Latest news of the domain name industry

Recent Posts

After 10 months, ICANN board “promptly” publishes its own minutes

Kevin Murphy, May 17, 2022, Domain Policy

ICANN’s board of directors has approved a huge batch of its own meeting minutes, covering the period from July 15 last year to March 10 this year, raising questions about its commitment to timely transparency.

The board approved the minutes of its last 14 full-board meetings in one huge batch of 14 separate resolutions at its May 12 meeting, and they’ve all now been published on the ICANN web site, along with redacted briefing papers for said meetings.

The period includes decisions on planning for the next new gTLD round and Whois reform, the legal fight with Afilias over the contested .web gTLD, and apparently divisive discussions about the timing of a post-pandemic return to face-to-face meetings.

No explanation has been given for why it’s taken so long for these documents to appear, the timing of which appears to go against ICANN’s bylaws, which state that minutes are supposed to be approved and published “promptly”:

All minutes of meetings of the Board, the Advisory Committees and Supporting Organizations (and any councils thereof) shall be approved promptly by the originating body and provided to the ICANN Secretary (“Secretary”) for posting on the Website.

ICANN almost always published its board’s resolutions within a few days of approval, and a preliminary report — which also includes the number of votes yay or nay, without naming the directors — within a couple of weeks.

The minutes, which are published only after the board rubber-stamps them, typically include a further vote breakdown and a little bit of color on how the discussion went down.

In the newly published batch, some of the documents are somewhat illuminating, while others barely nudge the dimmer switch.

For example, the preliminary report for the July 15, 2021 meeting, published 11 days later, notes that three of the 16 voting directors rebelled on a resolution about making the October annual general meeting in Seattle a virtual-only event, but the just-published minutes name those directors and flesh out some of their reasons for dissenting.

It turns out the directors had a “robust discussion”, with some arguing that it would be safe to go ahead with a “hybrid” meeting comprising both face-to-face and remote participation options.

The dissenting directors were Ron da Silva, Avri Doria, and Ihab Osman, it turns out. Osman and da Silva had voted a similar way a year earlier.

Directors could not reasonably have been expected to know about the impact the Delta variant of Covid-19 would have on world health in the latter half of the year. It had been identified and named by scientists but had yet to spread to the extent it was making headlines.

But they were aware of concerns from the Asia-Pacific members of the community, worried that a hybrid meeting in Seattle would disadvantage those unable to attend due to pandemic travel restrictions. This appears to have been raised during the discussion:

Some Board members expressed desire to see more work done to have ICANN72 as a hybrid meeting. They noted that Seattle has protocols in place to ensure the health and safety of ICANN staff and the community, and ICANN should use this opportunity to begin to return to its normal meeting standards as much as possible. Others noted that the concerns about travel inequities or restrictions for certain parts of the world should not prevent moving forward with an in-person component for ICANN72 because such inequities and restrictions exist with or without the pandemic.

The return to in-person meetings was discussed again in November, when the board decided to junk plans, secured by the dissenting directors in July, for a hybrid meeting in San Juan, Puerto Rico.

Ron da Silva had left the board by this point, but the new minutes show that Doria and Osman were joined by León Sánchez in advocating for a hybrid meeting with an in-person component.

While the July minutes contains a few paragraphs summarizing discussions, the November minutes simply notes that the board “reviewed the proposed resolution and rationale to confirm that it reflects the Board’s discussion and edits”.

And that’s pretty typical for most of the documents published this week — time and again the substantive discussion appears to have either happened off-camera, during non-minuted sessions of the board at unspecified times, or was simply not minuted.

Interested in the talks leading to the approval of the new gTLDs Operational Design Phase? The minutes shed no light.

Interested in how the board reacted to ICANN losing its Independent Review Process case with Afilias about .web? The minutes merely note that the resolution was approved “after discussion”.

There’s also a glaring hole in one set of minutes, raising questions about whether these documents are a reliable record of what happened at all.

We know for a fact that on September 12 the ICANN board approved a resolution naming the new chair and vice chair of its influential Nominating Committee, only to reconvene two weeks later to scrap that decision and name a different chair instead.

But if you read the September 12 minutes, you’ll find no record of NomCom even being discussed, let alone a resolution being passed appointing a chair.

The newly published batch of documents cover several resolutions related to executive pay, but none of the minutes contain the same level of transparency as ICANN displayed in February 2021, when it revealed that three directors voted against CEO Göran Marby’s pay rise.

In terms of transparency, that now appears to fully confirmed as an isolated incident.

ICANN trying to water down its transparency obligations

Kevin Murphy, January 13, 2022, Domain Policy

ICANN? Trying to be less transparent? Surely not!

