LRO roundup: six more new gTLD objections rejected

While we were busy focusing on ICANN 47 last week, six new gTLD Legal Rights Objections were decided by the World Intellectual Property Organization.
These are the objections where the objector has trademark rights that it believes would be infringed by the delegation of a matching or confusingly similar gTLD.
All six cases, like the first six, were rejected for varying reasons. There has yet to be a decision in favor of an objector.
Here’s a rundown of the highlights of the decisions:
.home (Defender Security v Lifestyle Domain Holdings)
.home (Defender Security v Merchant Law Group)
.home (Defender Security v Uniregistry)
These cases are three of the nine filed by .home applicant Defender Security against its rival applicants. Defender had already lost one such objection, and these three were no different.
Defender acquired its trademarks and associated domains and companies from Constantine Roussos’ CGR E-Commerce shortly before the new gTLD application window opened.
The trademarks themselves, attached to hastily created Go Daddy reseller web sites, were obtained not much earlier.
Uniregistry, paraphrased by the WIPO panelist in its case, put the situation pretty close to the truth:

Objector is one of several parties who were solicited some months ago to purchase any of a number of cookie-cutter European trademark documents lacking any substantial basis in actual goodwill or commerce, which were filed solely to game this process, and do not reflect a bona fide acquisition of substantial rights.

The WIPO panelists did not disagree, with two of them finding that not only were the acquisition of trademark rights not bona fide, but also that there was a question as to whether Defender even owned the trademark.
One panelist wrote of “the misleading and sometimes deceptive presentation of the evidence in the Objection, and more generally the abusive nature of the Objection” and another said:

The [LRO] Procedure is not intended to provide a facility whereby existing or prospective applicants for a new gTLD may attempt to gain an advantage over other applicants for the same gTLD by way of the deliberate acquisition of trademark rights for no purpose other than to bring a Legal Rights Objection. It has not escaped the Panel’s notice that the evidence before it indicates that the present Objection might have been motivated by just such an attempt

All three cases were rejected largely on this basis.
The panelist in the Lifestyle Domain Holdings case decided that acquisition of the trademarks had in fact been bona fide, but rejected the objection anyway on the overall LRO test of whether the proposed gTLD would take “unfair advantage” of Defender’s trademark rights, stating:

If anyone has taken “unfair advantage,” it has been the Objector through its meritless Objection. The LRO process is not meant to be a game or crap shoot; rather, it should be invoked only when the applicant’s proposed string would “infringe” trademark rights. It is an abuse of the process to invoke an LRO against an applicant whose proposed use is clearly a fair use of a string for its descriptive meaning and not a use designed to “infringe” (that is, cause confusion as to source, authorization or affiliation). What is “unfair” here is that the Objector filed an Objection that is not only completely devoid of merit, causing the Respondent to waste time and effort defending its entirely appropriate application, but also full of misleading, deceptive, and demonstrably untrue statements and omissions

With the Roussos/Defender gaming strategy thus comprehensively trashed, I can only hope for Defender’s sake that there’s opportunity left for it to withdraw its remaining objections and ask for a refund.
.mail (United States Postal Service v Amazon)
Amazon is one of the many applicants for .mail, while USPS is the United States’ longstanding government-backed postal service and not an applicant.
USPS showed that it owned a wide array of trademarks that include the word “mail”, but not any for the word alone, and argued that internet users expect “mail” to mean the US mail.
Amazon said that the word is generic and that USPS is not the only organization to incorporate it in its trademarks.
Amazon said (ironically, given its intention to operate .mail as a closed generic) that USPS “improperly seeks to take the dictionary word ‘mail’ out of the English language for its exclusive use”.
The decision to reject the complaint hinged on whether USPS even has rights in .mail.
The WIPO panelist decided: “The fact that a nation’s postal system is vested by statute or otherwise associated with a single entity does not convert the generic term into a trademark.”
USPS has filed six more LROs against the other six .mail applicants, two of which have been terminated due to application withdrawals. We can only assume that the remaining four are also likely to fail.
.pin (Pinterest v Amazon)
Amazon is the only applicant for .pin. Again, it’s a closed generic for which the company has not explained its plans.
The objector, Pinterest, is a wildly popular photo-sharing service provider start-up, funded to the sum of $100 million by Amazon’s Japanese retail rival Rakuten.
It owns a US trademark for “Pinterest” and has applied for many more for “Pin” and “Pin It”.
The panelist, in ruling against Pinterest, decided that Pinterest, despite its popularity, failed to show that the dictionary word “pin” had acquired a secondary meaning beyond its usual descriptive sense.
.mls (Canadian Real Estate Association v. Afilias)
MLS, for readers based outside North America, means “multiple listing services”. It’s used by estate agents when aggregating lists of properties for sale.
The Canadian Real Estate Association — which has applied for .mls TWICE, one as a community once as a regular applicant — has owned a Canadian “certification mark” on the term “MLS” since 1960.
A substantial portion of the decision is devoted to examining whether this counts as a trademark for the purposes of an LRO, with the panelist deciding that “ownership of a certification trademark must confer the status of ‘rightsholder’.”
The case was therefore decided on the eight criteria specified for the LRO in the ICANN Applicant Guidebook. The panelist concluded:

