Is ICANN too scared of lawsuits?

Arguments about the new top-level domain Applicant Guidebook kicked off with a jolt this week, when ICANN was accused of abdicating its responsibilities and being too risk-averse.
In what I think was the first case of a top ICANN staff member publicly discussing the AGB, senior veep Kurt Pritz fielded questions about “morality and public order objections” on a packed and occasionally passionate conference call (mp3).
On the call, Robin Gross of IPJustice accused ICANN’s of shirking its duties by proposing to “fob off” decisions on whether to reject controversial TLDs onto third-party experts.
She said:

I’m concerned that there’s a new policy goal – a new primary policy goal – which is the risk mitigation strategy for ICANN. I don’t remember us ever deciding that that was going to be a policy goal. But it seems that now what is in the best interest for the Internet is irrelevant. The policy goal that rules is what is in the best interest for ICANN the corporation

A cross-constituency working group (CWG) had said that controversial TLDs should be rejected only after a final nod from the ICANN board, rather than leaving the decision entirely in the hands of outside dispute resolution providers.
There was a concern that third parties would be less accountable than the ICANN board, and possibly more open to abuse or capture.
But ICANN rejected that recommendation, and others, on “risk mitigation” grounds. Explanatory notes accompanying the new AGB (pdf) say:

Independent dispute resolution is a cornerstone of the risk mitigation strategy. Without outside dispute resolution, ICANN would have to re-evaluate risks and program costs overall.

Almost a third of every new TLD application fee – $60,000 of every $185,000 – will go into a pool set aside for ICANN’s “risk costs”.
These costs were based on an estimate that there will be 500 applications, and that ICANN will need $30 million to cover risks.
These are often thought to be primarily risks relating to litigation.
There’s a fear, I suspect, that ICANN could become embroiled in more interminable .xxx-style disputes if it allows the board to make subjective calls on TLD applications, rather than hiring independent experts to make decisions based on uniform criteria.
On Monday’s conference call, Gross said that ICANN’s treatment of the CWG’s recommendations was a “really big shock”. She added:

clearly here this is just a fobbing off of that responsibility, trying to again avoid litigation, avoid responsibility rather than take responsibility and take accountability

But ICANN says that the risk mitigation strategy benefits TLD applicants by removing uncertainty from the program, as well making ICANN more credible.
Pritz said on the call:

the risk to the program is in creating a process or procedure that isn’t transparent and predictable for applicants. By what standard can a TLD be kicked out? It’s got to be: here’s the standards, here’s the decision maker and here’s the process.
When I talk about risk, it’s risk to this process.
If this process attracts a lot of litigation, and ICANN published the process and then did not follow it, or that the process wasn’t clear so that the applicant had no way of predicting what was going to happen to its application, the risk is then litigation would halt the process and undermine the ICANN model.
So it doesn’t really have anything to do with the people that are the directors or the people that are the staff; it has to do with the credibility of ICANN as a model for Internet governance.

In other words, if TLD applicants pay their fees and go into the process knowing what the rules are, and knowing that there’s little chance of being jerked around by the ICANN board, there’s less chance of the program as whole being disrupted by lawsuits.
Seems fair enough, no?

Happy 10th birthday new TLDs!

With all the excitement about ICANN’s weekend publication of the new top-level domain Applicant Guidebook, it’s easy to forget that “new” TLDs have been around for a decade.
Tomorrow, November 16, is the 10th anniversary of the ICANN meeting at which the first wave of new gTLDs, seven in total, were approved.
The recording of the 2000 Marina Del Rey meeting may look a little odd to any relative newcomers to ICANN.
The open board meeting at which the successful new registries were selected took well over six hours, with the directors essentially making up their selection policies on the spot, in the spotlight.
It was a far cry from the public rubber-stamping exercises you’re more likely to witness nowadays.
Take this exchange from the November 2000 meeting, which seems particularly relevant in light of last week’s news about registry/registrar vertical integration.
About an hour into the meeting, chairman Esther Dyson tackled the VI idea head on, embracing it:

the notion of a registry with a single registrar might be offensive on its own, but in a competitive world I don’t see any problem with it and I certainly wouldn’t dismiss it out of hand

To which director Vint Cerf, Dyson’s eventual successor, responded, “not wishing to be combative”:

The choices that we make do set some precedents. One of the things I’m concerned about is the protection of users who register in these various top-level domains… If you have exactly one registrar per registry, the failure of either the registrar or the registry is a serious matter those who people who registered there. Having the ability to support multiple registrars, the demonstrated ability to support multiple registrars, gives some protection for those who are registering in that domain.