The Org has been accused by some of its community members of trying to shirk its transparency obligations with proposed changes to its Documentary Information Disclosure Policy.

The changes would give ICANN “superpowers” to deny DIDP requests, and to deny them without explanation, according to inputs to a recently closed public comment period.

The DIDP is ICANN’s equivalent of a Freedom of Information Act, allowing community members to request documentation that would not be published during the normal course of business.

It’s often used, though certainly not exclusively so, by lawyers as a form of discovery before they escalate their beefs to ICANN accountability mechanisms or litigation.

It already contains broad carve-outs that enable ICANN to refuse disclosure if it considers the requested info too sensitive for the public’s eyes. These are the Defined Conditions for Nondisclosure, and they are used frequently enough that most DIDPs don’t reveal any new information.

The proposed new DIDP broadens these nondisclosure conditions further, to the extent that some commentators believe it would allow ICANN to deny basically any request for information. New text allows ICANN to refuse a request for:

Materials, including but not limited to, trade secrets, commercial and financial information, confidential business information, and internal policies and procedures, the disclosure of which could materially harm ICANN’s financial or business interests or the commercial interests of its stakeholders who have those interests.

The Registries Stakeholder Group noted that this is “broader” than the current DIDP, while the At-Large Advisory Committee said (pdf) it “essentially grants ICANN the right to refuse any and all requests”.

ALAC wrote that “rejecting a request because it includes commercial or financial information or documents an internal policy makes a mockery of this DIDP policy”.

Jeff Reberry of drop-catch registrar TurnCommerce concurred (pdf), accusing ICANN of trying to grant itself “superpowers” and stating:

Extremely generic terms such as “confidential business information” and “commercial information” were added. Frankly, this could mean anything and everything! Thus, ICANN has now inserted a catch-all provision allowing it to disclose nothing.

Other comments noted that the proposed changes dilute ICANN’s responsibility to explain itself when it refuses to release information.

Text requiring ICANN to “provide a written statement to the requestor identifying the reasons for the denial” has been deleted from the proposed new policy.

A collection of six lawyers, all prolific DIDP users, put their names to a comment (pdf) stating that “the change results in less transparency than the current DIDP”.

The lawyers point out that requests that are denied without explanation would likely lead to confusion and consequently increased use of ICANN’s accountability mechanisms, such as Requests for Reconsideration. They wrote:

Simply stated, the Revised Policy allows ICANN to obscure its decision-making and will ultimately cause disputes between ICANN and the Internet community — the complete opposite of the “accountable and transparent” and “open and transparent processes” required by ICANN’s Bylaws.

One change that didn’t get much attention in the public comments, but which certainly leapt out to me, concerns the turnaround time for DIDP responses.

Currently, the DIDP states that ICANN “will provide a response to the DIDP request within 30 calendar days from receipt of the request.”

In practice, ICANN treats this obligation like one might treat a tax return or a college essay — it almost provides its response exactly 30 days after it receives a request, at the last possible moment.

The revised DIDP gives ICANN the new ability to extend this deadline for another 30 days, and I don’t think it’s unreasonable to assume, given past behavior, that ICANN will try to exploit this power whenever it’s advantageous to do so:

In the event that ICANN org cannot complete its response within that 30-calendar-day time frame, ICANN org will inform the requestor by email as to when a response will be provided, which shall not be longer than an additional 30 calendar days, and explain the reasons necessary for the extension of time to respond.

The predictably Orwellian irony of all of the above proposed changes is that they come in response to a community review called the Cross-Community Working Group on Enhancing ICANN Accountability Work Stream 2 (WS2), which produced recommendations designed to enhance accountability and transparency.

Whether they are adopted as-is or further revised to address community concerns is up to the ICANN board of directors, which is of course advised by the staff lawyers who drafted the proposed revisions.

ICANN staff’s summary of the seven comments submitted during the public comment period is due next week.

Bizarre redactions in Pirate Bay founder’s ICANN registrar ban

Kevin Murphy, August 26, 2021, Domain Policy

ICANN has finally published a complaint from Pirate Bay founder Peter Sunde, who has been banned from owning an accredited registrar, but it’s full of bizarre redactions that serve only to make it look like the Org is hiding something.

You may recall that Sunde said in March that ICANN had rejected his application to have his registrar, Sarek, formally accredited.

He told DI that it happened because ICANN was worried he’d be a “pain in the ass” due to his previous association with the Pirate Bay file-sharing site and his criminal conviction for copyright infringement.

Not long after speaking to us, he filed a formal complaint with ICANN, which ICANN, five months later, published this week.

There’s not much in the complaint (pdf) that we have not already reported, but what’s notable is the amount of unnecessarily redacted text.

