Recent Posts
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
- Domain universe grows despite .com drag
- Did somebody spend a million bucks on a Google domain hack?
- ICANN cans Freenom
- Call for ICANN to dump anti-Semitic partner
- GoDaddy domains revenue crosses half a billion
- Bosnian government to sue US domain firm that cut it off
- Freenom is “essentially finished as a company”
- Gap drops some dot-brands
- Group to seek .io TLD takeover after OECD human rights ruling
- Meta given 30 days to stop using Threads trademark
- Modest pay rises for ICANN top brass
- Nominet wins Microsoft’s dot-brand business from Verisign
- Looks like the fight for .hotel gTLD is over
- China has .com’s growth by the balls
- .web fight back in “court”
- Nominet takes over failed .desi
- Wright elected to Nominet board
- Identity Digital keeps .org back-end deal
- Freenom spanked for holding Olympics domain hostage
- Belgian MP registers Hamas domain, redirects to IDF
- Seven domain hacks already registered in Google’s .ing
- The first four new gTLDs have been unmitigated disasters
- Team Internet hires Nominet alum as domains CEO
- XYZ adds 35th gTLD to its stable
- Wood company scraps its dot-brand
- Freenom gets yet another ICANN breach notice
- Did Andrew Tate buy university.com for a “record-breaking” sum?
- After Verisign’s sluggish year, ICANN misses funding goal by $2 million
- Russia cuts off ICANN funding after pro-Ukraine stance
- Epik drops another 50,000 domains after scandal
- Palage’s epic rant as he asks ICANN to cancel Verisign’s .net contract
- Papac named interim ICANN Ombudsman
- Nominet takes over Bounty mutineers’ ccTLD
- .tube registry claims victory in linkification fight
- Ancient registrar gets ICANN breach notice over UDRP
- ICANN is starting to auto-renew new gTLD contracts
- Freenom hit by FIFTH ICANN action after litany of screw-ups
- Second DNSSEC screw-up takes down Aussie web sites
- Nominet adds handcuffs clause to proposed new Articles
- Single/plural gTLD combos to be UNBANNED
- ICANN rejects a whole bunch of new gTLD policy stuff
- Volkswagen ditches its dot-brand
- Radix looking for a back-end
- Is this why WhatsApp hates some TLDs but not others?
- Blockchain domain firm raises $2.5 million
- Verisign: 1.7 million domain industry growth in Q2
- Namecheap has given away 500,000 free .me domains
- Epik had another terrible month in May
- Blockchain startup gets $5 million to apply for gTLDs
- Buckridge to replace Shears on ICANN board
- CentralNic rebrands as Team Internet
- .ai sells 100,000 domains in a year
- Google to launch two fun new gTLDs next month
- Domainers not welcome as .music readies September launch
- Another six dot-brands self-terminate (two are very strange)
- Four more years for Identity Digital in Oz
- ICANN might be a director light after election stalemate
- ICANN turns down money from blockchain alt-root
- CentralNic chief calls on industry to tackle climate change
- London Domain Summit starts tomorrow
- Closed generics ban likely to remain after another policy group failure
- Ukrainian domains slide as war becomes the new normal
- Epik had worst month ever in April
- Go.Compare now redirecting to the .com
- Huge telco dumps gTLDs after rebrand
- Rejected former director threatens to sue Nominet
- April 2026 is the date for the next new gTLD round
- Doria leaving ICANN board a loss for new gTLD program
- A second new gTLD has FAILED and will be sold off
- .web hit by second ICANN complaint
- Registrar linked to defunct social network terminated
- Three candidates stand for Nominet board
- Next round of gTLDs could come much sooner than expected
- Registering .cv domains might become easier
- Musk prematurely announces Twitter is now X
- Nominet admits membership fees mistake
- Government to regulate UK-related domain names
- Domainer objects to Epik’s acquisition over Masterbucks collapse
- Freenom is losing another ccTLD after collecting military emails
- DENIC kicks out NCC as ICANN’s sole escrow agent
- ICANN takes over country’s ccTLD after Hall of Famer’s death
- ICANN Ombudsman quits
- ICA baffled by plan to outlaw domaining in India
- No $8 million discount for dot-brands, says ICANN
- Epik lost 125,000 domains in Q1
- Buckingham leaves Nominet’s board early
- Epik is off the ICANN naughty step
- Identity Digital is gobbling up Verisign’s back-end business
- o.com auction likely a damp squib after Overstock rebrand
- ICANN actually CHANGES Verisign’s .net contract after public comments
- GoDaddy takes over .health
- The looooong road to urgently hiring ICANN’s next CEO
- Rwanda picked for ICANN meeting
- Governments call for ban on gTLD auctions
- Red Cross gets takedown powers over .org domains
