News Review | Report: ICANN's New gTLDs As Global DNS Malware

Domain Mondo's weekly internet domain news review (NR 2017-08-27) with analysis and opinion: Features •  1) Report: ICANN's New gTLDs As Global DNS Malware, 2) Names, Domains & Trademarks: .COM Still King, Verisign, GoDaddy, Ted Cruz, ICANN & NTIA, New gTLDs Reality Check, .GAY, .MUSIC, 4) ICYMI Internet Domain News, 5) Most Read Posts.

1) ICANN's new gTLDs as global DNS malware--see "Statistical Analysis of DNS Abuse in gTLDs" below--ICANN Public Comment periods closing in September:

• Address Supporting Organization (ASO) Review Final Report Close date: 6 Sep 2017 23:59 UTC

• Statistical Analysis of DNS Abuse in gTLDs (SADAG) Report Close date: 19 Sep 2017 23:59 UTC (see chart below)

Figure 23, Report p. 13

SIDN Labs and TU Delft deliver final report for ICANN study | sidnlabs.nl: "... An interesting finding of our study is a clear upward trend in the absolute number of phishing and malware domains in new gTLDs while these numbers remain relatively constant in legacy gTLDs. Also, we discovered that new gTLDs have affected the number of domains used for spam in legacy gTLDs: abused domains in new gTLDs do not increase the number of total malicious registrations. Instead we observe a shift from legacy gTLDs to new gTLDs. Our findings suggest that some new gTLDs have increasingly become a target for malicious actors. For example, Spamhouse blacklisted at least 10% of all registered domains in as many as 15 new gTLDs at the last quarter of 2016. See the report [pdf] for more details ... We conducted the SADAG study for the Competition, Consumer Choice, and Consumer Trust Review Team. The CCT Review Team was established to review how the New gTLD Program impacts competition, consumer choice and consumer trust." (emphasis and links added)

Let's review all the ways ICANN's new gTLDs are now known to be global DNS malware:

1. New gTLDs are known to  "break stuff" and cause "collisions;"

2. New gTLDs are known to "fail to work as expected" on the internet--the so-called "Universal Acceptance" (UA) problem--which ICANN knew about long before (since at least 2003) it expanded the gTLDs from just 22 to over 1200 beginning in early 2014, which is why ICANN tried to absolve itself of liability--even though it has failed to warn consumers (registrants)--see Base Registry Agreement Section 1.2:

1.2   Technical Feasibility of String.  While ICANN has encouraged and will continue to encourage universal acceptance of all top-level domain strings across the Internet, certain top-level domain strings may encounter difficulty in acceptance by ISPs and webhosters and/or validation by web applications.  Registry Operator shall be responsible for ensuring to its satisfaction the technical feasibility of the TLD string prior to entering into this Agreement. (emphasis added)

3. Absolute unlimited monopolistic pricing powers granted to new gTLD registry operators, including the right to unlimited increases in domain name registration and renewal fees--ICANN and its "ICANN community" (which is effectively controlled by registry operators and registrars) rejected the recommendation and advice of the the U.S. Department of Justice Antitrust Division to protect consumers (registrants). New gTLD Registry Operators are free to "rape and pillage" the global domain names marketplace and consumers (registrants) worldwide, thanks to ICANN.

4. The Electronic Frontier Foundation (EFF) has warned registrants to avoid new gTLDs due to ICANN's new gTLDs' flawed and overreaching RPMs.

5. And now, the icing on ICANN's global malware cake, SIDN Labs and Delft University of Technology's report (pdf), characterizing new gTLDs as "phishing and malware domains."

Is it any wonder some desperate new gTLD registry operators have tried giving away new gTLD domain names for free? Is it any wonder that new gTLD domain name registrations are collapsing--new gTLD Statistics by Top-Level Domains | ntldstats.com--new gTLDs' registrations are now "falling off a cliff":

This is what happens when you let special interests (a/k/a lobbyists) run internet governance via a governance model known as "multistakeholderism," limiting and excluding governments from their proper role in protecting the public interest. Add to that the dysfunctional ICANN organization which created for its new gTLDs, a new "Global Domains Division" (try to find any reference to that in the ICANN Articles or Bylaws), primarily staffed by incompetent cronies of ICANN's equally inept ex-CEO who quit 3½ years into a 5-year contract. As I've said before, ICANN has proven to be unfit for the purpose for which it was originally intended.

2) Names, Domains & Trademarks

•  .COM Still King: 10 tips for choosing the perfect domain | SearchEngineLand.com August 22, 2017: "... 3. Go for a .COM [domain name]--If you are serious about building a long-term brand online, there is nothing better than a .com. Using a 301-redirect to drive traffic to a .net or .org is totally fine, but owning the .com or the equivalent TLD for your target market country is critical ..."

•  Verisign: Warren Buffett's Stake In The Internet--"VeriSign [domain: verisign.com, NASDAQ: VRSN] is the manager of the .com and .net domain registers - they serve as a monopolistic gatekeeper to the Internet. There are three catalysts for this company's stock appreciation: pricing powers, the Internet's global expansion, and share buybacks. I believe this stock's long-term risk/reward ratio is greatly weighted towards reward ..."--SeekingAlpha.com  Aug. 22, 2017.

