News Review: ICANN Multistakeholder vs Multilateral Internet Governance

News Review | ©2016 DomainMondo.com
Domain Mondo's weekly review of internet domain news:

Features • 1. ICANN Multistakeholder vs Multilateral Internet Governance; 2. Why ICANN Multistakeholderism Is Failing; 3. Private Agreements and Antitrust Liability; 4. How ICANN threatens DNS Security & Stability; 5. Phishers shifting to ICANN's new gTLDs; 6. Bogus DMCA Take Down Notices; 7. TMCH Revised Report; 8. Internet Freedom Report: Malta, Cameroon, China; 9. A 'Digital Geneva Convention'; 10. Trump's Trademark in China; 11. Outlook email for your domain name; 12. SHA1 collision; 13. Hacked ICANN data still sells; 14. ICANN events May 9-15 in Madrid; 15. ICANN Public Comment Periods closing in March; 16. Most popular posts this past week.

1. ICANN Multistakeholder vs Multilateral Internet Governance
"I think if we get rid of that [IANA functions] contract we will be free of the pressures"--ICANN President and CEO Fadi Chehade, February 10, 2015.
February 2017: "... The reformed [ICANN] multistakeholder internet governance approach faces significant challenges ... If the multistakeholder model is seen as ineffective in addressing the vulnerabilities that enable cybercrime, or being completely peripheral to the issue, developing economies could question its legitimacy and seek answers in the multilateral system .... "There are also worries that ICANN, the operator of the IANA functions, will abuse its authority and ignore the interests of internet users. In the past, ICANN has been accused of ignoring the views of governments, prioritizing private sector interests, and mismanaging its finances. ICANN recently implemented enhancements to address these and similar concerns. Nevertheless, ensuring that ICANN remains accountable will be critical to demonstrating that the multistakeholder approach works. It will also act as a bulwark against Russian and Chinese efforts at greater intergovernmental control over the internet."--Maintaining U.S. Leadership on Internet Governance | Council on Foreign Relations | cfr.org (emphasis added).

2. Why ICANN multistakeholderism is failing--"industry self-regulation often fails to protect the public"--"lack of transparency, accountability, participation, and representation"--
source: Presentation on DNS and Content Regulation | Electronic Frontier Foundation
source: Presentation on DNS and Content Regulation | Electronic Frontier Foundation
Note re: Public Interest Registry's arbitration process--Systemic Copyright Infringement Alternative Dispute Resolution Policy (SCDRP) | Public Interest Registry | pir.org February 23, 2017--"Given certain concerns that have been recently raised in the public domain, Public Interest Registry is pausing its SCDRP development process to reflect on those concerns and consider forward steps. We will hold [i.e., stop] any further development of the SCDRP until further notice." (emphasis added)
UPDATE: Shadow Regulation Withers In The Sunlight | Electronic Frontier Foundation | eff.org: "... It’s not surprising that a plan developed in secret, without input from Internet users, would disregard users’ rights. As we’ve explained, truly “healthy” Internet governance requires inclusion, balance, and accountability, all of which were absent here. Public Interest Registry did the right thing by hitting the brakes on this proposal. Its brief announcement today acknowledges the importance of good policy-development processes ..."
ICANN's Commercial and Business Users Constituency (BC), Intellectual Property Constituency (IPC), ISPs and Connectivity Providers Constituency (ISPCP) complain about the NonCommercial Users Constituency (NCUC.orgsession at ICANN57 "DNS and Content Regulation" (one leading participant was Electronic Frontier Foundation, EFF.org)--
15 Feb 2017 Letter from BC, IPC and ISPCP (pdf) to Göran Marby, Steve Crocker, and ICANN Board of Directors, published by ICANN on 21 February 2017:
"... for the Hyderabad meeting, a single sponsor group proposed a HIT (High Interest Topic) session on DNS and Content Regulation. Initially, the sponsoring group was allowed to select panelists and designate the moderator, who was also part of the sponsoring organization. Through persistence by other stakeholders, panel participation was broadened considerably. Still, during the HIT session, the sponsoring organization opened with a presentation of their position. In our view, this did not meet the level of broad participation of the ICANN community to warrant a high-interest session ..."
Response from Göran Marby, ICANN President & CEO (embedded below, highlighting added)--or how ICANN subtly shuts down free speech, participation, and representation that conflicts with powerful private profit-seeking corporate interests such as represented by BC, IPC, and ISPCP, and the other unelected non-governmental special interests that dominate ICANN--

