should be able to block top-level domains deemed too controversial to go live.
In its latest advice to ICANN’s board (pdf), the GAC gets a bit sniffy in response to calls for it to be more transparent about how such objections are raised.
The Applicant Guidebook currently requires ICANN to take GAC objections to TLD applications seriously, but only if the GAC reveals which nation(s) objected and why.
The GAC, predictably, seems to think ICANN is trying to undermine its authority. At the very least, it doesn’t like being told what to do:

The GAC advises the Board that the current text in Module 3 that seemingly dictates to the GAC how to develop consensus advice is problematic and should be deleted, as it is inconsistent with the ICANN Bylaws and the GAC’s Operating Principles.

The GAC has offered to refine its procedures to make “consensus advice” a more meaningful term, such as by adopting the UN’s definition of consensus, however.
Some believe that giving the GAC a carte blanche to file objections from its opaque decision-making black box will lead to back-room horse-trading.
You might find a bloc of theocratic nations, for example, refusing to agree to an objection to .nazi (an improbable application, admittedly) unless other governments agree to object to .gay.
And some observers in the west don’t trust their own governments to stand up for their principles and resist this kind of deal-making, particularly when there’s no transparency into the process.
The GAC, meanwhile, does not think the objections process has been sufficiently squared away for it to agree to it. It wrote:

The GAC strongly believes that further discussions are needed between the GAC and the ICANN Board to find a mutually agreed and understandable formulation for the communication of actionable GAC consensus advice regarding proposed new gTLD strings.

ICANN is due to publish the seventh (and “final”) draft of its Guidebook tonight. Its board is due to meet with the GAC next June 19, one day before it plans to vote on the program.

Facebok.com given to Facebook despite “theft” claim

ICANN says registrar contract trumps national court. Registrar warns of legal consequences.
The typo domain name facebok.com has finally been returned to Facebook, over eight months after it was subject to a successful cyberquatting complaint.
The domain does not currently resolve, but Whois records show it was transferred to Facebook from its previous registrant, one “Franz Bauer”, last Thursday.
The case was marked by controversy, after ICANN threatened to shut down its sponsoring registrar, EuroDNS, for failing to transfer the domain last within 10 days, as required by UDRP rules.
EuroDNS had resisted the transfer after being named in a lawsuit, in its native Luxembourg, filed by a suspicious Panama shell company going by the name Facebok.com. The plaintiff claimed the domain had been “stolen” by Bauer.
But ICANN told the registrar last week that the Registrar Accreditation Agreement only allows the registrar to defer a transfer if the original registrant – not a third party – sues.
In a letter noting that EuroDNS is “a long-standing and respected member of the ICANN community”, the ICANN compliance department said:

the only kind of documentation that will stop the registrar from implementing a panel decision ordering a transfer is evidence that the registrant/respondent has commenced a lawsuit against the complainant in a jurisdiction to which the complainant has submitted under UDRP Rules. The mere filing of a complaint by a third party does not excuse the registrar from fulfilling its obligations under the policy.
…
in recognition that there has been a court filing, ICANN must reiterate that failing to comply with the relevant contractual provisions of the RAA subjects EuroDNS to escalated compliance action up to and including termination of the EuroDNS accreditation.

That seems to have been sufficient clarity for EuroDNS to push through the transfer, but the registrar is not happy about the situation, which may leave it in a tricky legal position in Luxembourg.
In a reply to ICANN, EuroDNS CEO Xavier Buck suggested that the story may not be over yet:

the action you demand from EuroDNS will have tremendous consequences for our company in the pending judiciary case.
Consequently, EuroDNS reserves all rights to seek indemnification from ICANN for any damages or loss caused by the action we have been forced to take not to lose our Registrar accreditation.

The lawsuit was filed last September, just days after the UDRP case was decided, but has not yet gone to court.
Under its previous ownership, facebok.com redirected to a series of scam sites that may have proved rather lucrative.

