ICANN publishes its Woke Manifesto. Here’s my hot take

ICANN’s antics rarely surprise me after close to a quarter-century of coverage, but today it’s published what I can only describe as its “Woke Manifesto” and while reading through it this afternoon I pretty much peeled my uvula raw and ragged, alternating as I did between howls of outrage and uncontrollable fits of incredulous laughter.

On the latest step of its descent into solipsistic pomposity, Org has released its Diversity and Inclusion Toolkit, an interactive web page and associated documents and survey templates designed to help the ICANN community’s various constituencies become more diverse, equitable and inclusive.

“It is designed to empower our community groups in assessing, measuring, and promoting diversity within and across their membership,” ICANN wrote in its introduction, attributed to outgoing policy VP David Olive.

A laudable goal in theory, but in practice what ICANN has come up with is often hilarious, poorly sourced, badly edited, baffling, hypocritical, self-contradictory, and condescending to both the people it wants to include and the people it perceives are already over-included. In parts, sadly, it’s borderline misandrist and maybe a little bit accidentally racist.

The Manifesto is the result of ICANN’s work to implement the recommendations of the Final Report (pdf) of the Cross Community Working Group on Accountability, the most-recent phase of one of ICANN’s interminable navel-gazing exercises.

Recommendation 1.6 of that report states:

ICANN staff should provide support and tools for the SO/AC/Groups to assist them in assessing their diversity in an appropriate manner. ICANN should also identify staff or community resources that can assist SO/ACs or other components of the community with diversity-related activities and strategies.

Or does it? If we believe the new Manifesto, Rec 1.6 actually states:

ICANN staff should provide support and tools for the SO/AC/groups to assist them in assessing their diversity in an appropriate manner. ICANN should also identify staff or community resources that can assist SO/ACs or other components of the community with diversity-related activities and strategies.D&I requires equity to succeed.

The emphasis in that second pull-quote is mine. The lack of a space after the period before the last sentence is ICANN’s error.

It looks like at some point, possibly quite recently, ICANN has sneaked in the reference to “equity”.

If you’re triggered by the DEI (Diversity, Equity, Inclusion) abbreviation, best look away now. The Manifesto contains all the other zeitgeisty buzz-words you probably also hate.

Microaggressions? Check. Privilege? Check. Identity? Check. Intersectionality? Check. Unconscious bias? Check. Psychological safety? Check.

An easily overlooked footnote seems to explain why “equity” has made its way into the document:

In this toolkit we refer to “diversity” and “inclusion,” but “equity” is also a significant concept to understand. Equity refers to fairness and justice, recognizing that we do not all start from the same place and must therefore make adjustments to imbalances; for example promoting the inclusion of people from marginalized/underrepresented populations. It is distinguished from equality, which means providing the same to all.

I take no position on whether this is a good or bad way to tackle inequality of outcome, if it exists, at ICANN, but let’s be honest, this is just another way of describing what has been known as “positive discrimination” or “affirmative action” in other contexts.

But while affirmative action usually refers to issues of race in North America, such as in the ongoing debate about university admission policies, ICANN’s Manifesto is notable for containing no direct references to skin color whatsoever.

ICANN’s “7 key elements of diversity”, which come from the CCWG-Accountability’s report, are: geographical/regional representation, language, gender, age, physical disability, diverse skills, and stakeholder group or constituency.

Let’s look at what the Manifesto says about some of these identity categories. Yes, I’m going there.

“You were so worried you came from Iran”

Possibly the most egregiously condescending and baffling part of the Manifesto is “Ideas for indivdual action” (pdf) (the misspelling of “individual” is in the original, in the title, on the cover page), which offers suggested language to avoid offending people on the basis of gender, age, disability, or geography.

I’ve no idea to whom this document is addressed (I infer it’s able-bodied, Anglophone men), but it seems ICANN thinks it has a problem with people referring to East Asian community members as “Orientals”. Because apparently it’s the 1950s. In the same breath, it suggests that “whitelist” — a term commonly used in the security industry to refer to lists of explicitly permitted domains — is as offensive as “Chinaman”.

