First chance to have your say on the future of Whois

RIP: the Whois Admin.
Standard Whois output is set to get slimmed down further under newly published policy proposals.
The community working group looking at post-GDPR Whois has decided that the Admin Contact is no longer necessary, so it’s likely to get scrapped next year.
This is among several recommendations of the Expedited Policy Development Process working group on Whois, which published its initial report for public comment late Wednesday.
As expected, the report stops short of addressing the key question of how third-parties such as intellectual property interests, domain investors, security researchers and the media could get streamlined access to private Whois data.
Indeed, despite over 5,000 person-hours of teleconferences and face-to-face meetings and about 1,000 mailing list messages since work began in early August, the EPDP’s 50 members have yet to reach consensus on many areas of debate.
What they have reached is “tentative agreement” on 22 recommendations on how to bring current ICANN Whois policy into line with EU privacy law, the General Data Protection Regulation.
The work is designed to replace the current Temporary Specification, a Band-Aid imposed by the ICANN board of directors, which is due to expire next May.
The EPDP initial report proposes a few significant changes to what data is collected and publicly displayed by the Whois system.
The most notable change is the complete elimination of the Admin Contact fields.
Currently, Whois contains contact information for the registrant, admin contact and technical contact. It’s often the same data replicated across all three records, and under the Temp Spec the large majority of the data is redacted.
Under the EPDP’s proposal, the Admin Contact is superfluous and should be abandoned altogether. Not only would it not be displayed, but registrars would not even collect the data.
The Tech Contact is also getting a haircut. Registrars would now only be able to collect name, phone and email address, and it would be optional for the registrant whether to provide this data at all. In any event, all three fields would be redacted from public Whois output.
For the registrant, all contact information except state/province and country would be redacted.
There’s no agreement yet on whether the optional “organization” field would be redacted, but the group has agreed that registrars should provide better guidance to registrants about whether they need to provide that data.
While data on legal persons such as companies is not protected by GDPR, some fear that natural person registrants may just naively type their own name into that box when registering a name, inadvertently revealing their identities to the public.
Those providing Whois output would be obliged, as they are under the Temp Spec, to publish an anonymized email address or web-based contact form to allow users to contact registrants without personal information being disclosed.
That German lawsuit
The recommendation to slash what data is collected could have an impact on ICANN’s lawsuit against Tucows’ German subsidiary, EPAG.
ICANN is suing EPAG after the registrar decided that collecting admin and tech contact info was not compliant with GPDR. It’s been looking, unsuccessfully, for a ruling forcing the company to carry on collecting this data.
Tucows is of the view that if the admin and tech contacts are third parties to the registration agreement, it has no right to collect data about them under the GDPR.
If ICANN’s own community policy development process is siding with Tucows, this could guide ICANN’s future legal strategy, but not, it appears, until it becomes firm consensus policy.
I asked ICANN general counsel John Jeffrey about whether the EPDP’s work could affect the lawsuit during an interview October 5, shortly after it became clear that the admin/tech contact days might be numbered.
“Maybe,” he said. “If it becomes part of the policy we’ll have to assess that. Until there’s a new policy though, what we’re working with is the Temp Spec. The Temp Spec we believe is enforceable, we believe have the legal support for that, and we’ll continue down that path.”
(It might be worth noting that Thomas Rickert, whose law firm represents EPAG in this case, is on the EPDP working group in his capacity of head of domains for German trade group eco. He is, of course, just one of the 31 EPDP members developing these recommendations at any given time.)
IP wheel-spinning
The main reason it’s taken the EPDP so long to reach the initial report stage — the report was originally due during the ICANN 63 Barcelona meeting a month ago — has been the incessant bickering between those advocating for, and opposing, the rights of intellectual property interests to access private Whois data.
EPDP members from the IP Constituency and Business Constituency have been attempting to future-proof the work by getting as many references to IP issues inserted into the recommendations as they can, before the group has turned its attention to addressing them specifically.
But they’ve been opposed every step of the way by the Non-Commercial Stakeholders Group, which is concerned the IP lobby is trying to policy its way around GDPR as it relates to Whois.
Many hours have been consumed by these often-heated debates.
My feeling is that the NCSG has been generally winning, but probably mainly because the working group’s charter forbade discussion about access until other issues had been addressed.
As it stands today, the initial report contains this language in Recommendation #2:

