News Review | ICANN EPDP Timeline: Final Report Due Feb 1, 2019

Domain Mondo's weekly internet domain news review (NR 2019-01-06 with analysis and opinion: Features • 1) ICANN EPDP Timeline: Final Report Due Feb 1, 2019,  2) GDPR & ICANN WHOIS:  EPDP Meetings and the EPDP Legal Committee,  3) .NET Decline & Verisign $VRSN, and more, 4) ICYMI: California Splinternet, Contract for the Web, and more, 5) Most Read.

1) ICANN EPDP Timeline: Final Report Due Feb 1, 2019

EPDP Timeline as of Jan 3, 2019: Final Report due Feb 1, 2019 (source: ICANN.org).

Editor's note--so much to do, so little time left--the Final Report, due Feb 1, 2019, will most likely be a "rush job" written by ICANN staff (as was the Initial Report).  At last week's meeting (Jan 3), it was obvious very few EPDP members have actually read the public comments to the Initial Report, relying instead on ICANN staff summaries and interpretations. The EPDP Legal Committee (see further below) just had its first meeting January 2, 2019. This dysfunctional EPDP is looking more and more like another ICANN GDPR Train Wreck:

Definition of "train wreck" -- a chaotic or disastrous situation that holds a peculiar fascination for observers.

2)  GDPR & ICANN WHOIS:  EPDP Meetings & EPDP Legal Committee

EPDP Meetings were previously scheduled for Tuesday Jan 8, 2019, and Thursday Jan 10, 2019, at 14:00 UTC (9am EST), but may not be held due to a proposal sent by EPDP Chair Kurt Pritz late Friday (Jan 4) to cancel those meetings and have three small groups consider the public comments to the EPDP Initial Report. Read the EPDP leadership's proposal (pdf) and check the EPDP wiki and mail list for further updates as to this coming week's meetings.

For regular EPDP meetings, observers may use Adobe Connect, or browser / app audiocast. Links: EPDP Initial Report (pdf); comments to the Initial Report; Public Comment Review Tool PCRT;  GNSO Council EPDP page and updates; links to all EPDP meetings' transcripts and recordings are on the GNSO calendar. Other EPDP links: wiki; mail list; action items; Temp Spec; EPDP Charter (pdf); Data Elements Workbooks (pdf).

Editor's note: see last week's News Review for more info on the January 3rd EPDP meeting, which I summed up by quoting EPDP member and NCSG Chair Stephanie Perrin:

"Let us ask the legal counsel to explain how one goes about elucidating purposes of processing. It is a bit late, but we are a long way from bringing this thing home, in my opinion. Better late than never .... My comment about seeking legal advice, was to try to explain to us what this process is. We do not have a sound methodology, people are all over the map, in my view because they do not really understand what we are trying to do."

At the January 3rd meeting, the EPDP working group did reject the few suggestions they considered from the public comments in regard to "Purpose 1" including my suggested "primary purpose"--

"As subject to registry and registrar terms, conditions and policies, and ICANN consensus policies: to record and maintain records of the names and contact information of domain name registrants."

As noted above, the EPDP Chair sent out a proposal (pdf) late Friday, to not have plenary meetings this coming week and instead have three small teams meet to consider the public comments. The upcoming EPDP face-to-face (F2F) meeting is in Toronto, 16-18 January 2019. After the F2F  meeting in Toronto ends January 18th, the EPDP working group will have only two weeks to prepare and file its "Final Report" by Feb 1, 2019 (see EPDP Timeline above).

The EPDP Legal Committee met Jan 2, 2019, and will meet again on January 9. See also action items and  legal mail list. Initial questions (from the Jan 2 meeting) below:

Question 1: "The EPDP Team also took note of a related footnote which states, “[if contact details for persons other than the RNH are provided] it should be ensured that the individual concerned is informed”. The EPDP Team discussed whether this note implies that it is sufficient for the Registered Name Holder (RNH) to inform the individual it has designated as the technical contact, or whether the registrar may have the additional legal obligations to obtain consent. The EPDP Team agreed to request further clarification from the EDPB on this point. (p. 33 of Initial Report)"

Question 2: "(For the EDPB) If registrars allow registrants to self-identify at the time as a natural or legal person, who will be held liable if the registrant incorrectly self-identifies and personal information is publicly displayed? Apart from self-identification, and educational materials to inform the registrant, are there any other ways in which risk of liability could be mitigated by registrars? (p. 53 of Initial Report)."

Question 3: "As noted below, the EPDP Team disagreed about the application of Art. 6(1)b, namely, does the reference ‘to which the data subject is party’ limit the use of this lawful basis to only those entities that have a direct contractual relationship with the Registered Name Holder? Similarly, in relation to Art. 6(1)(b), questions arose regarding how to apply “necessary for the performance of a contract”; specifically, does this clause solely relate to the registration and activation of a domain, or, alternatively, could related activities such as fighting DNS abuse also be considered necessary for the performance of a contract? The EPDP Team plans to put these questions forward to the European Data Protection Board (EDPB) to obtain further clarity in order to help inform its deliberations. (p. 57 of the Initial Report)."