3.  Private Agreements and Antitrust Liability--Section 5 of the Federal Trade Commission Act, 15 U.S.C. § 45 "(a)(1) Unfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce, are hereby declared unlawful .... (4) (B) All remedies available to the Commission with respect to unfair and deceptive acts or practices shall be available for acts and practices described in this paragraph, including restitution to domestic or foreign victims." (emphasis added)--See Opinion and Order of the Federal Trade Commission (pdf) In the Matter of 1-800 Contacts, Inc., Docket No. 9372 (keyword advertising bidding agreements):
",,, Given that the Complaint alleges liability based only on private agreements that do not constitute government petitioning, 1-800 Contacts’ Third Defense fails .... Because the Complaint alleges that 1-800 Contacts violated Section 5 solely by entering into private bidding agreements, we hold that the Noerr-Pennington doctrine does not apply and 1-800 Contacts’ Third Defense fails as a matter of law. Similarly, because Complaint Counsel need not prove 1-800 Contacts’ lawsuits to be objectively and subjectively unreasonable to establish a Section 5 violation, 1-800 Contacts’ Second Defense also fails. We therefore grant Complaint Counsel’s motion." (emphasis added)

4.  How ICANN threatens Domain Name System Security & Stability:
"In 2015, ICANN's compliance department caused financial harm to a domain name registrant because of a minor, perceived inaccuracy in their domain name's WHOIS records. In this instance, the registrant had a mailing address in Virginia and a phone number with a Tennessee area code. While both details were valid, and the registrant was contactable, a "violent criminal” filed a complaint with ICANN alleging that the details were inaccurate. The complaint was accepted by ICANN and passed along to the domain name registrar. The registrar, fearing a non-compliance notice from ICANN, suspended the domain name without performing any investigation into the claim, resulting in the registrant losing access to their business email account and website."--source infra--
At the NCPH Intersessional, [ICANN] Compliance Concerns Take Centre Stage | circleid.com Feb 23, 2017: ".... as things stand at present, if a domain name can be repossessed from a registrant for any reason at all, without any due process being followed, and in direct violation of Article 1 of the organisation's bylaws, it might well be ICANN that is posing a threat to the security and stability of the Domain Name System" (emphasis added).  See also ICANN Compliance Lends a Hand to a Violent Criminal While Trashing a Legitimate Business | circleid.com.

Editor's note: never forget that among the real core values of ICANN, as established during the Fadi Chehade-Akram Atallah regime (2012-2016), are dishonesty, incompetence, and cronyism.

5. New study reveals phishers are shifting their sights to ICANN's new gTLDs and the cloud: "A study by cybersecurity firm PhishLabs indicates that the volume of phishing attacks grew by almost one-third last year, with cloud storage brands set to overtake financial services as the top targets. Researchers also found that phishing perpetrators are increasingly turning to new gTLDs to dupe internet users."--WorldTrademarkReview.com (emphasis and link added).

6. Bogus DMCA Take Down Notices: in a comment to the U.S. Copyright Office (pdf), Google reports that 99.95% of URLs it was asked to take down last month didn't even exist in its search indexes. "For example, in January 2017, the most prolific submitter submitted notices that Google honored for 16,457,433 URLs. But on further inspection, 16,450,129 (99.97%) of those URLs were not in our search index in the first place."