Per the EPDP Team Charter, the EPDP Team is committed to considering a system for Standardized Access to non-public Registration Data once the gating questions in the charter have been answered. This will include addressing questions such as:
• What are the legitimate purposes for third parties to access registration data?
• What are the eligibility criteria for access to non-public Registration data?
• Do those parties/groups consist of different types of third-party requestors?
• What data elements should each user/party have access to?
In this context, amongst others, disclosure in the course of intellectual property infringement and DNS abuse cases will be considered

This is basically a placeholder to assure the IP crowd that their wishes are still on the table for future debate — which I don’t think was ever in any doubt — but even this basic recommendation took hours to agree to.
The EPDP’s final report is due February 1, so it has just 70 days to discuss this hypothetical “Standardized Access” model. That’s assuming it started talks today, which it hasn’t.
It’s just nine weeks if we assume not a lot is going to happen over the Christmas/New Year week (most of the working group come from countries that celebrate these holidays).
For context, it’s taken the working group about 115 days just to get to the position it is in today.
Even if Standardized Access was the only issue being discussed — and it’s not, the group is also simultaneously going to be considering the public comment on its initial report, for starters — this is an absurdly aggressive deadline.
I feel fairly confident in predicting that, come February 1, there will be no agreement on a Standardized Access framework, at least not one that would be close to implementable.
Have your say
All 22 recommendations, along with a long list of questions, have now been put out for public comment.
The working group is keen to point out that all comments should provide rationales, and consider whether what they’re asking for would be GDPR-compliant, so comments along the lines of “Waaah! Whois should be open!” will likely be rapidly filed to the recycle bin.
It’s a big ask, considering that most people have just a slim grasp of what GDPR compliance actually means.
Complicating matters, ICANN is testing out a new way to process public comments this time around.
Instead of sending comments in by email, which has been the norm for two decades, a nine-page Google form has been created. This is intended to make it easier to link comments to specific recommendations. There’s also a Word version of the form that can be emailed.
Given the time constraints, it seems like an odd moment to be testing out new processes, but perhaps it will streamline things as hoped. We’ll see.

Uniregistry working on bulk trademark blocking service

Uniregistry is planning to launch a bulk trademark block service, along the same lines as Donuts’ Domain Protected Marks List.
But it’s going to be roughly 50% more expensive than DPML, on a per-TLD basis.
The company has applied to ICANN to run what it calls “Uni EP” across its whole portfolio of 26 gTLDs.
Uni EP would be “largely identical” to DPML, according to Uniregistry’s Registry Service Evaluation Requests.
This means that anyone who has their trademark registered in the Trademark Clearinghouse will be able to block the matching string in all of Uniregistry’s TLDs.
Nobody else would be able to register that mark unless they also had a TMCH-validated trademark for the same string.
The pricing would be lower than if the brand owner individually defensively registered in each of the 26 TLDs.
With Donuts, which manages a portfolio almost 10 times as large, DPML tends to be priced around the $6,000 mark retail for a five-year block. That works to about $5 per TLD per year.
Uniregistry CEO Frank Schilling said Uni EP could be priced as low as $200 per year. That would work out to about $7.70 per TLD.
The relatively higher pricing might make sense when you consider the larger variation in regular pricing for Uniregistry TLDs, compared to Donuts.
It has several that retail for around $100 a year, and three — .cars, .car and .auto — that sell for close to $3,000 a year.
Still, the Uni EP price is obviously going to be a lot cheaper than regular defensive registrations.
Companies that have already purchased defensively would get to add their domains to the block service after the current registration expires, the RSEP states.
Like DPML, Uni EP would also have a “Plus” version, in which confusingly similar strings in eight scripts would also be blocked.
Uniregistry says it consulted with three brand protection registrars — CSC, MarkMonitor and Safenames — about the service and that their reactions were “favorable”.
Uniregistry’s current portfolio comprises .country, .audio, .car, .blackFriday, .auto, .cars, .christmas, .click, .diet, .flowers, .game, .gift, .guitars, .help, .hiphop, .hiv, .hosting, .juegos, .link, .lol, .mom, .photo, .pics, .property, .sexy, and .tattoo.