3) Names, Domains & Trademarks

a.  The Continuing Decline of  gTLD .NET: Verisign's second-largest top-level domain .NET has been declining in total registrations for 3 years now (2016-2018), from a total of 15,805,487 (Jan 2016) to beginning 2019 with only 13,956,864 .NET domain name registrations, a decline of 12% or almost 2 million .NET domain name registrations. Editor's note: Cause? Price-gouging by both ICANN and Verisign, plus a diminution of need (rationale) for any defensive registrations in the face of a glut of hundreds of new gTLDs, i.e., "if you have the .COM, that's all you really need."

gTLD .NET decline in domain name registrations 2016-2018

Thanks to its .COM monopoly (which continues to grow in total registrations), Verisign $VRSN was among the best performers of 2018 among the NASDAQ-100--$VRSN up 29.6% in 2018 (sources: FactSet.com and Marketwatch.com):

$VRSN

b. Where Have All the Vowels Gone? | NYTimes.com: "... tech companies like Tumblr and Flickr arrived on the scene, dropping e’s both for distinctiveness and because the altered names made it easier to trademark, claim [.COM] domain names on the internet and conduct other practical business."

c. How to: Build a photography website in 2019…what you need to know--emulsive.org. See also  fstoppers.com--"Trademark for Photographers: Protecting Your Brand and Photography Business."

4) ICYMI Internet Domain News:  California Splinternet & More

a. California Splinternet: California May Soon Get Its Own Version Of The Internet--wired.com.

b.  Fair Use Continued to Bear the Weight of Protecting Speech and Innovation--2018 in Review | eff.org. See also Data Privacy Scandals and Public Policy--eff.org, and Encrypting the Web to Encrypting the Net--eff.org.

c. The Internet Became Less Free In 2018. Can We Fight Back?--wired.com.

d. Government of India Wants Tech Companies To Give Law Enforcement 24-Hour Access To User Data And Broken Encryption--techdirt.com. See also: 133 Internet Shutdowns by Governments in India 2018--thecitizen.in, and Proposed rule changes for online platforms--indianexpress.com.

e. New Web Contract--France is the first country to sign a new "web contract" which aims to make the internet accessible, safe, and reliable worldwide--southeusummit.com. Editor's note: for more info go to Contract for the Web | contractfortheweb.org:

f. is for faster--year after net-neutrality’s repeal, internet is faster than ever?--bostonglobe.com.

5) Most Read this past week on DomainMondo.com: 

#1 News Review | Six Questions for 2019 & Twelve for 2018 Answered

-- John Poole, Editor • Domain Mondo 

feedback & comments via twitter @DomainMondo
Follow @DomainMondo

DISCLAIMER

News Review | GDPR & ICANN EPDP Draft Initial Report Dysfunction

Domain Mondo's weekly internet domain news review (NR 2018-11-11 with analysis and opinion: Features • 1) GDPR & ICANN EPDP Draft Initial Report Dysfunction, 2) Other ICANN news: ICANN at IGF2018, and more, 3) Names, Domains & Trademarks: a. Disney+, b. Desilu, c. NTIA, Verisign & .COM,  4) ICYMI: ITU Plenipot, Net Neutrality, China, Shadow Banning, 5) Most Read.

EPDP Meeting UPDATES for week ending Nov 16: 

• Initial Report latest draft (pdf)

• Links to all meeting transcripts on GNSO calendar. 

• Chat transcripts (pdf): Nov 12, Nov 13, Nov 15, Nov 16.

• Adobe Recordings' Links: Nov 12, Nov 13, Nov 15, Nov 16.

• Notes and action items: Thursday Nov 15 and Friday Nov 16,

Nov 12--Editor's note: the EPDP small team meeting Monday, Nov 12 at 18:30 UTC (1:30 pm EST) was CLOSED to ALL Observers and Alternates even though links for observers and alternates were on the small team Nov 12 meeting wiki page, until I complained to Marika Konings (ICANN staff) that they were not working, and then Terri Agnew (ICANN staff) began revising the page. Apparently ICANN Org or EPDP Team Leadership made the unannounced arbitrary decision to CLOSE ALL EPDP small team meetings to Observers and Alternates effective Nov 12, 2018, and thereafter. I have filed complaints with both the ICANN Complaints Office and the ICANN Ombudsman.