GAC calls for $44,000 new TLDs

ICANN’s Governmental Advisory Committee has asked for the price of top-level domains to be reduced from $185,000 to $44,000 for applicants from developing nations.
The call came in GAC advice released yesterday, just a few days before ICANN plans to publish the seventh and potentially final version of new gTLD program’s Applicant Guidebook.
The document (pdf) shows that ICANN’s board and the GAC have made substantial progress towards resolving their differences, but that several outstanding issues remain.
Support for developing nations has arguably become the biggest hurdle to be leaped before the program can launch, as I reported earlier in the week.
The GAC has now asked ICANN’s board of directors to implement a support program for developing nation applicants “as a matter of urgency”.
There’s an unstated concern that a Guidebook that appears to unfairly favor applicants from rich countries may be rolled up and used as a cosh, by certain countries, to bash ICANN’s international legitimacy.
Specifically, the GAC wants cheaper fees for poorer applicants:

For support to developing countries, the GAC is asking for a fee waiver, which corresponds to 76 percent of the US$ 185,000 application fee requirement. Further, there will be instances where additional costs will be required: for example, for auction, objections, and extended evaluation. In such events, the GAC proposes fee reduction and waivers in these processes/instances where additional costs are required. The GAC would further like to propose an additional waiver of the annual US$ 25,000 fee during the first 3 years of operation.

The 76% reduction, which is in line with suggestions made by ICANN’s applicant support working group (JAS), would see fees of $44,400 for qualified applications, a $140,600 discount.
The call for auction fees to be lowered appears, on the face of it, bizarre. Presumably it refers to fees paid to the auction house, rather than the bids themselves.
Either way, it appears that developing nation applicants could get a distinct advantage in cases of contested strings, if the GAC advice is followed.
The GAC acknowledged ICANN’s worry that gaming – bogus proxy applicants springing up in qualifying nations, for example – could prove problematic, and writes:

On gaming, the GAC welcomes the JAS WG’s recommendation to set up a parallel process to determine eligibility based on the guidelines they have provided. The GAC proposes that a review team be established consisting of ICANN stakeholders experienced and knowledgeable in gTLD processes, developing country needs and gaming patterns. Furthermore, consideration should be given to the imposition of penalties on entities found to be attempting to game processes put in place to support developing country applicants.

The idea of an applicant support initiative being developed in parallel with the Applicant Guidebook – so as to not delay its approval – was first proposed by the JAS back in November.
But even the JAS envisaged that the details of the program would have to be squared away before the first round of new TLD applications are accepted.
Even if the Guidebook can be approved in the absence of a finalized support program, I think ICANN could have a hard time launching its four-month international outreach campaign until it is able to answer the basic question: “How much is this going to cost me?”
While the applicant support issue may not be a deal-breaker when it comes to approving the Guidebook – currently penciled in for June 20 – it could still delay the opening of the application window.
We’ll have a clearer picture if and when ICANN publishes the next version of the Guidebook, expected Monday, May 30 (late Pacific time, I expect).

Could VeriSign be banned from new TLDs?

Governments have proposed stricter background checks on new top-level domain operators that could capture some of the industry’s biggest players.
Top-five registrar Network Solutions and .com manager VeriSign may have reason to be concerned by the latest batch of Governmental Advisory Committee recommendations.
The GAC wants checks on new gTLD applicants expanded to include not only criminal convictions and intellectual property violations but also government orders related to consumer fraud.
The GAC advised ICANN, with my emphasis:

The GAC believes that the categories of law violations that will be considered in the background screening process must be broadened to include court or administrative orders for consumer protection law violations. If an applicant has been subject to a civil court or administrative order for defrauding consumers, it should not be permitted to operate a new gTLD.