The Panel cannot see the justification for refusing to allow the Applicant to operate in every country because the Objector has a certification mark for a generic term in Canada. Had the Objector’s certification been other than a generic term, its case might have been stronger but MLS it is a generic term used in English-speaking jurisdictions.

The decision cited the .rightathome case, in which the decision hinged on whether the new gTLD applicant had any nefarious intent in applying for the string in question.
A body of precedent seems to be emerging holding that a new gTLD application must be somewhat akin to a cybersquatting attempt in order for an objector to win.
While this may be fair, I think a likely impact is an increase in the number of dot-brand applications in future rounds, particularly in cases where the brand matches a dictionary word or collides with another trademark.
We’ve yet to see what a successful LRO looks like, but the standard appears to be high indeed.

ICANN backtracks on URS contracts

ICANN seems to have changed its mind about requiring Uniform Rapid Suspension providers to sign enforceable contracts, angering the Internet Commerce Association.
As we reported in May, the ICA claimed a victory when ICANN said in a written answer to its persistent inquiries that URS providers would be bound by contract.
An ICANN Q&A, referring to a question the ICA’s Phil Corwin asked at the ICANN meeting in Beijing, said:

[Q] As regards Uniform Rapid Suspension (URS) providers, will there be a contract developed that goes beyond the non-enforceable memorandum of understanding? Will there be other URS providers?
[A] Yes, a contract is being developed and additional URS providers will be added.

It’s difficult to interpret that as anything other than “Yes, a contract is being developed.” The fact that the question draws the distinction between a contract and an MoU seems to remove any ambiguity.
But at the ICANN 47 meeting in Durban last week, ICANN appeared to backtrack on this position.
During a URS demo session, gTLD registry services director Krista Papac said that URS providers will only have to agree to an MoU.
“This breach of a written commitment is unacceptable,” Corwin later said at the Public Forum on Thursday.
In response, ICANN deputy general counsel Amy Stathos said:

An MoU is a contract. I recognize that you don’t necessarily recognize that as the full contract that you were contemplating or that had been contemplated. But that is a contract. And it calls and requires the URS providers to comply with all the rules and procedures that are in the Guidebook.

On Friday, ICANN then published a (hastily written?) document that sought to spell out its position on contracts for URS and UDRP providers. It says:

ICANN has carefully considered whether the introduction of contracts is feasible or useful in the scope of UDRP proceedings, and has determined that contracts would be a cumbersome tool to assert to reach the same outcome that exists today.

It goes on to address some of the concerns that the ICA and others have put forward in the past. The organization, which represents big-volume domainers, is worried that some UDRP providers find more often in favor of complainants in order to secure their business. Enforceable contracts, it says, would help prevent that.
ICANN said in its new position statement (pdf) that it has never seen behavior from UDRP providers that would require it to take action, but added:

Of course, there is always the future possibility that an issue of non-compliance will arise that will require corrective action. In recognition of that potential, ICANN commits that substantiated reports of UDRP provider non‐compliance with the UDRP or the Rules will be investigated.

Contracts, it said, would not stop forum shopping.

