Uncategorized

20
Jul

ICA to NTIA: 1. Lower .com Prices; 2. Do Something About GDPR and Whois

 

On July 17, 2018, the Internet Commerce Association (ICA) submitted its feedback to the United States’ Department of Commerce in connection with the National Telecommunications and Information Administration’s Notice of Inquiry on International Internet Policy Priorities.

The message was clear. Two major issues need immediate attention;

1.   Root Zone Management and ICANN’s Inherent Conflict of Interest with the Verisign monopoly on .com domain name registrations; and

2.   Failure of the ICANN Multistakeholder Model to Satisfactorily Address Whois Access and Accreditation in Light of the GDPR Fiasco.

 

Below is the ICA’s letter to Assistant Secretary for Communications and Information and Administrator, David J. Redl.

 

____________________________________________________________________________________________________________________________________

July 17, 2018

 

Honorable David J. Redl

Assistant Secretary for Communications and Information

and Administrator, National Telecommunications and Information Administration

U.S. Department of Commerce

Washington, DC 20230

 

Dear Mr. Redl:

RE: NTIA Notice of Inquiry (06/05/2018): International Internet Policy Priorities

I write to you on behalf of members of the Internet Commerce Association. Founded in 2006, the Internet Commerce Association (the “ICA”) is a non-profit trade organization representing domain name investors, website developers, domain name secondary marketplaces, escrow service companies, registries, and related service providers.

The ICA is comprised of responsible businesses and individuals who have joined together to improve public confidence in Internet commerce. Based in Washington D.C., the ICA’s mission is to assist with the development of domain name related policy and to advocate for fairness in government policy and regulation.

ICA members own and operate approximately 10 million .com domain names and provide crucial domain name-related services to many thousands of their respective customers. As such, our members play an integral role in the operation and use of the Internet, and an open and secure Internet is of utmost interest to our members.

As interested stakeholders on the NTIA’s international internet policy priorities, we are pleased to provide you with our comments and recommendations pursuant to your above-noted Notice of Inquiry dated, July 5, 2018, on “International Internet Policy Priorities” (the “Notice”). We hope that our comments and recommendation herein will assist you with identifying your policy priorities. We note that you invited comments on the full range of questions presented in this Notice, including on issues which were not specifically raised. Our comments herein are primarily in response to the “Multistakeholder Approach to internet Governance”. To the extent that any of our comments do not directly address the four specific questions raised, our comments are in connection with “other issues which were not specifically raised” but were nonetheless part of your invitation for comments.

Background –A Crucial Role for American Leadership

We applaud your remarks to the Federalist Society Executive Branch Review Conference on April 17, 2018, in Washington, D.C., wherein you stated that “NTIA and the Department of Commerce [are] thinking about the future of American leadership every day”. We also support your aforementioned remarks wherein you stated that the objective must be “to ensure that the Internet is open, secure, and providing maximum benefits to the American people”.

The NTIA has previously expressed its support for the “multistakeholder model” of ICANN governance, and the ICA also generally supports the multistakeholder model. ICANN is fortunate to have thousands of dedicated volunteers, experienced staff, and competent leadership who all work very hard contributing to the multistakeholder model and the ICA is proud of its long-term commitment and contributions to the multistakholder model.

Nevertheless, the NTIA can and must continue to play a role in providing crucial oversight and providing a bulwark against apparent failures of the multistakeholder model in order to protect the Internet and American interests in particular. The ICA sees a need to reform and possibly restructure the multistakholder model in order to enable stronger ICANN leadership so that crucial issues can be addressed in a timely and effective manner, while at the same time enable the multistakholder model to be less subject to capture by the industries which it in effect regulates, and more responsive to and accountable to the public interest.

NTIA has recognized the important role that the United States has to play in protecting and promoting an open Internet and in strengthening the global marketplace for American digital products and services,[1] and therefore can and should show American leadership in terms of improving the current multistakholder model which is central to an open and strong Internet. In particular, nowhere is the need for American leadership more apparent than with regards to;

  1. Root Zone Management and ICANN’s Inherent Conflict of Interest with the Verisign monopoly on .com domain name registrations; and
  2. Failure of the ICANN Multistakeholder Model to Satisfactorily Address Whois Access and Accreditation in Light of the GDPR Fiasco.

Multistakeholder Model and NTIA’s Oversight of Root Zone Management and the .com Registry

The multistakeholder model has unfortunately not been effective in preventing Verisign, Inc. (“Verisign”) from using its lucrative monopoly position to continually be rewarded with a ‘no-bid’ contract for the exclusive operation of the .com registry.  Notwithstanding the IANA transition, this is an area where NTIA retains de facto control of important Internet resources. NTIA’s objective in providing “a secure Internet” can be accomplished right alongside NTIA’s objective of “providing maximum benefits to the American people”. Unfortunately, that is not the case now with regards to the .com monopoly and American leadership is required to rectify the situation.

Verisign, Inc. (“Verisign”) has to-date, operated the .com registry in a manner linked to Verisign’s management of the root zone. These two crucial tasks however, need not be inextricably intertwined as the root zone management function is distinct from and can be fully separable from the contractual right to operate the .com registry. Nevertheless, whether root zone management is tied to the operation of the .com registry as it is now, or whether it is separate and distinct, the imperative remains that the NTIA should effectively exert crucial oversight over the .com registry to ensure the maximum benefit to the American people while protecting the management of the root zone.

The ICA recommends that the NTIA show American leadership by taking immediate steps to open the .com registry operation for a competitive procurement process in an effort to lower costs to American business and consumers, as well as millions of Internet users and businesses worldwide. Currently, Verisign is unjustifiably enjoying record and windfall profits as a result of its monopoly over the registration of .com domain names, and this contract need not and should not be tied to the operation of the root zone management functions. A secure root zone management can be achieved while also enabling a fair and competitive business environment that benefits the American people. Left without NTIA oversight and/or the exercise of NTIA influence, ICANN is likely to allow Verisign, to have free reign to set prices in a perpetual no-bid contract.