•  GoDaddy (domain: godaddy.com) (NYSE: GDDY) announced Tuesday that CEO Blake Irving would retire effective December 31, 2017, and Scott Wagner, GoDaddy President and COO, would assume the CEO role thereafter. Irving will continue to serve on GoDaddy's Board of Directors through June 2018.

•  Ted Cruz, ICANN & NTIA: Ted Cruz should stop obstructing Trump’s [NTIA] nominee [David Redl] for telecom chief | rstreet.org by Joe Kane, Aug 22, 2017: "... Redl has been the subject of a largely unrelated fight waged by the junior senator from Texas over the Internet Assigned Numbers Authority [IANA]. Cruz continues to raise objections about the now-completed transfer of stewardship of IANA functions from NTIA to the Internet Corporation for Assigned Names and Numbers [ICANN]. ICANN is a private, nonprofit company ..." [Editor's note: Cruz has said he wants "assurances" from Redl, and frankly, I would have expected no less.]

•   New gTLDs Reality Check: The Great Domain Correction of 2017? | pinkybrand.com: "... China. China is HARD. You will not be successful there, as a foreign registry operator, at a minimum, unless you understand that you will likely lose money or barely break even for several years and are prepared to deal with that reality. You must be in it for the long term. Long term, at a minimum, is 5 years of sweating it out (flying back and forth on a near monthly basis) before things *might* work out. Over the short to medium term the domain industry is likely to shed inefficient registry and registrar operators and investors, especially some of those who banked on new domain extensions (new gTLDs) that have no real consumer traction—which are many— and can no longer, or are just unwilling, to fund the basic holding/operating costs, let alone fund any marketing team or person. For sure there is an easily foreseen correction—if not outright registration numbers recession—going on right now for some in the domain industry ... This includes ICANN, that may need to shed some personnel as a result of what may be "The Great Domain Correction of 2017"..."

•  .GAY: Request 17-3: Dotgay LLC | BAMC Recommendation on Reconsideration Request 17-3 | ICANN.org 23 Aug 2017: "BAMC [Board Accountability Mechanisms Committee] recommends that the Board deny Request 17-3."

•  .MUSIC:  Request 17-2: DotMusic Limited | BAMC Recommendation on Reconsideration Request 17-2 - ICANN.org 23 Aug 2017: "BAMC recommends that the Board deny Request 17-2."

4) ICYMI Internet Domain News 

• What the United States can do to protect Internet freedom around the world | WashingtonPost.com: "Today, U.S. technology companies adhere to a wide array of requirements from repressive governments that undermine Internet freedom and privacy. These demands violate international law, including the right to freedom of expression. But the enormous benefits of market access outweigh the relatively low costs associated with accepting repressive governments’ demands." See also Another reason China censors the Internet | WashingtonPost.com

• China introduces new rules to "purify" online video content | Lexology.com

• India's blurry battle between digital freedom and security | 11-Aug-2017 | nzcity.co.nz: "India is increasingly pulling the plug on the internet in an effort to combat militants and troublemakers organising online. While the action is supported by some, authorities also acknowledge the perils of limiting communication."

• Chinese company Alibaba's UC Browser under govt scanner for allegedly leaking Indian mobile users data | businesstoday.in: "Chinese company Alibaba's UC Browser has come under government scanner for allegedly leaking mobile data of its Indian users and may be banned in the country if found guilty, a senior IT ministry official said on Tuesday [Aug 22, 2017]."

• "We’re currently living in a time digital strategists have deemed the data wild west. The next decade the data policies set could determine the basis of digital rights for the foreseeable future."--TechCrunch.com

• Inciting Violence vs Freedom of Speech | Namecheap.com: "... The real danger in my opinion is what lies invisible yet is the most dangerous force that anyone of us will ever know. That is the insidious and dangerous force of power. The power to control our thoughts, our privacy, our opinions and most importantly our speech that lies within the dark nature of absolute power itself and takes over seemingly well meaning politicians, presidents, governments, movements that then use this power against us. This is the real danger that we must all be watchful for ..."--Richard Kirkendall, Namecheap CEO

[Editor's note: Investing has moved to the weekly Tech Review.]

5) Most read posts (# of pageviews Sun-Sat) this past week on DomainMondo.com: 

1. News Review: Last Round of ICANN New gTLD .AFRICA Litigation?

2. Explaining Swings in Bitcoin’s Price, Cryptocurrency Primer (video)

-- John Poole, Editor, Domain Mondo 

feedback & comments via twitter @DomainMondo
Follow @DomainMondo

DISCLAIMER

ICANN and the Global Public Interest, A Contradiction in Terms

ICANN--the Internet Corporation for Assigned Names and Numbers--and the Global Public Interest, a Contradiction in Terms?

Efforts by some within ICANN to "define" (and thereby "restrict") the term "public interest" is a misguided, ill-advised, attempt to supplant the proper role of governments, and will most likely result in a definition favorable to the clients and employers of the lawyers-lobbyists-stakeholders who infest, and have largely captured, ICANN structures and processes, principally representing domain name industry and other special interests, all to the actual detriment of the global internet community and the global public interest.