ICANN urged to reject .com price increases

The Internet Commerce Association has asked ICANN to refuse to allow Verisign to raise its wholesale prices for .com domain names.
The domainer trade group wrote to ICANN last week to point out that just because the Trump administration has dropped the US government objection to controlled price increases, that doesn’t necessarily mean ICANN has to agree.
Verisign’s deal with the National Telecommunications and Information Administration “does not of course, compel ICANN to agree to any such increases. Any such decision regarding .com pricing
remains with ICANN” ICA general counsel Zak Muscovitch wrote.
The deal allows Verisign to increase the price of .com registrations, renewals and transfers by 7% per year in four of the next six years, leading to a compound 30% increase by the time it concludes.
The arguments put forth Muscovitch’s letter are pretty much the same as the arguments ICA made when it was lobbying NTIA to maintain the price freeze.
Namely: Verisign already makes a tonne of money from .com, it has a captive audience, it cannot claim credit for .com’s success, and .com is not constrained by competition.
“As NTIA makes clear, it is up to Verisign to request a fee increase and ICANN that may agree or disagree. ICANN should not agree. Indeed, it would be a dereliction of ICANN’s responsibilities to the ICANN community if Verisign were permitted to raise its fees when it is already very well paid for the services which it provides,” Muscovitch’s letter (pdf) concludes.
For many years ICANN has been reluctant to get involved in price regulation. It remains to be seen whether it will make an exception for .com.

ICANN probing Donuts and Tucows over anti-Jewish web site

ICANN is investigating Tucows and Donuts over a web site that hosts antisemitic, white supremacist content.
CEO Goran Marby said in a letter published this week that he has referred a complaint about the web site judas.watch to ICANN’s Compliance department.
The web site in question says it is dedicated to documenting “anti-White traitors, agitators and subversives & highlighting Jewish influence.” It appears to be half database, half blog.
Its method of “highlighting Jewish influence” is possibly the most disturbing part — the site tags people it believes are Jewish with a yellow Star of David, mimicking the way the Nazis identified Jews during the Holocaust.
The site is quite liberal in how it applies these stars, going so far as to label UK Labour Party leader Jeremy Corbyn, who has been fighting off his own allegations of antisemitism for years, as Jewish.
Over 1,600 people and organizations are currently listed. Posts there also seem keen to highlight its subjects’ sexual orientation.
As far as I can tell, there are no direct calls to violence on the site, and the level of what you might call “hate speech” is pretty mild. It publishes the social media handles of its subjects, but I could not find any physical addresses or phone numbers.
The complaint to ICANN (pdf) came from WerteInitiative (“Values Initiative”), which appears to be a small, relatively new Jewish civil society group based in Germany.
WerteInitiative said judas.watch “poses a direct threat to the named persons with unforeseeable consequences for them, and especially so for the identified Jews”.
“We want this site banned from the Internet and ask for your help in doing so: can you help us to find out who behind this page is, so we can get it banned in Germany?” the letter concludes.
The domain has been behind Whois privacy since it was registered in 2014, so the registrant’s name was not public even prior to GDPR.
Marby, in response (pdf), says the complaint “raises a serious issue”.
While he goes to some lengths to explain that ICANN does not have the authority, contractual or otherwise, to demand the suspension of any domain name, he said he has nevertheless referred the complaint to Compliance.
Compliance has already reached out to the organization for more information, Marby said.
He also encouraged WerteInitiative to talk to .watch registry Donuts and judas.watch registrar eNom (owned by Tucows), as well as the hosting company, to see if that could help resolve the issue.
While ICANN is always adamant that it does not venture into content regulation, it strikes me that this exchange shows just what a tightrope it walks.
It comes against the backdrop of controversy over the suspension by GoDaddy of the domain Gab.com, a Twitter clone largely hosting far-right voices that have been banned from other social media platforms.

