Tim Brown

Domain Names and Online Brand Protection

Tag: ICANN

Verisign versus ICANN

27 February 2004 /

VeriSign – administrators of the .com and .net generic top level domains – has announced that it has filed a lawsuit in Federal Court in the Central District of California against Internet authority ICANN.

In recent months, relations have reached an all-time low between VeriSign and ICANN – the California-based, non-profit corporation established by the U.S. Department of Commerce which plays an important role in the technical management of the Internet’s domain-name system.

The suit alleges that ICANN “overstepped its contractual authority and improperly attempted to regulate VeriSign’s business….by straying from its charter and agreement to be a technical coordination body, VeriSign asserts that ICANN has improperly attempted to become the de facto regulator of the domain name system and in doing so stifled the introduction of new services that benefit Internet users and promote the growth of the Internet.”

The probable catalyst for the VeriSign’s suit was almost certainly ICANN’s move to block VeriSign’s highly controversial Site Finder service. The service was unilaterally introduced by VeriSign last September resulting in users, who mistyped certain domains in their browser, being taken to a website run by VeriSign, rather than receiving the usual error message.

Commenting on the legal action, Tom Galvin, vice president of VeriSign Government Relations said:

An effective, credible ICANN is a positive thing for the Internet community. We fully support a global framework for the coordination of the domain name system. This effort is about gaining clarity around ICANN’s role with the hope of establishing an effective and credible structure for Internet governance. That structure will help promote innovation and new services that benefit millions of Internet users.

At the time of writing, ICANN hasn’t responded publicly to VeriSign’s action, but – as with the row over SiteFinder – it is likely to defend its corner robustly. This latest ruckus demonstrates yet again that the Internet is still in its infancy, with various factions struggling to define exactly how, and by whom, the Internet should be regulated. With the web and email now an integral part of global commerce, the stakes couldn’t be higher.

Developing Countries “May Challenge Domain Governance”

28 November 2003 /

The World Summit on the Information Society (WSIS) is due to take place in Geneva on 10-12 December. While the published statement of the secretariat indicates that it

aims to bring together Heads of State, Executive Heads of the United Nations agencies, non-governmental organizations, civil society entities, industry leaders and media representatives to foster a clear statement of political will and concrete plan of action to shape the future of the global information society

It appears that a more specific plan may be tabled by some countries to move Internet policy and governance (and particularly the control of the Internet domain name system) from the Californian non-profit corporation ICANN to the United Nations.

Thabo Mbeki, South African President, is reported as indicating on 16 November that he wished to see a multilateral mechanism for Internet governance and that the summit was the ideal place to do this. He is supported on this topic by other countries such as China and Brazil, while the contrary position has been adopted by the USA and the European Union. ICANN is popular with the last two because of its US-style dedication to free market forces and commitment to the values of commerce and free speech; and naturally the fact that the US itself maintains a very direct influence over ICANN’s activities.

Some commentators have suggested that a group of the developing nations may band together to enforce their demands against the wealthier nations at the summit. Similar steps were taken at the World Trade Organisation talks in Mexico.

The South African government recently took control of its local country code .za via legislation, and it is likely that this nation, along with certain others, views the USA’s effective control of the country code system and generic top level domain names (through its contract with ICANN) to be unduly restrictive to each territory’s sovereign rights over its own space on the Internet.

ICANN President Paul Twomey is leading the defence of the status quo. His message is that the Internet represents a partnership between a range of stakeholders, of which the world governments are only a single component. Other parties which ICANN sees as stakeholders include the business, engineering and technical communities. At the same time, Twomey is keen to point out that ICANN’s board is comprised of individuals from a range of countries, not just the USA.

Meanwhile, other critics of the possible change point out that if the domain name system is run by the United Nations, developments such as domain name policy and governance will be determined on a far more political basis than they are at present. “Plus ca change”, says Demys.

Whatever happens, we can expect that a lot of talking will be done. Some believe that this dialogue may give rise to an initial plan which could be taken forward at the next meeting, already scheduled for 2005.

Nevertheless, if there were to be change this time round, it would be bound to have a major effect on the domain name system, bearing in mind that ICANN was the architect of the experimental introduction of the last set of seven new top level domain names, including .info and .biz, in 2001. Accordingly, if the WSIS provokes further discussion on this topic, Demys News will keep you posted.

The Odd Couple – Public Policy Meets the Internet

16 October 2003 /

After the dot com bubble popped in the late nineties many commentators wrote off the Internet as a dead duck. The seeming myriad of “we-sell-aardvarks2u.com” e-businesses gave it a bad name. The Internet wasn’t considered a serious player in the global economy and therefore its legal setup, matters of policy and governance were consigned to the back-burner by mainstream business as something of little interest or concern.