Odd to think that this ad-hoc decision took ten years to reverse.
It was a rather tense event.
The audience, packed with TLD applicants, had already pitched their bids earlier in the week, but during the board meeting itself they were obliged to remain silent, unable to even correct or clarify the misapprehensions of the directors and staff.
As a rookie reporter in the audience, the big news for me that day was the competition between the three registries that had applied to run “.web” as a generic TLD.
Afilias and NeuStar both had bids in, but they were competing with Image Online Design, a company that had been running .web in an alternate root for a number of years.
Cerf looked like he was going to back the IOD bid for a while, due to his “sympathy for pioneers”, but other board members were not as enthusiastic.
I was sitting immediately behind company CEO Christopher Ambler at the time, and the tension was palpable. It got more tense when the discussion turned to whether to grant .web to Afilias instead.
Afilias was ultimately granted .info, largely due to IOD’s existing claim on .web. NeuStar’s application was not approved, but its joint-venture bid for .biz was of course successful.
This was the meat of the resolution:

RESOLVED [00.89], the Board selects the following proposals for negotiations toward appropriate agreements between ICANN and the registry operator or sponsoring organization, or both: JVTeam (.biz), Afilias (.info), Global Name Registry (.name), RegistryPro (.pro), Museum Domain Management Association (.museum), Société Internationale de Télécommunications Aéronautiques (.aero), Cooperative League of the USA dba National Cooperative Business Association (.coop);

If any of this nostalgia sounds interesting, and you want to watch seven hours of heavily pixelated wonks talking about “putting TLDs into nested baskets”, you can find the video (.rm format, that’s how old it is) of the MDR board meeting buried in an open directory here.

New TLD guidebook bans domain front-running

ICANN’s newly published Applicant Guidebook for new top-level domain operators contains a draft Code of Conduct for registries that, among other things, bans “front-running”.
The code, which I think is probably going to be one of the most talked-about parts of the AGB in the run-up to ICANN’s Cartagena meeting next month, is designed to address problems that could arise when registrars are allowed to run registries and vice versa.
Front-running is the name given to a scenario in which registrars use insider information – their customers’ domain availability lookups – to determine which high-value domains to register to themselves.
While there’s plenty of anecdotal evidence that such practices have occurred in the past, a study carried out last year by researcher Ben Edelman found no evidence that it still goes on.
Front-running was however held up as one reason why registrars and registries should not be allowed to vertically integrate, so the AGB’s code of conduct explicitly bans it.
It also bans registries accessing data generated by affiliated registrars, or from buying any domains for its own use, unless they’re needed for the management of the TLD.
Integrated registries will have to keep separate accounts for their registrar arms, and there will have to be a technological Chinese wall stopping registry and registrar data from cross-pollinating.
Registries will also have to submit a self-audit to ICANN, certifying their compliance with the code of conduct, before January 20 every year.
The code is currently a six-point plan, which, given the past “ingenuity” of domain name companies, may prove a little on the light side.
There’s lots more discussion to be had on this count, no doubt.

Another reason why Go Daddy might not become a registry

Domain name registries and registrars will soon be able to own each other, but there are plenty of good reasons why many of them, including the largest, may not.
George Kirikos and Mike Berkens are asking very interesting questions today, based on earlier investigative reporting by DomainNameWire, about whether Go Daddy would or should be barred from owning a registry on cybersquatting grounds.
But that’s not the only reason why Go Daddy may have problems applying for a new top-level domain.
I reported back in March, when only my mother was reading this blog, that Go Daddy may have gotten too big to be allowed into the registry market.
If you think Go Daddy wants to apply to ICANN to manage a new TLD registry or two, ask yourself: why did Go Daddy spend most of the year opposing vertical integration?
I have no inside knowledge into this, but I have a theory.
In 2008, CRA International produced an economic study for ICANN that, broadly speaking, recommended the relaxation of the rules separating registries and registrars.
In December that year, less than two years ago, Go Daddy filed its very much pro-VI comments on the study:

Go Daddy has and continues to be an advocate for eliminating the existing limits on registry/registrar cross-ownership.
…
The arguments that have been presented in favor of maintaining the status quo simply do not hold water. Current and past examples of cross-ownership already serve as test cases that demonstrate cross-ownership can and does work, and it can be successfully monitored.

