UDRP comments reveal shocking lack of trust in ICANN process
Is trust in the ICANN community policy-making process on the decline? Submissions to a recent public comment period on UDRP reform certainly seem to suggest so.
Reading through the 41 comments filed, it’s clear that while many community members and constituencies have pet peeves about UDRP as it stands today, there’s a disturbing lack of trust in ICANN’s ability to reform the policy without breaking it, and very little appetite for a full-blown Policy Development Process.
It’s one area where constituencies not traditionally allied or aligned — such as domain investors and intellectual property interests — seem to be on the same page.
Both the Intellectual Property Constituency and the Internet Commerce Association are among those calling for any changes to UDRP to be drafted rapidly by subject-matter experts, rather than being opened to full community discussion.
The IPC called the UDRP “a vital and fundamental tool that has a long and proven track record”, saying it has “generally been consistently and predictably applied over the course of its more than 20-year history”. Its comment added:
it is critically important that future policy work regarding the UDRP not diminish, dilute, or otherwise undermine its effectiveness. Such policy work should be extremely deferential to and reliant on the input of experts who have actual experience working with and within the UDRP system, and resistant to efforts that would weaken the UDRP system; any such work should be based on facts and evidence of problems in need of a systematic policy-level solution, and not merely to address specific edge cases, differences of opinion, or pet issues.
That’s pretty much in line with the ICA’s comments, which state that participants in future UDRP reform talks “should be experts… individuals who have extensive personal and practical knowledge of the UDRP through direct personal involvement”.
That language — in fact several paragraphs of endorsement for an expert-driven effort — appears almost verbatim in the separately filed comments of the Business Constituency, of which the ICA is a member.
The ICA’s reluctance to endorse a full-blown PDP appears to come from the experience of the Review of all Rights Protection Mechanisms in all gTLDs PDP, or “Phase 1”, which ran from 2016 to 2020.
That working group struggled to reach consensus on even basic stuff, and at one point frictions reached a point where allegations of civility rules breaches caused warring parties to lawyer up.
“Phase 1 was lengthy, unproductive, inefficient, and an unpleasant experience for all concerned,” the ICA wrote in its comments.
“Perhaps the biggest problem with Phase 1 was that structurally it was inadvertently set up to encourage disagreements between interest groups rather than to facilitate collaboration, negotiation, and problem solving,” it said.
The BC arguable goes further in its deference to experts, calling on ICANN to invoke section 13.1 of its bylaws and drag the World Intellectual Property Organization — leading UDRP provider and drafter of the original 1999 policy — as an expert consultant.
The BC also wrote:
It is imperative that stakeholders do not unnecessarily open up a can of worms with the UDRP through destabilizing changes; rather, they should take a focused and targeted approach, only entertaining improvements and enhancements which stand a reasonable chance of gaining consensus amongst stakeholders
WIPO itself is thinking along the same lines:
If the choice is made to review the UDRP, the process should be expert-driven and scoped
To avoid undoing the UDRP’s success, ICANN needs to give serious consideration to the weight to be accorded to the various opinions expressed. So-called “community feedback” referred to, for example, in section 4 of the PSR seems to lack specific depth and can seem more ideological or anecdotal
Comments from ICANN’s contracted parties also expressed concerns about a PDP doing more harm than good.
The Registries Stakeholder Group has almost nothing to say about ICANN’s report, but the Registrars Stakeholder Group expressed concerns that “any updates could have unintended consequences resulting in a less effective UDRP”.
It uniquely brought up the issue of volunteer fatigue and ICANN’s cumbersome backlog of work, writing:
Although the RrSG recognizes that there are some minor areas for improvement in the UDRP, it is the position of the RrSG that a full policy development process (PDP) is not necessary. The UDRP was adopted in 1999, and has been utilized for over 60,000 UDRP cases. The RrSG is not aware of any major issues with the UDRP, and is concerned that any updates could have unintended consequences resulting in a less effective UDRP. Additionally, not only is there a backlog of policy recommendations waiting for ICANN Board approval or implementation, but the RrSG is also aware of substantial community volunteer fatigue even for high-priority issues.