Skip forward to 2003. The Internet is ubiquitous. The wheels of commerce are turned by it and yet we no longer talk of dot com businesses. Mainstream commercial activity has become dependent upon email and, to a lesser but still significant extent, the web. Ask yourself what it would be like to be without access to your favourite business websites and your corporate email, even just for a day. So what is all this resting on? The domain name system. Meanwhile, how that system is governed and operated, and by whom, has now become of vital importance – so gradually that perhaps this importance has been neglected by many of those who now rely on it daily.

Matters of Internet policy and governance are controlled by a diverse range of different organisations – some, like IANA, are concerned with purely technical matters of policy; others, like Nominet in the UK, have jurisdiction over a country’s domain names; and other organisations are concerned with managing policy relating to generic top level domains like .com which affect all global Internet users.

Such is the lack of attention to Internet policy in general that the biggest recent story was Microsoft’s decision to close down some of its chatroom services. Yet while the media decided to cover this largely irrelevant and public relations-induced announcement, a major fight was breaking out over actual control of the domain name system itself, following a fundamental change which had quietly been made to the entire Internet – affecting every browser and email client worldwide. This story, and one or two other current policy and governance developments, are covered below.

Trouble at the top – sitefinder

September saw perhaps the most controversial issue relating to Internet policy ever to have struck the Internet. This was the unilateral introduction of a new “Site Finder” service by VeriSign – the operator of the global .com and .net registries – raising questions as to which body is ultimately in control of the Internet.

VeriSign’s “Site Finder” service began to operate on 15th September and resulted in users who mistyped .com or .net domains in their browser being redirected to a web site run by VeriSign, rather than receiving a standard error message or one generated by the browser.

The Site Finder page suggested a list of related domains that the user might have been trying to reach and provided a directory of web sites. VeriSign claimed that this service was provided to help Internet users find the sites they were looking for. However, it was also noted that the directory of web sites included sponsored links and other advertising which was generating revenue for VeriSign.

To enable the service, VeriSign used its position as the .com and .net registry operator to create a “wildcard address record” so that all attempts to reach a site, except those with valid domain names, resulted in redirection to Site Finder. Registries are the entities that ultimately run top level domains by maintaining the DNS databases which act like giant Internet phone books. The database matches the domain you type into your browser with the IP address for the computer you are attempting to contact. As there can only be one such database for each top level domain, companies like VeriSign have a monopoly position by virtue of technical necessity.

The launch of Site Finder proved extremely controversial – a non-technical analogy might be if a telephone provider with a monopoly position in the marketplace suddenly changed the standard message: “the number you have dialled has not been recognised” to a message stating “the number has not been recognised but here are some other numbers which you might have been trying to reach [and some advertisements as well]”. Imagine, too, that this message is provided only in English all across the world regardless of the local language of the telephone subscriber.

SiteFinder raised a number of technical concerns as, in effect, every possible domain in the .com and .net space now appeared to be registered – breaking some anti-Spam software and other applications. There were also privacy concerns in that misdirected email would be “bounced” by VeriSign’s servers rather than simply generating an error message. In theory such emails could be monitored, archived or otherwise used by VeriSign – although they had no plans to do this at launch.

In addition, some commentators noted potential intellectual property difficulties in that by redirecting misspellings of domain names corresponding to trade marks VeriSign could somehow be passing off.

In light of these concerns the body charged with matters of Internet policy and governance, the Internet Corporation of Assigned Names and Numbers (ICANN), requested that VeriSign suspend the service pending further investigation of its possible effects. VeriSign, however, refused leading to a Wild West showdown. After an initial exchange of correspondence and a brief standoff, ICANN gave VeriSign an ultimatum with a time limit – but what they were going to do if VeriSign did not comply was very much in doubt. Some commentators thought that ICANN might not be able to enforce the registry operator’s contract against VeriSign – the only option which it had in reserve.

While VeriSign finally backed down by ICANN’s final deadline on 4th October, it is highly significant that the registry felt it could challenge ICANN’s authority by refusing to remove the SiteFinder service for nearly two weeks after the initial request – a move which affected millions of Internet users and sent Internet Service Providers scurrying to rework their network architecture.

There have been other challenges to ICANN’s authority over the last year or so and mutterings throughout the Internet community that perhaps other bodies, such as the ITU, could do a better job. However, the US Department of Commerce – which awards the contract to govern the Internet – has renewed ICANN’s contract for another three years. So at least for the time-being ICANN is here to stay, but with various powerful bodies raising challenges to its authority the next three years could be a stormy period.

Domain disputes

Another area of interest is the development of dispute policies by generic and country code domain operators. This is of great importance to lawyers and others wanting to protect their intellectual property rights on the Internet and especially when enforcing rights against cybersquatters or domain speculators.