It’s worth noting that the word has been used repeatedly by ICANN itself, including quite recently. Under October 2023 terms, you can’t even apply to be an accredited registrar without agreeing to “whitelist” ICANN’s domains.

In a glorious example of accidental misogyny, the document (six years in the making) later says that people should avoid using forms of address such as “Mrs” or “Ms” because: “This language implies that having a disability is not an ordinary aspect of being human”.

The document is all over the place on issues of gender, on some pages directly contradicting ICANN’s own current practices and on others internally contradicting itself.

At one point, it says “there is no need to mention gender, i.e. saying ‘a female lawyer’ diminishes the professional status of that person”. This from the organization that put out this press release celebrating its two “female leaders”, last year.

At another point, it says we should use “Ombudsperson” instead of “Ombudsman”, while ICANN itself recently made the switch to “Ombuds” instead.

The document is also confused about whether biological reality exists. It tells us that we should accept that “that we are all biased by virtue of our biology” and a couple pages later admonishes against terms such as “biologically male” because “These terms imply that gender is a biological and binary fact that can only be changed through surgery — if at all”.

The most jaw-dropping gender-related moment comes when the document attempts to explain the concept of “privilege” and offers some suggestions as to how those who possess it may overcome it to increase the inclusiveness of their communities.

I swear I’m not making this quote up:

If you have male privilege: Hold back, and allow female community members to speak before you do. If they do speak and are not acknowledged, call this out and give credit for their input.

ICANN wants to make “Ladies first” official doctrine? Perhaps it is the 1950s.

While I don’t doubt there are some women in the ICANN community who would whoop with delight at the chance of automatically getting first dibs at the mic, I know there are many others who will find the suggestion that men should give them special treatment, and subsequently pat them on the head for their contributions, deeply offensive.

“I hear you’re a racist now, Father”

It’s not just gender and age where the Manifesto seems to trip over its own desire to virtue signal without thinking through whether what it’s actually saying is internally consistent.

We’re told to avoid “Asking people of a different appearance where they are from” and a few pages later to “Show an interest in other people’s cultures and backgrounds, ask questions with sincere and respectful curiosity”.

How, ICANN, how?! How can I show an interest in this new friend’s culture if I’m not allowed to ask him where he’s from? Am I only supposed to show an interest in his culture if he shares my “appearance”. Can I only talk to people of the same race? Is that what you want, ICANN?!

We’re talking largely about ICANN meetings here, remember. People from over 100 countries on every continent flock into a drab, windowless conference center three times a year. It’s the most natural thing in the world, unwinding at an after-hours cocktail reception, to ask somebody where they’re from.

If, in the hotel bar after eight hours of patiently not interrupting anybody you think you might not fully intersect with, somebody asks you “Where are you from?”, regardless of whether you share common visual characteristics, chances are it’s because your lanyard has flipped over and they’re asking the name of your employer in order to quickly triage business opportunities.

Speaking as somebody who was an immigrant in the US for the best part of a decade, I know it can be irritating after the hundredth time you’re asked your nationality, but I never found it to be, as ICANN would have us believe, an “aggression”, micro or otherwise.

“I’m Disabled!”

The document defines a microaggression as “the everyday messages we send to other people through our language and behavior that cause them to feel devalued, slighted, discouraged or excluded”. We’re told: “What makes microaggressions offensive isn’t the exact words or actions but, instead, the underlying meaning that reveals bias”.

The first example ICANN gives of a microaggression?

A weak handshake with insincere smile.

I find this hugely offensive on a personal level.

My lived experience is as an effete Englishman with a congenitally pathetic handshake, also suffering from the effects of decades of underfunded NHS dentistry and still recovering from an ischemic stroke that rendered my hand-shaking hand about as strong as a sloth’s yawn.