“Extortion” claims over new gTLD objection fees

The International Chamber of Commerce came in for quite a bit of criticism at ICANN 47 last week over claims that it is asking for deposits in excess of a million dollars to handle new gTLD objections.
Critics are worried that these high fees to arbitrate Community Objections will create a “chilling effect” that will dissuade communities affected by new gTLDs from objecting.
During a session early during the Durban meeting, Neustar VP Jeff Neuman said that the company had been “shocked” to receive a bill from the ICC for $190,000 for a single objection.
“Each one of the bidders had to put up $190,000,” he said. “It’s nothing better than extortion.”
Responding, ICANN new gTLD program manager Christine Willett said that ICANN has heard concerns from other applicants affected and has asked the ICC for a detailed rationale for its fees, which it will publish.
The ICC, she said, is “utilizing preeminent jurists to arbitrate and manage these cases” and that the estimated €450 per hour wage is “probably lower than what some of these jurists get in public fees”.
As we’ve noted previously, at €450 per hour it works out that each judge in the three-person panel would have to work on nothing but the objection, full-time, for over two weeks to justify the fee.
Later last week, during the Public Forum on Thursday, Mark Partridge of Partridge IP Law — who is WIPO panelist dealing with new gTLD Legal Rights Objections — had similar criticisms.
He said he was aware of a consolidated proceeding — where multiple objections have been bundled into the same case — where the ICC was asking for a total of €1.13 million.
A bit of back-of-the-envelope math suggests that the panelists in that case would have to work on the case full-time for a month at €450 an hour.
Partridge, noting that WIPO charges substantially less for LRO objections, said:

I’m also aware of not-for-profit associations that have found the amount of the required deposit to be prohibitive for that not-for-profit association to advance.
…
I’m still very concerned about the chilling effect that these high fees have going forward.

In response, Willett said that the Community Objection is substantially more complex than the LRO, and reiterated that
The prevailing party in a new gTLD gets its money back from the ICC. This may reduce the chilling effect, but only if a community is willing to put its money — if it even has the funds — on the line.
As we haven’t yet had any Community Objection decisions handed down yet, it’s pretty difficult to judge going into a case what the likely outcome would be. This may change in future rounds.
The ICC is also handled Limited Public Interest Objections, many of which have been filed by the ICANN-selected Independent Objector. If the objector loses his cases, the cost comes out of his budget, which was paid for by new gTLD applicants.

“Risky” gTLDs could be sacrificed to avoid delay

Google and other members of the New gTLD Applicant Group are happy to let ICANN put their applications on hold in response to security concerns raised by Verisign.
During the ICANN 46 Public Forum in Durban on Thursday, NTAG’s Alex Stamos — CTO of .secure applicant Artemis — said that agreement had been reached that about half a dozen applications could be delayed:

NTAG has consensus that we are willing to allow these small numbers of TLDs that have a significant real risk to be delayed until technical implementations can be put in place. There’s going to be no objection from the NTAG on that.

While he didn’t name the strings, he was referring to gTLDs such as .home and .corp, which were highlighted earlier in the week as having large amounts of error traffic at the DNS root.
There’s a worry, originally expressed by Verisign in April and independent consultant Interisle this week, that collisions between new gTLDs and widely-used internal network names will lead to data leakage and other security problems.
Google’s Jordyn Buchanan also took the mic at the Public Forum to say that Google will gladly put its uncontested application for .ads — which Interisle says gets over 5 million root queries a day — on hold until any security problems are mitigated.
Two members of the board described Stamos’ proposal as “reasonable”.
Both Stamos and ICANN CEO Fadi Chehade indirectly criticised Verisign for the PR campaign it has recently built around its new gTLD security concerns, which has led to somewhat one-sided articles in the tech press and mainstream media such as the Washington Post.
Stamos said:

What we do object to is the use of the risk posed by a small, tiny, tiny fraction — my personal guess would be six, seven, eight possible name spaces that have any real impact — to then tar the entire project with a big brush. For contracted parties to go out to the Washington Post and plant stories about the 911 system not working because new TLDs are turned on is completely irresponsible and is clearly not about fixing the internet but is about undermining the internet and undermining new gTLDs.

Later, in response to comments on the same topic from the Association of National Advertisers, which suggested that emergency services could fail if new gTLDs go live, Chehade said:

Creating an unnecessary alarm is equally irresponsible… as publicly responsible members of one community, let’s measure how much alarm we raise. And in the trademark case, with all due respect it ended up, frankly, not looking good for anyone at the end.

That’s a reference to the ANA’s original campaign against new gTLDs, which wound up producing not much more than a lot of column inches about an utterly pointless Congressional hearing in late 2011.
Chehade and the ANA representative this time agreed publicly to work together on better terms.