1) GDPR & ICANN EPDP Draft Initial Report Dysfunction

EPDP Full Working Group Meetings this coming week: Tuesday Nov 13 and Thursday Nov 15, and Friday Nov 16 starting at 14:00 UTC (9am EST). Observers: Adobe Connect, or audio cast (browser or app). See also GNSO Council EPDP page and updates. Links to all EPDP meetings' transcripts and recordings are on the GNSO calendar. Other EPDP links: wiki, mail list, action items, Temp Spec, EPDP Charter (pdf), Data Elements Workbooks (pdf).

This past week's (Nov 5-9) EPDP meetings were all about revising and editing the ICANN staff's first draft of the Initial Report (pdf), so it can be published for public comment later this month. Early in the week, the RySG (Registries Stakeholder Group) sent an email to the EPDP mail list Nov 5, 2018 (pdf version) embed in full further below--excerpt:

"In light of the lack of clarity around the source of the 26 policy recommendations, the RySG ePDP team is particularly concerned about their presentation in the Initial Report. The phrasing of the recommendations implies that the Working Group reached consensus on these recommendations, and it is our understanding that no such consensus has yet been achieved.  The initial report should not present recommendations on items where the group did not reach consensus."

See also email from Amr Elsadr (NCSG) re: Contracted Parties and Small Teams #1 and #2:

"Respectfully, I’d like to offer a different take on where we are, and how we arrived to this point on these two topics. Speaking for myself, I’ve participated in one of the two Small Teams in question, and my understanding was not that the output of the Small Teams would in any way represent a consensus among those who participated in them. Rather, it was my understanding that the output would be illustrative of all the views expressed, and that these views would be shared with the EPDP Team in its entirety for further reflection and deliberation ..."

As of Friday, Nov 9, 2018, the Contracted Parties House (Registries and Registrars) and NCSG (Non-Commercial Stakeholder Group), which together comprise 3/4 of the GNSO, appear to be aligned and in consensus on critical EPDP issues which some other members of the EPDP working group still have differing opinions. One such issue is what Alan Woods was addressing below in Thursday's meeting:

Alan Woods (RySG - Donuts): "Thanks, Kurt. I’m really not going belabor this point, I think it’s been hashed back and forth ... we do not want to accept a basic policy recommendation that will send us backwards and that’s exactly what this [natural person vs legal entity distinction] will do; it will send us backwards to the point where we are not in a position to properly or accurately vindicate the rights of the data subject  [registrant]. And that is ultimately what it is.

"And I make no apologies, I know I’m not a white knight in this, I’m representing a registry, but ultimately we are aligned in the sense of us vindicating the rights of the data subject to prevent us from, you know, getting sued and the liability issue. But what has been suggested, and this is, you know, I think - was it Alan [Greenberg] who said that we put our fingers in our ears and just not listen, I’m sorry but that’s the pot calling the kettle black in that one because absolutely the same could be said; we are telling you that we do not have the ability or the means to do this and you keep saying to us no, but you must.

"So ultimately what I want to do is just ask the question, why? We are telling you that it is not possible for us to vindicate the rights of the data subject and therefore to save ourselves from liability. Why do you think that this is necessary for us to be compliant? We are saying that we have a level of compliance and comfort which is currently within the temporary specification as it is written, it’s not the best written but it is written that way, and we can confirm that today and say this is specifically going to allow us to be in line with the GDPR by giving us the option of whether or not we wish to delineate.

"And I just want to know why - so why can you not accept that? If you want to recommend that there needs to be a new policy development that will look into the creation of this brand new system, then recommend that. But that’s not what we are here to do today. It’s out of scope and should be shut down straight away. The temp spec, as it’s currently worded, allows us to be compliant. And I don't want to hear anything about this over-compliance concept. No, we are telling you that as contracted parties this is what we need to do to be compliant and I still don't understand why it’s being pushed constantly that we are the people who have to take this liability and risk on ourselves.

"We are trying to do something to continue the DNS, the ability to register names, and I just - I’m surprised especially by some of the parties who are pushing this as to why they're doing it. And that’s, you know, that’s a simple ask."--Thursday Nov 8, 2018, transcript (pdf), pp. 33-34.

The EPDP mail list continues to receive more input on the draft Initial Report, including this by Milton Mueller and this by Amr Elsadr. More on this past week's EPDP meetings in the updates on last week's News Review.

Note also on Data Protection & Data Privacy:

• Prison time, hefty fines for data privacy violations: draft U.S. Senate bill--reuters.com.
• ICYMI: Check out the "Tips for cleaning up WHOIS data" on  the Domain Mondo post this past week: Tucows $TCX Q3 2018 Earnings.
• Uninformed Consent--Companies want access to more and more of your personal data — from where you are to what’s in your DNA. Can they unlock its value without triggering a privacy backlash?--HBR.org.
• “Information Fiduciaries” Must Protect Your Data Privacy--EFF.org.
• CLV (customer lifetime value): a secret score that determines what kind of service you get--marketwatch.com.
• Privacy: Google Chrome’s Users Take a Back Seat to Its Bottom Line--EFF.org.