There’s nothing I find more macroaggressive at an ICANN meeting — apart from perhaps a French woman I barely know attempting to kiss me on the cheek — than an American with a $5,000 suit and teeth the color of a Grand Wizard’s hood trying to tear my arm off at the hip when he or she moves to greet me.

But apparently, under ICANN’s rules, the combination of my disability and nationality makes me the bigot. Thanks ICANN, I’m going to feel really psychologically safe at my next meeting.

“What exactly does IT stand for?”

On a professional level, what really boils my piss is this directive, which appears under a section entitled “Use respectful language”:

Avoid jargon: Minimize your use of jargon, shorthand and acronyms that may not be understood by newcomers or people with different experience and skillsets

I totally agree, of course. It’s long since past the point that even some ICANN community veterans often have no clue what ICANN is talking about without a quick google or reference to a glossary.

So why in the Jiminy Cricket is ICANN introducing this package of Orwellian social guidance with the sentence “I am thrilled to announce the launch of ICANN’s Diversity and Inclusion Toolkit, a pivotal resource to support the implementation of the Work Stream 2 (WS2) recommendations.”

Work Stream 2? Work Stream 2 of what? The blog post doesn’t say, and you have to get several clicks deep into the Manifesto itself before you’ll find a reference to, or link to, the CCWG report.

Who is this aimed at? Insiders. Nobody else could possibly understand this stuff.

Germany crosses 10,000 dot-brand domains milestone

The number of domains registered to Germany-based dot-brand registries crossed the 10,000 mark in the last few weeks, thanks to a handful of enthusiastic registrants.

That’s almost half of all the domains currently showing up in dot-brand zone files, which stands at just over 21,000, according to my database.

German companies have been the most-prolific users of dot-brands, with the financial services company Deutsche Vermögensberatung (DVAG) currently accounting for over 7,500 domains.

As well as having several corporate web sites on .dvag domains, DVAG gives out firstname-lastname.dvag domains to its network of financial advisors, with each domain redirecting to a personalized, template-driven digital business card on dvag.de.

Car-maker Audi, part of Volkswagen, is the second-biggest user, with over 1,700 current .audi domains connecting its network of dealerships and many domains for individual car brands. Its dealers also get template-driven brochureware web sites, but there’s no redirect to a different TLD.

Fellow car-maker BMW and retailer Schwarz Gruppe, owner of the Lidl supermarket chain, are among the other dot-brands with hundreds of domains to their name.

Freenom shuts down 12.6 million domains — report

Dying free-domains registry Freenom has shut down at least 12.6 million domains across three of its TLDs, according to research from Netcraft.

Netcraft’s latest web server survey shows that the domains — across .tk, .cf and .gq — no longer resolve, according to the company.

That’s 98.7% of the resolving domains Freenom had a month earlier, Netcraft said.

Freenom, also known as OpenTLD, said in February that it was to exit the domains business entirely as part of its settlement with Facebook owner Meta, which had sued it for alleged cybersquatting.

It had already lost its ICANN registrar accreditation and its government contracts to run its portfolio of ccTLDs.

The company’s business model was to offer most domains for free and then monetize them when the registrations expired or were suspended for abuse. It attracted a lot of abusive registrants.

Interestingly, Netcraft notes that the deletions meant that Cloudflare saw a 22% drop in its total hosted domains (with Cloudflare acting as host, not registrar) over the month.

GlobalBlock blocking 2.5 million domains

GoDaddy-led brand protection project GlobalBlock says it is already blocking over 2.5 million domains, just a couple of weeks after its formal launch.

The GlobalBlock web site reports that 2,569,815 domains are currently being blocked across 559 extensions (a mix of ccTLDs, gTLDs, third-level domains and blockchain names), for an average of just under 4,600 per extension.

It’s difficult to extrapolate much useful information about rapid market demand for the service from this one number, for a variety of reasons.

First, the more-expensive GlobalBlock+ service can block well north of 10,000 domains, mostly homographic variants of a trademark, for a single fee, which could mean as few as just a couple hundred customers have signed up so far at the most pessimistic interpretation.