These comments were filed in response to a public comment period on an ICANN-prepared policy status report.
Not every comment expressed skepticism about the efficacy of a PDP. Notably, the Non-Commercial Stakeholders Group — the constituency arguably most likely to upset the apple cart if a Phase 2 PDP goes ahead — appears to fully expect that such work will take place.
There were also many comments from individuals, mostly domainers, recounting their own experiences of, and reform wish-lists for, UDRP.
ICANN’s report will be revised in light of these comments and submitted to the GNSO, which will decide what to do with it.
“It’s not our fault!” — ICANN blames community for widespread delays
ICANN may be years behind schedule when it comes to getting things done on multiple fronts, but it’s the community’s fault for making up rubbish policies, bickering endlessly, and attempting to hack the policy-making process.
That’s me paraphrasing a letter sent last week by chair Maarten Botterman to the Registries Stakeholder Group, in which he complained about the community providing “ambiguous, incomplete, or unclear policy recommendations”.
RySG chair Samantha Demetriou had written to Botterman (pdf) in December to lament the Org and board’s lack of timely progress on many initiatives, some of which have been in limbo for many years.
Policies and projects related to Whois, new gTLDs and the Independent Review Process have been held up for a long time, in the latter case since 2013, she wrote, leading to community volunteers feeling “disempowered or discouraged”.
As I recently reported, ICANN has not implemented a GNSO policy since 2016.
The lack of board action on community work also risks ICANN’s legitimacy and credibility, Demetriou wrote.
But Botterman’s response (pdf), sent Thursday, deflects blame back at the community, denying that the delays are “simply because of failure at the level of the organization and Board.”
He wrote:
we need to continue to find our way forward together to address the challenges that affect the efficiency of our current decision-making processes, including, for example, ambiguous, incomplete, or unclear policy recommendations, the relitigation of policy issues during implementation, and the use of the review process to create recommendations that should properly be addressed by policy development
In other words, the community is providing badly thought-out policy recommendations, continuing to argue about policy after the implementation stage is underway, and using community reviews, rather than the Policy Development Process, to create policy.
The RySG, along with their registrar counterparts, put their concerns to the board at ICANN 72 in October, warning of “volunteer burnout” and a “chilling effect” on community morale due to board and Org inaction.
At that meeting, director Avri Doria presented staff-compiled stats showing that across five recent bylaws-mandated community reviews (not PDPs), the board had received 241 recommendations.
She said that 69% had been approved, 7% had been rejected, 18% were placed in a pending status, and 6% were “still being worked on”.
CEO Göran Marby provided a laundry list of excuses for the delays, including: reconciling differing community viewpoints, the large number of recommendations being considered, the potential for some recommendations to break ICANN bylaws, sensitivity to the bottom-up nature of the multi-stakeholder process, lack of staff, and the extra time it takes to be transparent about decision-making.
Just this week, ICANN has posted eight job listings, mostly in policy support.
In his letter last week, Botterman pointed to a “Prioritization Framework”, which is currently being piloted, along with further community conversations at ICANN 73 next month and a “thought paper” on “evolving consensus policies”.
Because why fix something when you can instead create another layer of bureaucracy and indulge in more navel-gazing?
ICANN hasn’t implemented a policy since 2016
It’s been over five years since ICANN last implemented a policy, and many of its ongoing projects are in limbo.
Beggars belief, doesn’t it?
The ongoing delays to new gTLD program policy and the push-back from ICANN on Whois policy recently got me thinking: when was the last time ICANN actually did anything in the policy arena apart from contemplate its own navel?
The Org’s raison d’être, or at least one of them, is to help the internet community build consensus policies about domain names and then implement them, but it turns out the last time it actually did that was in December 2016.
And the implementation projects that have come about since then are almost all frozen in states of uncertainty.
ICANN policies covering gTLD domains are usually initiated by the Generic Names Supporting Organizations. Sometimes, the ICANN board of directors asks the GNSO Council for a policy, but generally it’s a bottom-up, grass-roots process.