2) ICANN News

a.  ICANN at IGF2018

13th Annual Meeting of the Internet Governance Forum (IGF), hosted by the government of France at the headquarters of UNESCO in Paris, Nov 12-14, 2018. Theme: Internet of Trust.

The ICANN Open Forum at IGF2018, Monday, 12 Nov 2018, 10:40 to 11:40 CET. ICANN CEO Göran Marby, and ICANN Board Chair, Cherine Chalaby, will brief participants on ICANN's current areas of work, including what's on ICANN's agenda, the implementation of the GDPR and the Temporary Specification, and the main issues surrounding a potential new application process for generic Top-level Domains (gTLDs), and "IGF participants will be able to engage in an open dialogue and exchange views with ICANN's leadership." Listed speakers also include ICANN management Theresa Swinehart and Tarek Kamel, as well as ICANN Board member Becky Burr--ICANN.org.

b.  Contractual Compliance: Addressing Domain Name System (DNS) Infrastructure Abuse | ICANN.org: "... This week, ICANN launched an audit focused on DNS infrastructure abuse for nearly 1200 gTLDs, and held two audit webinars with the registries to address questions and concerns. Some of these concerns were also raised in a recent email [see below] from the Registries Stakeholder Group (RySG) ..."

Nov 2, 2018 email (pdf) from Registries Stakeholder Group to ICANN Compliance (Jamie Hedlund and Maguy Serad) re: November 2018 Registry Audit, excerpt:

"If ICANN continues to approach this security request for information as an “audit”, registries are required to provide information “reasonably necessary to demonstrate Registry Operator’s compliance.” Given that there are no contractual requirements specific to the form, timing or function of the “technical analysis” or registry “actions” taken, registries are not obligated in an audit to provide Compliance with information explaining how we identify security threats, why we do or do not report issues to registrars, or share analysis with other parties. In addition to removing the out of scope questions from this audit, we request that each audit question reference the specific contractual clause to which it pertains, so all parties can track the origin of each audit inquiry. The RySG appreciates that Compliance has scheduled webinars next week and looks forward to walking through each question in the RFI as well as the general scope and nature of the audit with you at that time."

c. 6 Nov 2018 Letter (pdf) from Cyrus Namazi, ICANN GDD VP, to Registrar Stakeholder Group Chair re: GDPR and Across-field Address Validation Working Group (AFAV): "... ICANN org acknowledges your concerns about the potential impact of GDPR on ICANN org’s implementation of AFAV. ICANN org will review the project again in light of the concerns you have raised. Once this analysis is complete, ICANN org will follow up with the AFAV working group to discuss next steps."

d. Annual Publication of Financial Information | ICANN.org.

e. Special Meeting of the ICANN Board 06 Nov 2018: Reconsideration Request 18-8: Afilias Domains No. 3 Limited [Editor's note: document request related to new gTLD .WEB]:

Resolved (2018.11.06.02), the Board adopts the BAMC Recommendation on Request 18-8 (pdf) [excerpt below]:

"The BAMC has considered the merits of Reconsideration Request 18-8, and, based on the foregoing, concludes that ICANN org did not violate ICANN’s commitments, Core Values or established ICANN policy(ies) in the Second DIDP Response. Accordingly, the BAMC recommends that the Board deny Reconsideration Request 18-8."

3) Names, Domains & Trademarks

a. New Star Wars and Marvel Series Announced for new Disney+ Streaming Service--thewaltdisneycompany.com Nov 8, 2018. The domain name? disneyplus.com.

b. Trademark Infringement, Cybersquatting, Declaratory Relief, Cancellation of Registration Complaint - CBS Studios Inc. vs Desilu Studios, Inc. et al (pdf) full embed below, excerpt:

"... II. PRELIMINARY STATEMENT 4. CBS is the holder of common law rights in the name and mark “Desilu” for film and television productions (the “DESILU Mark”). Recently, Defendant Charles Hensley (“Hensley”) began attempting to secure trademark registrations for famous brand names that he believed were not formally registered with the United States Patent and Trademark Office (“USPTO”). In 2016, Hensley sought to register CBS’s famous mark “Desilu” for motion picture and television production services, and he also attempted to register the mark “Trans World Airlines” for airline services ..."

c. NTIA, Verisign & .COM Postscript (see last week's News Review for background): Why We Need The Domain Aftermarket by Bob Hawkes:

"... Verisign, as caretakers of the .com TLD, have an absolute monopoly on the world’s most desired and valued TLD ..."