As NTIA is well aware, Reston, Virginia-based Verisign has been granted a monopoly to operate the .com registry.  There are approximately 133.9 million .com domain names registered. Verisign, a public company with a market capitalization of over $18 billion and net income in 2017 of US $457 million on revenue of $1.14 billion, enjoys a monopoly as the registry operator for all .com and all .net domain names pursuant to a contract with Internet Corporation for Assigned Names and Numbers (“ICANN”).

Verisign’s cost to operate the .com registry has been estimated at less than $3 per domain and possibly less yet it currently charges $7.85 per .com domain per year.  This imposes an unjustified cumulative multi-billion dollar “monopoly tax” on American Internet users.

Verisign’s 2006 contract with ICANN gave it the right to increase .com prices 7% in 4 out of the 6 years of its contract. It agreed to a similar deal with ICANN in 2012, only to have the U.S. Department of Justice step in and say that the new six-year contract shouldn’t have price increases.[2] That fixed the wholesale price of .com domain names at $7.85 per year. On September 15th, 2016, ICANN’s Board approved the extension of Verisign’s .com agreement and simultaneously approved an extension of the existing $7.85 ceiling on .com wholesale prices through 2024. The wholesale price is the price that Verisign charges registrars such as Arizona-based Godaddy, the world’s largest domain name registrar.

Any increase in the .com wholesale cost would be passed along to American consumers and businesses at the retail level. Notwithstanding that price cap extension, the wholesale pricing of .com domains could be revisited by ICANN and Verisign if NTIA does not extend a separate Cooperative Agreement currently in force through November 30, 2018, or alternatively, does extend it but with a different pricing control, or even allows ICANN and Verisign to renegotiate without NTIA oversight.

The massive scale of this problem cannot be understated. If Verisign were to be permitted to exploit its monopoly by raising prices by 10%, it would result in hundreds of millions of dollars in additional windfall profits from its monopoly, on the backs of American businesses and consumers. This in turn would cause tremendous economic harm to American consumers and businesses who have little choice but to continue to register their .com domain names in the absence of any recognized satisfactory alternative to the dominant .com gTLD.

The fact is that .com domains are considered the global standard for online branding.  The market value of .com domains reflects that .com domains are perceived differently from any other extension.  A .com domain will have a market value at least ten times higher than a corresponding domain in a different extension.  This demonstrates that the market perceives other domain extensions as qualitatively different from .com.  In effect, a .com domain is a different product from a domain in another extension, and it cannot be substituted without a substantial loss of utility.  The availability of other extensions does not therefore serve as a constraint on .com’s pricing power. The dominance of .com is demonstrated by 93% of the top 50 US websites operate from a .com domain.  The three top sites that aren’t listed under a .com domain (wikipedia.org, craigslist.org and att.net) still have the corresponding .com domain out of necessity.

The power of .com is recognized in the start-up community.  According to venture capitalist Paul Graham, “The problem with not having the .com of your name is that it signals weakness… a marginal domain suggests you’re a marginal company.” Despite any so-called competition from new gTLD extensions, the growth in registrations of .com domains far outpaced that of the new extensions.  The arrival of hundreds of new gTLD’s has had little discernable impact on the market dominance of .com domain names.

According to Verisign’s own 2018 Domain Name Industry Brief, the .com domain name base totalled approximately 133.9 million domain name registrations, and combined with the 14.4 million .net domain names which Verisign also operates as a monopoly, Verisign experienced an increase of 4.6 million total domain name registrations, or 3.3% year over year. Compare this with new gTLD domain name registrations which were a mere 20.3 million and experienced a net decrease of 400,000 domain name registrations or 2%. Clearly, market conditions remain extraordinarily favourable to Verisign, with new gTLDs having no appreciable impact on .com registration rates and posing no significant competition whatsoever.

Furthermore, even if there were any factors which negatively affected Verisign’s market conditions, a decrease in the .com price would be expected in order to increase demand.  Yet in the absence of market constraints on .com prices, any attempt to raise prices would constitute an entirely unjustified monopoly tax on those Americans using .com domains, and who are unfortunately a captive market of a large and powerful monopoly.

Verisign’s cost to operate the .com registry has been estimated at less than $3 per domain and possibly less, yet it currently charges $7.85 per .com domain per year. What is even more outrageous, is that in 2017, Verisign’s operating margin was 60.7%. It made $447 million in net profits on revenue of $1.17 billion. Verisign’s stock price has tripled in the last five years, with investors no doubt happily counting on Verisign to continue reaping outrageous profits from Internet consumers and businesses under and entirely unjustified monopoly.

The NTIA should therefore show American leadership and stand up for American consumers and American business – as well as the millions of foreign Internet users and businesses – who are being preyed upon by Verisign’s monopoly. The operation of the .com registry can and should be operated by an operator who is eager to take on the contract but is willing to offer substantially lower .com pricing. Given the tremendous windfall profits that Verisign has to-date enjoyed, this is easily achievable for an operator in a competitive environment. The operation of the .com registry should be put out for tender, separate and apart from the operation of the root zone management functions. American companies such as Google, Amazon, and Neustar, are all likely able to provide competitive bids for the same or better operation of the .com registry at the same or lower cost, thereby ensuring that the crucial .com registry remains operated in America.

It may be that as a result of competitive bids, Verisign is forced to lower its prices but is able to be the successful bidder, and that would also be a success for the NTIA and American consumers and business. There is no doubt that Verisign or another qualified operator can continue to offer stable and secure .com registrations while charging reasonable prices instead of exorbitant and outrageous price gouging. Moreover, NTIA should follow the example of .us, which was subject to a competitive procurement process[3], as well as the examples of .au and .fr.[4]

With the potential expiry of the Cooperative Agreement and its potential extension on November 30, 2018, the time is now for the NTIA to step in and ensure fair pricing for .com domain names, which form the bedrock of the Internet.

Left without crucial American leadership and oversight on the contractual right to operate the .com registry, ICANN is susceptible to catastrophic conflict of interest to the detriment of American Internet users and businesses. ICANN receives an estimated $34 million a year from Verisign after having “renegotiated” with Verisign in 2012 for an extension of the .com Registry Agreement. Without NTIA oversight over this crucial contract which has to-date been a “no bid” contract, ICANN – which is facing serious financial challenges as a result of expanding its mandate and financial mismanagement – would be permitted to once again strike a deal with Verisign wherein Verisign would self-servingly pay ICANN more than the current $0.25 per .com domain name registered in a “quid pro quo” for being able to unjustifiably jack up the price of .com domain names to the public. That would assist ICANN with its self-created financial issues and would more than satisfy Verisign who would have a free hand to reap untold profits through its monopoly. But crucially, there would be no one looking out for Internet users and businesses.