Multistakeholderism, insofar as it applies to ICANN, is just another term for regulatory capture (Wikipedia):

"Regulatory capture is a form of political corruption that occurs when a regulatory agency, created to act in the public interest, instead advances the commercial or political concerns of special interest groups that dominate the industry or sector it is charged with regulating." (emphasis added)

A prime example of ICANN regulatory capture is ICANN's new gTLDs program, which was designed and implemented primarily for purposes of making money for ICANN (for exorbitant salaries, exploding budget, staff levels, etc.), and the domain name industry, principally, new gTLD registry operators, registry service providers, and registrars. The dramatic increase in costs to members of the global internet community to defend against what ICANN enabled by adding over a 1000 new gTLDs to the global DNS, from cybercrimes to trademark infringement a/k/a cybersquatting, matters little to ICANN. By the time legal processes have caught up with the offenders, ICANN, together with the registry operators and registrars, have all collected their respective fees from the abusive domain name registrations and do not have to pay one cent to the victims in the global internet community. ICANN and the new gTLD domain name industry, in effect, constitute a public nuisance, making money by enabling and providing the platforms by which global bad actors, from terrorists to cybercriminals to cybersquatters, profit by exploiting the global economy and the global internet community. It's all win-win, wink-wink, for ICANN and ICANN's partners (@5:35 and 33:06) a/k/a ICANN's customers, or at least, was supposed to be. Read more at ICANN's Boondoggle | MIT Technology Review, August 21, 2012 and ICANN Damaged a Competitive Domain Name Market With Its New gTLDs | DomainMondo.com. ICANN and its domain name industry 'partners' are engaging in rentier capitalism at its worst--"as the economy becomes more and more about information, the crucial ends of capital holders is to take things that could [and should] belong to the commons and instead appropriate them as property rights and sell them off..." 

"ICANN is an organization rooted in the private sector (including civil society) with governments in an advisory capacity. In the Affirmation of Commitments of 2009, ICANN committed itself to act in the global public interest. ICANN is a bottom-up organisation which has its origins in one country and is driven by a community that is dominated by the domain industry and other special interests ... a discussion has started in ICANN about how to better understand the notion of global public interest and how to improve its accountability mechanisms so that the global public interest is better reflected in its decisions ..."  -- Thomas Schneider, Swiss cyber-diplomat and the Chairman of ICANN's Governmental Advisory Committee (GAC); Geneva Digital Watch: Issue 5, November 2015 (pdf),(links and emphasis added).

Contrast ICANN Board Chairman Steve Crocker's letter below with ICANN's current denial in a U.S. District Court of any public interest in new gTLD applications and processes, i.e., the new gTLD guidebook, which resulted from ICANN policy-making! See News Review: dotAFRICA, Public Interest, Judge Holds ICANN Accountable | DomainMondo.com.

ICANN Board Chairman Steve Crocker's letter to GNSO Council Chair James Bladel, 12 April 2016 (emphasis added):

"... historically at ICANN, there has been no explicit definition of the term “global public interest,” the Board has understood the term within the context of Paragraph 3 of the [ICANN] Articles of Incorporation:

“In furtherance of the foregoing purposes, and in recognition of the fact that the Internet is an international network of networks, owned by no single nation, individual or organization, the Corporation [ICANN] shall, except as limited by Article 5 hereof, pursue the charitable and public purposes of lessening the burdens of government and promoting the global public interest in the operational stability of the Internet by (i) coordinating the assignment of Internet technical parameters as needed to maintain universal connectivity on the Internet; (ii) performing and overseeing functions related to the coordination of the Internet Protocol("IP") address space; (iii) performing and overseeing functions related to the coordination of the Internet domain name system ("DNS"), including the development of policies for determining the circumstances under which new top-level domains are added to the DNS root system; (iv) overseeing operation of the authoritative Internet DNS root server system; and (v) engaging in any other related lawful activity in furtherance of items (i) through (iv).” (emphasis added)

"... Future conversation and work on exploring the public interest within ICANN’s remit will require
global, multistakeholder, bottom-up discussion and I am glad to see the GNSO Council, along with other groups, is already taking a keen interest in these next steps."--Letter embedded below (yellow highlighting added):

Resources:

• Exploring the Public Interest within ICANN's Remit Home - Exploring the Public Interest within ICANN's Remit - WIKI Page (information, resources, links)
• The Public Interest Mailing List Archives

See also on Domain Mondo:

• News Review: dotAFRICA, Public Interest, Judge Holds ICANN Accountable 17 Apr 2016
• ICANN Accountability, What Is The Global Public Interest (GPI)? 23 Dec 2015
• ICANN, Domain Industry, Special Interests, and the Global Public Interest 4 Nov 2015
• ICANN, Public Interest, New gTLDs Registry Operator Code of Conduct 12 Aug 2015
• ICANN, Dysfunction, the Public Interest, and the IANA Transition 7 Apr 2015
• ICANN, the Internet, and Acting in the Global Public Interest 16 Mar 2015
• ALAC Call for Freeze on New gTLDs, Safeguards, Public Interest, All Disregarded by ICANN 15 Dec 2014
• Tim Berners-Lee on ICANN, new gTLDs, public interest 18 May 2014

Below is the slide Presentation from ICANN 55, Marrakech, March 7, 2016, Exploring the "Public Interest" Within ICANN's Remit:



Session Overview: Discussions on the topic of the "public interest within ICANN's remit" and potential definitions of this term have been ongoing for years. In 2013-2014, the Strategy Panel on Public Responsibility Framework, led by Nii Quaynor, explored this topic. Based on community input at sessions and webinars, the Panel defined the global public interest in relation to the Internet as: "ensuring that the Internet becomes, and continues to be, stable, inclusive, and accessible across the globe so that all may enjoy the benefits of a single and open Internet. In addressing its public responsibility, ICANN must build trust in the Internet and its governance ecosystem." While some recommended the report, at individual and ICANN meetings, and at ICANN 52 in particular, it is evident there is a need and a desire to revisit this topic. Given limits on bandwidth for additional projects, and given the intense focus on other ongoing dialogues, a wikispace was established as a resource space for all to populate with background documents that will be useful in guiding this conversation forward. As set out in the ICANN Operating and Strategic Plans, ICANN will be facilitating a conversation in Financial Year 16 to explore the "public interest" within ICANN's mission and mandate, and this High Interest Session will form an important part of this work.