ICANN seems chiefly concerned with poorly obfuscating the identity of the staffer with whom Sunde was dealing on, and who ultimately rejected, his accreditation application.

The Org goes to the extent of redacting gender pronouns, so the reader can’t tell whether the person in question is male or female.

But the information that remains unredacted in the very same sentence is more than sufficient to identify the staffer concerned.

I’ve even been on national TV mentioning [NAME REDACTED] that I talked to today, regarding [PRONOUN REDACTED] failure to disclose the 3200 comments that was against the price cap removal of .ORG in [PRONOUN REDACTED] summary report for ICANN regarding the case.

The person who compiled the comment summary on the .org price caps issue, a public document (pdf), was Russ Weinstein, who’s also the guy in charge of registrar accreditation matters.

What possible benefit could be had from obfuscating his identity? And if doing so is so important, why do it in such an incompetent way?

The document also appears to redact the names of Facebook CEO Mark Zuckerberg and Swedish prog-rocker Björn Afzelius, both in the context of well-reported news stories mere seconds away in a search engine.

Reference to Sunde’s own criminal convictions, which are also well-reported and he has never been shy about addressing, also appear to be redacted.

For avoidance of doubt, I’m not saying that ICANN is hiding anything sinister, nor am I saying Sunde’s complaint has merit, but this redaction-happy attitude serves only to make the Org appear less transparent than it really should be.

If these redactions are attempts to hide personally identifiable information under ICANN’s privacy policy, they failed miserably on pretty much every count, even after five months.

This is privacy theater, created by people who don’t know the first thing about privacy.

ICANN has yet to respond Sunde’s complaint.

.web ruling hands Afilias a chance, Verisign a problem, and ICANN its own ass on a plate

Kevin Murphy, May 26, 2021, Domain Policy

ICANN has lost yet another Independent Review Process case, and been handed a huge legal bill, after being found to have violated its own rules on transparency and fairness.

The decision in Afilias v ICANN has failed to definitively resolve the issue of whether the auction of the .web gTLD in 2016, won by a shell applicant called Nu Dot Co backed by $135 million of Verisign’s money, was legit.

ICANN’s now urging NDC, Afilias and other members of the .web contention set to resolve their beefs privately, which could lead to big-money pay-days for the losing auction bidders at Verisign’s expense.

For ICANN board and staff, the unanimous, three-person IRP panel decision is pretty damning, with the ruling saying the org “violated its commitment to make decisions by applying documented policies objectively and fairly”.

It finds that ICANN’s board shirked its duty to consider the propriety of the Verisign/NDC bid, allowing ICANN staff to get perilously close to signing a registry contract with an applicant that they knew may well have been in violation of the new gTLD program rules.

Despite being named the prevailing party, it’s not even close to a full win for Afilias.

The company had wanted the IRP panel to void the NDC/Verisign winning bid and award .web to itself, the second-highest bidder. But the panel did not do that, referring the decision instead back to ICANN.

As the loser, ICANN has been hit with a $1,198,493 bill to cover the cost of the case, which includes Afilias’ share of $479,458, along with another $450,000 to cover Afilas’ legal fees connected to an earlier emergency IRP request that ICANN “abusively” forced Afilias into.

The case came about due to a dispute about the .web auction, which was run by ICANN in July 2016.

Six of the seven .web applicants had been keen for the contention set to be settled privately, in an auction that would have seen the winning bid distributed evenly among the losing bidders.

But NDC, an application vehicle not known to be particularly well-funded, held out for a “last resort” auction, in which the winning bid would be deposited directly into ICANN’s coffers.

This raised suspicions that NDC had a secret sugar daddy, likely Verisign, that was covertly bankrolling its bid.

It was not known until after NDC won, with a $135 million bid, that these suspicions were correct. NDC and Verisign had a “Domain Acquisition Agreement” or DAA that would see NDC transfer its .web contract to Verisign in exchange for the money needed to win the auction (and presumably other considerations, though almost all references to the terms of the DAA have been redacted by ICANN throughout the IRP).

Afilias and fellow .web applicant Donuts both approached ICANN before and after the auction, complaining that the NDC/Verisign bid was bogus, in violation of program rules requiring applicants to notify ICANN if there’s any change of control of their applications, including agreements to transfer the gTLD post-contracting.

ICANN has never decided at the board level whether these claims have merit, the IRP panel found.

The board did hold a secret, off-the-books discussion about the complaints at its retreat November 3, 2016, and concluded, without any type of formal vote, that it should just keep its mouth shut, because Afilias and Donuts had already set the ball rolling on the accountability mechanisms that would ultimately lead to the IRP.

