DENIC kicks out NCC as ICANN’s sole escrow agent
DENIC has won the contract to be the sole supplier of registrar data escrow services for ICANN, the Org has announced.
The German registry is replacing NCC Group, which acquired Iron Mountain’s escrow business two years ago. Iron Mountain has been ICANN’s chosen escrow agent since it started requiring registrars to escrow registrant data in 2007 in the wake of the RegisterFly scandal.
Under ICANN’s Registrar Accreditation Agreement, registrars have to deposit this data either daily or weekly, depending on how many domains under management they have, to mitigate the risk of domains being lost.
Registrars can choose to use ICANN’s chosen escrow agent, in which case ICANN pays, or they can choose another from an approved list, in which case the registrar pays.
Naturally enough, the vast majority of registrars choose to go with the free option. DENIC has been on the approved list since 2017. There are also one Russian and three Chinese companies approved to provide these services.
The change of contractor means escrow will now be provided by a EU-based company for the first time. UK-based NCC’s contract was via its US subsidiary, NCC Group Software Resilience (NA) LLC. ICANN said DENIC has opened up facilities in North America.
ICANN said NCC “will no longer be accepting new registrars with immediate effect and will no longer provide [Registrar Data Escrow] services starting 1 November 2024”, so registrars have some breathing space to migrate.
The deal was worth $800,000 a year to NCC, according to ICANN’s latest tax forms. One assumes DENIC is doing it cheaper.
Domainers at risk as EnCirca takes over deadbeat registrar’s customer base
Customers of defunct registrar Pheenix risk losing their domains because the company was not properly escrowing its registrant data, according to the registrar taking over their domains.
EnCirca, which is taking over up to 6,000 domains previously registered with Pheenix, says the registrar’s shoddy escrow practices mean some of these domains may not be reunited with their rightful owners.
Pheenix “failed to properly escrow domain ownership information for many of the domains utilizing WHOIS proxy services”, EnCirca recently wrote, adding:
We anticipate that many domains will remain unclaimed due to bounced emails or inoperable proxy services. Locating rightful owners will be problematic since the data escrow is often devoid of any identifying ownership information.
To try to mitigate the problem, EnCirca is offering affected registrants the chance to prove ownership by filling out a form and uploading other evidence, such as Pheenix receipts or bank statements.
EnCirca added that because Pheenix disappeared still owing money to registries, the registries may be forcing renewal or restore fees that will then be passed on registrants.
If your domains were at or near expiration, restoring them could be complex and pricey or impossible.
If you’re affected, you can find information here.
Most or all Pheenix customers are likely to be domain investors. It was a drop-catcher, which once had over 500 dummy registrars in its expansive dropnet, most of which it subsequently de-accredited.
But it went AWOL last May, not responding to ICANN or paying its dues, apparently disappearing from the face of the Earth.
ICANN terminated its accreditation in May this year, and initiated a bulk transfer to EnCirca a couple weeks ago (which it only disclosed this week).
EnCirca has experience handling this kind of problem, which is presumably why ICANN gifted it the bulk transfer. In 2018 it took on the domains 49 of Pheenix’s shell registrars, which it says were suffering from the same escrow problems.
European privacy ruling could add to registrars’ costs
European domain registrars say they are facing increased costs of doing business due to a recent court ruling on privacy protection.
As a result, US data escrow giant Iron Mountain is likely to lose a lot of its ICANN business, as EU registrars defect to local alternatives such as UK-based NCC Group.
The ruling in question deals with the so-called “safe harbor” principles, under which European companies were able to transfer customers’ private data to US companies as long as the recipient promised to abide by EU privacy protection rules.
However, former spy Edward Snowden’s revelations of widespread privacy violations by the US government seemed to show that many US tech giants were complicit in handing over such data to US spooks.
And now the European Court of Justice has ruled the safe habor principles invalid.
This affects registrars because, under their ICANN contracts, they have to escrow registrant data on a weekly basis. That’s to prevent registrants losing their domains when registrars go out of business or turn out to be crooks.
While registrars have a choice of escrow agents, pretty much all of them use Iron Mountain, because ICANN subsidizes the service down to $0.
However, with the ECJ ruling, Euro-registrars have told ICANN that it would now be “illegal” to continue to use Iron Mountain.
In a recent letter (pdf) to ICANN, about 20 EU-based registrars said that non-European registrars would get a competitive advantage unless ICANN does something about it.
They want ICANN to start subsidizing one or more EU-based escrow agents, enabling them to switch without adding to costs.
the service fees of those [alternative] providers are not being supported by ICANN. Thus, the only solution for EU based registrars to comply with their local laws is to support this extra cost.
We are sure, you will agree this clearly constitutes an unfair disadvantage to a given category of a registrars.
This is why we ask ICANN to offer the same terms as it currently does to Iron Mountain to other RDE [Registrar Data Escrow] providers established in the European Economical Area to ensure a level playing field for registrars globally.
According to the registrars, they have until January to switch, so ICANN may have to move quickly to avoid unrest.
Iron Mountain beds another registry
Iron Mountain puts itself about a bit, doesn’t it?
The company has signed a co-referral deal with wannabe new top-level domain registry operator UrbanBrain. The deal appears identical to one it inked with Central Registry Solutions in May.
Under these deals, Iron Mountain will refer potential TLD applicants to UrbanBrain (or CRS) and the registries will refer their clients to Iron Mountain for data escrow services.
The press releases don’t make it clear under what circumstances clients will be referred to UrbanBrain versus CRS, but given UrbanBrain is Japanese it could be along geographical lines.
Again, I ask: who benefits most?
My guess is still Iron Mountain, which has already got a pretty tight grip on the ICANN-mandated data escrow market. I can’t see it sending as much traffic to the registries as it receives.
Iron Mountain gets into bed with CRS
Iron Mountain and Central Registry Solutions have made a deal to referrer prospective new gTLD applicants to each other’s services.
The companies said that Iron Mountain will refer wannabe registries to CRS for registry services and CRS will refer them to Iron Mountain for data escrow services.
It strikes me that the deal is probably better news for Iron Mountain, given that CRS is actively engaged in seeking out new TLD applicants to partner with whereas Iron Mountain, presumably, is not.
Iron Mountain already does a lot of work with registries and registrars that have to escrow their Whois information under the terms of their ICANN contracts.
Some of these contracts specify the company as the only escrow agent allowed, whereas the current Draft Applicant Guidebook for new gTLD applicants is less prescriptive.
CRS is a partnership of Network Solutions and CentralNIC, manager of the .la ccTLD and a handful of geographical second-level domains such as uk.com and us.com.
Recent Comments