Archival Media of March 7, 2016, ICANN55 "Public Interest" Session: 
Exploring the "Public Interest" Within ICANN's Remit | Adobe Connect: Full [EN] Virtual Meeting Room Stream Archive English
Exploring the "Public Interest" Within ICANN's Remit | Livestream: Full [EN] Virtual Meeting Room Stream Archive English
Exploring the "Public Interest" Within ICANN's Remit | Audio: Full [AR] Audio Stream Archive العربية
Exploring the "Public Interest" Within ICANN's Remit | Audio: Full [EN] Audio Stream Archive English
Exploring the "Public Interest" Within ICANN's Remit | Audio: Full [ES] Audio Stream Archive Español
Exploring the "Public Interest" Within ICANN's Remit | Audio: Full [FR] Audio Stream Archive Français
Exploring the "Public Interest" Within ICANN's Remit | Audio: Full [PT] Audio Stream Archive Português
Exploring the "Public Interest" Within ICANN's Remit | Audio: Full [RU] Audio Stream Archive Русский
Exploring the "Public Interest" Within ICANN's Remit | Audio: Full [ZH] Audio Stream Archive 简体中文


Follow @DomainMondo

DISCLAIMER

FIFA Corruption Scandal, Lessons For ICANN and IANA Transition

May 27, 2015: FIFA Corruption: Is It an Existential Crisis? - NC Partnership's Nigel Currie discusses FIFA corruption in international soccer. He speaks on Bloomberg's “Market Makers."
A "money driving corruption"

FIFA Officials Arrested on Corruption Charges | NYTimes.com: "Critics of FIFA point to the lack of transparency regarding executive salaries and resource allocations ... Policy decisions are also often taken without debate or explanation, and a small group of officials — known as the executive committee — operates with outsize power. FIFA has for years functioned with little oversight and even less transparency. Alexandra Wrage, a governance consultant who once unsuccessfully attempted to help overhaul FIFA’s methods, labeled the organization “byzantine and impenetrable.”"

Sound familiar?

However mundane the reality of US government involvement, the IANA oversight provides a symbolic umbilical cord between ICANN and an external body. Once cut, there would be no external constraints on ICANN, a private, unregulated monopoly with control over global critical Internet resources. This is the reason why the IANA transition has to take place within a wider conversation about ICANN’s accountability .... ICANN as a corporation is a largely unregulated, private sector body with control over critical Internet resources on which global economies depend. It has no natural competitors, is cash-rich (in 2014, its current assets were more than $350 million, with a further $145 million in deferred income), and directly or indirectly supports many of its participants and other Internet governance processes. Without effective accountability and transparency mechanisms, the opportunities for distortion, even corruption, are manifold. In such an environment, it is not sufficient simply to invoke trust ... In a public interest company, there is even more cause for concern, particularly as ICANN also has a contractual compliance function over those companies. There are at least theoretical conflicts in the dual roles of supplier and regulator... -- Emily Taylor, ICANN: Bridging the Trust Gap (pdf) (emphasis added)

Or is Multistakeholderism just another word for Elitism?

UPDATE: But it is not just the ICANN Board, officers, and staff that need transparency and accountability mechanisms--the ICANN "stakeholders" themselves are a BIG problem that has yet to be addressed by any of the ongoing ICANN and IANA transition processes--indeed, if anything, the IANA stewardship transition and ICANN accountability work groups have accentuated the elitist, narrow interests who control ICANN stakeholder groups. Look at the members and active participants of these "working groups" and see how the "same names" appear on multiple groups lists--probably less than 100 people total are actually directing and deciding the future accountability mechanisms by which ICANN and IANA will be governed. This is a well-known problem with multistakeholderism about which both ICANN and the US government prefer to deny exists rather than address. Why? Because it serves the incumbent "power" interests--

All stakeholders are equal...but some stakeholders are more equal than others

Multistakeholderism unmasked: How the NetMundial Initiative shifts battlegrounds in internet governance | LSE Media Policy Project: "... most controversies about internet governance were the result of a dichotomy between the proponents of traditional regulation through intergovernmental authority and those of a multistakeholder model, the hypothetical middle ground between a free-market model, a cyberlibertarian idea of self-regulation and the classical governmental approach. What the debates about the two divergent approaches rarely reveal is that most implementations of the multistakeholder approach are far from an ideal governance model. In fact, while multistakeholderism may have so far allowed various non-state actors to participate in internet governance processes, it does not necessarily lead to a wider range of views or a more global representation of interests and concerns. In several instances, multistakeholder processes actually tend to increase the overrepresentation of actors from the highly developed Western world, whereas they neglect developing countries, which often lack independent civil society networks and strong business players that could meaningfully engage in the existing structures... a new but much needed discussion on power mechanisms and could eventually shed light on the real interests of those proponents of the multistakeholder approach who seem eager to maintain the unbalanced representation of voices and concerns in internet governance. In the long run, this discussion could lead to a more honest and transparent scenario for multistakeholderism, which does not fail to consider the rights and interests that all countries and all users have in the governance of the global internet." (emphasis added)