More than half the board was in attendance at this meeting, and discussions were led by ICANN’s top two lawyers, but the fact that it had even taken place was not disclosed until June last year, well over three and a half years after the fact.

Despite the fact that the board had made a conscious, if informal, choice not to decide whether the NDC/Verisign bid was legit, ICANN staff nevertheless went ahead and started contracting with NDC in June 2018, taking the .web contention set off its “on-hold” status.

Talks progressed to the point where, on June 14, ICANN had sent the .web contract to NDC, which immediately returned a signed copy, and all that remained was for ICANN to counter-sign the document for it to become binding.

ICANN VP Christine Willett approved the countersigning, but four days later Afilias initiated the Cooperative Engagement Process accountability mechanism, the contract was ripped up, and the contention set was placed back on hold.

“Thus, clearly, a registry agreement with NDC for .WEB could have been executed by ICANN’s Staff and come into force without the Board having pronounced on the propriety of the DAA under the Guidebook and Auction Rules,” the IRP panel wrote.

This disconnect between the board and the legal staff is at the core of the panel’s criticism of ICANN.

The board had decided that Afilias’ claim that NDC had violated new gTLD program rules was worthy of consideration and had informally agreed to defer making a decision, but the staff had nevertheless gone ahead with contracting with a potentially bogus applicant, the panel found.

In the opinion of the Panel, there is an inherent contradiction between proceeding with the delegation of .WEB to NDC, as the Respondent [ICANN] was prepared to do in June 2018, and recognizing that issues raised in connection with NDC’s arrangements with Verisign are serious, deserving of the Respondent’s consideration, and remain to be addressed by the Respondent and its Board, as was determined by the Board in November 2016. A necessary implication of the Respondent’s decision to proceed with the delegation of .WEB to NDC in June 2018 was some implicit finding that NDC was not in breach of the New gTLD Program Rules and, by way of consequence, the implicit rejection of the Claimant’s [Afilias’] allegations of non-compliance with the Guidebook and Auction Rules. This is difficult to reconcile with the submission that “ICANN has taken no position onw hether NDC violated the Guidebook”.

The upshot of the panel’s ruling is to throw the issue back to ICANN, requiring the board to decide once and for all whether Verisign’s auction gambit was kosher.

If you’ll excuse the crude metaphor, ICANN’s board has been told to shit or get off the pot:

The evidence in the present case shows that the Respondent, to this day, while acknowledging that the questions raised as to the propriety of NDC’s and Verisign’s conduct are legitimate, serious, and deserving of its careful attention, has nevertheless failed to address them. Moreover, the Respondent has adopted contradictory positions, including in these proceedings, that at least in appearance undermine the impartiality of its processes.

[The panel r]ecommends that the Respondent stay any and all action or decision that would further the delegation of the .WEB gTLD until such time as the Respondent’s Board has considered the opinion of the Panel in this Final Decision, and, in particular (a) considered and pronounced upon the question of whether the DAA complied with the New gTLD Program Rules following the Claimant’s complaints that it violated the Guidebook and Auction Rules and, as the case may be, (b) determined whether by reason of any violation of the Guidebook and Auction Rules, NDC’s application for .WEB should be rejected and its bids at the auction disqualified;

At the same time as the decision was published last night — shortly after midnight UTC and therefore helpfully too late to make it into today’s edition of ICANN’s godawful new email subscriptions feature — ICANN issued a statement on the outcome.

“In its Final Declaration, the IRP panel ruled that the ICANN Board, and not an IRP panel, should decide which applicant should become the registry operator for .WEB,” CEO Göran Marby said.

“The ICANN Board will consider the Final Declaration as soon as feasible, within the timeframe prescribed in the Bylaws, and remains hopeful that the relevant .WEB applicants will continue to seek alternatives to resolve the dispute between them raised during the IRP,” the statement concludes.

That should be of concern to Verisign, as any non-ICANN resolution of the .web battle is inevitably going to involve Verisign money flowing to its competitors.

But my first instinct strikes me that this a is a low-probability outcome.

It seems to me much more likely at first glance that ICANN will rule the NDC/Verisign ploy legitimate and proceed to contracting again.

For it to declare that using a front organization to bid for a gTLD is against the rules would raise questions about other applications that employed more or less the same tactic, such as Automattic’s successful bid, via an intermediary, for .blog, and possibly the 100-ish applications Donuts and Rightside cooperated on.

The ICANN bylaws say the board has to consider the IRP’s findings at its next meeting, for which there’s currently no published date, where feasible.

I should note that, while Donuts acquired Afilias last December, the deal did not include its .web application, which is why both the panel’s decision and this article refer to “Afilias” throughout.