7. Trademark Clearinghouse Revised Report | ICANN.org: On 23 February 2017, ICANN published the Revised Report of the Independent Review of the Trademark Clearinghouse (pdf): "...  we find that although trademark holders value access to the Sunrise period and many submit proof of use to become eligible for Sunrise registrations, few trademark holders make [new gTLD] Sunrise registrations. This could be due in part to the expense of Sunrise registrations or because other protections of the TMCH services reduce the need for trademark holders to utilize Sunrise registrations." (emphasis added)

8. Internet Freedom Report: Malta, Cameroon, China:
  • Maltese protest proposed internet news laws: Several thousands people took to the streets of the capital of Malta on Sunday to protest against a new bill that will force Internet news sites to register with the government.--Reuters.com
  • Cameroon must urgently free the internet in Anglophone regions - UN expert | AfricaNews.com: "Cameroon should immediately reverse the ‘‘appalling violation of their (citizen’s) right to freedom of expression,” in its Anglophone regions by restoring internet access, a United Nations expert has said."
  • China Ramps Up Control of Domain Names, Adds New Layer to Great Firewall | rfa.org"The draft regulations, which were first released for public consultation in March 2016, would require any websites operating in China to register with a Chinese domain name, which is subject to state control and can be used to shut down entire websites within the country-level .cn top-level domain."
Also note: Internet Freedom Festival | 6 – 10 March 2017: The Global Unconference of the Internet Freedom Communities, March 6-10, 2017, Valencia, Spain.

9.  A 'Digital Geneva Convention': "... Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace. And just as the Fourth Geneva Convention recognized that the protection of civilians required the active involvement of the Red Cross, protection against nation-state cyberattacks requires the active assistance of technology companies. The tech sector plays a unique role as the internet’s first responders, and we therefore should commit ourselves to collective action that will make the internet a safer place, affirming a role as a neutral Digital Switzerland that assists customers everywhere and retains the world’s trust ..."--Brad Smith, Microsoft President and Chief Legal Officer, blogs.microsoft.com. See also Bruce Schneier: It's time for internet-of-things regulation | searchsecurity.techtarget.com.

10.  Names, Domains, Trademarks: President Trump wins trademark rights for his name in China | worldipreview.com.

11.  Outlook email for your domain name:
  • Hands-On with Outlook.com Premium | Thurrott.com"if you sign up now, “your subscriptions will auto-renew annually at $19.95 (Outlook.com Premium) .... This is an affordable option*, and it’s a nice way for a family to get a custom domain and not be stuck with an outlook.com or hotmail.com address."
  • More info:  https://premium.outlook.com/#/Offer  "you can create personalized addresses for up to 5 people and sync everything to your existing Outlook.com mailbox."
  • See also: "the $20 offer is still available, so if you’re looking to save some money, you might want to move quickly: This offer expires March 31, 2017. Note that you still need to pay for your custom domain. You can do that via an outside registrar or through Microsoft"--Thurrott.com

12. Announcing the first SHA1 collision | security.googleblog.com"For the tech community, our findings emphasize the necessity of sunsetting SHA-1 usage. Google has advocated the deprecation of SHA-1 for many years, particularly when it comes to signing TLS certificates."

13. Hacked ICANN data still sells for hundreds of dollars years after breach | cyberscoop.com: "Three years after hackers used a spearphishing attack to successfully gain access to internal data at the Internet Corporation for Assigned Names and Numbers (ICANN), the data is still being passed around and sold on black markets for $300, complete with claims that it’s never been leaked before."

14. ICANN events May 9-15 in Madrid: 1) ICANN GDD Industry Summit May 9-11, 2017; 2) 6th Registration Operations Workshop May 12, 2017; 3) ICANN DNS Symposium May 13, 2017; 4) OARC 26 May 14-15, 2017. Read more at InternetSociety.org.

15. ICANN Public Comment Periods that close in March, 2017:

16.  Most popular posts (# of pageviews Sun-Sat) this past week on DomainMondo.com:
  1. News Review: China Cyber Sovereignty vs ICANN Multistakeholderism
  2. Three Business Lessons You Can Learn From Airbnb (video)
  3. Splunk $SPLK Helping Companies Make Sense of Machine Data (video)
  4. TechReview | Zuck's Facebook Letter and the Snapchat $SNAP IPO (video)

-- John Poole, Editor, Domain Mondo 

feedback & comments via twitter @DomainMondo


Domain Mondo archive