Second, GlobalBlock offered pricing incentives to existing customers of GoDaddy’s AdultBlock and Identity Digital’s Domain Protected Marks List, both of which are over a decade old, in the months-long run-up to launch.

The vanilla, single-brand GlobalBlock service retails for about $6,000 per year, with GlobalBlock+ going for closer to $9,000.

Microsoft moving its cloud apps from .com to .microsoft

Microsoft is planning to move all of its Microsoft 365 apps off a multitude of .com domains and consolidate them all under .microsoft, its dot-brand gTLD.

The company says it will move Teams, Outlook, and Microsoft 365 web apps to the cloud.microsoft domain. They currently use domains such as outlook.office.com, teams.microsoft.com and microsoft365.com.

It first announced the move in April last year and this week reminded developers of apps that use its cloud platform that they need to support the new domain.

Explaining the move to the dot-brand last year, the company wrote:

Consolidating authenticated user-facing Microsoft 365 experiences onto a single domain will benefit customers in several ways. For end users, it will streamline the overall experience by reducing sign-in prompts, redirects, and delays when navigating across apps. For admins, it will drastically reduce the complexity of the allow-lists required to help your tenant stay secure while enabling users to access the apps and services they need to do their work.

Microsoft plans to launch the teams.cloud.microsoft domain in June but run the two domain schemes in parallel for a while, so as to not unnecessarily break apps in its developer ecosystem.

It’s not going to dump microsoft.com altogether, saying that it plans to use it for “non-product experiences such as marketing, support, and e-commerce.”

The cloud.microsoft domain is already one of the more visible dot-brand names out there, ranking in the top 20 most-visited, according to Majestic rankings.

Hat tip: The Register.

Dueling domain blocking services to launch at ICANN 79

Norwegian startup NameBlock is set to launch its suite of brand protection and domain security services later this week, with a somewhat different take on the market to its primary competitor.

Recently appointed CEO Pinky Brand tells me the company plans to formally launch March 1, the day before the ICANN 79 public meeting begins in Puerto Rico.

The company is coming out with two services to begin with — BrandLock, which allows trademark owners to block their marks across multiple TLDs, and AbuseShield, which blocks hundreds of variant domains that are considered at the most risk of abuse.

BrandLock is perhaps most directly comparable to the DPML service offered by Identity Digital, GoDaddy’s AdultBlock, and the multi-registry GlobalBlock service that is also due to formally launch in San Juan next week.

The service requires the buyer to own a verified trademark, and the exact match of that mark will be blocked over a multitude of ccTLDs and gTLDs. Brand said reseller partners may choose to bundle different TLDs thematically or offer them as one-offs.

He said he expects it to retail for $40 to $50 per domain per year, so presumably makes the most sense for the more-expensive TLDs or for buyers who have other reasons to want a block rather than a defensive registration.

The value proposition seems a lot clearer for AbuseShield, which is notable for not requiring a trademark to get protection — it’s more of a security pitch than a brand-protection story.

Under AbuseShield, when a registrant buys a name in a participating TLD, they will be given the option to pay to block a couple hundred potentially abusive variant domains in that same TLD, for a far lower cost than they’d pay to defensively register them individually.

Using data from NameBlock’s majority shareholder iQ Global, the company identifies homographic variants and common “abuse prefixes” — strings such as “login” and “https” — to compile a list of domains to be blocked. A feature called VariantCatcher will automatically block already-registered risky domains at the registry when they expire, for no extra cost.

“We want to make the abuse prevention market much, much wider than it has been before,” Brand said. “You’d pay $89 to $129 a year the block the 100 to 250 variations that we know are most likely to be used by someone to do you harm.”

At first, the service will be available through NameBlock resellers, currently those registrars focused on corporate services, but the company plans to make an API available in a few months that will let retail registrars offer the service as an up-sell in their storefront.