Bad.monster? Two more gTLDs have been acquired

Two more new gTLDs have changed hands, DI has learned.
XYZ.com has picked up former dot-brand .monster from recruitment web site Monster.com, while newbie registry Intercap Holdings has acquired .dealer from Dealer.com.
Both ICANN contracts were reassigned last month.
Neither acquiring company has announced their purchases or published their launch plans yet.
That said, XYZ has already registered a few intriguing domains: bad.monster, good.monster, my.monster and go.monster.
It appears that go.monster — slogan: “It’s Alive!” — will be the registry’s launch site. It’s the only one I could get to resolve.
It’s the second example I can think of of a dot-brand gTLD being acquired by a registry that intends to run it as a generic.
In 2016, Top Level Spectrum acquired .observer from the newspaper of the same name.
Most dot-brands that don’t want their TLDs any more choose to retire them. That number is up to 45 now.
.dealer wasn’t technically a dot-brand — it had no Spec 13 in its contract — but its 2012 application certainly made it look like a dot-brand, with most of the domains reserved for Dealer.com and its affiliates. It looked defensive.
Shayam Rostam, chief registry officer of ICH, told me the plan for .dealer is to primarily target car dealers (also its former owner’s market) but that it will be unrestricted and open to all comers.
Intercap wants to get its January launch of .inc out of the way before turning its attention to .dealer, so we’re probably looking at mid-late 2019 for a launch, Rostam said.
It also needs to do some housekeeping such as moving the TLD to Uniregistry’s back-end.
What do y’all think about these TLDs? Could .monster be the next .guru? Could .dealer find a home in the burgeoning legal cannabis market? Comment below!

First non-brand gTLD to go dark

The number of new gTLDs to voluntarily terminate their ICANN contracts has hit 45, with the first non-brand calling it quits.
It’s a geo-gTLD, .doha, which was meant to represent the Qatari capital of Doha.
There were no registered domains. Despite being delegated in March 2015, it never launched.
The registry was the country’s Communications Regulatory Authority, which also runs local ccTLD .qa.
No reason was given for the request — registries are allowed to terminate their contracts for any reason, with notice.
The registry’s web site hasn’t been updated in some time, so perhaps resources are an issue.
Given Doha is a protected geographic term, it’s unlikely to return in future unless the government changes its mind in future application rounds.
Dot-brand gTLDs to go the same way since I last reported the number include .blanco, .spiegel, .bond, .epost, .active and .zippo.

Two controversial new gTLDs launching in January

Five years after the first batch of new gTLDs hit the market, registries continue to drip-feed them into the internet.
At least two more are due to launch on January 16 — .dev and .inc.
.dev is the latest of Google’s portfolio to be released, aimed at the software developer market.
It proved controversial briefly when it first was added to the DNS in 2014, causing headaches for some developers who were already using .dev domains on their private networks.
Four years is plenty of time for all of these collisions to have been cleaned up, however, so I can’t imagine many problems emerging when people start buying these names.
.dev starts a one-month sunrise January 16, sells at early access prices from February 19 to 28 before going to regular-price general availability.
Google has already launched one of its own products, web.dev, a testing tool for web developers, on a .dev domain.
Launching with a pretty much identical phased launch plan is .inc, from new market entrant Intercap Holdings, a Caymans-based subsidiary of a Toronto firm founded by .tv founder Jason Chapnik and managed by .xyz alumnus Shayan Rostam.
Intercap bought the .inc contract from Edmon Chong’s GTLD Limited earlier this year for an undisclosed sum. GTLD Ltd is believed to have paid in excess of $15 million for the TLD at auction.
.inc has proved controversial in the past, attracting criticism from states attorneys general in the US, which backed another bidder.
It may prove controversial in future, too. I have a hunch it’s going to attract more than its fair share of cybersquatters and will probably do quite well out of defensive registration fees.