The Internet community must look to the NTIA for relief and to stand up for an open, secure, and fair Internet that encourages Internet business and which does not allow one company to reap outrageous and disproportionate financial gains behind closed doors with a no-bid contract under the apparent auspices of ICANN’s multistakeholder model, with little accountability and ICANN’s natural and apparent financial self-interests. If the NTIA wants to demonstrate American leadership for the benefit of Americans and for the world Internet community at large, there is no better place than with .com pricing.

Failure of the ICANN Multi-stakeholder Model to Avoid the GDPR Crisis

As you correctly pointed out in your testimony to the Senate Commerce, Science and Transportation Committee on June 13, 2018, the NTIA is justifiably “concerned that the security and stability of the Internet is being inadvertently compromised by pressure to comply with the European Union’s General Data Protection Regulation (GDPR)”. As you pointed out in your testimony, Whois information is critical for law enforcement, cybersecurity, intellectual property enforcement, and consumers looking to ensure the legitimacy of websites.

But access to Whois information is also critical for the domain name investment industry, which is a multimillion dollar industry as evidenced by the massive secondary domain name markets operated by Sedo and Afternic, and also by established domain name escrow services providers such as Escrow.com. The companies which conduct hundreds of millions of dollars of domain name purchase and sale transactions, rely upon access to Whois records for consumer protection by verifying registrant details and ensuring that transactions are bona fide.

In addition, numerous professionals including but not limited to established domain name brokerages such as Media Options, auctioneers such as Heritage Auctions, law firms such as Dentons, IP consultants such as Marksmen and BrandIT, and investigators such as Kroll, all rely on Whois records for a multitude of crucial tasks in the public interest on a daily basis. These crucial tasks include but are not limited to validating website and domain name ownership to ensure transparency and accountability for commercial activity and transactions, conducting forensic portfolio audits and domain name portfolio appraisals, broker and legal due diligence including chain of title examination via historical Whois records, investigating and reporting on fraudulent use of domain names and online abuse, asset investigation and recovery, and identifying parties to prospective civil proceedings. Journalists and researchers also rely on Whois to protect against corruption, inform the public, and for academic analysis. Accordingly, such entities have a legitimate interest in access to the Whois and such access is crucial for American Internet users and businesses.

Despite the crucial public interest in maintain open access to the Whois database, ICANN failed to provide any one of several possible solutions which would have avoided GDPR effectively destroying Whois as we know it, such as the following potential solutions;

a) preemptively lobbing for a GDPR that expressly recognizes that the Whois a crucial public database that should be accessible in the public interest;

b) requiring the consent of registrants in registration agreements, to processing and publication of their Whois data;

c) standing up for an interpretation of the GDPR which would provide continued and unimpeded access to the Whois, like EU countries did for their own corporate and trademark databases; or

d) create an accreditation and access model available immediately upon the implementation of GDPR on May 25, 2018.

Instead, and despite years of notice, ICANN’s multistakeholder model somehow failed to protect American Internet users and businesses who rely upon the Whois. Even after failing to stop GDPR from being drafted in a manner which outrageously fails to take into account the important public interest in Whois, it was still within ICANN’s mandate and ability to at least fight for a restrictive interpretation that inter alia; a) did not purport to apply GDPR to legal persons as opposed to natural persons; b) which did not purport to consider email addresses as personal data; and c) and which did not put pressure on registrars to treat all non-European data personal data as ‘European personal data’ out of fear of inadvertently including European personal data in the Whois.

Now, ICANN has unfortunately been left scrambling to create a temporary Whois data model for its accredited registrars, but which fails to provide for any immediate accreditation and access model. In fact, the ICANN Business and Intellectual Property Constituencies, recognizing the urgency of the matter, presented a proposed model to ICANN for accreditation and access which recognized and addressed the requirement that these kind of entities amongst others, receive access, but ICANN failed to adopt or implement it, and instead embarked on a long but “expedited” policy development process to ostensibly create a long-term Whois model for all registrars, but this will likely at least take a year, and in the meantime legitimate users of the Whois are left without the tools that they rely on. This is a regrettable failure of the multistakeholder model, and this failure demonstrates the need for NTIA to show American leadership in improving it for the benefit of everyone, including American Internet users and businesses.

Although we applaud the NTIA’s efforts to continue pushing for the preservation of the features that make the WHOIS service valuable to Internet stakeholders, including through its role in the GAC, stronger measures are likely required to be taken to ensure immediate access to Whois by Americans with legitimate interests. If ICANN’s multistakeholder model is ill-equipped to exert pressure and influence on the EU, or if ICANN’s multistakeholder model is unable to take effective and immediate action to create a Whois accreditation and access model as appears to be the case, the NTIA must step up and protect American interests and the interests of all those worldwide that have fallen under the heavy and ill-advised hand of the EU’s GDPR. American Internet users and businesses who have enjoyed and relied upon access to Whois in the public interest, should not be subjected to foreign laws under penalty of heavy fines and prosecution by foreign nation states, and NTIA should push for measures that enable American registrars to continue to collect, process, and make available complete Whois records, in the public interest.

We would be pleased to discuss our comments with you at your convenience.

 

Yours truly,

INTERNET COMMERCE ASSOCIATION

per: Zak Muscovitch

General Counsel, ICA

 

[1] See; Assistant Secretary Redl’s testimony to the Senate Commerce, Science and Transportation Committee on June 13, 2018, at Page 6.

[2] See, “Verisign CEO discusses 2018 .com contract renewal and price increases”, Domain Name Wire, December 2, 2015.