News Review 2) Verisign & .COM - @NTIARedl & @NTIAgov Give $VRSN a $2.92Billion Increase in Market Cap BUT @Verisign Wants MORE? https://t.co/JwkTgpfVq4 #Plenipot #Plenipot2018 #ICANN #NetGov #Monopoly #antitrust #StockMarket #stocks #investors #domains #DomainNames pic.twitter.com/NIvrRNvKPG

— DrivingTheDay (@DrivingTheDay) November 4, 2018

4) ICYMI Internet Domain News 

• ITU Plenipotentiary Conference 2018, Dubai, UAE continues thru Nov 16. 

• NetNeutrality: Supporters and opponents of internet freedom line up for next legal battle | aei.org: "For those who want lasting net neutrality rules, it’s high time to make a proper law in Congress."

• China's Massive Plan To Retool The Web--zerohedge.com. See also China's Grand Internet Vision Is Starting to Ring Hollow | bloomberg.com Nov 7, 2018: China's fifth annual World Internet Conference in Wuzhen ended Friday, Nov 9, 2018--"China’s internet is more censored than ever, Silicon Valley’s attempts to break into the Chinese market remain stymied."

• Shadow Banning Is Just the Tip of the Iceberg: We're All Digital Ghosts Now--charleshughsmith.blogspot.com.

5) Most Read Posts this past week on DomainMondo.com: 

1. News Review: 1) ICANN EPDP Draft Initial Report, 2) Verisign & .COM

2. Tech Review: 1) Mobile's Future Is 5G, 2) Amazon HQ2's Front-Runners

3. Tech Review: 1) The Google Monopoly; 2) Credit Card Chips & Fraud

* * * * * * *

A Remembrance: 

Above left: 23rd U.S. Infantry in the Meuse-Argonne Offensive, the largest in United States military history, involving
1.2 million American soldiers, fought from September 26, 1918 until the Armistice of November 11, 1918.
It was one of a series of Allied attacks known as the Hundred Days Offensive, which brought World War I to an end.
Above right: the Meuse-Argonne American Cemetery in France.

On the battlefields of France in spring 1918, the war-weary Allied armies of France and Great Britain enthusiastically greeted the U.S. troops arriving at the rate of 10,000 a day under the command of U.S. General John J. "Black Jack" Pershing. The Americans won a victory at Cantigny, then again in defensive stands at Chateau-Thierry and Belleau Wood. By the summer of 1918, about 2 million U.S. soldiers had arrived in France, greatly strengthening the Allies' strategic position and boosting morale. The Allies achieved final victory on November 11, 1918, after German morale had collapsed, ending more than four years of World War.

U.S. General Pershing saluting the Marquis de Lafayette's Tomb in Paris
 "Lafayette, we are here." 

 * * * * * *

-- John Poole, Editor • Domain Mondo 

feedback & comments via twitter @DomainMondo
Follow @DomainMondo

DISCLAIMER

News Review | GDPR Moratorium Just Another ICANN 'Fantasy'

Domain Mondo's weekly internet domain news review (NR 2018-04-29) with analysis and opinion: Features •  1) ICANN's GDPR Train Wreck News: 26 Days Until May 25 a. GDPR Moratorium Just Another ICANN 'Fantasy', b. ICANN Was Warned Repeatedly, c. WHOIS and GDPR--separating Fact from Fiction & Hysterics, d. NCSG "Must Read", e. Liar, Liar, Pants on Fire! 2) Other ICANN news, 3) Names, Domains & Trademarks, 4) ICYMI, 5) Most Read.

plus ça change, plus c'est la même chose--the more things change, the more they stay the same--ICANN.dysfunctional | Computerworld.com Dec 12, 2011: "... ICANN today is a dysfunctional and self-justifying organization ..."

1) ICANN's GDPR Train Wreck News--Days Until May 25: 

ICANN President & CEO Goran Marby's Letter to Article 29 Working Party (pdf)

a. GDPR Moratorium Just Another ICANN 'Fantasy'--Incompetent ICANN Management Team's Delusional Plan for a GDPR 'Moratorium':

"The GDPR does not allow national supervisory authorities nor the European Data Protection Board to create an 'enforcement moratorium' for individual data controllers ... Data protection is a fundamental right of individuals, who may submit complaints to their national data protection authority whenever they consider that their rights under the GDPR have been violated."--Article 29 Working Party. See Europe fires back at ICANN's delusional plan to overhaul Whois for GDPR by next, er, year | TheRegister.co.uk: "ICANN had made the concept of a moratorium the central pillar of its effort to become compliant with the law. But its entire strategy was built on a fantasy."--Kieren McCarthy, former ICANN staffer, writing in The Register (link above) (emphasis added); read the Article 29 Working Party's full statement here.

b. ICANN Was Warned, Repeatedly (since 2003), by the EU Article 29 Working Party

06 June 2013 Letter (pdf) to Steve Crocker, ICANN Chairman, and Fadi Chehadé, ICANN CEO, from the Article 29 Working Party (excerpt):