This is not new – the GAC has proposed similar provisions before – but it seems to be the only GAC advice on applicant screening that ICANN has not yet adopted, and the GAC is still pushing for it.
Why could VeriSign and NetSol be worried by this?
One reason that springs to mind is that, back in 2003, NetSol was officially barred by the US Federal Trade Commission from the practice known as “domain slamming”.
Domain slamming, you may recall, was one of the dirtiest “marketing” tactics employed by the registrar sector during the early days of competition.
Registrars would send fake invoices with titles such as “Renewal and Transfer Notice” to the addresses of their rivals’ customers, mined from Whois data.
The letters were basically tricks designed to persuade customers ignorant of the domain name lifecycle to transfer their business to the slamming registrar.
Respectable registrars have nothing to do with such practices nowadays, but a decade ago companies including NetSol and Register.com, the two largest registrars at the time, were all over it.
At the time NetSol was carrying out its slamming campaign, it was part of VeriSign. It was spun off into a separate company earlier in 2003, before the FTC entered its order.
The order (pdf) was approved by a DC judge as part of a deal that settled an FTC civil lawsuit, alleging deceptive practices, against the company.
NetSol was not fined and did not admit liability, but it did agree to be permanently enjoined from any further slamming, and had to file compliance notices for some time afterward.
It seems plausible that this could fall into the definition of a “civil court or administrative order for defrauding consumers” that the GAC wants added to the Applicant Guidebook’s background checks.
Whether the GAC’s advice, if implemented by ICANN, would capture NetSol and/or VeriSign is of course a matter of pure speculation at the moment.
I think it’s highly unlikely that ICANN would put something in the Guidebook that banned VeriSign, its single largest source of funding (over a quarter of its revenue) from the new gTLD program.
Sadly, I think I may also be unfairly singling out these two firms here – I’d be surprised if they’re the only companies in the domain name industry with this kind of black mark against their names.
Existing background checks in the Applicant Guidebook governing cybersquatting are already thought to pose potential problems for registrars including eNom and Go Daddy.
UPDATE: It looks like NSI and VeriSign are probably safe.

Experts say piracy law will break the internet

Five of the world’s leading DNS experts have come together to draft a report slamming America’s proposed PROTECT IP Act, comparing it to the Great Firewall of China.
In a technical analysis of the bill’s provisions, the authors conclude that it threatens to weaken the security and stability of the internet, putting it at risk of fragmentation.
The bill (pdf), proposed by Senator Leahy, would force DNS server operators, such as ISPs, to intercept and redirect traffic destined for domains identified as hosting pirated content.
The new paper (pdf) says this behavior is easily circumvented, incompatible with DNS security, and would cause more problems than it solves.
The paper was written by: Steve Crocker, Shinkuro; David Dagon, Georgia Tech; Dan Kaminsky, DKH; Danny McPherson, Verisign and Paul Vixie of the Internet Systems Consortium.
These are some of the brightest guys in the DNS business. Three sit on ICANN’s Security and Stability Advisory Committee and Crocker is vice-chairman of ICANN’s board of directors.
One of their major concerns is that PROTECT IP’s filtering would be “fundamentally incompatible” with DNSSEC, the new security protocol that has been strongly embraced by the US government.
The authors note that any attempts to redirect domains at the DNS level would be interpreted as precisely the kind of man-in-the-middle attack that DNSSEC was designed to prevent.
They also point out that working around these filters would be easy – changing user DNS server settings to an overseas provider would be a trivial matter.

PROTECT IP’s DNS filtering will be evaded through trivial and often automated changes through easily accessible and installed software plugins. Given this strong potential for evasion, the long-term benefits of using mandated DNS filtering to combat infringement seem modest at best.

If bootleggers start using dodgy DNS servers in order to find file-sharing sites, they put themselves at risk of other types of criminal activity, the paper warns.
If piracy sites start running their own DNS boxes and end users start subscribing to them, what’s to stop them pharming users by capturing their bank or Paypal traffic, for example?
The paper also expresses concern that a US move to legitimize filtering could cause other nations to follow suit, fragmenting the mostly universal internet.

If the Internet moves towards a world in which every country is picking and choosing which domains to resolve and which to filter, the ability of American technology innovators to offer products and services around the world will decrease.

This, incidentally, is pretty much the same argument used to push for the rejection of the .xxx top-level domain (which Crocker voted for).

Can ICANN make a trademark deal with the GAC?