[3] See; https://www.ntia.doc.gov/other-publication/2014/contract-operate-us-country-code-top-level-domain-awarded-neustar

[4] See https://www.auda.org.au/news/afilias-chosen-to-supply-au-registry-services/, and also see; https://www.afnic.fr/en/about-afnic/news/general-news/2782/show/afnic-awarded-fr-management-after-competitive-tender.html

 

10
Jul

ICA Letter to ICANN on Proposed Release for Registration of O .COM

On June 20th, the ICA has submitted a letter to ICANN stating its concern over the proposed approach on the Proposed Amendment to implement the request from Verisign to release the single letter domain, O.com. The letter can be view here: ICA Comment Re O.com Release Proposal – June 20 2018
16
Jan

A Re-Examination of the Defense of Laches After 18 Years of the UDRP

Can the UDRP be used to take away a Domain Name after 20 years?

Complainants can certainly try, as we recently saw with the Queen.com case.

Nevertheless, after 20 years of the UDRP it is high time for panelists to start seriously considering how severe delays in bringing a UDRP Complaint should no longer be tolerated. Many of our members have owned very valuable domain names for very long periods of time, and in many cases have built businesses around them.

That is why we undertook a major study of laches (the defense of delay) and have forcefully proposed that laches be recognized as a valid affirmative defense in the UDRP. We have found that laches has been unfairly sidelined as a valid defense.

Our newest article, A Re-Examination of the Defense of Laches After 18 Years of the UDRP (CircleID), makes the case that laches, as a valid equitable defense in other kinds of dispute, should naturally also be part of the UDRP as well. In the weeks and months ahead, we will be bringing this article to the specific attention of UDRP stakeholders.

If we are successful in having laches recognized as an acceptable defense under the UDRP, then this should both deter frivolous complaints against aged domains, and should also enable aged domains to be more strongly and reliably defended when complaints are filed against them.

The article was written by Zak Muscovitch, ICA Interim General Counsel with invaluable contributions by ICA Board Member, Nat Cohen.

A Re-Examination of the Defense of Laches After 18 Years of the UDRP

29
Dec

ICA Letter to ICANN Regarding the release of single-character domain for .COM

In its letter sent to ICANN before the Holidays, the ICA is asking for confirmation of a public comment period for Verisign RSEP (Registry Service Evaluation Process) for .com single character domain. The letter can be view here: Letter to ICANN re Release of single-character domain for .COM – December 22, 2017

1
Sep

ICA at MERGE!

The ICA is excited to be participating in THE Domain Conference, one of the sub-events at MERGE!, this October 14-18th in Orlando, Florida. The ICA will host a 45-minute session presenting an overview of our work with plenty of time for an audience Q&A.
MERGE! conference is organized by industry veterans and ICA members Jothan Frakes and Howard Neu along with his son Ray. They have years of experience organizing domain conferences and have contributed greatly to the growth of our industry. They have provided the following information about the conference.

 

====================================================================================

 

MERGE! is taking a different spin on a domain conference by bringing together experts and members from a number of complementary industries. By bringing together a mix of designers, developers, integrators, investors, businesspeople, CMO/CIO/C-Suite decision makers, branding firms, blockchain experts, funding veterans, and many familiar faces from the domain industry, the conference organizers expect many connections will be made that will lead to successful collaborations. Participating in THE Domain Conference, also offers valuable exposure to the many other events and activities at MERGE!

 

MERGE! accumulates a variety of the people you’d want to lure to a domain event by hosting multiple events that would typically attract them, and then making the content all about the utility and promise of domain names. As unconventional and crazy as it may sound, it works and is fairly obvious after some thought.

 

A WHIR networking has been added to MERGE! WHIR is well known to those within the cloud, CMS, and hosting world. TheWHIR holds events throughout Canada and the US and have a fantastic track record in building the value of in-person interactions. Their events facilitate community by providing a fun and comfortable environment to meet, mingle and do business with face-to-face.

 

The CMS Summit event at MERGE! is adding an impressive roster of speakers from Joomla, Drupal, Concrete 5, Automattic, Magento and more.

 

Digital Search Summit has participants that are experts on the major search engines and social media platforms who are heavy hitting speakers and influencers.

 

Bitcoin, Etherium, and other cryptocurrencies have seen their popularity rise this year and the Blockchain technology and innovation will be the focus of the BlockChain Roadshow.

 

THE Domain Conference –  the venerable and recently renamed pillar that so many of our members can attribute a large portion of their rolodex to – will be happening amongst all of the other content, where we get a chance to example the successes and prosperity of the domain business at an event that is vendor-neutral as an industry event.

 

Attendees will have the opportunity to meet startups, developers and influencers – help them choose the right domain name for their business or clients or resource ideas for their domain names. MERGE! provides these diverse networking opportunities to all its attendees.

 

Speakers and new conference tracks are being added daily to the show’s multi-track format. You can see the agenda and speaker profiles on their website: MERGESHOW.COM 

 

All ICA Members receive a special discount, receiving a ticket price of $299 for the event using promo code: “proudlyICA” (until 9/15). The conference admission is currently $699, and will rise to $899 over the weekend, so this preferred and special ticket for ICA members is something that you should take advantage of.

 

Those attending should hurry and take advantage of the special rate on the hotel rooms at the Orlando World Center Marriott.  The current rate of $129 / night is almost entirely used up and once it is full, the room rate rises to $300/night.

 

For more information, contact Jothan Frakes at: jothan@jothan.com, skype: jothan.frakes or call (206) 355-0230.
31
Aug

Report on ICANN 59 Johannesburg

By Philip S. Corwin, ICA Counsel

The 59th ICANN meeting was held in Johannesburg, South Africa from June 25th to 29th. Under ICANN’s new meeting schedule this mid-year gathering is the somewhat shorter “B” session devoted to intensive policy development work. This report details my engagement as ICA Counsel on your behalf and current and expected benefits to ICA members.

The meeting’s first day was exclusively dedicated to the ongoing efforts of the Work Stream 2 (WS2) ICANN accountability process. It deals with issues that, while important, did not have to be resolved prior to the IANA transition that took place on October 1, 2016. Many WS2 issues, such as greater transparency through improved community access to internal ICANN memos and documents, have been completed or are close to it. ICA members have identified greater ICANN accountability and transparency as a priority goal, and our continued engagement in this process will help maximize the benefits.