Verisign hopeful after decision reached in .web gTLD case

Kevin Murphy, May 25, 2021, Domain Policy

The fate of .web has been decided, over 20 years after it was first applied for, and Verisign thinks it might emerge triumphant.

The company said last night that the ICANN Independent Review Panel handling the case of Afilias v ICANN reached a decision May 20 and delivered it to Verisign the following day.

Verisign says the panel “dismissed Afilias’ claims for relief seeking to invalidate the .web auction and to award the .web TLD to Afilias, concluding that such issues were beyond its jurisdiction.”

Sounds good for Verisign so far. Afilias wanted its $135 million bid for .web, submitted via an intermediary called Nu Dot Co, thrown out due to claims that ICANN violated its own bylaws by not sufficiently vetting the bidder.

But Verisign goes on to say “the panel’s ruling recommends that ICANN’s Board of Directors consider the objections made about the .web auction and then make a decision on the delegation of .web”.

It adds that the panel found that ICANN violated its fairness and transparency commitments:

With respect to ICANN, the ruling finds that certain actions and/or inaction by ICANN in response to Afilias’ objections violated aspects of ICANN’s bylaws related to transparency and fairness. These findings are particular to ICANN’s actions and not conduct by Verisign. Verisign anticipates that ICANN’s Board will review the panel’s ruling and proceed consistent with the panel’s recommendation to consider the objections and make a decision on the delegation of .web.

Based on Verisign’s statements, it seems that ICANN lost, but Afilias didn’t win.

The revelation was buried in a Securities and Exchange Commission filing on an unrelated financial matter last night. Hat tip to @jintlaw for spotting and tweeting about it.

It’s the most eagerly anticipated IRP ruling since 2011’s .xxx case, but in stark contrast to Rod “let’s draft this tweet” Beckstrom-era ICANN, where the decision was posted in a matter of hours, the 2021 org has not yet posted the panel’s findings or made a public statement acknowledging the ruling.

Verisign says it intends to “vigorously pursue” .web, but “can provide no assurance” as to which way the ICANN board of directors will swing.

ICANN refuses to say why it allowed Donuts to buy Afilias

Kevin Murphy, March 29, 2021, Domain Policy

ICANN appears determined to make its decision-making process when it comes to industry consolidation as opaque as possible.

The Org has denied a request from two rival registries for information about how it approved the acquisition of Afilias by Donuts last December, apparently exploiting a loophole in its bylaws.

The transaction got the nod from ICANN after its December 17 board of directors meeting, at which the board discussed the deal and gave CEO Göran Marby the nod to go ahead and process the request.

What it didn’t do was pass a formal resolution approving the deal, which seems to have given it the room to wriggle out of its transparency requirements, such as publishing its rationale and briefing materials.

It’s a trick it also used last year when it decided to bar Ethos Capital from acquiring Public Interest Registry.

In response to a Documentary Information Disclosure Process request (pdf) last month, filed by Dot Hotel and Domain Venture Partners, ICANN said:

ICANN org makes available, as a matter of due course, on the ICANN website the resolutions taken, preliminary report, minutes, and the Board briefing materials for each Board meeting… ICANN org has already published all materials for the 17 December 2020 Board meeting.

No new information was published.

The DIDP was filed by two applicants for the new gTLD .hotel, which are competing with applications originally filed by both Donuts and Afilias.

They’d also asked for ICANN’s rationale for allowing Donuts to own two .hotel applications post-acquisition, but ICANN said it had no documents reflecting that rationale.

The .hotel contest is also the subject of an Independent Review Process case and a lawsuit, in which DVP is a plaintiff.

Got beef with ICANN? Why you may not want to use the Ombudsman

Kevin Murphy, February 25, 2021, Domain Policy

Complaining to the independent Ombudsman may not be the best way to start a beef with ICANN, and that’s according to the Ombudsman himself.

Herb Waye told DI this week that consulting him as a first port of call may well lock complainants out of escalating their complaints through his office in future procedures.

Earlier this week, I reported on a lawsuit filed by three so-far unsuccessful .hotel gTLD applicants, which among other things alleges that ICANN’s Request for Reconsideration appeals process is a “sham”.

Reconsideration has quite a high barrier to success, and complaints are rarely successful. Requests are dealt with by the Board Accountability Mechanisms Committee, a subset of the very same board of directors that passed the resolution being complained about, advised by the same ICANN lawyers.

But RfRs are also automatically sent to the Ombudsman for a determination before the BAMC looks into them, which should provide a valuable and ostensibly independent second set of critical eyes.

However, in practice this has almost never happened since the provision was added to the ICANN bylaws five year ago.