- Domain universe grew 1% in Q1
- Closed generics and IDNs debates are big drag on new gTLDs
- New gTLD registry gets second ICANN breach notice
- Epik lost another 22,000 domains to transfers in February
- Mystery buyer rescues Epik at end of crazy week
- Millions of domains to be deleted as Freenom loses its first TLD
- Everyone hates Verisign’s new .net deal
- UAE boasts rapid domain growth in 2022
- ICANN just put a date on the next new gTLD round
- Three more straggler new gTLDs coming soon
- Three more dot-brands realize the futility of existence
- woke.com among domains in NamesCon auction
- Domainer asks court to block Epik sell-off
- .web delay likely after Verisign rival files ICANN appeal
- CentralNic starts returning cash to shareholders as revenue grows
- Newly launched .zip already looks dodgy
- Progress made on next new gTLD round rules
Group to seek .io TLD takeover after OECD human rights ruling
A group composed of displaced Chagossians will ask ICANN to redelegate the increasingly popular .io top-level domain, according to the group’s lawyer.
The move, still in its very early stages, follows a recent ruling under the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct, which mildly chastised the current registry, Identity Digital.
“The next move is domain reassignment,” lawyer Jonathan Levy, who brought the OECD complaint on behalf of the Chagos Refugees Group UK, told us. The proposed beneficiary would be “a group composed of Chagossians” he said.
.io is the ccTLD for the archipelago currently known as the British Indian Ocean Territory. It’s one of those Postel-era “Just Some Guy” developing-world delegations that pre-date ICANN.
But BIOT is a controversial territory. Originally the Chagos Archipelago, the few thousand original inhabitants were forced out by the UK government in the 1970s so the US military could build a base on Diego Garcia, the largest island.
Most of the surviving Chagossians and their descendants live in Mauritius, but have been fighting for their right to return for decades. In 2019, the UN ruled the UK’s current administration of BIOT is unlawful.
In recent years, since .io became popular, the ccTLD has become part of the fight.
The original and technically still-current registry for .io is a UK company called Internet Computer Bureau. ICB was acquired by Afilias in 2017 for $70 million. Afilias was subsequently acquired by Donuts, which is now called Identity Digital.
Corporate accounts filed by ICB name its ultimate owner as Beignet DTLD Holdings of Delaware, which appears to be a part of $2.21 billion private equity firm Ethos Capital, Identity Digital’s owner, which is co-managed by former ICANN CEO Fadi Chehadé.
None of these companies have a connection to BIOT beyond paying a local company called Sure (Diego Garcia) Limited for a mail-forwarding service. The only people believed to reside in the territory at all are US and UK military and contractors.
Levy, on behalf of the Chagossian refugees and a group of victims of cryptocurrency scams operated from .io domains, filed a complaint with the Ireland National Contact Point for the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct — basically a mediation service operated by the Irish government — seeking a share of the money from .io sales and/or redelegation.
According to its most-recent public accounts, ICB had turnover of £16.4 million ($19.8 million) in 2021, up from £12.8 million ($15.5 million) in 2020, but also had absolutely horrible gross margins for a registry with only one employee.
The company had cost of sales of £15.8 million and a gross margin of 3.58%. It pays no ICANN fees and the UK government receives no cut beyond the regular corporate tax ICB pays (about £26,000 in 2021).
The OECD’s Guidelines are voluntary guidelines that countries sign up to that are meant to guide how multinational companies behave with regards human rights and so on. Enforcement seems to be relatively toothless, with national NCPs only having the power to “recommend” actions.
In fact, Afilias declined to participate in mediation and appears to have received only a mild finger-wagging in the Irish NCP’s decision (pdf), which was published in September. One of its recommendations reads:
The NCP recommends that in cases in which a product, including a digital asset, is associated with long-running disputes regarding human rights, multinational enterprises should be able to demonstrate that they have carried out human rights due diligence
Levy thinks the NCP’s decision is a big deal, saying it means the OECD has validated the Chagossians’ concerns. Coupled with the UN sanction on the UK related to BIOT, he reckons it could play in their favor in a future redelegation request.