90 new gTLDs pass IE. Two more withdrawals

ICANN has published its weekly run-down of new gTLD Initial Evaluation results and this week 90 applications have passed.
There have also been two withdrawals, both made by Uniregistry. It’s withdrawn its bids for .media and .country, leaving Tucows and Donuts duking it out for .media and Top Level Domain Holdings as the sole remaining applicant for .country.
TLDH and Uniregistry previously inked a deal that would see them go 50:50 on .country, the only question remaining was which applicant would drop out.
These are this week’s passing applications:

.ecom .doctor .cpa .forum .aco .mba .mom .sbs .frogans .rip .changiairport .tirol .homesense .swatch .hotel .ice .realty .web .fun .clubmed .ril .creditcard .datsun .netbank .jmp .ferrero .hockey .contact .avianca .gold .beauty .audi .cheap .bet .uconnect .map .cooking .pics .network .madrid .garden .zone .expert .cfa .trv .review .forum .pizza .dabur .pay .app .bingo .home .ryukyu .agency .tdk .xfinity .nokia .raid .hoteles .tube .school .win .gmbh .faith .show .radio .pizza .wtf .juniper .xerox .rehab .global .cloud .docs .life .fun .brother .intel .place .photo .christmas .wine .dupont .run .home .ping .boutique .mortgage .store

In the wake of .amazon, IP interests turn on the GAC

Intellectual property interests got a wake-up call at ICANN 47 in Durban this week, when it became clear that they can no longer rely upon the Governmental Advisory Committee as a natural ally.
The GAC’s decision to file a formal consensus objection against Amazon’s application for the .amazon gTLD prompted a line of IP lawyers to queue up at the Public Forum mic to rage against the GAC machine.
As we reported earlier in the week, the GAC found consensus to its objection to .amazon after the sole hold-out government, the United States, decided to keep quiet and allow other governments to agree.
This means that the ICANN board of directors will now be presented with a “strong presumption” that .amazon should be rejected.
With both previous consensus objections, against .africa and .gcc, the board has rejected the applications.
The objection was pushed for mainly by Brazil, with strong support from Peru, Venezuela and other Latin American countries that share the Amazon region, known locally as Amazonas.
During a GAC meeting on Tuesday, statements of support were also made by countries as diverse as Russia, Uganda and Trinidad and Tobago.
Brazil said Amazon is a “very important cultural, traditional, regional and geographical name”. Over 50 million Brazilians live in the region, he said.
The Brazilian Congress discussed the issue at length, he said.
The Brazilian Internet Steering Committee was also strongly against .amazon, he said, and there was a “huge reaction from civil society” including a petition signed by “thousands of people”.
All the countries in the region also signed the Montevideo Declaration (pdf), which resolves to oppose any attempts to register .amazon and .patagonia in any language, in April.
It doesn’t appear to be an arbitrary decision by one government, in other words. People were consulted.
The objection did not receive a GAC consensus three months ago in Beijing only because the US refused to agree, arguing that governments do not have sovereign rights over geographic names.
But prior to Durban, without changing its opinion, the US said that it would not stand in the way of consensus.
It seems that there may have been bigger-picture political concerns at play. The NTIA, which represents the US on the GAC, is said to have had its hands tied by its superiors in Washington DC.
Did the GAC move the goal posts?
With the decision to object to .amazon already on the public record before the GAC’s Durban communique was formally issued yesterday, Intellectual Property Constituency interests had plenty of time to get mad.
At the Public Forum yesterday, several took to the open mic to slam the GAC’s decision.
Common themes emerged, one of which was the claim that the GAC is retroactively changing the rules about what is and is not a “geographic” string for the purposes of the Applicant Guidebook.
Stacey King, senior corporate counsel with Amazon, said:

Prior to filing our applications Amazon carefully reviewed the Applicant Guidebook; we followed the rules. You are now being asked to significantly and retroactively modify these rules. That would undermine the hard-won international consensus to the detriment to all stakeholders. I repeat, we followed these rules.

It’s true that the string “amazon” is not on any of the International Standards Organization lists that ICANN’s Geographic Names Panel used to determine what’s “geographic”.
The local-language string “Amazonas” appears four times, representing a Brazilian state, a Colombian department, a Peruvian region and a Venezuelan state; Amazon isn’t there.
But Amazon is wrong about one thing.
By filing its objection, the GAC is not changing the rules about geographic names, it’s exercising its entirely separate but equally Guidebook-codified right to object to any application for any reason.
That’s part of the Applicant Guidebook too, and it’s a part that the IPC has never previously objected to.
Amazon was not alone making its claim about retroactive changes. IPC president Kristina Rosette, wearing her hat as counsel for former .patagonia applicant Patagonia Inc, said:

Patagonia is deeply disappointed by and concerned about the breakdown of the new gTLD process. Consistent with the recommendations and principles established in connection with that process, Patagonia fully expected its .patagonia application to be evaluated against transparent and predictable criteria, fully available to applicants prior to the initiation of the process.
Yet, its experience demonstrates the ease with which one stakeholder can jettison rules previously agreed upon after an extensive and thorough consultation.