The ICANN board and its Governmental Advisory Committee have yet to reach agreement on how to protect trademarks in new top-level domains, following their Friday teleconference.
The two parties are still stuck on at least four trademark protect issues, according to sources familiar with the talks, and the GAC is due to provide updated written advice to ICANN tomorrow.
Two of the areas still outstanding were previously marked “1A” in ICANN documents, meaning ICANN’s board believed the GAC’s concerns had already been resolved.
Trademark Claims
Details of the proposed Trademark Clearinghouse database and the related Trademark Claims service are still the subject of debate.
Trademark Claims provides an alert to a trademark holder if somebody tries to register their trademark in a new gTLD. The would-be registrant also gets a warning that they may be infringing rights.
As the Applicant Guidebook stands today, new gTLD managers will have to operate the service for the first 60 days of general availability, but the IP lobby and the GAC believe it should be permanent.
The sticking point for ICANN, as I understand it, is that there’s already a commercial market for brand protection services that have some overlap with Trademark Claims.
Several companies, such as MarkMonitor, CSC and Melbourne IT, offer services that alert customers when somebody appears to infringe their brand in a domain name.
If Trademark Claims ever made it into com and other gTLDs, it could effectively monopolize the brand watch services market. The Clearinghouse(s) will be ICANN contractors, after all.
Remember what happened when VeriSign announced its Wait List Service, which promised to effectively take over the existing domain back-order services market? It wasn’t pleasant.
Proof of Use
ICANN has already dropped its requirement for “substantive review”, but it still requires trademark holders to provide “proof of use” before they can add their marks to the Clearinghouse.
Without proof of use, companies will not be able to file Uniform Rapid Suspension complaints or defensively register their brands during new gTLD Sunrise periods.
The IP lobby and the GAC want this requirement scrapped. Any trademark of national effect should be enforceable using these rights protections mechanisms, they say.
One of the justifications is that some trademarks are obtained before the owner actually launches the product or service they pertain to.
If ICANN were to make these changes, there’s a good chance that bulk-registering bogus trademarks in loose jurisdictions may become an effective strategy for gaming the second level in new TLDs.
This has happened before, such as in .eu, and that wasn’t pleasant either.
Brand+Keyword
The current draft of the Applicant Guidebook only allows exact trademark matches into the Trademark Claims and Sunrise mechanisms.
But the the IP crowd (and, again, the GAC) thinks non-exact matches should be allowed in. In the .com space, the majority of cybersquatting nowadays is of course either a brand+keyword or a typo.
Millions are being needlessly spent on UDRP complaints over typos and brand+keyword domains, and the trademark lobby don’t want to risk having to spend even more.
But there could be implementation problems. Both types of variant could throw up lots of false positives during the Claims service, for example, creating conflicts where there aren’t any.
An automated system designed to scare off typosquatters could catch the generic domain goggles.tld as an infringement of Google’s trademark, to use an obvious example.
If brand+keyword Sunrise claims were allowed, holders of trademarks in generic terms could find themselves with a lucrative payday.
Any company that has a trademark on words such as “free”, “live”, “sexy” or anything that could act as a cool prefix, could have a field day during a Sunrise period.
Uniform Rapid Suspension
I understand a sticking point here continues to be the burden of proof required to make a URS case stick.
It’s currently “clear and convincing evidence”, but the IP lobby and the GAC want it reduced to “preponderance of evidence”, a lower burden.
To non-lawyers, the difference may seem trivial. Both standards are used in civil cases in many countries, but one’s a bit strong than the other.
“Preponderance of evidence” basically means “more likely true than not”, whereas “clear and convincing”… well, it’s a bit stronger than that.
The choice of burdens will have repercussions for years to come. Registrants in new gTLDs will know what they’re getting into, but if URS ever makes it into .com…
The Road to Singapore
It’s less than a month before ICANN’s next major meeting, and only a week until it plans to publish the next version of the Applicant Guidebook.
The ICANN board is due to meet face-to-face (and presumably in public) with the GAC on the first day of the meeting, June 19, but it seems that talks will be ongoing behind the scenes until then.
A great deal of progress has been made, but with complex issues still apparently unsettled (and there are more unresolved issues unrelated to trademarks) it’s little wonder that some are now wondering whether ICANN is as confident as it once was that June 20 is Guidebook Approval Day.