See also: The REAL Domain Hogs: ICANN Officers, Staff, Lavish Pay, Benefits, Accountability Risks Institutionalized and ICANN, Dysfunction, the Public Interest, and the IANA Transition


Follow @DomainMondo

ICANN 51, Money, Sponsors, Conflicts of Interest, Multistakeholderism

ICANN Sponsorship Opportunities | Meetings: "... Your company will receive unsurpassed recognition by our attendees as a Diamond level sponsor, with continuous brand exposure during the week of the meeting and beyond..."

screenshot of  ICANN 51 sponsors (source: icann.org)

How would you feel if your national legislative assembly (e.g., Congress, Parliament, etc.) was commercially "sponsored" by the very same corporations seeking favorable treatment, favorable outcomes, and special prerogatives, rights, and privileges from that very same "governing body"--see any problem with that, any conflicts of interest?

This is SOP (standard operating procedure) in the wonderful world of multi-stakeholder governance of the global Internet DNS as practiced within ICANN where the lobbyists are the legislators [see screenshot at left--ICANN 51 "sponsors" as indicated on the ICANN 51 website].  In this case a picture is worth a thousand words.

Granted, that for all practical purposes, ICANN is often little more than a glorified Industry Trade Association organized for promotion of the Domain Name Industry which dominates its decision-making structure and its Board of Directors (ICANN has no membership--just a self-selected, and otherwise unaccountable, Board of Directors).

Domain Mondo hopes everyone is enjoying ICANN 51--especially the sponsors--and that everyone in LA is getting their money's worth!

Of course, you will never hear ICANN acknowledge at one of its public meetings how much the Domain Name Registrants' fees support ICANN as a percentage of its operating budget--heck, Domain Name Registrants don't even have a seat at the table! (Don't go looking for a Domain Name Registrants Interest Group at ICANN--it doesn't exist!). And look at the ICANN Budget Revenues (pdf)--there is no information as to how much of the income shown as sourced from Registry/Registrars is actually paid by domain name registrants--this is to keep up the illusion that it is the domain name industry that is supporting ICANN when it is actually the domain name registrants!

For more on how ICANN has largely been captured by the Domain Name Industry see:

• Domain Names Industry, ICANN, Regulatory Capture
• Reform ICANN? France or the EU May Be Our Only Hope (video)
• The Internet, US Government, ICANN, ITU Plenipotentiary Conference 
• Most New gTLD Domain Names Are On Life-Support, Infecting Other gTLDs 
• Why ICANN's New gTLD Domains Are A #FAIL, Reason #1 
• Reason #2 Why New gTLD Domains Are a #FAIL 

Follow @DomainMondo

FCC Net Neutrality Issues Expose Divisions Over Future of the Internet

Those interested in ICANN accountability, take note --

FCC Chairman Wheeler initially thought almost everyone wanted fast lane/slow lane internet service (or at least that's what the big money lobbyists on K Street told the FCC) -- instead the FCC has gotten an earful (see below)--too bad ICANN didn't follow FCC protocols before launching its new gTLDs program--

FCC Net Neutrality Comments (via Politico) - "... One key factor: the controversial proposed rules have touched a very intimate and personal nerve for Web users across the country, raising the political temperature at the FCC on this issue. It's also exposed deep industry divisions over the future of the Internet. .. Companies from Netflix to Etsy agree that nothing could be more detrimental to their business than rules that force them to pay more for distribution, urging the agency to use all the available tools to prohibit fast lanes.'..."

Where from here? Title II rules and oversight seem a real possibility now with an overwhelming majority of consumers (i.e. voting public) and content creators and providers (Netflix, Etsy, et al) against "paid" fast lanes.

Note to ICANN: Watch the FCC -- this is what functional governance looks like. But I guess if you are ICANN, a California corporation accountable to no one but its own self-selected board of directors, you don't have to listen to anyone--except, perhaps, a few well-resourced, powerful stakeholders. That's why they love the term "multistakeholderism" -- it sounds so good and inclusive -- but it's just another trick that allows insiders and special interests to call the shots.

Follow @DomainMondo
Seguir a @DomainMondo

IANA Transition a Waste of Time, Decision Has Already Been Made

Dear (name withheld):

I just read your email and attachment dated July 23, 2014. Unfortunately the goal of NETmundial (which you refer to) that the transition of the IANA stewardship “take place through an open process with the participation of all stakeholders extending beyond the ICANN community” has already been subverted. This is now a closed ICANN-centric process essentially comprised of just 3 groups of "insiders" who will ultimately come up with a plan to transition everything to ICANN--in fact Vint Cerf and Google have already started a big PR campaign with video wherein Vint states "NTIA has presented a plan to end this contractual oversight and hand that responsibility over to ICANN" and Larry Strickling of NTIA has now "moved the goalposts" in his speech 3 days ago when he said "Now that ICANN has demonstrated its ability to perform these functions with the support of the community, there is no longer a need for the United States to designate ICANN to perform these functions and we are not obligated to maintain a contract when it is no longer needed."