The .hotel plaintiffs tallied up the 14 RfRs related to the new gTLD program since 2017 and found that the Ombudsman had recused himself, without detailed explanation, on every single occasion. Their complaint in California Superior Court reads:

Neither ICANN nor the Ombudsman has provided any intelligible reason for this gross flouting of ICANN’s bylaws and the Ombudsman’s dereliction of duty, other than a naked and vague claim of “conflict of interest”. The lack of any Ombudsman process not only violates ICANN’s bylaws and its contracts with Plaintiffs, but it renders the promise of a fair and independent Reconsideration process null and illusory, and the notion of true accountability a farce.

The ICANN bylaws state that the Ombudsman must recuse himself from considering RfRs “involving matters for which the Ombudsman has, in advance of the filing of the Reconsideration Request, taken a position while performing his or her role as the Ombudsman”.

According to Waye’s explanation, this is a very broad standard indeed. He told DI in an email:

it is not just me but over 18(?) years of Office of the Ombudsman involvement in complaints or investigations. So I need to go back through the archives when I receive an RR to make sure neither Chris [LaHatte] nor Frank [Fowlie] have made a determination (it doesn’t have to be a public report (or position) or a report to the Board to qualify for recusal).

Among other factors, it also doesn’t have to be a past determination directly involving the RR requestor either… if the substance of the RR has been reviewed by the Office in the past, or if the RR is about an issue similar to one that has been the subject of a complaint and a determination, then recusal is also required to avoid inconsistencies or perceived bias.

He consults with his “independent outside counsel”, Dave Marglin, when figuring out whether recusal is necessary, he said.

Waye published an explanation of his role in Reconsideration on page 19 of the Ombusdman’s most-recent annual report (pdf).

I wondered whether a 2015 decision by Waye predecessor LaHatte related to the new gTLD program’s controversial Community Priority Evaluation might account for the spate of recusals over the last few years, but Waye would not be drawn.

“I can’t identify specifics about each recusal as I must at all cost avoid identifying past complainants or subjects of complaints,” he said. “As I mentioned, some published reports may be the reason for a recusal but it may also be the result of the RfR issue having passed through my Office prior to the RfR being filed as a complaint; which may or may not be a known fact, so I err on the side of caution and treat all recusals the same.”

Given that the Ombudsman also deals with sensitive interpersonal interactions, including sexual harassment complaints, a code of confidentiality could be a good thing.

But it also means that there are an unknown number of undisclosed topics, dating back the best part of two decades, that the Ombudsman is apparently powerless to address via the Reconsideration process.

And that list of untouchable topics will only get longer as time goes by, incrementally weakening ICANN’s accountability mechanisms.

It seems to me that for companies with no interest in confidentiality but with serious complaints against an ICANN board action, complaining to the Ombudsman as the first port of call in a case that would likely be escalated to Reconsideration, Cooperative Engagement Process and Independent Review Process may be a bad idea.

Not only would they be locking the Ombudsman out of their own subsequent RfR, but they’d be preventing him or her getting involved in related RfRs for eternity.

Waye does not disagree. He said:

I think anyone considering bringing a complaint to the Office of the Ombuds should now consider their desired outcome if there is any possibility the issue may be something that could eventually take the RfR route. Do they want an informal (potentially confidential) determination from the Ombuds or do they want something more “public” from the Ombuds in the form of a substantive evaluation made directly to the BAMC. It’s still a new process and my participation in the RfR accountability mechanism is still a work in progress for the people considering using the RfR. But it’s what the community wanted and we will make it work.

It strikes me that the Reconsideration policy outlined in the ICANN bylaws is, by accident or design, self-terminating and opaque. It becomes less useful the more often it is used, as the range of topics the Ombudsman is permitted to rule on are slowly whittled away in secret.

It also occurs to be that it might be open to abuse and gaming.

Worried that a rival company will try to use Reconsideration to your disadvantage? Why not file a preemptive Ombudsman complaint on the same topic, forcing him to recusing himself and leaving the eventual RfR in the hands of the far-from-objective BAMC and ICANN board?

Waye said:

I suppose it would be possible, though it would require me making a determination or taking a position of sorts related to the eventual RfR… a complaint doesn’t automatically mean recusal. And of course it would mean me and my counsel not seeing through the “gaming” agenda and declining the complaint at the outset.

One year on, Namecheap still fighting aborted .org takeover and may target GoDaddy and Donuts next

Kevin Murphy, February 5, 2021, Domain Registrars

Even though Ethos Capital’s proposed takeover of Public Interest Registry was rejected last May, registrar Namecheap is still doggedly pursuing legal action against ICANN’s handling of the deal, regardless.