That’s not consistent with the IPC’s position.
The IPC just last month warmly welcomed (pdf) the GAC’s Beijing advice, stating that the after-the-fact “safeguards” it demanded for all new gTLDs should be accepted.
Apparently, it’s okay for the GAC to move the goal posts for gTLD applicants when its advice is about Whois accuracy, but when it files an objection — perfectly compliant with the GAC Advice section of the Guidebook — that interferes with the business objectives of a big trademark owner, that’s suddenly not cool.
The IPC also did not challenge the GAC Advice process when it was first added to the Applicant Guidebook in the April 2011 draft.
At that time, the GAC had responded to intense lobbying by IP interests and was fighting their corner with the ICANN board, demanding stronger trademark protections in the new gTLD program.
If the IPC now finds itself arguing against the application of the GAC Advice rule, perhaps it should consider whether speaking up earlier might have been a good idea.
Rosette tried to substantiate her remarks by referring back to previous GAC advice, specifically a May 26, 2011 letter in which she said the GAC “formally accepted” the Guidebook’s definition of geographic strings.
However, that letter (pdf) has a massive caveat. It says:

Given ICANN’s clarifications on “Early Warning” and “GAC Advice” that allow the GAC to require governmental support/non-objection for strings it considers to be geographical names, the GAC accepts ICANN’s interpretation with regard to the definition of geographic names.

In other words, “The GAC is happy with your list, as long as we can add our own strings to it at will later”.
Rosette’s argument that the GAC has changed its mind, in other words, does not hold.
It wasn’t just IP interests that stood up against the .amazon decision, however. The IPC found an unlikely ally in the Registries Stakeholder Group, represented at the Public Forum by Verisign’s Keith Drazek.
Drazek sought to link the “retroactive changes” on geographic strings to the “retroactive changes” the GAC has proposed in relation to the so-called Category 1 strings — which would have the effect of demanding that hundreds of regular gTLD bids convert into de facto “Community” applications. He said:

While different stakeholders have different views about particular aspects of the GAC advice, we have a shared concern about the portions of that advice that constitute retroactive changes to the Applicant Guidebook around the issues of sovereign rights, undefined and unexplained geographic sensitivities, sensitive industry strings, regulated strings, etc.

This appears to be one of those rare instances where the interests of registries and the interests of IP owners are aligned. The registries, however, have at least been consistent, complaining about the GAC Advice process as soon as it was published in April 2011.
There’s also a big difference between the substance of the advice that they’re currently complaining about: the objection against .amazon followed the Guidebook rules on GAC Advice almost to the letter, whereas the Category 1 advice came completely out of the left field, with no Guidebook basis to cling to.
The GAC in the case of .amazon followed the rules. The rules are stupid, but the time to complain about that was before paying your $185,000 to apply.
If anyone is trying to change the rules after the fact, it’s Amazon and its supporters.
Is the GAC breaking the law?
Another recurring theme throughout yesterday’s Public Forum commentary was the idea that international trademark law does not support the GAC’s right to object to .amazon.
I’m going to preface my editorializing here with the usual I Am Not A Lawyer disclaimer, but it seems to be a pretty thin argument.
Claudio DiGangi, secretary of the IPC and external relations manager at the International Trademark Association, was first to comment on the .amazon objection. He said:

INTA strongly supports the recent views expressed by the United States. In particular, that it does not view sovereignty as a valid basis for objecting to the use of terms, and we have concerns about the effect of such claims on the integrity of the process.

J Scott Evans, head of domains at Yahoo, who left the IPC for the Business Constituency recently (apparently after some kind of disagreement) was next. He said:

There is no international recognition of country names as protection and they cannot trump trademark rights. So giving countries a block on a name violates international law. So you can’t do it.

There were similar comments along the same lines.
Heather Forrest, a senior lecturer at an Australian university and former AusRegistry employee, said she had conducted a doctoral thesis (available at Amazon!) on the rights of governments over geographic names, with particular reference to the Applicant Guidebook.
She told the Public Forum:

My study was comprehensive. I looked at international trade law, unfair competition law, intellectual property law, geographic indications, sovereign rights and human rights. As the board approved the Applicant Guidebook, I completed my study and found that there is not support in international law for priority or exclusive right of states in geographic names and found that there is support in international law for the right of non-state others in geographic names.