Over the course of the next 12 months, the company’s official position on VI mellowed, and by this year it had made a 180-degree turn on the issue.
Its comments to the VI working group, filed in April 2010, say:

Go Daddy’s position on the vertical integration (VI) issue has changed over time. When VI discussions first began our position was very much to the left (if left is full, unqualified VI), but it has moved steadily to the right (if right is maintaining the so-called status quo). At this point, we are nearly fully on the right.

The company cited concerns about security, stability and consumer protection as the reasons for its shift. While I’ve no doubt that’s part of the story, I doubt it paints a full picture.
The decision may also have something to do with another economic study, produced for ICANN in February this year, this time by economics experts Steven Salop and Joshua Wright. It was published in March.
This study, crucially I think, suggested that where cross-ownership was to take place and the larger of the two companies had market power, that the deal should be referred to government competition regulators. Salop & Wright said:

We recommend that ICANN choose a market share threshold in the 40-60% range (the market share measured would be that of the acquiring company). The lower end is the market share at which U.S. competition authorities begin to be concerned about market power.

Guess which is the only registrar that falls into this market share window?
In January this year, Go Daddy put out a press release, when it registered its 40 millionth domain, which claimed:

Go Daddy now holds a near 50 percent market share of all active new domains registered in the world and is more than three times the size of its closest competitor.

Correlation does not equal causation, of course, so there’s no reason the second economic study and Go Daddy’s policy U-turn are necessarily linked, but I’d be surprised if the market power issue did not play a role.
The newly published Applicant Guidebook appears to have taken on board a key Salop & Wright recommendation, one that may be relevant:

ICANN-accredited registrars are eligible to apply for a gTLD… ICANN reserves the right to refer any application to the appropriate competition authority relative to any cross-ownership issues.

It seems to me that Go Daddy may be one of the few companies such a provision applies to. The company may find it has a harder time applying to become a registry than its competitors.
In the interests of sanity, I should point of that the AGB has been out for less than 48 hours, and that anything written about its possible consequences at this point is pure speculation.

Could vertical integration kill registrar parking?

Will ICANN’s decision to allow registrars and registries to own each other help reduce the practice of registrars parking unused or expiring domain names?
A reading of the new top-level domain Applicant Guidebook in light of the recent “vertical integration” ruling it incorporates certainly raises this kind of question.
The AGB includes a policy called the Trademark Post-Delegation Dispute Resolution Procedure, or PDDRP, which allows trademark owners to seek remedies against cybersquatting registries.
The policy is quite clear that registries cannot be held accountable for cybersquatting by third parties in their TLD, unless they have, for example, actively encouraged the squatters.
But another example of infringement is given thus:

where a registry operator has a pattern or practice of acting as the registrant or beneficial user of infringing registrations, to monetize and profit in bad faith.

Now, this wouldn’t be a cause for concern in the current vertically separated market.
Most registries are only generally able to register domain names in their own TLD by going through an accredited registrar. Proving bad faith intent in that situation would be trivial.
But what of an integrated registry/registrar that also automatically parks recently registered or expiring domains in order to profit from pay-per-click advertising?
This is common practice nowadays. It’s been used to prove a registrant’s bad faith during many recent UDRP proceedings and one registrar is even being sued by Verizon for doing it.
Would a registrar parking an expired, trademark-infringing domain constitute it acting as a “beneficial user” of the domain “to monetize and profit in bad faith”?
Text added to the PDDRP section of the AGB in its most recent revision strongly suggests that “the registrar did it” would not be a defence for a vertically integrated company:

For purposes of these standards, “registry operator” shall include entities directly or indirectly controlling, controlled by or under common control with a registry operator

The PDDRP allows complainants to seek remedies such as injunctions, as well as the suspension of new registrations in a TLD and, exceptionally, the full revocation of their registry contract.
With that in mind, would an integrated registry/registrar want to risk any practice that puts their TLD at risk?