The Independent Review Process complaint filed last February is still active, with Namecheap currently fighting a recent ICANN motion to dismiss the case.

The company is also demanding access to information about GoDaddy’s acquisition of Neustar and Donuts’ acquisition of Afilias, and is threatening to file separate actions related to both those deals.

Namecheap has essentially two beefs with ICANN. First, that it should not have lifted price caps in its .org, .biz and .info registry contracts. Second, that its review of Ethos’ bid for PIR lacked the required level of transparency.

ICANN’s trying to get the IRP complaint thrown out on two fairly simple grounds. First, that Namecheap lacks standing because it’s failed to show a lack of price caps have harmed it. Second, that it rejected the PIR acquisition, so Namecheap’s claims are moot.

In its motion to dismiss (pdf), its lawyers wrote:

Namecheap’s entire theory of harm, however, is predicated on the risk of speculative future harm. In fact, nearly every explanation of Namecheap’s purported harm includes the words “may” or “potential.” Namecheap has not identified a single actual, concrete harm it has suffered.

Namecheap’s claims related to the Change of Control Request should be dismissed because ICANN’s decision not to consent to the request renders these claims moot
and, separately, Namecheap cannot demonstrate any harm resulting from this decision.

In December, Namecheap had submitted as evidence two analyses of its business prospects in the event of registry price increases, one compiled by its own staff, the other prepared by a pair of outside expert economists.

While neither shows Namecheap has suffered any directly quantifiable harm, such as a loss of revenue or customers, Namecheap argues that that doesn’t matter and that the likelihood of future harm is in fact a current harm.

A mere expectation of an increase in registry prices is sufficient to show harm. This is because such expectation reduces Namecheap’s expected profits and its net present value.

It further argues that if Namecheap was found to not have standing, it would give ICANN the ability to evade future IRP accountability by simply adding a 12-month delay to the implementation of controversial decisions, pushing potential complainants outside the window in which they’re able to file for IRP.

On the PIR change of control requests, Namecheap says it’s irrelevant that ICANN ultimately blocked the Ethos acquisition. The real problem is that ICANN failed in its transparency requirements related to the deal, the company claims.

The fact that ICANN withheld its consent is no excuse for refusing to provide full transparency with respect to the actions surrounding the proposed acquisition and ICANN’s approval process. Namecheap’s claims relate to the non-transparent process; not the outcomes of such process. Irrespective of the outcome, lack of transparency increases the level of systemic risk in Namecheap’s business environment.

How did ICANN come to its decision? Was an imminent request for a change of control known to ICANN, when it took the decision to remove the price control provisions? What was discussed in over 30 hours of secret meetings between ICANN org and the Board? What discussions took place between ICANN, PIR and other entities involved? All these questions remain unanswered

Namecheap refers to two incidents last year in which ICANN hid its deliberations about industry acquisitions by conducting off-the-books board discussions.

The first related to the PIR deal. I called out ICANN for avoiding its obligation to provide board meeting minutes in a post last May.

The second relates to the board’s consideration of Donuts’ proposed (and ultimately approved) acquisition of Afilias last December. Again, ICANN’s board discussed the deal secretly prior to its official, minuted December 17 meeting, thereby avoiding its transparency requirements.

In my opinion, this kind of bullshit has to stop.

Namecheap is also now threatening to bring the Afilias deal and GoDaddy’s acquisition of Neustar’s registry business last April into the current IRP, or to file separate complaints related to them, writing in its response to ICANN’s motion (pdf):

Namecheap seeks leave to have ICANN’s actions and inactions regarding its consideration of the Neustar and Afilias changes of control reviewed by this IRP Panel. If, per impossibile such leave is not granted, Namecheap reserves all rights to initiate separate proceedings on these issues.

The deals are similar because both involve the change of control of legacy gTLD contractors with millions of domains under management that have recently had their price caps lifted — Afilias ran .info and Neustar ran .biz.

ICANN made over $500k in secret lawyer payments over [REDACTED] legal dispute

Kevin Murphy, November 17, 2020, Domain Policy

ICANN has approved a payout of over half a million dollars to outside lawyers for work on a legal dispute it does not want you to know about.

The board of directors a week ago approved the disbursement of a “[Redacted – Privileged & Confidential]” sum to undisclosed parties in relation to “extensive activity in [Redacted – Privileged & Confidential]”.

Under ICANN policy, the fact that board approval was required means that the amount being paid is at least $500,000. The redacted resolution also authorizes additional payments up to $499,999.

ICANN isn’t providing any hints about what the payments concern, other than that it’s a legal dispute of some kind. The resolution states:

When required, ICANN must engage outside legal counsel to help prepare for and defend against all types of disputes that are brought against ICANN. When those disputes become highly contentious they often require significant involvement during a certain time period by outside counsel and that significant amount of time also results in significant fees and related expenses.