Interpol wants to join the GAC

Interpol plans to apply to join ICANN’s Governmental Advisory Committee as an observer, according to ICANN.
The news came in a press release this evening, detailing a meeting between ICANN president Rod Beckstrom and Interpol secretary general Ronald Noble.
The meeting “focused on Internet security governance and enhancing common means for preventing and addressing Internet crime”. Beckstrom said in the release:

We seek the active engagement of law enforcement in our multi-stakeholder community where all parties are welcome. We recognize Interpol as an important international leader in this field. We are very pleased by its expression of interest in joining the ICANN Governmental Advisory Committee as an observer.

The GAC already has about 20 members with “observer” status, which can be granted to any intergovernmental or treaty organization.
Also in attendance at the meeting in Lyons, France, was ICANN’s new chief of security, Jeff Moss, VP of government affairs Jamie Hedlund, and Alice Jansen of its Organizational Reviews unit.
Law enforcement has been trying to get a louder voice at ICANN for some time, and calls have grown in volume given the increasing use of domain names as tools to shut down crooks.
At ICANN’s recent meeting in San Francisco, Interpol’s top cop on the child abuse imagery beat, Michael Moran, launched a withering critique of what he saw as the industry’s failure to help police the web.
Moran called for a system to be put in place for law enforcement to more easily be able to shut down peddlers of such content and more easily track the abusers.

Poor nation support crucial to new TLD talks

Whether to provide discounts for new top-level domain applicants from poor countries has become a critical obstacle in the process of getting ICANN’s new gTLD program approved.
Not only are its policy-making bodies going through a bout of infighting over proposals to help developing nations, but it is also being seen as a “major political risk” to ICANN’s global credibility.
Sources say that the Governmental Advisory Committee is increasingly concerned that a lack of support for poorer nations could used to bash the gTLD program and discredit ICANN itself.
There are fears that the Group of 77 could use the perception that ICANN works primarily for the benefit of the developed world to push for more UN-based governmental control of the internet.
These concerns were apparently raised during the ICANN Board-GAC teleconference on Friday, and will continue to be discussed in the run-up to the Singapore meeting.
Merely applying for a new gTLD will cost a minimum of $185,000 in direct ICANN fees, potentially rising dramatically in the case of complex or contested applications.
That sum also excludes the many more hundreds of thousands of dollars required to create an application that meets ICANN’s stringent financial and technical stability demands.
Many have estimated that an application for a new gTLD could require an first-year outlay of easily over $1 million.
Unsurprisingly, this may exclude applicants from poorer nations, particularly non-profit and community-based initiatives.
There’s a worry that if support mechanisms are not in place for the first round of applications, culturally or commercially valuable IDN gTLDs will get snapped up by wealthy western companies.
Warning: More Acronyms Ahead
To come up with solutions to this problem, ICANN in April 2010 asked for what is now called the “Joint SO/AC Working Group on New gTLD Applicant Support” – JAS for short.
JAS was chartered by, and comprised of members of, the Generic Names Supporting Organization and the At Large Advisory Committee, two of ICANN’s policy bodies.
Earlier this month, JAS submitted its draft second milestone report (pdf) was submitted to the ICANN board. It’s more of a collection of ideas than a structured framework for applicant support.
It calls for, among other things, fees and financial commitments reduced by as much as three quarters for applicants from about 50 poor nations, if they can show they are (essentially) worthy and needy.
It also suggests that such applicants could have their requirements to support the new DNSSEC and IPv6 technologies from day one – which would raise start-up costs – eliminated.
Unfortunately, the GNSO and ALAC apparently had quite different expectations about what the JAS would produce, and since January the group has been working under a split charter.
Registries and registrars were (and are) worried that JAS was going too far when it recommended, for example, discounted application fees.
Because ICANN has priced applications on a cost-recovery basis, there’s a real concern that discounts for poor applicants will translate into higher fees for wealthier applicants.
Broadly, it’s an example of the usual tensions between commercial domain name industry stakeholders and other groups playing out through quite arcane due process/jurisdictional arguments.
For the last couple of weeks, this has manifested itself as a row about the fact that JAS submitted its report the report was submitted to the ICANN board before it was approved by the GNSO.
Mind The GAC
If it’s the case, as sources say, that the GAC is urgently pressing for applicant support measures to be available in the first round of new gTLD applications, this puts another question mark over ICANN’s ability to approve the Applicant Guidebook in Singapore a month from now.
The GAC “scorecard” of problematic issues has since November stated that ICANN should adopt the findings of the JAS.
But today the JAS is nowhere near producing a comprehensive solution to the problem. Its recommendations as they stand are also unlikely to attract broad support from registry/registrar stakeholders.
Many of its current suggestions are also highly complex, calling for ICANN to establish special funds, staggered payment or repayment programs and additional applicant background checks.
They would take time to implement.
There’s been some talk about the idea that ICANN could approve the Applicant Guidebook before the JAS work is complete, but I’m not sure how realistic that is or whether it would receive the GAC blessing.
If the GAC is worried that ICANN’s very legitimacy could be at risk if it goes ahead with the program before the developing world is catered for, we could be looking at another big roadblock.