In other words, Strickling is saying the role performed by the US government is no longer needed--no oversight, no accountability, no verification--nothing, nada--needed! 

Which begs the question, then WHY have an ICG process at all???

Is it all for show? To make everyone "feel good" that the "multistakeholder" or "internet community" agreed to this (when in reality it was decided by the US government, ICANN insiders, and special interests). As I said at the conclusion of Strickling's AEI speech: "Multistakeholderism" means that ICANN insiders, the US government, and special interests control the Internet DNS--now and in the future.

So [name withheld], if you (or anyone else) truly want something different than where this process is now headed, you might be wiser to invest your time elsewhere. Parlez-vous français?

Best regards,

John Poole
Domain Mondo

Follow @DomainMondo
Seguir a @DomainMondo

ICANN suppresses free speech

ICANN suppresses a privacy advocate’s dissent http://t.co/Hc9fW87teh
— IGP Alert (@IGPAlert) June 7, 2014

Chair of ICANN's EWG, Jean-Francois Baril, apparently doesn't believe in free speech or dissent (as is typical of ICANN's sicko culture) and has, in violation of all standards of multistakeholderism, freedom of speech, and common civility, suppressed a dissenting opinion by Canada's Stephanie Perrin:

ICANN suppresses a privacy advocate’s dissent | IGP Blog: 

"In typical ICANN fashion, the EWG members were hand-picked by the board, and some accused it of being overly weighted toward brand protection interests; however, at the last minute ICANN did add Perrin to the EWG. Perrin, now a doctoral student at the University of Toronto, was once Director of Research and Policy in the Office of the Privacy Commissioner of Canada, and Director of Privacy Policy at Industry Canada."

"ICANN’s Expert Working Group (EWG) on Whois and privacy, which published its final report today, has unfortunately continued a long tradition of failing to find consensus between privacy advocates and business interests... In publishing its final report, the lone privacy advocate on the EWG, Stephanie Perrin of Canada, raised some serious concerns about how the EWG was violating basic data protection norms. Her objections were explained over a period of several days. Extreme pressure was put on Perrin to abandon her objections. In the end, she could not agree, and as is the norm, prepared a dissenting opinion. The dissent was provided on time, and the committee was told it would be three pages long. But the chair of the EWG, Jean-Francois Baril, is now suppressing this dissent. He has refused to include it in the report and is excoriating Perrin for not going along. So Mr. Baril is basically saying that you have no right to dissent, that real consensus is not necessary, and if you do dissent, the working group has no obligation to publish it along with the report. This means, however, that Mr Baril has failed. This is not a consensus report. Nothing really has changed in the last 14 years...."

So Domain Mondo will now publish what the anti-free speech thugs at ICANN are suppressing -- the dissent of Canada's Stephanie Perrin, in full:

Dissenting Report from Stephanie Perrin:

June 6, 2014

It has been an honor and a privilege to serve on the EWG for the past 16 months, and I am truly impressed at the work we have done, and the spirit of consensus that has enlivened our discussions on the complex matters we were tasked to address. This has been a tremendous amount of hard work, and my colleagues have worked selflessly, with weekly calls, research and reading, and many face to face meetings. Finding the correct balance between transparency, accountability, and privacy is never easy, especially in a global context with different cultures, legal regimes, and economic power. I am very proud of what we have achieved, so it is with great reluctance that I raise issues where I cannot agree with the consensus on some aspects of this report. I feel it is my responsibility, as one who was brought on the committee to provide data protection expertise, to point out some weakness in some of the provisions that we are recommending.

The EWG report is complex, and must be read in its entirety; sometimes it is quite hard to follow how things would actually be implemented, particularly if you are a reader who is not immersed in the arcane details of domain name registrations on a daily basis. There is nothing devious in that, the matters are very detailed and deciding which order to put them in, what topics ought to be addressed in which section, is not easy. The end result, however, is that one must follow a thread through the report to determine ultimate impact. The purpose of this appendix is to follow the thread of protection of the sensitive information of the average simple domain name registrant. Whether they be an individual, small company, or small organization, we need to see what happens, and how rights, whether legislated or simply claimed on the principle of fundamental fairness in the administration of a public good, are enforced. I regret to say that I am not happy with what I find when I follow that trail. I have tried to explain how these rights ought to be implemented and enforced, to those who are more familiar with their own areas of expertise both within the EWG and in the broader community, and this appendix is added in an attempt to help further clarify these issues. I am concerned that the rights and important interests of these individuals may not be effectively protected by the inter-related provisions which we have set out.

There are three basic outcomes where I cannot agree with the consensus.

The requirement to have a legal contact, where address and phone number are mandatory to provide, and published outside the gate, in the publically available data.
The default, if one is a simple registrant who does not want to hire a lawyer or other actor to assume the role of legal contact and publish their details in the RDS, to publishing registrant information, notably address and phone number in the RDS outside the gate.
The inclusion of a principle of consent (28), whereby a registrant may consent to the use or processing of her gated information for the permissible purposes enumerated for accredited actors behind the gate.

Let me provide some context around each of these points.