.io domain owners shouldn’t be too worried right now, however. Redelegation takes a very long time even when the losing party agrees, and it doesn’t tend to happen without the consent of the incumbent.
Identity Digital keeps .org back-end deal
Public Interest Registry is to keep Identity Digital as its back-end registry services provider following a competitive RFP process, the organization announced today.
The deal’s highlight TLD is of course .org, with its 11 million domains, but it also includes the much smaller .charity, .foundation, .gives, .giving, .ngo, .ong, .орг, .संगठन , and .机构.
Identity Digital inherited the contract when it acquired Afilias a few years back. PIR announced the RFP back in March.
There’s no word on whether Identity Digital is taking a pay cut as a result of the competitive process, but it should become clear when non-profit PIR eventually publishes its tax returns.
Second DNSSEC screw-up takes down Aussie web sites
.au domains failed to resolve for many internet users for almost an hour on Monday, after the registry operator messed up a DNSSEC update.
ccTLD overseer auDA said the issue was caused by a “key re-signing process that generated an incorrect record”. Users on ISPs that strictly enforce DNSSEC would have returned not-found errors for .au domains during the outage.
.au’s technical back-end is managed by Identity Digital, which reportedly said that the outage lasted from 0005 UTC until 0052 UTC.
With over four million domains, .au is I believe the largest TLD zone to fall victim to DNSSEC-related downtime, but it’s not the first time it has happened to the domain.
In March 2022, thousands of .au domains were affected by a DNSSEC snafu that lasted a few hours.
DNSSEC is meant to make the DNS more secure by reducing the risk of man-in-the-middle attacks, but it’s appears to be easy to screw up, judging by a list of TLD outages. Just this year, Mexico, New Zealand and Venezuela have also suffered downtime.
Four more years for Identity Digital in Oz
Identity Digital has won another fours years as .au registry back-end provider.
Australian ccTLD manager auDA said the reappointment was decided after an open Request for Tender process that started in May.
It’s not clear how many other registries responded, but there’s a limited pool of companies that have a proven track record of handling such a large zone.
When .au moved from Neustar (now part of GoDaddy) to Afilias (now part of Identity Digital) in 2018 it was the largest back-end migration in the history of the DNS.
Back then, .au had 3.1 million domains under management. Now, following the release of second-level names last year, it’s closer to 4.3 million. Another migration would have been another record-breaker.
auDA said dentity Digital’s next four-year contract begins July 1 next year, with a two-year extension option.
Identity Digital is gobbling up Verisign’s back-end business
Verisign appears to be getting out of the new gTLD back-end registry services business, with Identity Digital taking over most of its dot-brand contracts.
Since 2018, over 80 gTLDs have moved from Verisign’s back-end to a competitor or have been removed from the DNS altogether. Over the same period, it hasn’t won any business from any of its rivals, according to data I’ve compiled.
Over the last few months about 30 new gTLDs have moved their technical back-end from Verisign to competitors, all but two to Identity Digital. Nominet and CIRA picked up a gTLD deal each.
Verisign tells me it’s not interested in providing new gTLD back-end services any more. A Verisign spokesperson said in an email:
In the case of the back-end services we provide to new gTLDs, we continually evaluate our business objectives and a few years ago, we decided that we would not be renewing our current new gTLD registry services customers and that we would help them transition before their contracts expired if they wished.
gTLDs moving home recently include .bosch, .crown, .chanel, .next, .nikon, .juniper and .fidelity.
Given the sheer number of gTLDs going to Identity Digital, it appears that there may be a side deal between the two registries to recommend migration to ID, but both companies declined to comment on that suggestion.
In 2012, Verisign had signed on to be the back-end for 220 new gTLDs, mostly dot-brands. Not all of those made it through the application process, but today my database has the company as RSP-of-record for fewer than 80 2012-round labels.
The company was said to be among the priciest option for dot-brands, trading on decades of .com uptime prestige, but the need for an RSP with 150 million domains under management is debatable when your gTLD is essentially just parked.
And for Verisign, the dot-brand business is not material to revenues and probably not especially profitable, at least when compared to the vast amounts of cash .com effortlessly generates.
In 2021, Verisign lost its deal to manage .tv to GoDaddy, after it declined to compete presumably due to the anticipated lower profit margins.