Will ICANN take a bigger slice of the .com pie, or will .domainers get URS?

Will ICANN try to get its paws on some of Verisign’s .com windfall? Or might domainers get a second slap in the face by seeing URS imposed in .com?
With Verisign set to receive hundreds of millions of extra dollars due to the imminent lifting of .com price caps, it’s been suggested that ICANN may also financially benefit from the arrangement.
In a couple of blog posts Friday, filthy domain scalper Andrew Allemann said that ICANN will likely demand higher fees from Verisign in the new .com registry agreement.
Will it though? I guess it’s not impossible, but I wouldn’t say it’s a certainty by any means.
Verisign currently pays ICANN $0.25 per transaction, the same as almost all other gTLDs. Technically, there’s no reason this could not be renegotiated.
Putting aside some of the legacy gTLD contracts, I can only think of two significant cases of ICANN imposing higher fees on a registry.
The first was .xxx, which was signed in 2011. That called for ICM Registry, now part of MMX, to pay $2 per transaction, eight times the norm.
The rationale for this was that ICANN thought (or at least said it thought) that .xxx was going to be a legal and compliance minefield. It said it envisaged higher costs for overseeing the then-controversial TLD.
There was a school of thought that ICANN was just interested in opportunistically boosting its own coffers, given that ICM was due to charge over $60 per domain per year — at the time a ludicrously high amount.
But risk largely failed to materialize, and the two parties last year renegotiated the fees down to $0.25.
The second instance was .sucks, another controversial TLD. In that case, ICANN charged registry Vox Populi a $100,000 upfront fee and per-transaction fees of $1 per domain for the first 900,000 transactions, four times more than the norm.
While some saw this as a repeat of the .xxx legal arse-covering tactic, ICANN said it was actually in place to recoup a bunch of money that Vox Pop owner Momentous still owed when it let a bunch of its drop-catch registrars go out of business a couple years earlier.
While the .sucks example clearly doesn’t apply to Verisign, one could make the case that the .xxx example might.
It’s possible, I guess, that ICANN could make the case that Verisign’s newly regained ability to raise prices opens it up to litigation risk — something I reckon is certainly true — and that it needs to increase its fees to cover that risk.
It might be tempting. ICANN has a bit of a budget crunch at the moment, and a bottomless cash pit like Verisign would be an easy source of funds. A transaction fee increase of four cents would have been enough to cover the $5 million budget shortfall it had to deal with earlier this year.
On the other hand, it could be argued that ICANN demanding more money from Verisign would unlevel the playing field, inviting endless litigation from Verisign itself.
ICANN’s track record with legacy gTLDs has been to reduce, rather than increase, their transaction fees.
Pre-2012 gTLDs such as .mobi, .jobs, .cat and .travel have all seen their fees reduced to the $0.25 baseline in recent years, sometimes from as high as $2.
In each of these cases, the registries concerned had to adopt many provisions of the standard 2012 new gTLD registry agreement including, controversially, the Uniform Rapid Suspension service.
Domainers hate the URS, which gives trademark owners greater powers to take away their domains, and the Internet Commerce Association (under the previous stewardship of general counsel Phil Corwin, since hired by Verisign) unsuccessfully fought against URS being added to .mobi et al over the last several years, on the basis that eventually it could worm its way into .com.
I’m not suggesting for a moment that ICANN might reduce Verisign’s fees, but what if URS is the price the registry has to pay for its massive .com windfall?
It’s not as if Verisign has any love for domainers, despite the substantial contribution they make to its top line.
Since the NTIA deal was announced, it’s already calling them “scalpers” and driving them crazy.
ICA lost the .com price freeze fight last week, could it also be about to lose the URS fight?