Firstly, these details appear in the section on purpose-based contacts, which proposes a new ecosystem of validated contacts. I support this, and the associated accountability mechanisms, whole-heartedly. I agree with the consensus view, that domain name registrants must be accountable for the use of the resource. Being a privacy advocate, I do not equate accountability with transparency of detailed personal or business information, I equate it with responsiveness. If a registrant fails to respond to serious issues, it is appropriate to expedite the action, depending on the issue, and contact the registrar to take action.

However, I understand the objective of our proposal of gated access to be the sheltering of customer data: the purpose of the gate is to screen out bad actors from harassing innocent registrants, deter identity theft, and ensure that only legitimate complaints arrive directly at the door of the registrants. It is also to protect the ability of registrants to express themselves anonymously. Placing all contact data outside the gate defeats certain aspects of having a gate in the first place. Obviously large companies are eager to publish their contact data, as it makes it easier for them to streamline requests and manage the actions over thousands of domain names. A simple registrant with a couple of domain names has entirely different needs and resources, and is unlikely to want to spend money hiring an ISP or Registrar to provide these contacts for them.

I whole-heartedly applaud the emphasis we have achieved in this report on the necessity of having privacy/proxy services in the RDS ecosystem, for both individuals and organizations. I do not believe that should be the only way an individual or small organization can avoid having their private information published. We have a principle that recommends providing resources for registrants who are economically disadvantaged, but it is not clear how we could implement that globally, particularly in developing economies where the need is likely greatest.

An additional context, is that we propose a rules engine that enforces jurisdiction, with respect to the privacy rights of individuals who are protected by personal data protection law. This is an ambitious and potentially very useful proposal, but it only protects individuals, and occasionally legal persons in some jurisdictions, and only where data protection is in place, and would find the presence of name, address and phone number in a public directory to be in conflict with data protection law. These are very important caveats. Not all data protection regimes would find, or have found, that directory information must be protected. Secondly, it is not clear enough for me how that rules engine would encode rights. Would it be based on precedents? My interpretation of the law? Your interpretation of the law? This is a difficult question and provides no certainty as to the outcome in the instances where I have cited my disagreement. A third problem with the rules engine, is that it proposes to address regimes with data protection law only….what happens to organizations that have a constitutional right to privacy for the purposes of free speech and freedom of association, such as in the United States? Finally, is it fair to individuals in jurisdictions where their countries have not enacted data protection law? Does ICANN, in the monopoly administration of a public resource, not have a responsibility to set standards on an ethical basis, based on sound best practice?

The two remedies then, I find inadequate for the reasons cited above:
Hire a privacy proxy/service provider, or proxy contact, if you do not want your contact data published in the public portion of the RDS
The rules engine will enforce data protection rights, and place this data behind the gate.

I am not confident that these will be effective as a means of allowing independent registrants to gate their name and contact information. We have indeed proposed another mitigation for this and other privacy-related problems in the privacy section. The EWG recommends that ICANN develop a privacy policy to govern the RDS. I am extremely pleased with this recommendation. It is my view, however, that it will not be a proper policy unless it governs the collection instrument, which can be found in the requirements set out in the 2013 RAA, and the escrow requirements, to be found in the same place. However, this is a magnificent step forward as far as I am concerned, and I believe once the PDP is struck to work on the policy, my arguments will be persuasive on the need to include the collection and retention instruments, as presented in the contract requirements. Once again, though, until this instrument is developed, and the actual enforcement mechanisms determined, it would be unwise to rely on its potential to reverse the clauses to which I am objecting.

I would like now to address the consent principle. It is my view that we cannot elevate one principle of data protection above the others, because they are inter-related. Consent must be read in the context of legitimacy of purpose, proportionality, rights to refuse, rights to withdraw consent, specificity of purpose and use, and so on. To offer individuals and organizations the opportunity to consent to the use of their sensitive, gated data, for all the permissible purposes, in my view can be read as providing blanket consent to accredited users behind the gate. It can be read as voluntarily giving up any privacy protection one might have expected under local law, and any right to select some purposes as opposed to others. It greatly simplifies one of the biggest problems we faced as a group in grappling with the concept of accrediting users only for certain specific purposes, but from a privacy perspective it greatly reduces the effectiveness of the gate as a privacy mechanism. Once again, if you understand the risks, you will hire a proxy service. From the perspective of an elite North American, this looks like a no-brainer, just hire a proxy.

However, we have a responsibility to examine this from the perspective of a global eco-system. We have now set up a system where accredited actors have access to inside data, others do not. We have labored long and hard in the group to ensure that the parameters of the RDS are flexible and allow individuals to apply for access beyond the gate to resolve specific problems and issues they encounter, but in fact the vast majority of end-users will be unlikely to make effective use of this right. I totally agree with my colleagues that the market will rush to provide this kind of service at low cost, but I flag it as an element to watch in this discussion.

I hope that this clarification serves to flag some issues that are important with respect to data protection. I would like to reiterate my strong support for this report. I believe this report, and the work that lies behind it, is an important contribution to the Whois evolution. I would stress however, that we are setting up the ecosystem to manage personal information globally. Different cultures have different norms with respect to the transparency of their citizens, and it is appropriate to err on the side of protection of information. I would therefore conclude with the following recommendations:
Gate the legal contact information for individuals and organizations who wish to protect their private data
Consent needs to be meaningful, specific, explicit and for legitimate purposes. A blanket consent as envisioned here does not meet these requirements
Privacy policy at a mature level needs to be developed to inform the other policies referred to here. It cannot come in as the caboose at the end of the train.