VeriSign drops $150,000 on ICANN Singapore

VeriSign, which signed up for an unprecedented $500,000 sponsorship package for ICANN’s meeting in San Francisco, has spent a rather more modest amount for the June meeting.
The company is currently listed as a Platinum Elite sponsor for the Singapore meeting, which kicks off June 19. This tier has a list price of $150,000, though I believe ICANN’s prices are negotiable.
VeriSign’s two main registry services competitors, Neustar and Afilias, had already signed up for cheaper sponsorship tiers, with lower visibility.
It would be my guess that the company waited for its rivals to show their hands before deciding to how much it needed to spend to trump them.
The Singapore meeting may see the approval of the Applicant Guidebook for the new top-level domains program.
(UPDATE: Thanks to the reader who pointed out that ICANN will almost certainly vote to approve the renewal of VeriSign’s .net contract in Singapore.)
There are 19 sponsors for Singapore so far, but currently no takers for the two available top-tier Diamond packages, which are listed at $250,000.
The amount VeriSign coughed up for San Francisco is believed to have largely contributed to the speaking fees of former US president Bill Clinton.
ICANN expects to make about $1.2 million from its three fiscal 2011 meetings, which is less than the cost of a single meeting.

Still no new TLDs agreement with GAC

ICANN and its Governmental Advisory Committee have yet to resolve their differences over the new top-level domains program, putting a question mark over the current approval timetable.
In a joint statement released early this morning, following a teleconference on Friday, the ICANN board and GAC confirmed that their talks have not yet concluded.
But ICANN still thinks approval of the program’s Applicant Guidebook could come by June 20, the second day of the forthcoming Singapore meeting:

The latest discussion and ICANN Board and GAC agreement on the benefits of having a face-to-face meeting in Singapore pave the way to possible Board consideration of program approval on 20 June 2011.

This seems to serve as confirmation that the board and GAC will meet for a last-ditch attempt at compromise on June 19. ICANN has already moved around schedules to accommodate the meeting.
Outstanding areas of disagreement continue to include rights protection mechanisms for trademark holders and processes for governmental objections to controversial TLD applications.
Negotiations so far have comprised at least four days of face-to-face talks over the last few months, which had mixed results.
ICANN has given a lot of ground already, but it seems that it has not gone far enough for the GAC. Chair Heather Dryden said in the statement:

the GAC appreciates the time taken by the Board to discuss remaining issues on the call and looks forward to continued progress as a clear signal that the Board is committed to enabling the formulation of true community consensus in developing policy that is in the global public interest as well as increasing the overall accountability and transparency of the organization.

The current talks take place against the backdrop of the renewal of ICANN’s IANA contract with the US Department of Commerce and NTIA, which gives ICANN many of its powers.
Larry Strickling, head of the National Telecommunications and Information Administration, has publicly indicated that he may use the renewal as leverage to squeeze concessions from ICANN.
Two weeks ago, he said that he was “unclear” about whether June 20 was a realistic target for Guidebook approval.
Recently, Strickling also met with European Commissioner Neelie Kroes where they found common ground on new gTLDs and ICANN’s accountability and transparency goals.