At launch, NameBlock has around 15 resellers, such as MarkMonitor, CSC, 101Domain, Encirca and Gandi, Brand said. Registries for about a dozen TLDs will be on board, but Brand said he expects this to grow to 40 to 50 in a couple months.

CoCCA which makes registry software used by 57 ccTLDs, has already announced its support for NameBlock’s services.

Elsewhere at ICANN 79, you’ll find the Brand Safety Alliance, a GoDaddy-led initiative purveying the new GlobalBlock service, which is more of brand-protection play

As I’ve previously blogged, because portfolio registries GoDaddy and Identity Digital are involved, GlobalBlock can provide blocking coverage in hundreds of TLDs — over 560 at the current count — with prices starting at about $6,000 a year retail.

While GlobalBlock and NameBlock are certainly operating in the same space, there appears to be enough variation between the two services that the market might be able to support both.

Domain universe grows on new gTLDs despite .com shrinkage

The number of domain names on the internet grew by about 600,000 during the fourth quarter of 2023, despite the drag caused by shrinkage in .com and .net, according to Verisign’s latest Domain Name Industry Brief.

There were 359.8 million registered domains at the end of the year across all TLDs, a 0.2% increase over September, the latest DNIB says.

The growth was hampered by declines in Verisign’s own flagship gTLDs, which were down by 1.2 million names over Q3 and a million names year-over year. Verisign blamed softness in China for the declines during its Q4 earnings call last week.

New gTLD reg volume picked up most of the slack, growing by 1.6 million or 5.3% over Q3, and 4.4 million or 15.9% over 2022. This seems to have been largely driven by six-figure increases at a handful of low-cost gTLDs coupled with smaller increases across the board.

ccTLDs grew more modestly, up about 200,000 names or 0.2% quarter over quarter and 5.3 million names, 4%, year over year. There were 138.3 million ccTLD domains at the end of the year. Growth seems to have been tempered by six-figure declines in the likes of .uk and .ru.

ICANN insists it is working on linkification

Having been accused of ignoring the lack of universal support for new gTLDs in favor of virtue-signalling its support for multilingual domain names, ICANN has now insisted it is working on the problem.

ICANN chair Tripti Sinha said in a letter (pdf) published today that ICANN staff have been “actively engaging” with the software developer community on a “multitude of efforts” aimed at getting Universal Acceptance for all domain names.

She was responding to an October 2023 letter from .tube CEO Rami Schwartz, whose solo research last year uncovered the fact that many major app developers — including WhatsApp maker Meta — were relying on hard-coded TLD lists up to eight years old to validate domains.

This meant domains in the hundreds of TLDs that went live after November 2015 were not being detected as domains, and therefore not automatically “linkified” into clickable links, in many near-ubiquitous apps and web sites.

But Sinha insists that ICANN has been putting resources into the problem, including creating a “technical UA team” that is “actively engaging with technical organizations and communities, raising bug reports, as well as contributing open-source code where possible”.

The team has been participating in hackathons and conferences to push the UA message, she said, and has engaging in web sites such as Stack Overflow (where coders ask each other questions about tricky programming problems) to educate developers.

She named Meta and WordPress as software companies ICANN has been reaching out to directly.

“The ICANN org team has been meeting with META and reported UA related issues to them, including linkification. The team has recently also reported the issues shared by you related to more recently delegated TLDs, including .TUBE,” she told Schwartz. “META continues to look into these issues and is making progress towards resolving them.”

She also pointed out that ICANN and the ICANN-funded Universal Acceptance Steering Group held a Universal Acceptance Day last year and will conduct another this year.

UA Day is actually dozens of individual events — over 50 last year — that took place across the world over the space of a couple of months. This year’s event appears to be equally diverse, with events taking place from March to May across many locations mainly in Asia, Africa and South America.

The UASG supplies PowerPoint presentations and videos to each event to use if they wish, but the focus is very much on the substantially trickier problem of UA for internationalized domain names — domains or email addresses that use non-Latin scripts or diacritics not present in ASCII — rather than the lower-hanging fruit of getting developers to update their TLD lists more frequently.