I appreciate the opportunity to make these comments.

Stephanie Perrin


Follow @DomainMondo
Seguir a @DomainMondo

The Real Problem With ICANN Multistakeholderism

"[NetMundial was] an indication of what present-form multistakeholderism in internet governance is likely to produce. Despite the very extensive contributions to the NETmundial process -- 188 detailed submissions; 1,370 comments on the pre-meeting draft; 1,480 'stakeholder' participants; and the innovations of various civil society groups to bring quantitative analysis to the discussion -- ultimately, the drafting was in the hands of, and manipulated by, a few." (source: Wired UK infra)

Although ICANN in reality is a closed, top-down organization, it has been claiming that it follows a bottom-up, multistakeholder model of governance. So what is the problem with multistakeholderism?

Big business was the winner at NETmundial (Wired UK): "Welcome to the Realpolitik of the net. The big lesson of NETmundial is that diplomacy by multistakeholderism (i.e. a room full of voices -- governments, corporations, individuals) has all the disadvantages of multilateralism (i.e. a room full of government voices): it is incremental, modest, guided by a few well-resourced players, and only mildly effective. But in addition, multistakeholderism has one major kicker: instead of big business exerting disproportionate influence from the shadows, in multistakeholder discourse, corporate giants are welcomed with open arms and given a massive stake. We can see this very clearly in the 11-page outcome statement of NETmundial...."

This is a very well known flaw in multistakeholderism -- corporate lobbyists and other special interest groups become the legislators, and the public interest is disregarded even more than in multilateral models:

Multistakeholder governance model - Wikipedia: "...Criticism of multistakeholderism comes from Paul R. Lehto, J.D., who fears that in multistakeholderism, those who would be lobbyists become legislators, and nobody else has a vote. Lehto states that "In a democracy, it is a scandal when lobbyists have so much influence that they write the drafts of laws. But in multistakeholder situations they take that scandal to a whole new level: those who would be lobbyists in a democracy (corporations, experts, civil society) become the legislators themselves, and dispense with all public elections and not only write the laws but pass them, enforce them, and in some cases even set up courts of arbitration that are usually conditioned on waiving the right to go to the court system set up by democracies. A vote is just a minimum requirement of justice. Without a vote, law is just force inflicted by the wealthy and powerful. Multistakeholderism is a coup d’etat against democracy by those who would merely be lobbyists in a democratic system."..."

This is why the Domain Name Association was formed to represent corporations with vested interests in the domain name industry and ICANN governance, and has as its Executive Director the former Chief Strategy Officer of ICANN, architect of ICANN's new gTLDs program (who resigned from ICANN as a result of his own personal conflict of interest). 

Domain name registrants (as well as internet users) have almost no representation within ICANN, even though it is their registration fees that keep ICANN operating. That doesn't look to change in the future.

Follow @DomainMondo
Seguir a @DomainMondo

ICANN, New gTLD Domain Name Renewal Fees, Price Gouging

Domain Name Registrants beware: ICANN has let the new gTLD Registries run wild. For example, a new gTLD domain name Registry can essentially charge whatever it wants for domain name renewal fees. Isn't it interesting that none of the media nor ICANN nor Registrars have told you that! Fortunately for now, for domain name registrants, regular domain names like .com domain names still have renewal fees limited by the US Department of Commerce when it approved the last Verisign contract (registry for .com). However no one knows* what will happen after November 30, 2018, when the current Verisign contract ends, if the US gives up all oversight. If ICANN's track record with the new gTLD domain names is any indication, come late 2018, even .com domain name renewal fees may be subject to price gouging by the Registry and Registrars.

ICANN, under the influence of its insiders and special interests, made sure that the new gTLD domain names were not like .com domain names, when it came to renewal fees, or other Registry restrictions. Currently, known new gTLD domain name renewal fees run as high as $30,000 per year per domain name. That is not a typo, yes, $30,000 (US$). This is, apparently, what ICANN considers "innovation" and "enhancing competition and consumer choice."

ICANN is nowhere ready to be let loose and allowed to run around unsupervised. Proof of that is in ICANN's disastrous roll-out of the new gTLD domain names program. Unfortunately, this is not the only disaster ICANN has created or allowed. This is what happens when you have an immature organization dominated by insiders and special interests. Remember, ICANN purposefully excluded users and domain name registrants from representation in ICANN (unlike registrars and registries and affiliates which are overrepresented). Do not believe ICANN when it talks about multistakeholderism. That is just another word ICANN uses for letting the foxes guard the hen house.

Caveat Emptor!


Follow @DomainMondo
Seguir a @DomainMondo

*IANA Functions and Related Root Zone Management Transition Questions and Answers | NTIA: "Q. Are the legacy top level domains associated with U.S. Government (e.g., .mil., .gov, .edu) part of this transition? A. No, the operation of and responsibility for the three remaining legacy top level domains associated with the U.S. Government specifically .mil, .gov, and .edu are not impacted by this transition as they are not part of the IANA and related root zone management functions." -- no mention of what happens to other legacy top level domains like .com, .net and .org which have been protected from price-gouging only by action of the US Government  -- ICANN: Important Corrections To Inaccuracies and Misconceptions Regarding U.S. Announcement: "As we know under the the last Verisign contract it was the US Department of Commerce that stepped up at the last moment to stop the 4 out of 6 year rate increases of 7%."