"In general, we repeat that the problem of inaccurate contact details in the WHOIS database cannot be solved without addressing the root of the problem: the unlimited public accessibility of private contact details in the WHOIS database. In that light, the Working Party welcomes the growing number of [ccTLD] registries in Europe that are offering layered access to the WHOIS data."

c.  WHOIS and GDPR--separating Fact from Fiction & Hysterics

WHOIS afraid of the dark? Truth or illusion, let's know the difference when it comes to WHOIS | InternetGovernance.org: "... WHOIS isn’t going dark; the only fields that are going to be cloaked are those that cybersecurity researchers and investigators might not even need in order to do their jobs. Those who need additional information, such as law enforcement agencies involved in a legitimate investigation, will be able to get more. In this post, we will explore the small changes coming to the WHOIS, and we will reveal how little an impact they are likely to have when you fight spam, botnets, and DDoS attacks ... ICANN has had a long history of violating basic data protection norms ... The privacy rights of domain name registrants have been ignored for far too long by ICANN ..."

Identity Theft via the ICANN Public WHOIS: How to Steal Someone's Identity in 45 Minutes | tomsguide.com [When your target also happens to be a domain name registrant, start with ICANN's  free and public WHOIS as your first step. In many, if not most cases, it will give you the target's name, full address, phone number, email address--everything any cyber criminal or scammer needs to get started. For the rest, see Tom's Guide at the link above. Of course this may all change when the European Union's GDPR becomes enforceable May 25, 2018.]

13 April 2018 Data Protection/Privacy FAQs | ICANN.org [PDF, 76 KB] excerpt:

d. ICANN Non-Commercial Stakeholders Group re: ICANN’s Non-Compliance with European Data Protection Law (pdf)--a "must read"--embed below:

e. Liar, Liar, Pants on Fire!

Data Protection/Privacy Issues Update: Summarizing our Recent Meeting with Article 29 Working Party (WP29) Technology Subgroup April 23, 2018 | ICANN.org by Göran Marby, ICANN President and CEO:  "... Today in Brussels, ICANN org's Akram Atallah, John Jeffrey, Elena Plexida*, and Theresa Swinehart joined me ... to meet with the Article 29 Working Party (WP29) Technology Subgroup ... We reiterated to the WP29 that we are committed to compliance with the law ..." [*Elena Plexida, a former EU agency employee, is a recent ICANN hire.]

Editor's note: I asked ICANN CEO Goran Marby on February 22, 2018, on the ICANN Quarterly Stakeholder Call: "When did you first become aware of the ramifications of the EU GDPR for ICANN?" 

Marby answered that he first became aware of the ramifications of the EU GDPR for ICANN, in May (2016), shortly after he started as ICANN President and CEO.

Now Marby seems to have changed his story. In his April 23 blog post, Marby now claims: "... One question that has been asked many times is: why didn’t we start the process earlier? I guess there are many answers to that question, but one might be lack of awareness ..." 

As I have noted before (pdf), lying is part of the corporate and organizational culture of ICANN. But why does lying appear to be continually endemic at the highest levels of ICANN? Probably because ICANN has not had principled leadership for a very long time, and the ICANN organizational culture accepts lying as a "normal" way to interact with people in order to avoid accountability. Frankly, in any functional and accountable modern corporation, under similar circumstances, the CEO and "management team" responsible for this "train wreck" would resign or be fired.

"[T]he United States government is also dissatisfied with ICANN. The Commerce Department said it had canceled a request for proposals to run the so-called Internet Assigned Numbers Authority because none of the bids met its requirements: “the need for structural separation of policy-making from implementation, a robust company wide conflict of interest policy, provisions reflecting heightened respect for local country laws and a series of consultation and reporting requirements to increase transparency and accountability to the international community.”"--March 18, 2012, New York Times.

 Related:

• ccTLD .UK domains: Registrant Data will be Redacted from WHOIS from 22 May 2018, unless explicit consent has been given | OnlineDomain.com. [Editor's note: ccTLDs are not subject to ICANN nor its incompetent, dysfunctional, or unlawful policies.]

• ICANN takes WHOIS begging bowl to Europe, comes back empty | TheRegister.co.uk: "Rude awakening – yet again – for American DNS supremo."
• ICANN Fails To Secure Moratorium On GDPR Enforcement | Silicon.co.uk

• The History of the General Data Protection Regulation (GDPR) | European Data Protection Supervisor | edps.europa.eu

• Austrian Andrea Jelinek becomes head of new EU data protection regulator | FT.com. The Article 29 Working Party will take on increasing importance and become the European Data Protection Board (EDPB) when the EU’s landmark General Data Protection Regulation  (GDPR) privacy law becomes enforceable May 25, 2018.