Even though there hasn’t been a new TLD delegation for a couple of years, there were still almost 30 TLDs deleted from the DNS root last year. The number of valid TLDs changes perhaps more frequently than many developers realize.

Walking down the street somewhere, I once saw a barbershop called “Every Six Weekly”. Crap brand, certainly, but the message lodged itself in my borderline autistic nerd brain — that’s how often society expects me to get my hair cut, every six weeks.

Maybe ICANN should try something like that.

ICANN picks its first ever Supreme Court

After foot-dragging for a decade, ICANN has finally approved a slate of a dozen jurists to act as its de facto Supreme Court.

Its board of directors voted at the weekend to create the first-ever Independent Review Process Standing Panel, a pool of legal experts from which panels in future IRP proceedings — the final appeals process for ICANN decisions under its bylaws — will be drawn.

ICANN has not named the 12 people yet. The names are redacted from the published resolution, presumably because they haven’t signed contracts yet. ICANN said they are “well-qualified” and “represent a diverse breadth of experience and geography”.

The names were put forward by a cross-community working group called the IRP Community Representatives Group, which looked after the application and interview process. A thirteenth CRG pick was deemed “ineligible” by ICANN for undisclosed reasons.

The Standing Panel is intended to make IRPs faster and cheaper by drawing the three-person panel in each case from an established pool of experienced professionals. The panelists will be contracted for staggered terms of service.

The ICANN bylaws have called for the establishment of such a panel for over a decade, but its timely creation was another victim of the lethargy that consumed ICANN for years. The lack of a Standing Panel has been raised by claimants in multiple IRPs, some of which are ongoing.

Elsewhere in IRP policy-making, a separate staff/community working group called the IRP Implementation Oversight Team expects to shortly publish certain revisions to the IRP rules for public comment, but the fact that the legal language of the rules is to be written by the law firm Jones Day, which represents defendant ICANN in IRP cases, has raised some eyebrows.

DNS Women barred from ICANN funding?

A networking group set up to support women in the domain name industry, especially in the developing world, may be banned from applying for ICANN funding under rules published earlier this week.

Concerns have been raised that DNS Women may be excluded from the $10 million in non-profit Grant Program funding ICANN is making available this year because its CEO participated in the program’s community rule-making process.

ICANN’s rules, written by Org staff based on the recommendations of the Cross-Community Working Group on New gTLD Auction Proceeds (CCWG-AP), ban anyone from applying for grants — set at between $50,000 and $500,000 — if they have potential conflicts of interest.

Participation in the CCWG-AP is listed as one such conflict:

No person that participated as a member (including temporary member appointments) of the Cross-Community Working Group on New gTLD Auction Proceeds (CCWG-AP) is eligible to apply for or be included within funded proposal activities as principals, advisors, or in other roles. Grants may not be awarded to businesses and organizations owned in whole or in part by the CCWG-AP members or their family members. Grant funding may not be used to pay compensation to CCWG-AP members or their family members.

DNS Women is currently led by Vanda Scartezini, who was a member of CCWG-AP representing the At-Large Advisory Committee. She’s written to ICANN to express surprise to find herself suddenly unable to apply for funding. ICANN has responded with a pointer to the CCWG-AP’s recommendations, where the language closely mirrors that found in the new application rules as implemented.

But if Scartezini has shot herself in the foot, she may not be alone. According to the CCWG-AP’s final report, there may have been almost enough foot-shooting to create a Paralympic football team.

Of the 22 people who participated as full members of the group — and would be therefore barred from financially benefiting from grants — 10 people answered “yes” or “maybe” when asked to disclose whether they or their employer expected to apply for funding (almost all, including Scartezini, were “maybes”).

The $10 million tranche available this year comes from a $217 million fund ICANN raised auctioning off contested gTLDs following the 2012 application round.