Kiran Malancharuvil, whose job until recently was to lobby the GAC for special protections for her client, the International Olympic Committee, now works for MarkMonitor. Calling for the ICANN board to reject the GAC’s advice on .amazon, she said at the Public Forum:

To date, governments in Latin America including the Amazonas community countries have granted Amazon over 130 trademark registrations that have been in continuous use by Amazon since 1994 without challenge. Additionally, Amazon has used their brand within domain names including some registered by MarkMonitor and including registrations in Amazonas community ccTLDs without objection.
Amazonas community countries and all other nations who have signed the TRIPS agreement have obligated themselves to maintain and protect these trademark registrations. Despite these granted rights, members of the community signed the Montevideo declaration and resolved to reject Amazon and Patagonia in any language as well as any other top-level domains referring to them. This declaration appears inconsistent with national and international law.

Having read TRIPS — the World Trade Organization’s Trade Related Aspects of Intellectual Property Rights treaty — this morning, I’m still none the wiser how it relates to .amazon.
It’s a treaty that sought to create some uniformity in how trademarks and other types of intellectual property are handled globally, and domain names are not mentioned once.
As far as I can tell, nobody is asking Amazon to change its name and nobody’s trying to take away its trademarks. Nobody’s even trying to take away its domain names.
If the international law argument is simply that the GAC and/or ICANN cannot prevent a company with a trademark from getting its mark as a TLD, as Yahoo’s Evans suggested, it seems to me that quite a lot of the new gTLD program would have to be rewritten.
We’re already seeing Legal Rights Objections in which an applicant with a trademark is losing against an applicant without a trademark.
Is that illegal too? Was it illegal for ICANN to create an LRO process that has allowed Donuts (no trademark) to beat Express LLC (with trademark) in a fight over .express?
What about other protections in the Guidebook?
ICANN already bans two-character gTLDs, on the basis that they could interfere with future ccTLDs — protecting the geographic rights of countries that do not even exist — which disenfranchises companies with two-letter trademarks, such as BT and HP.
What about 888, the poker company, and 3, the mobile phone operator? They have trademarks. Should ICANN be forced to allow them to have numeric gTLDs, despite the obvious risks?
The Guidebook already bans country names outright, and says thousands of other geographic terms need government support or will be rejected. Is this all illegal?
If the argument is that trademarks trump all, ICANN may as well throw out half the Guidebook.
Now what?
Unlike .patagonia, which dropped out of the new gTLD program last week (we’ll soon discover whether that was wise), the objection to .amazon will now go to ICANN’s board of directors for consideration.
While the Guidebook calls for a “strong presumption” that the board will then reject the application, board member Chris Disspain said yesterday that outsiders should not assume that it will simply rubber-stamp the GAC’s advice.
In both previous cases, the outcome has been a rejection of the application, however, so it’s not looking great for Amazon.

.home gets half a billion hits a day. Could this put new gTLDs at risk?

New gTLDs could be in jeopardy following the results of a study into the security risks they may pose.
ICANN is likely to be told to put in place measures to mitigate the risk of new gTLDs causing problems, and chief security officer Jeff Moss said “deadlines will have to move” if global DNS resolution is put at risk.
His comments referred to the potential for clashes between applied-for new gTLD strings and non-existent TLDs that are nevertheless already widely used on internal networks.
That’s a problem that has been increasingly highlighted by Verisign in recent months. The difference here is that the study’s author does not have a .com monopoly to protect.
Interisle Consulting, which has been hired by ICANN to look into the problem, today released some of its preliminary findings during a session at the ICANN 47 meeting in Durban, South Africa.
The company looked at domain name look-up data collected from one of the DNS root servers over a 48-hour period, in an attempt to measure the potential scope of the clash problem.
Some of its findings are surprising:

• Of the 1,408 strings originally applied for in the current new gTLD round, only 14 do not currently have any root traffic.
• Three percent of all requests were for strings that have been applied for in the current round.
• A further 19% of requests were for strings that could potentially be applied for in future rounds (that is, the TLD was syntactically well-formed and not a banned string such as .local).
• .home, the most frequently requested invalid TLD, received over a billion queries over the 48-hour period. That’s compared to 8.5 billion for .com

Here’s a list of the top 17 invalid TLDs by traffic, taken from Interisle’s presentation (pdf) today.