What does ICANN say about terrorism?

While it’s true that ICANN has excised specific references to terrorism from its new top-level domain Applicant Guidebook, don’t expect any such groups to be awarded TLDs.
As I reported in September, the AGB no longer contains the explicit mention of “terrorism”, which had caused complaints to be filed by a few members of the community.
But it does contain text that makes it abundantly clear that any group or nation the US considers a supporter of terrorism will have an extremely hard time finding approval.
Under a new section entitled “Legal Compliance”, ICANN notes that it “must comply with all U.S. Laws, rules, and regulations” including the sanctions program overseen by the US Office of Foreign Assets Control.
OFAC administers a List of Specially Designated Nationals and Blocked Persons. If you’re on the SDN list, American companies cannot do business with you without a license.
While ICANN has applied for exemption licenses in the past, in order to be able to deal with organizations in US-unfriendly nations (on ccTLD matters, presumably), the AGB now states:

ICANN generally will not seek a license to provide goods or services to an individual or entity on the SDN List. In the past, when ICANN has been requested to provide services to individuals or entities that are not SDNs, but are residents of sanctioned countries, ICANN has sought and been granted licenses as required. In any given case, however, OFAC could decide not to issue a requested license.

If you’ve never seen this list before, it can be downloaded here. It’s currently 475 pages long, and while it’s certainly a globally inclusive document, parts of it do read like the Baghdad phone book.
(Interestingly, many of the listed a.k.a’s are actually domain names)
Anybody who wanted ICANN to replace the amorphous term “terrorism” with something a little more specific have had their wishes granted.
No more hypothetical debate is required about whether Hamas, for example, is a terrorist group or a movement of freedom fighters. It’s in the book, so it’s probably not getting a TLD.

Insurance TLD draws interest

An initiative to create a top-level domain for the insurance industry appears to be attracting support in German-speaking countries.
dotVersicherung plans to apply for .versicherung (.insurance) in the first round of new TLD applications next summer, according to its web site.
The domain would be reserved for insurance companies in Germany, Austria and Switzerland.
Judging by its web site, which is one of the more comprehensive I’ve seen from a new TLD initiative, it has picked up a fair bit of interest from insurance companies already.
The organization reckons it will cost about 2 million euros to launch the TLD, and it currently appears to be inviting investors to get involved.
It disputes the idea that .versicherung is too long for a TLD, saying that there are already 25,000 domains in .de that contain the term at the second level and that most visitors will use search engines, rather than type-in, to find web sites.
It looks like the organization has been around several months, and is currently doing a publicity tour of its target nations. It also looks like Dirk Krischenowski, CEO of dotBERLIN, is involved in an advisory capacity.
I’m getting this information via Google Translate, by the way, so it may not be 100% reliable.
Hat tip to Jean Guillon, who’s been turning the ability to spot new TLD initiatives into a fine art recently.

.jobs opponents get to the point

The .JOBS Charter Compliance Coalition has sent off another ream of text to ICANN, spelling out more clearly its objections to Employ Media’s plan to open up the .jobs namespace.
The Coalition wants ICANN to reject the registry’s plan to allocate thousands of premium .jobs domain names to partners including the DirectEmployers Association.
While previous filings danced around the issue, the latest Coalition missive makes it a little clearer what its beef is: it thinks DirectEmployers’ universe.jobs plan is bogus and should be blocked.
The documents were filed as part of an ongoing Reconsideration Request. The Coalition wants ICANN to reverse its decision to approve the .jobs “Phased Allocation Program”.
The program allows Employ Media to allocate “non-companyname” .jobs domains via an RFP process and, later, auctions and regular sales.
But the Coalition thinks it is a smokescreen designed to enable universe.jobs, a planned free jobs board that would be fed traffic from possibly thousands of premium generic domains.
Its objection boils down to the fact that Employ Media seems to be planning to register these premium domains to itself and allow DirectEmployers, which probably would not be a qualified HR registrant under the .Jobs Charter, to “use” them.
As the Coalition puts it:

Employ Media states that it intends to solicit plans under the Program “which may create a self managed class of domains registered in Employ Media’s name.” Presumably, in this “self-managed” scenario, Employ Media would register the domain names itself, and permit third parties to “use” the domains even if those third parties could not register them consistent with the Charter.