Trump gives Verisign almost $1 billion in free money

The Trump administration may have just handed Verisign close to $1 billion in free money.
That’s according to the back of the envelope I’m looking at right now, following the announcement that the National Telecommunications and Information Administration is reinstating Verisign’s right to increase .com registry fees.
As you may have read elsewhere already (I was off sick last week, sorry about that) a new amendment to the Verisign-NTIA Cooperative Agreement restores Verisign’s ability to raise prices by 7% per year in four of the six years of the deal.
The removal of the Obama-era price freeze still needs to be incorporated into Verisign’s ICANN contract, but it’s hard to imagine ICANN, which is generally loathe to get into pricing regulation, declining to take its lead from NTIA.
Verisign would also have to choose to exercise its option to increase prices in each of the four years. I think the probability of this happening is 1 in 1.
Layering this and a bunch of other assumptions into a spreadsheet, I’m coming up with a figure of roughly an extra $920 million that Verisign will get to add to its top line over the next six years.
Again, this isn’t an in-depth study. Just back-of-the-envelope stuff. I’ll talk you through my thinking.
Not counting its occasional promotions, Verisign currently makes $7.85 for every year that a .com domain is added or renewed, and for every inter-registrar transfer.
In 2017, .com saw 40.89 million add-years, 84.64 million renew-years and 3.79 million transfers, according to official registry reports.
This all adds up to 129,334,643 revenue events for Verisign, or just a tad over $1 billion at $7.85 a pop.
Over the four-year period of the price increases transaction fees will go up to $8.40, then $8.99, then $9.62, then $10.29. I’m rounding up to the nearest penny here, it’s possible Verisign may round down.
If we assume zero transaction growth, that’s already an extra $762.2 million into Verisign’s coffers over the period of the contract.
But the number of transactions inevitably grows each year — more new domains are added, and some percentage of them renew.
Between 2016 and 2017, transaction growth was 3.16%.
If we assume the same growth each year for the next six years, the difference between Verisign’s total revenue at $7.85 and at the new pricing comes to $920 million.
Verisign doesn’t have to do anything for this extra cash, it just gets it.
Indeed, the new NTIA deal is actually less restrictive on the company. It allows Verisign to acquire or start up an ICANN-accredited gTLD registrar, something it is currently banned from doing, just as long as that registrar does not sell .com domains.
Verisign’s .net contract also currently bans the company from owning more than 15% of a registrar, so presumably that agreement would also need to be amended in order for Verisign to get into the registrar business.
I say again that my math here is speculative; I’m a blogger, not a financial analyst. There may be some incorrect assumptions — I’ve not accounted for promotions at all, for example, and the 3.16% growth assumption might not be fair — and there are of course many variables that could move the needle.
But the financial markets know a sweetheart deal when they see one, and Verisign’s share price went up 17.2% following the news, reportedly reaching heights not seen since since the dwindling days of the dot-com bubble 18 years ago.
The reason given for the lifting of the price freeze was, for want of a better word, bullshit. From the NTIA’s amendment:

In recognition that ccTLDs, new gTLDs, and the use of social media have created a more dynamic DNS marketplace, the parties agree that the yearly price for the registration and renewal of domain names in the .com registry may be changed

Huh?
This seems to imply that Verisign has somehow been disproportionately harmed by the rise of social media, the appearance of new gTLDs and some unspecified change in the ccTLD marketplace.
While it’s almost certainly true that .net has taken a whack due to competition from new gTLDs, and that the domain marketplace overall may have been diminished by many small businesses spurning domains by choosing to set up shop on, say, Facebook, .com is still a growing money-printing machine with some of the fattest margins seen anywhere in the business world and about a 40% global market share.
If the Trump administration’s goal here is to make some kind of ideological statement about free markets, then why not just lift the price caps altogether? Give Verisign the right to price .com however it pleases?
Or maybe Trump just wants to flip the bird to Obama once more by reversing yet another of his policies?
Who knows? It doesn’t make a lot of sense to me.