If the list had been of the top 100 requested TLDs, 13 of them would have been strings that have been applied for in the current round, Interisle CEO Lyman Chapin said in the session.
Here’s the most-queried applied-for strings:

Chapin was quick to point out that big numbers do not necessarily equate to big security problems.
“Just occurrence doesn’t tell you a lot about whether that’s a good thing, a bad thing, a neutral thing, it just tells you how often the string appears,” he said.
“An event that occurs very frequently but has no negative side effects is one thing, an event that occurs very infrequently but has a really serious side effect, like a meteor strike — it’s always a product of those two factors that leads you to an assessment of risk,” he said.
For example, the reason .ice appears prominently on the list appears to be solely due to an electricity producer in Costa Rica, which “for some reason is blasting .ice requests out to the root”, Chapin said.
If the bad requests are only coming from a small number of sources, that’s a relatively simple problem to sort out — you just call up the guy responsible and tell him to sort out his network.
In cases like .home, where much of the traffic is believed to be coming from millions of residential DSL routers, that’s a much trickier problem.
The reverse is also true, however: a small number of requests doesn’t necessarily mean a low-impact risk.
There may be a relatively small number of requests for .hospital, for example, but if the impact is even a single life support machine blinking off… probably best not delegate that gTLD.
Chapin said that the full report, which ICANN said could be published in about two weeks, does contain data on the number of sources of requests for each invalid TLD. Today’s presentation did not, however.
As well as the source of the request, the second-level domains being requested is also an important factor, but it does not seem to have been addressed by this study.
For example, .home may be getting half a billion requests a day, but if all of those requests are for bthomehub.home — used today by the British ISP BT in its residential routers — the .home registry might be able to eliminate the risk of data leakage by simply giving BT that domain.
Likewise, while .hsbc appears on the list it’s actually been applied for by HSBC as a single-registrant gTLD, so the risk of delegating it to the DNS root may be minimal.
There was no data on second-level domains in today’s presentation and it does not appear that the full Interisle report contains it either. More study may be needed.
Donuts CEO Paul Stahura also took to the mic to asked Chapin whether he’d compared the invalid TLD requests to requests for invalid second-level domains in, say, .com. He had not.
One of Stahura’s arguments, which were expounded at length in the comment thread on this DI blog post, is that delegating TLDs with existing traffic is little different to allowing people to register .com domains with existing traffic.
So what are Interisle’s recommendations likely to be?
Judging by today’s presentation, the company is going to present a list of risk-mitigation options that are pretty similar to what Verisign has previously recommended.
For example, some strings could be permanently banned, or there could be a “trial run” — what Verisign called an “ephemeral delegation” — for each new gTLD to test for impact before full delegation.
It seems to me that if the second-level request data was available, more mitigation options would be opened up.
ICANN chief security officer Jeff Moss, who was on today’s panel, was asked what he would recommend to ICANN CEO Fadi Chehade today in light of the report’s conclusions.
“I am not going to recommend we do anything that has any substantial SSR impact,” said Moss. “If we find any show-stoppers, if we find anything that suggests impact for global DNS, we won’t do it. It’s not worth the risk.”
Without prompting, he addressed the risk of delay to the new gTLD program.
“People sometimes get hung up on the deadline, ‘How will you know before the deadline?’,” he said. “Well, deadlines can move. If there’s something we find that is a show-stopper, deadlines will have to move.”
The full report, expected to be published in two weeks, will be opened for public comment, ICANN confirmed.
Assuming the report is published on time and has a 30-day comment period, that brings us up to the beginning of September, coincidentally the same time ICANN expects the first new gTLD to be delegated.
ICANN certainly likes to play things close to the whistle.

Donuts chalks up another LRO win

Donuts has successfully fought off another Legal Rights Objection against one of its new gTLD applications.
This time the objector was The Limited, apparently the operator of a large chain of clothing stores in the US, and the applied-for gTLD was .limited, which is uncontested.
Key to the World Intellectual Property Organization panelist’s decision appears to be the fact that the brand and the trademark in question is “The Limited” rather than “Limited”.
The retailer failed to show that it was commonly known by the word “Limited” alone, whereas Donuts made the case that “limited” is a common generic word with multiple uses.
The panelist wrote:

The definite article “the” makes a difference in this case. If the string were <.thelimited>, Applicant’s professed plans for the String would be highly suspect. This is because limited liability businesses do not use the term “the limited” (or an abbreviation or derivation thereof) in their company name.
…
In the absence of the definite article “the” in the String, however, Applicant’s proposed use of the String is plausible and legitimate, and the likelihood of confusion between Objector’s mark and the String is greatly reduced. There is simply no viable evidence in the record to suggest that significant source confusion – among consumers or non-consumers who use the Internet – will ensue if Applicant carries out its plans.