Three more straggler new gTLDs coming soon
Three more new gTLDs from three different registries are set to launch this (northern hemisphere) summer.
Identity Digital is gearing up to launch .watches in June, while newcomer Digity will launch .case in July and Intercap will launch .box in August, according to ICANN records.
.watches was bought from luxury goods maker Richemont, which hadn’t used it, in 2020. It’s currently in sunrise and will go to general availability June 7.
Digity, which is affiliated with the registrar Sav, bought .case from CentralNic, which in turn bought it from industrial machinery maker CNH Industrial. It was a dot-brand, but will be repurposed as an open generic targeting the legal field.
Intercap is planning to start .box’s sunrise August 9 and go to general availability the following month, September 13. The gTLD was originally bought for $3 million before Intercap acquired it in 2020.
.org back-end contract up for grabs
Public Interest Registry has started vetting potential registry service provider replacements for Identity Digital, ahead of a formal request for proposals later this year.
The company said this week that in order to run .org’s back-end, which would have to support almost 11 million domains, an RSP would have to hit a list of high-end criteria.
Candidates will have to have seven years experience running an RSP across multiple TLDs, with at least three registry clients, over 500,000 domains, and at least 25 ICANN-accredited registrars on its books, among other items.
That narrows the field down to probably fewer than a dozen companies. The likes of GoDaddy, CentralNic, Verisign, ZDNS, Tucows and Nominet would all presumably qualify, along with Identity Digital itself.
If a transition to a new RSP were to happen, it would be the largest TLD back-end migration in history by a considerable margin. The largest to date was the 3.1 million names that moved from Neustar (now GoDaddy) to Afilias (now Identity Digital) in 2018.
The .org migration from Verisign to PIR in 2003 was when .org was substantially smaller, at 2.7 million names.
According to PIR’s most-recent tax return, Afilias was paid $15.6 million in 2021 for registry services.
PIR said in 2021 that it expects to issue the RFP in the second half of 2023.
Identity Digital hit by failure of Silicon Valley Bank
Identity Digital, which runs hundreds of gTLDs, has warned its network of registrars not to send payments to its Silicon Valley Bank account.
SVB, America’s 16th-largest bank, was shut down on Friday by US financial regulators after a run on deposits. The failure has been described as the largest since the 2008 financial crisis.
Identity Digital told registrars yesterday that it was an SVB customer, but said “our exposure is very limited and we remain committed to serving our customers, employees, and vendors without interruption.”
Nevertheless, it asked partners to direct payments instead to its HSBC bank account.
SVB also provided ID, then Donuts, with a $110 million credit facility in 2017, which it used to fund its $213 million acquisition of Rightside.
The failure of SVB was so worrying that US President Joe Biden yesterday morning took to the airwaves to reassure customers that their deposits were safe and the banking system stable.
Identity Digital to launch .watches this month
Identity Digital has announced the launch timetable for its .watches gTLD.
Sunrise will kick off on March 28, running for two months until May 27. This is the period where only registered trademark owners can apply for a name.
The Early Access Program, in which names carry a premium price that decreases every day for a week, will run from May 31 to June 7, immediately after which the gTLD will enter general availability.
Despite the fact that .watches has been live in the DNS since December 2015, there are no registered domains so far.
The original registry was luxury goods maker Richemont, an early proponent of new gTLDs that ultimately lost interest and offloaded its portfolio, including the Chinese version of .watches, over the years.
.watches was sold to Afilias in late 2020, shortly before that company is turn was acquired by Donuts, since rebranded Identity Digital.
IRP panel tells ICANN to stop being so secretive, again
ICANN’s dismal record of adverse Independent Review Process decisions continued last week, with a panel of arbitrators telling the Org to shape up its transparency and decision-making processes.
The panel has essentially ruled that ICANN did everything it could to be a secretive as possible when it decided to remove price controls from its .org and .info registry contracts in 2019.
This violated its bylaws commitments to transparency, the IRP panel found, at the end of a legal campaign by Namecheap commenced over three years ago.
Namecheap wanted the agreements with the two registries “annulled”, but the panel did not go that far, instead merely recommending that ICANN review its decision and possibly enter talks to put the price caps back.
But the decision contains some scathing criticisms of ICANN’s practice of operating without sufficient public scrutiny.