• GDPR Is Coming, So What Now for WHOIS Domain Registration Data? | tripwire.com

• 27 April 2018 Letter from ICANN (Jamie Hedlund) to Graeme Bunton (pdf) re: ICANN RrSG Audit Postponement Request: "Thank you for your letter of 20 April 2018, requesting postponement of the 2018 Spring Registrar Audit to allow registrars adequate opportunity to implement changes required to comply with Europe's General Data Protection Regulation [GDPR]. The April 2018 registrar audit round is on hold ..."

• eco/i2Coalition Update Webinar On ICANN Contracted Party GDPR Compliance | i2Coalition.com: "On May 9th, we will provide an update on the current status of the compliance, analyze the correspondence with the Article 29 group, and discuss possible solutions. We will walk through the eco GDPR Domain Industry Playbook and will take a look beyond WHOIS e.g. data for registration, data required to be escrowed and data retained under ICANN’s contracts. May 9th 10 AM – 11 AM ET (Washington D.C.) 2 PM – 3 PM UTC 4 PM – 5 PM CEST (Berlin)" Editor's note: register for the webinar at the link above.

• ICANN provided the following materials to WP29 on 23 Apr 2018:
  A chart [XLSX, 14 KB] comparing ICANN's Proposed Interim Model [PDF, 922 KB] with input received from WP29 [PDF, 400 KB], the International Working Group on Data Protection in Telecommunications (IWGDPT, a.k.a. "Berlin Group") and the GAC [PDF, 232 KB]; A proposed timeline [PDF, 33 KB] for implementing the interim compliance model; And a technical paper [PDF, 1.85 MB] outlining how WHOIS works, as well as copies of the following "communications" from the Business Constituency [PDF, 108 KB], Intellectual Property Constituency [PDF, 137 KB], International Trademark Association [PDF, 202 KB], Non-Commercial Stakeholders Group [PDF, 179 KB], and the U.S. Government [PDF, 259 KB].

2) Other ICANN news

a. ICYMI New gTLD .WEB UPDATE: New gTLD .WEB: Afilias vs ICANN, Verisign $VRSN & Nu Dot Co?: Afilias drops "bomb" on ICANN Board--16 April 2018 Letter from Arif Ali (Afilias) to ICANN Board (published by ICANN April 23, 2018 and embed in full at the link above)--excerpt:

Afilias requests the aforementioned updates because it intends to initiate a CEP and a subsequent IRP against ICANN, if ICANN proceeds toward delegation of .WEB to NDC. Afilias also reserves the right to pursue claims against ICANN in a court of law. As Afilias has previously informed ICANN, it has numerous objections to ICANN’s conduct with respect to NDC’s actions during the .WEB auction and its agreement to assign Verisign the .WEB gTLD, including but not limited to the antitrust and competition issues raised by Verisign’s acquisition of the .WEB gTLD. (emphasis and links added) 

b. ICANN62 GNSO Draft schedule | ICANN.org (pdf) (as of 26 Apr 2018, subject to revision).

c. ICANN Public Comment Periods Closing in May (subject to change):

• Proposed Revisions to Bylaws Sec, 11 – Additional Voting Thresholds 5 May 2018 23:59 UTC

• Draft Final Report of the NomCom2 Review 7 May 2018 23:59 UTC

• CCWG-Accountability WS2 Final Report 11 May 2018 23:59 UTC

3) Names, Domains & Trademarks

a. Verisign $VRSN Q1 2018 financial results:

• End of Q4 2017: 131.9 million .COM domain names and 14.5 million .NET domain names 
• End of Q1 2018: 133.9 million .COM domain names and 14.4 million .NET domain names

For the first quarter of 2018, a net increase of 2 million .COM domain name registrations. .COM is the most popular and market-dominant (in the U.S. and globally) top-level domain (TLD). The pricing of .COM domain names is thankfully, price-controlled by NTIA (U.S. government), not ICANN. [Editor's note: under ICANN's sole control, the gTLD .COM would start to decline just like .NET, as ICANN has proven to be incompetent.]

A continuing decline of 100,000 .NET domain name registrations due to mismanagement of .NET pricing by incompetent ICANN. World's ten most popular TLDs (2017 data) here. .COM ranks first ('by a mile'), and .NET ranks fifth (behind .COM, .CN (China), .TK (Tokelau), .DE (Germany) and just ahead of sixth-place .UK (United Kingdom) and seventh-place .ORG.