The most contentious subject remains ICANN’s jurisdictional status as a California-based, U.S. non-profit corporation. While a minority of Jurisdiction subteam members continue to seek exploration of alternative incorporation venues, discussions in Johannesburg appear to have established that the majority of members believe that it’s past time to accept U.S. jurisdiction given that the entire new accountability structure meshes with California law, and that there is no consensus for considering alternatives nor any compelling reason to do so. That outcome is consistent with ICA’s preference that ICANN remain situated in the U.S. to provide continued certainty as to applicable law and judicial oversight of its operations. The subteam will continue exploring jurisdiction issues that arise in regard to ICANN contracts and non-U.S. offices.

All of the ongoing policy development process (PDP) working groups held long open sessions in Johannesburg, including the two that I co-chair. The first, which is nearing completion after three years of work, involves the access of International Intergovernmental Organizations (IGOs – mostly UN agencies) to the UDRP and URS. IGOs, backed by the Governmental Advisory Committee (GAC), have been pushing for their own separate versions of those proceedings, based on broad claims of judicial immunity, in which a domain registrant would not have access to judicial review of an adverse initial decision but just another arbitration-type proceeding if they thought the initial decision was ill-founded. After engaging an independent legal expert regarding the scope of IGO jurisdictional immunity, the WG determined that there was no sound basis for the IGO’s broad immunity claims and instead is focusing on assuring that IGOs have ready access to the UDRP and URS as well as means to file via third parties and thereby safeguard the actual scope of their immunity. As we work toward wrapping up our efforts this fall, we are considering what to do if an IGO were to succeed in asserting immunity in a post-UDRP decision judicial process and thereby got the court action dismissed. Current UDRP language would let the UDRP decision be enforced upon dismissal of the judicial action brought by the domain registrant, but we are considering changing that to provide the domain registrant with a de novo review by an arbitrator in that narrow circumstance in order to assure a meaningful registrant appeal while respecting judicially determined IGO immunity. This WG is aiming to conclude its deliberations and submit a final report prior to the next ICANN meeting. ICA members will benefit from the WG’s insistence that domain registrants continue to have access to available judicial redress from an adverse UDRP decision regardless of the Complainant’s identity, as well as potential creation of a new review forum where one might not be otherwise available under current practice.

The other WG that I co-chair is the one reviewing all rights protection mechanisms (RPMs) in all gTLDs. This is the PDP that will commence the first-ever review of the UDRP in mid-2018. But for now we are focused on the RPMs created for the new gTLD program, and in Johannesburg we heard reports from two subteams examining sunrise registrations for trademark owners as well as trademark claims notices sent to those seeking to register a domain that’s an identical match to a trademark submitted to the Trademark Clearinghouse. That WG’s three hour session ended with a productive dialogue in which registries and registrars provided their perspective on operational aspects of these RPMs. ICA members have identified meaningful UDRP reform as their top policy priority, and my participation as a WG co-chair helps provide assurance that the review process will be balanced and comprehensive.

ICANN’s GNSO policymaking Council also held several sessions during the meeting. I serve on the Council as one of two elected representatives of ICANN’s Business Constituency. One issue of growing concern to Council members is a push by the GAC and other ICANN constituencies to address certain issues relating to gTLDs through a Cross-Community Working Group (CCWG) rather than via a GNSO PDP. While the PDP process welcomes the participation and input from anyone in the ICANN community, the ultimate decisions are made by the GNSO as this is the foundation of the bottom-up multistakeholder policy process rooted in the private sector and civil society rather than governments. The hot topic on which this debate is centered involves geographic names in new gTLDs, with governments pressing to have rights of pre-approval for almost any map name including villages, streams, and any landmark of cultural significance. On both process and substance, Council members reaffirmed their commitment to defend GNSO primacy on gTLD policy and to resist governmental overreach lacking a sound basis in law or policy.
The other hot issue discussed at ICANN 59 was the European Union’s (EU) General Directive on Privacy Regulation (GDPR), which will become effective in the spring of 2018. GDPR could subject registries and registrars to massive fines for revealing now-public WHOIS data, and there was extended discussion in Johannesburg regarding potential means of by which these contracted parties might comply with the Directive while continuing to collect and make available WHOIS data. ICANN staff is also investigating whether some GDPR exception can be granted for WHOIS data given its key role in consumer and IP protection.

ICANN 60 will take place in late October in Abu Dhabi. That is the week-long Annual General Meeting, and many of these same issues will be revisited there. I have just been re-nominated for a final term as one of the Business Constituency’s two representatives on the gTLD policy-making GNSO Council, and if I am re-elected (as appears very likely) I will commence that final two-year term at ICANN 60. My participation at this high-level of the ICANN policy process increases the stature of the ICA within the ICANN community and also provides enhanced access to Board members, senior staff, and internal information flows.

ICANN 60 will also see the retirement of ICANN’s current Board Chairman, Steve Crocker, and we are waiting to see who will replace him to lead post-transition ICANN’s Board. So stay tuned because all these developments can affect the domain marketplace and your rights in your portfolio.

30
Apr

URS is MIA in .Net Renewal RA

The Proposed Renewal of the .Net Registry Agreement (RA) was published for public comment by ICANN on April 20th. The biggest surprise about the proposed contract is how little it differs from the current one between ICANN and Verisign.

Conspicuously absent from the agreement is the new gTLD rights protection mechanism (RPM) of Uniform Rapid Suspension (URS). For the past two years ICA – along with ICANN’s Business Constituency and Non-Commercial Stakeholders Group – has been protesting the appearance of the URS in other legacy gTLD renewal agreements, contending that this is a policy decision specifically assigned under the Charter of the ongoing ICANN working group reviewing all RPMs at all gTLDs (note: ICA Counsel Philip Corwin is a Co-Chair of that WG). Trademark interests have countered that legacy registries were free to “voluntarily” adopt the new RPMs, although the presence of beneficial contract revisions or substantial financial concessions in those other renewal agreements raised questions about whether the URS inclusion was truly voluntary or a quid pro quo concession.

ICA had been concerned that Verisign would seek a reduction of the $0.75 .Net domain fee paid to ICANN to the standard registry fee level of $0.25 – and might acquiesce to URS in exchange for it. That change that would have netted Verisign savings of $7.6 million per year at the current level of 15.2 million .Net domain registrations. But the proposed renewal RA maintains the fee at $0.75, with the extra revenue still earmarked for special restricted funds for developing country Internet communities’ participation in ICANN, and to enhance and facilitate the security and stability of the domain name system (DNS).