The GNSO Council kicks it off by starting a Policy Development Process, managed by working group stocked with volunteers from different and often divergent special interest groups.
After a few years of meetings and mailing list conversations, the working group produces a Final Report, which is submitted to the Council, and then the ICANN board, for approval. There may be one or more public comment periods along the way.
After the board gives the nod, the work is handed over to an Implementation Review Team, made up of ICANN staff and working group volunteers, which converts the policy into implementation, such as enforceable contract language.
The last time an IRT actually led to a GNSO policy coming into force, was on December 1, 2016. Two GNSO consensus policies became active that day, their IRTs having concluded earlier that year.
One was the Thick WHOIS Transition Policy, which was to force the .com, .net and .jobs registries to transition to a “thick” Whois model by February 2019.
This policy was never actually enforced, and may never be. The General Data Protection Regulation emerged, raising complex privacy questions, and the transition to thick Whois never happened. Verisign requested and obtain multiple deferrals and the board formally put the policy on hold in November 2019.
The other IRT to conclude that day was the Inter-Registrar Transfer Policy Part D, which tweaked the longstanding Transfer Dispute Resolution Policy and IRTP to streamline domain transfers.
That was the last time ICANN actually did anything in terms of enforceable, community-driven gTLD policy.
You may be thinking “So what? If the domain industry is ticking over nicely, who cares whether ICANN is making new policies or not?”, which would be a fair point.
But the ICANN community hasn’t stopped trying to make policy, its work just never seems to make the transition from recommendation to reality.
According to reports compiled by ICANN staff, there are 12 currently active PDP projects. Three are in the working group stage, five are awaiting board attention, one has just this month been approved by the board, and three are in the IRT phase.
Of the five PDPs awaiting board action, the average time these projects have been underway, counted since the start of the GNSO working group, is over 1,640 days (median: 2,191 days). That’s about four and a half years.
Counting since final policy approval by the GNSO Council, these five projects have been waiting an average of 825 days (median: 494 days) for final board action.
Of the five, two are considered “on hold”, meaning no board action is in sight. Two others are on a “revised schedule”. The one project considered “on schedule” was submitted to the board barely a month ago.
The three active projects that have made it past the board, as far as the IRT phase, have been there for an average of 1,770 days (median: 2,001 days), or almost five years, counted from the date of ICANN board approval.
So why the delays?
Five of the nine GNSO-completed PDPs, including all three at the IRT stage, relate to Whois policy, which was thrown into confusion by the introduction of the European Union’s introduction of the GDPR legislation in May 2018.
Two of them pre-date the introduction of GDPR in May 2018, and have been frozen by ICANN staff as a result of it, while three others came out of the Whois EPDP that was specifically designed to bring ICANN policy into line with GDPR.
All five appear to be intertwined and dependent on the outcome of the ICANN board’s consideration of the EPDP recommendations and the subsequent Operational Design Assessment.
As we’ve been reporting, these recommendations could take until 2028 to implement, by which time they’ll likely be obsolete, if indeed they get approved at all.
Unrelated to Whois, two PDPs relate to the protection of the names and acronyms of international governmental and non-governmental organizations (IGOs/INGOs).
Despite being almost 10 years old, these projects are on-hold because they ran into resistance from the Governmental Advisory Committee and ICANN board. A separate PDP has been created to try to untangle the problem that hopes to provide its final report to the board in June.
Finally, there’s the New gTLD Subsequent Procedures PDP, which is in its Operational Design Phase and is expected to come before the board early next year, some 2,500 days (almost seven years) after the PDP was initiated.
I’m not sure what conclusions to draw from all this, other than that ICANN has turned into a convoluted mess of bureaucracy and I thoroughly understand why some community volunteers believe their patience is being tested.
New rules could stop registries ripping off big brands
New gTLD registries could be banned from unfairly reaching into the deep pockets of famous brands, under proposed rules soon to be considered by ICANN.