Kirikos lawyers up after ICANN etiquette fight

Domain investor George Kirikos has hired lawyers to send nastygrams to ICANN after a fight over the rules of etiquette on a working group mailing list.
Kirikos claims there’s a “campaign of intimidation” against him by fellow volunteers who do not agree with his opinions and forthright tone, but that he “has not done anything wrong”.
In response, ICANN CEO Goran Marby this evening revealed that he has assigned his general counsel and new deputy, John Jeffrey, to the case.
Even by ICANN standards, it’s a textbook case of a) manufacturing mountains out of molehills, and b) how it can become almost impossible to communicate like sensible human beings when everyone’s tangled in red tape.
The dispute started back in May, when Kirikos got into a fight with IP lawyer Greg Shatan on the mailing list of the Rights Protection Mechanisms working group.
Both men are volunteers on the group, which seeks to refine ICANN policy protecting trademark owners in gTLDs.
The argument was about the content of a World Intellectual Property Organization web page listing instances of UDRP cases being challenged in court.
Kirikos took a strident tone, to which Shatan took exception.
Shatan then reported Kirikos to the working group’s co-chairs, claiming a breach of the Expected Standards of Behavior — the informal code of conduct designed to prevent every ICANN discussion turning into a flame war and/or bare-knuckle alley fight.
Under GNSO PDP rules, working group volunteers have to agree to abide by the ESB. Group chairs have the ability to kick participants who repeatedly offend.
At this point, the sensible thing to do would have been for Shatan and Kirikos to hug it out and move on.
But this is ICANN.
What actually happened was a pointless procedural back-and-forth between Kirikos, Shatan, and working group chairs Phil Corwin of Verisign and Brian Beckham of WIPO, which resulted in Kirikos hiring two lawyers — Andrew Bernstein of Torys and regular ICANN participant Robin Gross of IP Justice.
It’s believed to be the first time a WG participant has hired counsel over a mailing list argument.
Far too boring to recount here, Corwin’s timeline of events can be found from page 24 of this transcript (pdf) of remarks delivered here in Barcelona during ICANN 63, while the Bernstein/Kirikos timeline can be found here (pdf).
The rub of it is that Kirikos reckons both Corwin and Beckham are biased against him — Beckham because Kirikos voted against his chairship, Corwin because of a similar dispute in a related working group earlier this year — and that the ESB is unenforceable anyway.
According to Bernstein: “Mr. Kirikos has strong concerns that whatever process ICANN purports to operate with respect to Mr. Shatan’s complaint, it will not be fairly or neutrally adjudicated.”
He added that Kirikos had said that “due to the precise language of Section 3.4 of the Working Group Guidelines, Mr. Shatan lacked a basis to initiate any complaint”.
That language allows complaints to be filed if the ESB is “abused”. According to Corwin’s account, Kirikos — well-known as a detail-oriented ICANN critic — reckons the correct term should be “violated”, which rendered the ESB “null and void and unenforceable” in this instance.
Bernstein has since added that the ICANN board of directors never intended the ESB to be anything but voluntary.
The sum of this appears to be that the dispute has had a chilling effect on the RPM working group’s ability to get anything done, consuming much of its co-chairs’ time.
Kirikos lawyering up seems to have compounded this effect.
Now, as ICANN 63 drew to a close this evening, CEO Marby said in a brief prepared statement that the WG’s work has “more or less stalled for the last several months” and that he’s assigned general counsel John Jeffrey to “look into the issues surrounding this matter”.
ICANN “takes the issue very seriously”, he said.
As well it might. The Kirikos/Shatan incident may have been blown waaaaay out of proportion, but at its core is a serious question about civil discourse in ICANN policy-making.
Personally, I hold out hope it’s not too late for everyone to hug it out and move on.
But this is ICANN.