While we have no insight as to what actually transpired during the closed door negotiations between ICANN’s Global Domain Division (GDD) and Verisign, we hope that ICA’s repeated protests against imposing URS via contract renewals was a factor in alerting the parties to the heated controversy that would arise from taking such action in regard to the second most populous gTLD. As one prominent industry publication recently noted:

Also likely to cheer up domainers is the fact that there are no new intellectual property protection mechanisms in the proposed contract.

Several post-2000 legacy gTLDs have agreed to incorporate the URS into their new contracts, leading to outrage from domainer organization the Internet Commerce Association.

ICA is worried that URS will one day wind up in .com without a proper ICANN community consensus, opening its members up to more risk of losing valuable domains.

The fact that URS is not being slipped into the .net contract makes it much less likely to be forced on .com too.

The .Com RA was extended last year through 2024, while the decision by the RPM Review WG on the extension of relevant new gTLD RPMs to legacy gTLDs will likely be made within the next year. Trademark interests that extolled the “voluntary” adoption of URS by other registry operators will have to employ pretzel logic if they plan to comment that Verisign should be involuntarily compelled to impose it on .Net registrants.

The proposed renewal RA will also let Verisign continue to increase .Net wholesale prices by up to ten percent each year. Verisign exercised that option in each of the six years of the current .Net RA, raising the wholesale price from $4.65 in 2011 to the current level of $8.20. Verisign will likely continue to do so under the proposed renewal agreement, at least until such price increases demonstrate a marked negative effect on .Net renewals. While carrying costs will thus likely increase for investors holding .Net domains in their portfolios, at least the potential price hikes are capped and predictable.

The proposed renewal RA does contain a number of materially new provisions, many of them drawn from the new gTLD and .Org RAs. One even provides ICANN with new powers in the highly unlikely event of a Verisign bankruptcy. But all are technical in nature, and none appear to raise any significant concerns for the domainer community.

The comment period closes on May 30th, and ICA will have more to say about this proposed RA by that date.

 

11
Apr

ICA Supports ICANN Transparency Improvements

ICA fully supported the insistence of ICANN’s community that the IANA Transition had to be accompanied by substantial improvements in ICANN Accountability.

Some of those improvements were deemed to be necessary preconditions to the Transition. They included substantial revisions of ICANN’s Bylaws to reflect new community powers, such as the ability to veto budgets or remove Board members. Those were Workstream One Accountability measures.

But Workstream Two measures,  to be accomplished post-Transition, are in many instances just as important. And that is particularly true of the steps necessary to make ICANN a far more transparent organization so that stakeholders can be fully aware of all that is going on and how decisions are reached.

That’s why ICA just filed a letter in strong support of the “CCWG-Accountability Work Stream 2 – Draft Recommendations to improve ICANN’s Transparency” published for public comment on February 21, 2017. Its most important recommendations relate to transforming ICANN’s Document Information Disclosure Policy (DIDP) – ICANN’s version of the US Freedom of Information Act (FOIA) – into a far more robust and useful tool.

At present the DIDP is a weak and loophole-riddled procedure, allowing ICANN staff far too much discretion to dribble out shreds of data while denying most of a disclosure request under broad and subjective exemptions. As stated in our letter:

Accountability requires transparency. No organization can be held accountable if it is permitted to impose excessive constraints on the release of internal documents and the vital information they contain to affected stakeholders. Our experience in attempting to use the current DIDP is that it fails to provide an adequate response to reasonable information requests in a timely manner. That is because  the broad exceptions contained in it, combined with the excessive interpretative discretion allocated to ICANN staff, facilitates the withholding of important information to requesting parties simply because its disclosure might embarrass ICANN or raise further questions about its decisions and actions.

We therefore enthusiastically support the great majority of the recommendations made with the aim of converting the DIDP into a far more robust and useful procedure.

The Draft recommendations also propose useful improvements in the areas of documenting and reporting on ICANN’s interactions with all governments; transparency of Board deliberations; and enhanced whistleblower protections for ICANN employees.

Now that the comment period is concluded, we hope the subgroup will quickly resume its activities, fully consider all comments, and deliver a final set of recommendations as quickly as possible. These important transparency enhancements should be adopted and implemented at the earliest feasible time. Then the next time we contemplate filing a DIDP request we can be confident of actually receiving the requested data, with denial a narrow exception rather than a general rule.

You can read the full text of our letter here.

10
Mar

A Complaint about ICANN’s New Complaints Office

ICA has long been on record that it was an inappropriate usurpation of the GNSO’s policymaking role for ICANN Global Domain Division (GDD) staff to be urging legacy gTLD registry operators to adopt Uniform Rapid Suspension (URS) in the course of renewal negotiations for their registry agreements (RAs). That’s because the URS was adopted as an “implementation detail” for new gTLDs, and an ongoing Policy Development Process (PDP) Working Group (WG) is obligated by its Charter to recommend whether the URS and other new gTLDs should become Consensus Policy applicable to legacy gTLDs. In other words, URS at legacy gTLDs is a policy issue for which GDD should not be pursuing its own agenda. We have been joined in that position by both the Business Constituency (BC) and the Non-Commercial Stakeholder Group (NCSG), and all of us previously filed Reconsideration Requests on this matter that were rejected by the ICANN Board.

Recently, in separate conversations with senior ICANN executives, both I and a member of the NCSG were encouraged to use the new complaints procedure that ICANN will shortly be establishing at the initiative of CEO Goran Marby. We were urged to pursue it for the specific purpose of reexamining the previous GDD actions that resulted in URS via contract at .Pro, .Cat,, .Travel, .XXX — and potentially .Mobi (final action pending).. When I inquired how the new complaint process would operate and what relief might be available I was told those details were still being worked out.

Frankly, because the Complaints Officer will report to the General Counsel, who has a fiduciary duty to protect the interests of corporate ICANN, there is some natural skepticism about the final disposition of any initial finding by the Complaints Officer that could create legal liability or financial liability for ICANN. But given assurances by those ICANN executives that this new process would be relevant and responsive to those prior URS complaints, we were willing to wait and see who was appointed as the new Complaints Officer and how the process would work. We presumed that the hire for this new post would be an ICANN outsider, in order to eliminate any prior relationships or internal culture acclimatization that might create a perception or reality of bias; and that the individual would have a strong background in handling corporate accountability and effectively resolving complaints arising from within and outside an organization.

