ICA responds to ICANN CEO Fadi Chehadé’s “Hogging” remarks

ICANN boss made questionable comments in Davos last month.

Internet Commerce Association has sent a letter (pdf) to ICANN CEO Fadi Chehadé, following remarks Chehadé made at the World Economic Forum’s annual meeting in Davos.

In a video interview with Huffington Post, Chehadé said:

The reality is, the more there are names, the less people will actually be hogging names in order to charge a lot for them. Because if somebody took your name on dot-x, you can go get another name on dot-y now.” and “We went from twenty-something top-level domains … to hundreds now… We think it will actually reduce cybersquatting eventually.

The remarks were widely rebuked. On this week’s Domain Sherpa Discussion, I noted that it seemed Chehadé went off message while trying to say that new TLDs deliver more consumer choice while not contributing to a meaningful increase in trademark infringing domain names.

ICA’s letter, penned by President Jeremiah Johnston, notes that people investing in domain names (i.e., hogging domains) are the ones footing the bill for ICANN’s massive growth and budget. ICA’s members represent about 10% of all registered domain names, and Johnston points out that this means they paid for about 20 of Chehadé’s 197 trips last year.

The notes that there is nothing wrong with domain name investing, and investors are merely setting a market price. Furthermore, new TLD companies are playing the same role as domain name investors in legacy TLDs, reserving thousands of domain names and setting high prices on the better ones. For the most part, it’s not the case that, if your desired domain is taken in .com, you can acquire it cheaply on a new TLD.

In fact, new TLD operators’ ability to charge whatever they want for new TLDs is probably why contention set auctions are going so high, further lining ICANN’s pockets.

The absence of pricing controls in new gTLDs has in fact shifted pricing discretion away from portfolio registrants and toward registry operators. In .com and other legacy gTLDs with low annual registration fees, domain investors price domains they offer for resale based upon their perceived market value. In the new gTLD program, the registries are pricing annual domain registration based upon on their perception of market value. In both instances, the marketplace is working.

The letter also questions Chehadé’s use of the word “cybersquatting” in the same breathe of “hogging” domain names, and seeks clarification on if he was tying domain name investing together with trademark infringement.

ICANN hacked, zone file system among victims

Hackers phished ICANN employees to gain access to systems.

ICANN revealed today that its systems were compromised by a phishing attack.

The attack involved emails designed to look like they came from ICANN’s own domain name being sent to members of its staff. Email credentials of several ICANN staff members were obtained.

It appears the biggest system to be accessed as a result of the security breach was The Centralized Zone Data System (CZDS). This system is a repository for zone files from each registry, updated daily. Many bloggers use this system to download zone file data.

According to ICANN, the attacker gained access copies of the zone files in the system, as well as information entered by users such as name, postal address, email address, fax and telephone numbers, username and password. It says the passwords were stored as salted cryptographic hashes, but it has reset all passwords as a precaution.

Was CZDS the target of the attack, or was it just one of the few systems the attackers could access with the obtained credentials?

Given the current struggle over the transition of certain internet management functions away from the U.S. government, ICANN could become a target for future politically-motivated attacks. There could certainly be Sony-like emails that people would like to get their hands on.

The attack occurred in November, and ICANN discovered that the compromised credentials were used to access the CZDS in December. ICANN says notice of the issue was not delayed as a result of a law enforcement investigation.

Internet wins as court denies motion to seize ccTLDs

Court rules .ir, .sy, .kp and related IDNs cannot be “attached” as compensation.

ICANN and the internet community at large got a victory this week as a U.S. court denied a request (pdf) to seize country code top level domains (ccTLDs) as compensation in a lawsuit.

A number of claimants that had won a judgement against Iran, Syria and North Korea over terrorism charges had demanded control of the country’s ccTLDs (.IR, .SY and .KP plus IDN versions) as payment.

The U.S. District Court for the District of Columbia determined:

The ccTLDs exist only as they are made operational by the ccTLD operators that administer the registries of second level domains within them and by the parties that cause the ccTLDs to be listed on the root zone file. A ccTLD, like a domain name, cannot be conceptualized apart from the services provided by these parties. The court cannot order plaintiffs’ insertion into this arrangement.

Had the court ruled otherwise, it would have opened up a can of worms in internet governance. Already, many countries are not comfortable with the U.S.’s “control” of the internet.

There is currently a process to lessen this role by taking the U.S. government out of a contractual relationship for certain functions managed by ICANN. World governments would have been incensed had a U.S. court granted the seizure of an existing country code top level domain name, even if they were those of state sponsors of terrorism.

ICANN: no decision yet on Morocco meeting

Organization is considering its options due to possible travel restrictions.

ICANN today responded to rumors about postponing next February’s meeting in Morocco by saying it has not yet made a decision. However, it confirmed that it is considering a postponement related to the Ebola outbreak.

While Morocco itself is not at the center of the outbreak in Western Africa, host officials are concerned that future travel restrictions might limit the ability for people to attend the meeting from other African countries.

This is not the first time ICANN has had to make a tough decision about whether to go forward with a meeting. In 2010, there were calls to relocate a meeting in Nairobi, Kenya due to security concerns. ICANN went ahead with the meeting, but a number of would-be participants attended remotely or in a satellite location in the United States.

I’m not aware of anyone who attended that meeting who was affected by violence.

ICANN had previously relocated another meeting scheduled for Kenya due to unrest.

ICANN slashes new TLD forecast, but is it enough?

ICANN is forecasting 15 million new TLD registrations during the current fiscal year.

ICANN forecastICANN has slashed the number of new top level domain name registrations it expects during this fiscal year for budgeting purposes, but is its picture still too rosy?

That’s a question that members of the Registrar Stakeholders group asked ICANN’s board last week in Los Angeles.

In May, ICANN set a draft proposed budget for the 2015 fiscal year, which runs from this July to June 2015. Its revenue forecast from new top level domain names included a startling number of second level registrations under new TLDs: 33 million.

It has since revised the forecast down 55% to just 15 million.

Given results so far, it hardly seems likely that 15 million new domains will be registered in new TLDs before next summer — even if you include registrations occurring before the fiscal year began. There are currently about 2.8 million registrations.

Domain registrars are concerned that they’ll get stuck holding the bag if revenue comes in below target.

New TLD registries pay ICANN a fixed fee of $6,500 per quarter ($25,000 per year). If they have more than 50,000 “transactions” in a year, they pay 25 cents per domain. Transactions are actually domain-years, not registrations, but ICANN’s budget refers to a number of domains registered as an assumption in its forecast. I’m not sure how ICANN calculates this in the budget; they must be assuming a certain number of TLDs cross this threshold.

Should domain registrations come in below forecast, then ICANN will have a revenue shortfall. The easiest place to make that up, the registrars fear, is by increasing the variable registrar fee on domain name registrations. That’s the 18 cent “ICANN Tax” you usually see passed on to the customer.

ICANN’s latest FY2015 budget cites the number of new TLD registrations as a risk factor. In fact, it mentions the risk of a “lower number of transactions per registry” as “high”, and lists the likelihood of a “higher number of transactions per registry” as low.

It certainly seems that ICANN should be planning for a lot fewer registrations than are in its budget.