Verisign reported revenues and EPS that exceeded Wall Street's consensus estimates, the stock closed Friday at $118.30 per share, a 33% gain YOY. Market capitalization of $VRSN as of Friday: $11.26 billion. Verisign management also reported the company is already discussing with NTIA the Cooperative Agreement (which controls .COM pricing) which can be extended (and hopefully will be) by NTIA beyond November 30, 2018. Verisign management also said it is waiting for ICANN to delegate .WEB but is not including any .WEB revenue in 2018 guidance. More information here.

b. ccTLD .EU: Euro idiocrats backtrack on plan to kill off Brits' 300,000 .eu domains | TheRegister.co.uk. EU now proposes to open .EU for registration by anyone in the world. More information here. [Editor's note: a smart move to open up .EU.]

c. Google On How To Reverse A Site Move & Go Back To Original URLs | seroundtable.com.  Editor's note: a good resource for those "suckers" who got "conned" into switching their domain names to one of ICANN's new gTLDs whose known problems (since at least 2003) include "failing to work as expected on the internet" otherwise known as "ICANN's Consumer Fraud Scheme" or ICANN's euphemistic phrase "universal acceptance issues."

d. $GDDY: GoDaddy surpasses one million customers in India | business-standard.com.

e. ICYMI--Editor's note: a good read even if you don't live in Australia--ccTLD .au domain review released | Department of Communications and the Arts | communications.gov.au.

See also Disneyland trips and more: Police called into 'dot au' dispute | thenewdaily.com.au: "The auDA self-regulatory model ... appears to be running out of time to get its governance and accountability in order" and  Grumpier.com.au | Member Site.

f. Crypto domains--darkreading.com: ".bit domains are increasingly being used to hide payloads, stolen data, and command and control servers, FireEye says."

g. Authorities bust world's largest DDoS-for-hire service & seizes its domain | hackread.com

h. Registrars Suspend 11 Pirate Site Domains, 89 More in the Crosshairs | TorrentFreak.com

h. French Gov't Illegally 'Seized' France.com, US Owner Says | Law360.com

i. Melbourne IT will change its name to Arq Group to underline the shift away from its historical domain name registration and hosting business.--afr.com.

j. China Trademarks: The De Facto Public Domain Mark | ChinaLawBlog.com: "... the Chinese Trademark Office (CTMO) and the Chinese court system have different standards for what makes one trademark “confusingly similar” to another, which is the statutory basis for determining whether one trademark conflicts with another. To make things even more confusing, neither the CTMO nor the Chinese court system has a uniform, clearly articulated standard ..."

4) ICYMI Internet Domain News 

a. Iran: Iran bans government bodies from using foreign message apps | apnews.com. [Editor's note: Iran has a point, you don't know who to trust anymore, for example, knowledgeable domain name registrants certainly don't trust ICANN, and if you are a user of messaging apps, do you really trust Facebook's Messenger or WhatsApp?] See also Google’s new Chat service shows total contempt for Android users’ privacy | Amnesty.org: "baffling decision to launch a messaging service without end-to-end encryption, Google has shown utter contempt for the privacy of Android users and handed a precious gift to cybercriminals and government spies alike, allowing them easy access to the content of Android users’ communications." And also  Russia: Russia blocks Google, Amazon IP addresses in bid to ban Telegram | cnbc.com and An 'internet civil war' has erupted in Russia | AlJazeera.com.

b. EU: EU proposes regulating how web platforms treat businesses | TheHill.com: "would require platforms such as Google to be more transparent with businesses about their placement in search engine results, which can have a huge impact on a company’s success." See also Facebook says users must accept targeted ads even under new EU privacy law | Reuters.com.

c.  Censorship: A Recent Update from Google Could Severely Hamper Anti-Censorship Tools | gizmodo.com: ".... Domain fronting is used to bypass censors by hiding the true endpoint of a connection ..."

d. U.S. vs. Internet Freedom: 

• Section 230 and FOSTA-SESTA: the next free internet battleground | Vox.com: "Congress just passed a law to combat sex trafficking. Now the future of the free internet is in danger." 
• Americans Want Online Information Freedoms Over Government Restriction of Fake News | Pew Research Center | Journalism.org

e. AFRICA:

• 2018 Internet Freedom Forum holds in Abuja | Pulse.ng

• Uganda to tax social media to stop gossip on Facebook, WhatsApp, Twitter | qz.com

f. Canada: Dear Canada: Accessing Publicly Available Information on the Internet Is Not a Crime | Electronic Frontier Foundation | EFF.org.

5) Most read posts this past week on DomainMondo.com: 

1. News Review | Coming May 25, EU's GDPR, Are You Ready? ICANN Isn't

2. Tech Review | What 5G Will Mean for Us and Our Phones (video)

3. Alphabet (Google) Q1 2018 Results, LIVE Webcast April 23 Replay

Audience stats--Domain Mondo's readers' geolocation--top five countries: 1) U.S., 2) Germany, 3) France, 4) Norway, 5) China.

-- John Poole, Editor, Domain Mondo 

feedback & comments via twitter @DomainMondo
Follow @DomainMondo

DISCLAIMER