That announcement was made today –

The Internet Corporation for Assigned Names and Numbers (ICANN) today announced that Krista Papac, Director of Registry Services and Engagement for ICANN’s Global Domains Division, has been named as ICANN’s Complaints Officer.

We have serious concerns about this choice — and they have nothing to do with Ms. Papac, for whom we have the highest personal and professional regard.

But how can any individual who has worked for years within ICANN’s GDD be expected to cast prior experience and relationships aside to thoroughly and dispassionately investigate a complaint brought against GDD actions generally, or those of a specific member of the GDD staff?

More specifically, in regard to ICA’s longstanding complaint about imposition of URS through the RA renewal process, Ms. Papac was the principal GDD staff contact for all five of the RAs which we have objected to. So how can she be expected to objectively deal with a complaint about ICANN actions for which she had primary responsibility? In effect, we’d be asking her to investigate her own official actions.

 Again, ICA is awaiting full information about the new complaints process and the available relief it may afford before deciding whether to test it. But given Ms. Papac’s primary responsibility for the very official actions we’d be complaining about, it seems like we would be compelled to ask her to recuse herself from handling the complaint. Whether she would, and who ICANN might then select to handle the complaint, are unanswered questions to be resolved down the road.

Regardless of the answers, today’s development reiterates the need for the Work Stream II Accountability process to recommend modifications that significantly enhance the powers of an independent ICANN Ombudsman reporting directly to the Board.

It seemed clear to us that ICANN should have sought a disinterested person with a strong and demonstrated background in effective corporate responsibility to handle this important new post. That it instead selected an ICANN insider seems like a major unforced error. And that’s our complaint of the day.

25
Feb

ICA Concerns Heard — Copyright UDRP on Indefinite Hold

Executive Summary:

  • The Copyright UDRP proposal unveiled two weeks ago in the Domain Name Association’s Healthy Domains Initiative has been placed on indefinite hold and is unlikely to be revived as a DNA initiative. Public Interest Registry announced on February 23rd that it was pausing its development of the plan and will not revive it absent further notice. One day later DNA stated that it was withdrawing the copyright portion of HDI and would only revisit it after any ICANN contracted party chose to develop and implement a similar plan on its own.
  • ICA played a central role in achieving this implementation moratorium. First, ICA issued two public statements immediately after the DNA’s announcement alerting the Internet community to our strong concerns about the substance and process of a judicial process alternative developed outside of ICANN’s multistakeholder process, especially given its free speech implications and proposed domain transfer remedy. ICA Counsel Philip Corwin then worked with like-minded members of ICANN’s Non-Contracted Party House, as well as with Internet Society members around the globe, to develop a letter to PIR requesting that it halt implementation and engage in dialogue with the broad Internet community before making any final decision on whether and in what form to implement the proposed DRP. That letter is now also on hold given the PIR and DNA announcements.
  • ICA believes that the proper forum for vetting any proposed DRP for copyright infringement is ICANN’s transparent and inclusive multistakeholder policy development process, and that the threshold question to be addressed must be why existing contracted party enforcement of relevant terms of service, combined with use of national copyright laws, is inadequate to address domains used for pervasive copyright infringement. If ICANN undertakes such an inquiry ICA will participate in good faith and with the objective of ensuring the health of the domain name system and the domain name industry through balanced, community-based policies that preserve registrants’ due process rights.

A detailed report on these developments follows.

 

*****

 

Two weeks ago the Domain Name Association (DNA) announced the details of its Healthy Domains Initiative (HDI) that included “the creation of a voluntary third party mechanism, similar to the Uniform Dispute Resolution Policy, for handling trademark violations, which would address illegal infringement of copyrighted material through the use of domain names”. An HDI background paper referred to this component as the “PIR proposal”, denoting its origin at the Public Interest Registry and PIR’s intent to be the first registry to implement this new DRP at .Org and the other gTLDs for which it is registry operator.

Both PIR and DNA have now put the Copyright UDRP on indefinite hold. As outlined below, ICA played a leading role in securing that result.

On February 23rd PIR posted the following notice on its website:

Over the past year, Public Interest Registry has been developing a highly focused policy that addresses systemic, large scale copyright infringement – the “Systemic Copyright Infringement Alternative Dispute Resolution Policy” or SCDRP.

Given certain concerns that have been recently raised in the public domain, Public Interest Registry is pausing its SCDRP development process to reflect on those concerns and consider forward steps. We will hold any further development of the SCDRP until further notice. (Emphasis added)

On February 24th the other shoe dropped with a DNA announcement that included the following:

On February 8, the DNA publicly announced the first output of its Healthy Domains Initiative: A set of 37 total “healthy practices” recommendations in four key areas… While each set of recommendations is important, a great deal of attention was focused on the copyright alternative dispute resolution (ADR) proposal—some have characterized it as a needless concession to ill-intentioned corporate interests, represents “shadow regulation” or is a slippery slope toward greater third party control of content on the Internet.

While the ADR of course is none of these, the DNA’s concern is that worries over these seven recommendations have overshadowed the value of the remaining 30. While addressing this and other illegalities is a priority for HDI, we heard and listened to various feedback, and have elected to take additional time to consider the details of the ADR recommendations… the DNA will take keen interest in any registrar’s or registry’s design and implementation of a copyright ADR, and will monitor its implementation and efficacy before refining its recommendations further. (Emphasis added)

While the PRI and DNA statements both leave open the possibility that they might revive development of the Copyright UDRP at some future time, our understanding is that there are no plans to do so. Further, notwithstanding the last sentence of the DNA’s statement, we believe that it is highly unlikely that any individual registrar or registry would advance such a DRP on its own without the protective endorsement of an umbrella trade association, or a multistakeholder organization like ICANN. Ever since the U.S. Congress abandoned the Stop Online Privacy Act (SOPA) in January 2012 after millions of protesting calls and emails flooded Capitol Hill, it has been clear that copyright enforcement is the third rail of Internet policy.