What we seem to have here is a case of a registry planning to monetize its premium domains by running them itself, in order to compete with companies that are barred from becoming registrants themselves.
This bothers the Coalition’s members, which all run jobs sites but would not qualify to register premium domains under the .Jobs Charter.
For Reconsideration Requests to be successful, the requester has to show that ICANN’s board did not have all the facts at its disposal, or failed to consider them, when it made its decision.
Having read through the recently published minutes and board briefing materials from the meeting at which the program was approved, the Coalition thinks it now has a stronger case.
Its latest filing accuses ICANN of failing to adequately investigate Employ Media’s claims about its program and of brushing off critics as “a bunch of sore losers that were afraid of a little competition”.
Referring to the universe.jobs plan and the “self-managed” domains, the Coalition wrote:

There is no indication that the ICANN Staff provided the Board with any analysis of this critical issue, or that the Board considered this material issue

It also wonders aloud whether the Board was even aware of the universe.jobs plan when the allocation program was approved back in August.
I may be reading it incorrectly, but it appears that ICANN’s board governance committee, which handles Reconsideration Requests, may be coming around to the Coalition’s way of thinking.
The BGC recently sent Employ Media’s sponsor, the Society For Human Resource Management, a list of questions about the program, including this one:

Did the SHRM PD Council intend to enable the Registry (Employ Media) to register domain names in the .JOBS sTLD for the purpose of allowing third-party job postings on those sites? If so, please explain how this consistent with the .JOBS Charter.

I’ll be interested in reading its response.

First reactions to ICANN’s VI bombshell

Shortly before 8am UTC today, ICANN announced that it plans to blur the lines between domain name registries and registrars by eliminating cross-ownership restrictions and enabling vertical integration of the two functions.
The shock move is likely to have profound repercussions on the domain industry for years to come.
I’ve spent the last ten hours collating a bunch of early reaction from Twitter and the blogosphere.
Like blind men groping an elephant, everyone had their own take on the news, which perhaps indicates how broad-reaching its effects will be.
Linkfest coming up.
Apparently the first to notice the news, which came just before midnight in California, was AusRegistry, the Australian registry services company, with this pithy tweet:

Any Registrars wanting Registry software can enquire within…

The company later followed up with a blog post:

The positives of this resolution is that it is highly likely that we will see the adoption and growth of smaller more boutique TLDs being championed to market by their Registrar owners and for many industry participants, anything that promotes the success of the new gTLD program and the reduced risk of Registry failure can only be seen as a good thing.

As Europe woke up to the news, Michele Neylon of Irish registrar Blacknight decided to eschew diplomacy, and pondered the possible fallout from ICANN’s decision:

Now the next question is – what next?
How will people react?
Are we going to see a flood of nastygrams from Afilias and PIR being sent to the ICANN board demanding them to backtrack?

Across the pond, Minds + Machines CEO Antony Van Couvering quickly rattled off a typically eloquent blog post that focussed on what he seems to see as ICANN’s sudden spine growth:

This is the only principled decision the ICANN Board could have come to, and they deserve a lot of credit for doing it. By “principled,” I mean taking ICANN’s stated institutional principles and following them to their logical conclusion.
…
The new landscape will require everyone in the domain name business to re-examine their business, their partners, their strategy. It will have consequences between those I enumerated above. It will re-invigorate the industry, and it will help establish the respect that ICANN has lacked for so long.

Another new TLD applicant, Constanine Roussos of .music tweeted:

ICANN allows Vertical Integration for new top-level domains. .MUSIC is thrilled. #ICANN makes history. The lobbying effort was well worth it

Over in Japan, Jacob Williams of new TLD consultants UrbanBrain reflected some of the industry’s shock that ICANN went against many observers’ expectations.