It’s the sixth LRO to be decided and the sixth finding in favor of the new gTLD applicant.
Donuts also fought off an objection from another clothing retailer, Express, which it is fighting for the .express gTLD.

Trademark Clearinghouse cutting it fine for new gTLD launches

The Trademark+50 rights protection mechanism for new gTLDs is late, potentially complicating the lives of trademark professionals.
During a session with registries and registrars at ICANN 47 in Durban today, executives from IBM and Deloitte, which are managing the Trademark Clearinghouse, laid out their go-live expectations.
The TMCH is the central repository of trademark records that will support the mandatory Sunrise periods and Trademark Claims services during new gTLD launches.
Trademark+50 is the system approved by ICANN earlier this year that will also trigger Claims notices for up to 50 strings trademark owners have won at UDRP or in court.
IBM and Deloitte said that they hope to have a Sunrise sandbox ready for registry testing by the end of July, with a production environment live by August 9 and Claims following a month later.
These were hopes, not commitments, they stressed.
When asked about Trademark+50, an IBM representative acknowledged that it had to be ready before any new gTLD started its Claims period but said it is going to take “months” to implement.
“It’ll be in time, it’ll be before Claims start,” he said.
“It’s probably going to be difficult to reach before the middle of September,” another TMCH exec said. “We know it cannot be the week before Claims starts, it cannot be two weeks or three weeks before Claims starts.”
ICANN still hasn’t finalized its set of requirements for Trademark+50, but the TMCH executives said they hope to get that settled in Durban this week, possibly this evening.
So what’s going to be impact of the expected TMCH go-live schedule? It doesn’t seem likely to delay the launch of the first new gTLDs.
ICANN doesn’t expect the first Trademark Claims period to begin until November, which gives the first registries two months to test their systems against Trademark+50. Tight, but doable.
The real impact might be on trademark owners.
ICANN’s current earliest projection for a new gTLD being delegated is September 5. On that date, the first registry could choose to give trademark owners the 30-day mandatory Sunrise warning.
So the first Sunrise period would start October 5 or thereabouts.
That’s where it starts getting tricky.
See, the TMCH’s early bird pricing ends the day the first Sunrise period begins, so there’s certain to be a mad rush by trademark owners to get their trademarks registered in the first week of October.
Even if many brands aren’t too worried about being protected in the IDN gTLDs that will launch first, they’ll want to secure the discount if they have a large portfolio of trademarks.
And history has shown most trademark owners leave Sunrise registrations to the last minute. That’s why pretty much every Sunrise period to date has been extended — the registry can’t cope with the influx.
In the case of the TMCH, however, they’re also going to be battering a Trademark+50 system that’s been in production for no more than a couple of weeks and will, software being software, likely be full of bugs.
It could get messy.
“When IP owners find out that this is not going to be in production a week or two or a few weeks before the first [new gTLD] goes into Claims, they’re going to go ballistic,” Neustar VP Jeff Neuman said at the session today.
At the very least, it looks like trademark owners will have only a brief window to add their extra strings — which could amount to hundreds in many cases — to their TMCH records before the first Sunrise.
That scenario is mostly speculation, of course, based on a first delegation date that ICANN admits is “hypothetical” and the TMCH’s tentative schedule outlined today.
IBM and Deloitte execs are expected to provided a fuller explanation of the current state of play during a dedicated session in Durban on Wednesday at 11am local time.

100th new gTLD application withdrawn

Former London mayor Ken Livingstone, rejoice!
L’Oreal has withdrawn its gTLD application for .redken, a dot-brand for one of its hair care products that I am reliably informed is not named after the balding socialist politician.
It’s the seventh of the company’s 14 new gTLD bids to be withdrawn.
Also today, it emerged that portfolio applicant Famous Four Media has withdrawn its application for .health, the only one of the four bids for that string yet to pass Initial Evaluation.
The string is one of the most controversial, being the subject of multiple very expensive to defend objections as well as strong Governmental Advisory Committee advice.
As of today, 100 new gTLD applications have been withdrawn, 53 of which were for uncontested strings.