A recommendation approved by the GNSO Council last Thursday targets practices such as using reserved and premium lists to block trademark owners from registering their brands during sunrise periods, or charging them exorbitant fees.
It’s believed to target new TLDs that hope to copy controversial practices deployed by the likes of .sucks, .feedback and .top in the 2012 gTLD round.
The recommendations came in the final report of Review of All Rights Protection Mechanisms (RPMs) in All gTLDs working group, which suggests over 30 tweaks to policies such as Sunrise, Trademark Claims, Trademark Clearinghouse and Uniform Rapid Suspension.
While the recommendations almost all received full consensus of the working group, that’s largely because the group could not agree to any of the major changes that had been demanded by the intellectual property lobby.
The aforementioned RPMs will therefore not change a great deal for the next batch of new gTLD applicants.
Even the recommendation about not ripping off big brands is fairly weak, and may well be watered down to homeopathic levels by the forthcoming Implementation Review Team, which will be tasked with turning policy into practice.
This is the recommendation:
Sunrise Final Recommendation #1
The Working Group recommends that the Registry Agreement for future new gTLDs include a provision stating that a Registry Operator shall not operate its TLD in such a way as to have the effect of intentionally circumventing the mandatory RPMs imposed by ICANN or restricting brand owners’ reasonable use of the Sunrise RPM.
Implementation Guidance:
The Working Group agrees that this recommendation and its implementation are not intended to preclude or restrict a Registry Operator’s legitimate business practices that are otherwise compliant with ICANN policies and procedures.
The idea is that ICANN Compliance could come down on registries deploying unfair rules designed to rip off trademark owners.
Practices that have come in for criticism in the past, and are cited in the report, include:
.top’s attempt to charge Facebook $30,000 for facebook.top
.feedback registering thousands of brand-match domains to itself
.sucks placing brand-match domains in an expensive premium pricing tier
Famous Four Media doing the same thing
The working group could not agree on whether any of these should be banned, and it looks like the IRT will have a lot of wriggle room when it comes to interpret the recommendation.
Now that the GNSO Council has approved the RPM working group’s final report (pdf), it will be passed to the ICANN board of directors for consideration before the nitty-gritty work of translating words into reality begins.
Claims UDRP has cost over $360 million so far
Trademark owners have splashed out over $360 million on UDRP cases over the 20 years the policy has been active, according to an intellectual property trade group.
Marques, a European body representing trademark owners, reckons $360 million is a “conservative” estimate.
It reached the figure by multiplying the number of UDRP complaints filed to the end of 2018 — 72,038 — by the $5,000 estimated total cost of each complaint.
The World Intellectual Property Organization, which handles well over half of all UDRP cases, charges at least $1,500 per case, but trademark owners have other fees, such as paying lawyers to draft the complaints.
WIPO, which basically designed and wrote the UDRP back in 1998, has been paid at least $63.8 million in filing fees to date, Marques calculates.
Across all UDRP providers, well over 100,000 individual domain names have been subject to UDRP. It’s likely much more, but the National Arbitration Forum does not publish data on unique domains.
The Marques claims were made in a letter (pdf) from council member (and Com Laude managing director) Nick Wood to ICANN last week, part of IP lobbying efforts in the face of UDRP reform efforts. He wrote:
This lowest-case estimate of $360m is a very significant financial burden. Registrants, on the other hand, pay only for their own defence, if any. They do not pay damages, or even contribute to the provider fees, if they lose – which across the five active panel providers appears to be majority of the time.
One proposal that has been put forward by IP owners is for registrants to pay a $500 fee when they are hit by a UDRP complaint, which would be refundable if they prevail.
I can see this idea going down like a cup of iced sick in the domainer community.
Rather than lobbying for any specific proposal, however, Marques is asking ICANN to create an “independent expert group” outside of the usual Policy Development Process, to highlight “priority issues and possible solutions” for the PDP to consider.
Marques thinks the group should comprise a small number of trademark interests, registries and registrars, and registrant rights groups. It wants WIPO to chair it.
It also wants ICANN to coordinate UDRP providers in the creation of a unified set of data on UDRP cases processed to date, to help with future reform discussions.