This announcement is a full 180 degree turn from the verbiage in DAG 4 and the resolutions passed at the public meeting in Nairobi earlier this year. This decision comes huge surprise, but surely a relief to many New gTLD applicants.

On the policy side of things, veteran ICANN commentator Danny Younger expressed surprise of a different kind on his new ICANNology blog:

I’ve been wondering how an ICANN Board session that is “not designated as an Official Board Meeting” can result in official Board Resolutions.
…
If the meeting is specifically not designated as “special”, but rather as a board “retreat”, should official board resolutions be promulgated at the conclusion of such sessions?

Fellow policy wonk George Kirikos tweeted:

“It is better to remain silent and be thought a fool than to open one’s mouth and remove all doubt.” applies to #ICANN’s latest moves.

Former ICANN staffer Kieren McCarthy tweeted, less ambiguously:

Good call #ICANN Board. Recognizing the realities of new top-level domains and standing up for principles over pressure

Finally, EnCirca, a US-based registrar, tried to pick winners and losers and concluded that it is the “.brand” TLDs that will gain the most, and that it is the registrars that are in for a shake-up.

the real winners will be the major brands on the internet: Apple, Yahoo, Google, Facebook, Microsoft. Any one of these could launch their own TLD to rival dot-com.
Who are the biggest losers? The Registrar channel. Registrars will no longer be assured of being able to offer new TLD’s to their customers. Registries will start to bypass their registrar partners and deal directly with end-users.
Registries and registrars will need to start innovating to remain relevant. It is time to start competing.

As you might expect, there has been not much reaction yet from those, such as Go Daddy, which opposed full vertical integration.
But Warren Adelman, Go Daddy’s president, tweeted within the last hour:

Let the games begin

Quite.

Vertical integration – bad news for domainers?

ICANN’s decision to allow domain name registrars to operate registries is a game changer on many fronts, but what impact could it have on domain investors?
For the first time, registrars will be able apply for and run new top-level domains, giving them unprecedented insight into registry-level data.
If they also act as registries, registrars will, for example, be able to see what non-existent domains in their TLD get the most type-in traffic.
They will also be able to see how much traffic expiring domains get, even if the registrant does not use the registrar’s own name servers.
As claimed by some participants in ICANN’s vertical integration working group, this data could be used to “harm” registrants; harms that could be especially noticeable to domainers.
There was a concern from some in the WG that combined registry-registrar entities (we’re going to need a name for these) could use registry data to, for example, identify and withhold high-value names, increasing prices to potential registrants.
The possibility of an increase in “domain tasting” and “front-running” – practices generally frowned upon nowadays – was also raised.
However, some registrars are already owned by companies that register large numbers of traffic domains for themselves, even without access to registry data.
Demand Media subsidiary eNom, the second-largest gTLD registrar, is a good example.
As DomainNameWire reported in August, the company already uses domain name lookups to decide what names to register for itself (though it told DNW it does not “front-run”), saying in SEC filings:

These queries and look-ups provide insight into what consumers may be seeking online and represent a proprietary and valuable source of relevant information for our platform’s title generation algorithms and the algorithms we use to acquire undeveloped websites for our portfolio.

Demand also said that it acquires eNom customers’ expiring domains if they are attractive enough:

Domain names not renewed by their prior registrants that meet certain of our criteria are acquired by us to augment our portfolio of undeveloped owned and operated websites.

Access to registry data could prove invaluable in refining this model, and eNom has, unsurprisingly. long indicated its desire to apply for and operate new TLDs.
But will registries be allowed to exploit this data to line their own pockets?
ICANN indicated today that it plans to introduce a code of conduct for registries, to prevent “misuse of data”, and will likely step up its compliance activities as a result.
What this code of conduct will look like remains to be seen, but I expect we’re looking at “Chinese wall” provisions similar to those self-imposed by VeriSign when it still owned Network Solutions.
It should be pointed out, of course, that standalone registries already have the ability to register domains to themselves, based on their own registry data, and I’m not aware of a great many incidents where this has been abused to the harm of registrants.