Namecheap had argued that ICANN broke its bylaws by not only not applying its policies in a non-discriminatory manner, but also by failing to adequately consult with the community and explain its decision-making.
The registrar failed on the first count, with the IRP panel ruling that ICANN had treated registry contract renegotiations consistently over the last 10 years — basically trying to push legacy gTLDs onto the 2012-round base Registry Agreement.
But Namecheap succeeded on the second count.
The panel ruled that ICANN overused attorney-client privilege to avoid scrutiny, failed to explain why it ignored thousands of negative public comments, and let the Org make the price cap decision to avoid the transparency obligations of a board vote.
Notably, the panel unanimously found that: “ICANN appears to be overusing the attorney-client privilege to shield its internal communications and deliberations.”
As one example, senior staffers would copy in the legal team on internal communications about the price cap decision in order to trigger privilege, meaning the messages could not be disclosed in future, the decision says.
ICANN created “numerous documents” about the thinking that went in to the price cap decision, but disclosed “almost none” of them to the IRP due to its “overly aggressive” assertion of privilege, the panel says.
As another example, staffers discussed cutting back ICANN’s explanation of price caps when it opened the subject to public comment, in order to not give too much attention to what they feared was a “hot” and “sensitive” topic.
ICANN’s failure to provide an open and transparent explanation of its reasons for rejecting public comments opposing the removal of price controls was exacerbated by ICANN’s assertion of attorney-client privilege with respect to most of the documents evidencing ICANN’s deliberations…
ICANN provided a fairly detailed summary of the key concerns about removing price caps, but then failed to explain why ICANN decided to remove price caps despite those concerns. Instead, ICANN essentially repeated the explanation it gave before receiving the public comments.
The panel, which found similar criticisms in the earlier IRP of Dot Registry v ICANN, nevertheless decided against instructing ICANN to check its privilege (to coin a phrase) in future, so the Org will presumably be free to carry on being as secretive as normal in future.
Namecheap also claimed that ICANN deliberately avoided scrutiny by allowing Org to remove the price caps without a formal board of directors resolution, and the panel agreed.
The Panel finds that of the removal of price controls for .ORG, .INFO, and .BIZ was not a routine matter of “day-to-day operations,” as ICANN has asserted. The Price Cap Decision was a policy matter that required Board action.
The panel notes that prior to the renewal of .org, .info and .biz in 2019, all other legacy gTLD contracts that had been renewed — including .pro, which also removed price caps — had been subject to a board vote.
“ICANN’s action transitioning a legacy gTLD, especially one of the three original gTLDs (.ORG), pursuant to staff action without a Board resolution was unprecedented,” the panel writes.
Quite why the board never made a formal resolution on the .org contract is a bit of a mystery, even to the IRP panel, which cites lots of evidence that ICANN Org was expecting the deal to go before the board as late as May 13, 2019, a month before the anticipated board vote.
The .org contract was ultimately signed June 30, without a formal board resolution.
(Probably just a coincidence, but Ethos Capital — which went on unsuccessfully to try to acquire .org registry Public Interest Registry from ISOC later that year — was formed May 14, 2019.)
The IRP panel notes that by avoiding a formal board vote, ICANN avoided the associated transparency requirements such as a published rationale and meeting minutes.
The panel in conclusion issued a series of “recommendations” to ICANN.
It says the ICANN board should “analyze and discuss what steps to take to remedy both the specific violations found by the Panel, and to improve its overall decisionmaking process to ensure that similar violations do not occur in the future”.
The board “should consider creating and implementing a process to conduct further analysis of whether including price caps in the Registry Agreements for .ORG and .INFO is in the global public interest”
Part of that process should involve an independent expert report into whether price caps are appropriate in .info and especially .org.
If it concludes that price controls are good, ICANN should try to amend the two registry agreements to restore the caps. If it does not conduct the study, it should ask the two registries if they want to voluntarily restore them.
Finally, the panel wrote:
the Panel recommends that the Board consider revisions to ICANN’s decision-making process to reduce the risk of similar procedural violations in the future. For example, the Board could adopt guidelines for determining what decisions involve policy matters for the Board to decide, or what are the issues on which public comments should be obtained.
ICANN is on the hook to pay the panel’s fees of $841,894.76.
ICANN said in a statement that it is “is in the process of reviewing and evaluating” the decision and that the board “will consider the final declaration as soon as feasible”.
Recent Comments