ICANN community volunteers have been working on the “PDP Review of All Rights Protection Mechanisms in All gTLDs” — the RPM WG — since March 2016.
The RPM WG expects to put out its “Phase One” initial report, comprising recommendations for reform of the Trademark Clearinghouse, Trademark Claims and Sunrise policies, in early June this year.
Only then will it turns its attention to UDRP, in “Phase Two”, with talks due to begin at the ICANN 65 meeting in Marrakech later that month.
The working group has been beset by all kinds of personal drama among volunteers recently, which continues to add friction to discussions.
Crocker: no date on next new gTLD round
ICANN will NOT set a date for the next round of new gTLD applications, despite recent pleas from registry operators.
That’s according to a letter (pdf) from ICANN chair Steve Crocker to the Registries Stakeholder Group published today.
The RySG had asked (pdf) last month for ICANN’s leadership to set a fourth-quarter 2018 deadline for the next application window.
It said that that drawing a line in the sand would allow potential applicants to plan and would prevent current policy-development processes from being abused to delay the next round.
But Crocker says in his letter that it is up to the ICANN community, not its board of directors, to determine if and when a new round should commence. He wrote:
Once the community completes its work, the Board will consider the community’s recommendations to introduce additional new gTLDs. Without the final findings and recommendations from the review and PDP, the Board won’t be able to determine what needs to be done prior to the opening of another application process…
The Registry Stakeholder Group’s letter suggests that by setting a date for the opening of another application process, the Board will provide the community with a target date to work toward. Although the Board setting a date would achieve this, doing so might contravene the multi-stakeholder process that allows for the community to have the necessary discussions to arrive at consensus, and to determine the timing of their own work
It seems this is an instance in which the board does not like the idea of setting policy in a top-down manner.
Crocker said the two remaining gating factors for a next round are the consumer choice and competition review of the first round, which is ongoing, and the GNSO’s New gTLD Subsequent Procedures Policy Development Process (PDP).
The PDP has now been going on for 18 months and yet discussions remain at a very early stage, with hardly any preliminary recommendations being agreed upon.
There’s not even agreement on foundational issues such as whether to carry on dividing the program into discreet application rounds or to start a first-come, first-served process.
The RySG had suggested in its letter that the next window could open after certain threshold issues had been resolved but before all policy work was complete, and that at the very least ICANN staff should get to work on a new version of the Applicant Guidebook while the PDP is still ongoing.
But Crocker again responded that the staff cannot get to work on implementation until the board has considered the community’s final recommendations.
ICANN’s most recent estimates for the opening of the next round would see applications accepted in 2020, eight years after the last round.
ICANN is about as fast as a pregnant elephant
Making a binding policy at ICANN takes about the same amount of time as gestating a human fetus, but only when the organization and community are working at their absolute fastest.
It’s much more often comparable to an elephant pregnancy.
That’s according to a timetable researched by ICANN senior policy director Marika Konings and circulated to the GNSO Council this week.
Konings found that the latest iteration of the GNSO’s Policy Development Process has to last for a bare minimum of 263 days, three days shorter than the average human pregnancy.
However, that deadline would only be met if ICANN staff were fully resourced, all community participants were firing on all cylinders, and there was full agreement about the policy from the outset.
That’s obviously a completely fanciful, largely theoretical scenario.
The more realistic estimated average time for a PDP to run to completion – from the GNSO Council kick-starting the process with a request for an Issue Report to the ICANN board voting to approve or reject the policy – is 620 days, Konings found.
That’s slightly slower than the gestation period of an Asian elephant.
In other words, if some hypothetical policy work were to start in the GNSO today, we could not reasonably expect to see an outcome one way or the other until February 3, 2014.
Konings’ findings were accompanied by an assessment of eight relatively recent PDPs, which took between 415 days and 1,073 days to reach a board vote. The median time was 639 days.
Some GNSO Councilors think ICANN needs a fast-track PDP for no-brainer policies. I tend to agree.
Recent Comments