ICA played a leading role in voicing concern and raising questions about the Copyright UDRP.

The day after it was first announced, we blogged the following:

It’s that last proposal that is of greatest concern to ICA and its members, since it would establish proprietary dispute resolution mechanisms that could result in domain extinguishment or transfer. Further, it could set a precedent which trademark owners might cite in seeking privatized “best practices” trademark dispute resolution policies that go beyond whatever community-based consensus policies emerge from ICANN’s ongoing working group reviewing all rights protections mechanisms (RPMs) at all gTLDs. Therefore, ICA plans to take a leading role in analyzing and monitoring the details and implementation of the new “Copyright UDRP” and in exploring means to assure that ICANN-mandated RPMs for trademark owners do not simply become a floor from which they can seek to pressure registries to adopt far more onerous and unbalanced private RPMs… While it’s true that registries have always been able to adopt protective measures that go beyond ICANN requirements – witness the protected marks blocking lists being offered by some new gTLD portfolio owners to TM rights holders as an alternative to sunrise registrations – we believe it is now time to examine and limit that ability in regard to DRPs that can result in the transfer of valuable domains. ICA intends to raise that matter within the ICANN community and to seek allies for the proposition that all parties benefit from the adoption of uniform, consensus-based RPM policies as opposed to a disjointed system of varying RPMs designed to benefit just one side of the debate.

The following day we further explained our concerns:

This proposal would establish a new unregulated private legal dispute system for domain names involving claims of copyright infringement outside of any ICANN-mandated legal rights protection mechanisms (RPMs)… the .Org registry operator, Public Interest Registry (PIR), has already announced its intent to soon launch its own such “Copyright ADRP” that would award domain names to prevailing copyright claimants.

This is a deeply troubling development as ICANN has up to now been the sole source of all domain name related RPMs that can result in domain transfer or suspension at gTLDs.  The ICA is concerned that such a development outside of the ICANN multi-stakeholder, community-based consensus model, without public consultation, effectively circumvents ICANN’s established role and obligations, and may lead to private companies electing to force their own private legal regimes on Internet users and domain name registrants.

ICA Counsel Philip Corwin continued our organization’s involvement in the evolving and heated debate through participation in the Internet Policy email list maintained by PIR’s parent organization, the Internet Society (ISOC).

On February 17th he posted the following to that list:

This past week I have been attending the Intersessional meeting of ICANN’s Non-Contracted Party House (NCPH) in Reykjavik, Iceland in my capacity as one of the GNSO Councilors representing the Business Constituency (BC – and noting that the BC has not taken any position on any component of HDI and that this communication is being undertaken in my ICA role and not on behalf of the BC). During the meeting I engaged in conversations with many other members of the NCPH who share substantial concerns regarding the Copyright ADRP and its imminent implementation by PIR.

Those concerned NCPH delegates have asked me to draft a letter that can be signed by individuals and organizations requesting that PIR and ISOC undertake an open and transparent dialogue with the broad Internet community before making any final decision on whether and in what form to implement the Copyright ADRP. We share the common belief that PIR, as the registry operator affiliated with ISOC, has a particular responsibility to engage in such a dialogue before granting ISOC’s implicit blessing to an unprecedented dispute resolution procedure concerning copyright disputes. That is particularly true given that the DNA developed the HDI components without undertaking the broad outreach and discussion beyond its membership that it had initially indicated would be forthcoming.

On February 23rd, just after the PIR notice of intent to halt implementation was posted to the ISOC email list by Sally Wentworth, ISOC’s Vice President for Global Policy Development, Corwin posted this response:

Thank you for alerting us to the posting of this important statement by PIR. I welcome the announcement that PIR “is pausing its SCDRP development process to reflect on those concerns [raised in the public domain]” and “will hold any further development of the SCDRP until further notice”.

Last Friday I posted an email to this list stating in part that “concerned NCPH [ICANN Non-Contracted Party House] delegates have asked me to draft a letter that can be signed by individuals and organizations requesting that PIR and ISOC undertake an open and transparent dialogue with the broad Internet community before making any final decision on whether and in what form to implement the Copyright ADRP”. The threshold purpose of this letter was to convince PIR to halt any rush toward SCDRP implementation and to use that time out to consider the many concerns that have already been raised, as well as engage in a more expansive dialogue that included detailed discussion of the substance of the underlying and so far unrevealed draft policy and rules for the SCDRP.

Now that PIR has voluntarily declared a pause to any further development of the SCDRP I no longer see any immediate need to send a letter requesting such action. I do hope that PIR’s “forward steps” will include a broader engagement and dialogue with concerned parties. I thank all those parties who privately noticed me of their interest in signing such a letter, and I look forward to working with them and all other concerned parties as the situation develops.

While the draft letter was just about to be circulated for review at the time of the PIR announcement, expressions of interest in signing it had been received from multiple members of the NCPH as well as from individual and organizations (including national ISOC chapters) around the globe.

The Copyright UDRP initiative clearly elicited deep concern from multiple parties with varied Internet policy interests, and ICA commends PIR and DNA for recognizing the validity of those concerns and halting implementation and further development of the proposal.

As noted in ICA’s initial statements on the copyright UDRP, we believe that ICANN’s transparent and inclusive multistakeholder policy development process (PDP) is the most appropriate venue for consideration of any “private legal dispute system for domain names involving claims of copyright infringement”. The opening step to initiating such a PDP would be a request for ICANN staff to develop an Issues Paper outlining the scope of the underlying problem and the available mechanisms for ICANN’s contracted parties to address domains implicated in pervasive copyright infringement, as well as the legal and operational issues that would arise in the development of a new copyright DRP. It would be particularly important for such a document to examine whether existing means, such as registry/registrar enforcement of standard Terms of Service (TOS) that prohibit the use of domains for such unlawful purposes as IP infringement, as well as use of national notice-and-takedown laws such as the U.S. Digital Millennium Copyright Act (DMCA), are insufficient to address the problem – which should be a threshold determination before any further development of a Copyright UDRP is undertaken.

If ICANN undertakes such an inquiry ICA will participate in good faith and with the objective of ensuring the health of the domain name system (DNS) and the domain name industry through balanced and community-based policies that effectively address IP infringement while maintaining procedural and substantive due process for domain registrants.