The words “related expenses” may be telling. We may not just be talking about lawyers’ fees here.

ICANN also does not state when the expenses were incurred, other than to note that the org’s budget for fiscal 2020, which ended June 30, “contemplated” the need for such payments.

So we’re talking about a legal issue that ICANN was aware of before May 2019, when the FY20 budget was approved, possibly as far back as December 2018, when earlier versions of that budget were published.

Known legal disputes that were active back then and have seen activity in the last few months include the Afilias Independent Review Process complaint about the .web auction and DotConnectAfrica’s court appeal over its .africa loss.

But both of those cases are matters of public record. ICANN even regularly publishes legal documentation on both. They’re not secret.

The only cases I’m aware of that ICANN has actively tried to keep secret involve allegations of sexual discrimination and harassment made against at least one former senior staffer. One such lawsuit was filed late February 2019.

But the hundreds of thousands doled out by ICANN last week could be related to just about anything.

ICANN’s bylaws give the board a broad brush when it comes to redacting information from published resolutions:

any actions relating to personnel or employment matters, legal matters (to the extent the Board determines it is necessary or appropriate to protect the interests of ICANN), matters that ICANN is prohibited by law or contract from disclosing publicly, and other matters that the Board determines, by a three-quarters (3/4) vote of Directors present at the meeting and voting, are not appropriate for public distribution

Usually, when ICANN redacts information, it’s related to personnel matters such as management bonuses.

Whatever it was ICANN just spent your money on, ICANN ain’t saying.

This ICANN comment period is a Kafkaesque nightmare

Kevin Murphy, September 29, 2020, Domain Policy

With the deadline for commenting on draft new gTLD program rules rapidly approaching, you may be tempted to visit the ICANN web site to peruse the comments that have already been submitted by others. Good bloody luck.

The way ICANN has chosen to present the comments is so bafflingly opaque, confusing and confounding that I can’t help but conclude it must have been deliberately designed to be as soul-crushing as possible.

Regular comment periods are pretty straightforward: you email your comments as prose to ICANN, ICANN publishes the email and any attachments for others to read. Everyone knows where everyone stands. Job done.

But recently there’s been a worrying trend towards a questionnaire and spreadsheet model based around Google Docs, and that’s the model being used for comments on the final draft report of the new gTLD program working group, known as SubPro.

You can check out the spreadsheet here.

The first thing you’ll notice is that the spreadsheet is 215 columns wide, with each respondent given one row for their responses.

You’ll also notice that the spreadsheet doesn’t seem to understand line breaks. Where the respondent has provided some textual commentary, it’s spread across multiple columns in some cases and not in others.

And then there’s the column headings.

While stumbling randomly through the spreadsheet, I discovered an interesting nugget of information — it seems the new gTLD registry MMX wants the next application round delayed until all of the 2012 round have been launched, which I found a bit surprising.

This nugget can be found under the column heading “Enter your response here”, a heading that is helpfully shared by 90 (ninety) other columns on the same damn page.

The heading “Do you want to save your progress and quit for now? You will be able to return to the form to complete it at a later time” appears 10 times in the document.

No information in adjacent columns sheds any light on what triggered MMX to make its comment.

In order to figure out the question for pretty much any response, the only option appears to be to cross-reference the spreadsheet with the original form questionnaire, which can be found as a PDF here.

But the questionnaire has 234 questions and there’s no straightforward correlation between the question number and the columns on the spreadsheet, which are addressed as AA through IG.

So when you see that European industry group CENTR went to the trouble to “Support Output(s) as written” in column DI, under the heading “If you choose one of the following responses, there is no need to submit comments”, it’s virtually impossible to figure out what it actually supports.

If you are able to figure out which question it was answering, that probably won’t help you much either.

The form merely contains brief summaries of changes the working group has made. To see the “Output(s) as written” you’d have to cross-reference with the 363-page draft final report (pdf).

A lot of you are probably thinking that I should just export the spreadsheet into Excel or OpenOffice and clean it up a bit. But, no, you can’t. ICANN has disabled exporting, downloading, and even copy-pasting.

It’s enough to make one feel like going out and licking the floor on public transport.

Way to go on the transparency, ICANN!

I have to believe that the ICANN staffer responsible for compiling all these comments into the official ICANN summary has some tools at his or her disposal to render this mess decipherable, because otherwise they’ve got a huge, hair-ripping job on their hands.

Of course, since there doesn’t appear to be a way for the rest of us to verify the summary report’s accuracy, they can probably just write whatever they want.