Dispute policies vary enormously in both application and effectiveness. Two contrasting examples may be taken from Nominet’s approach in the UK and that of DENIC in Germany.

Nominet’s Dispute Resolution Service (DRS) is one of the most admired and successful domain mediation and arbitration procedures. Since its launch in September 2001 approximately 1,000 complaints have been received by Nominet with a sizeable proportion of these being settled at the first informal mediation stage and around 160 cases being referred to an independent expert for decision. The system is seen by many commentators as a cost-effective way to challenge conflicting domains and the quality of decision is generally seen as impressive. In addition, the DRS is also one of very few domain arbitration systems that includes an appeals system – where decisions by the first instance expert can be reviewed by a three member panel. Ultimately a successful complainant may receive a transfer of the disputed domain name – in a step that takes place directly at the registry zone file, so that issues of foreign jurisdiction or remote registrants are minimised.

By contrast, the German naming authority DENIC does not have any system of domain arbitration. Conflicts over domain names must be thrashed out in the courts. On application and with supporting evidence of a trade mark conflict the German naming authority may be prepared to mark a domain “under dispute” which prevents the name being transferred to another user. However, this is a relatively neutral step which does not stop the current user from operating the domain for web or email services. Some therefore regard such a notification policy as rather toothless. However, the Italian country code registry has the best of both worlds – a “dispute marking” system and an arbitration procedure.

The contrast between the UK and German systems exemplifies the problems with global brand enforcement – there are over 250 different country code and generic top level domains, many with their own dispute system. Some countries, such as Ireland, the Netherlands and Switzerland have recently introduced new dispute policies while others have plans to do so in the future; still more are sitting on the fence. And while it has become increasingly difficult for intellectual property practitioners to keep abreast of the changes to each country code regime it does not look like the operators are set to consolidate their policies or approaches any time soon.

IDNs

Another developing area of interest concerns Internationalised Domain Names (IDN’s). These are domain names which can include non-standard character sets – accents, umlauts, non-western language alphabets etc. They present particular problems in terms of Internet policy and intellectual property enforcement because of the conflicts that can arise. For example, in a system where both café.com and cafe.com can co-exist problems are perhaps inevitable.

Support for IDNs is mixed, with Afilias – the body that run the .info generic top level domain – recently announcing the introduction of umlauts for .info. By contrast, the French naming authority – AFNIC – has come out both for and against IDNs, on the one hand welcoming their ability to recognise French language characters, yet also warning that they may lead to spiralling costs for businesses trying to protect their intellectual property by buying every possible combination of domain that might be similar to their trade marks.

Some registries are considering ‘bundling’ IDNs by offering them to the existing registrant of the corresponding standard character-set domain. This in itself may open a can of worms, bearing in mind the potential competing claims to the bundled names. Likewise, businesses are having to decide whether to convert their name directly into local language scripts in order to effect blocking registrations or whether, culturally speaking, an IDN should reflect a more descriptive approach to the mark. This represents the difference between Lloyds TSB registering a transliterated version of their name in Chinese characters or instead registering ‘big black horse’ (or whatever the appropriate cultural descriptive for their business might be in China) or indeed both.

Given that English is not the first language for vast numbers of Internet users, IDNs are an inevitable development which is here to stay; how the law and policy will develop is not at all clear.

New TLDs

As noted earlier in the article, there are over 250 country code and generic top level domains – each with their own changing policies and governing bodies, and with varying approaches to disputes. If this were not enough to contend with there are plans to introduce more domains over the next few years.

For example, the President of ICANN hinted heavily earlier in the year that three new generic top level domains would be introduced to complement existing gTLDs like .com and .net. In addition, the European Union was given the go-ahead to introduce the new .eu domain (technically, for Internet governance purposes, a country code – one wonders what the Euro-skeptics would think if they knew!) which is provisionally due to be launched later this year.

The rules concerning how these new domains will work, who can apply for them and how disputes will be settled are still developing. One topic under discussion has been whether there should be a ‘taxonomy’ for the Internet domain name space – accepted categories of new domains to be introduced. There are very strong views both for and against and the ultimate decision may affect the whole appearance of the domain name space for years to come.

.eu will be especially important in the UK when it is finally launched. We know from the European legislation (and in this fuzzy world of Internet governance it is relatively unusual to have any legislation underpinning the introduction of a domain name) that there will be a ‘sunrise period’ where existing trade mark holders may apply for a corresponding domain name, but the seniority of marks and the timing of the launch are still wide open.

The future

With all these areas still under development, the Internet is undoubtedly in its infancy. Perhaps it is unfair to expect significant maturity where, for example, the domain dispute regime is some three years old compared to over a century of trade mark policy, legislation and experience. However, never before has a technology so important, so global and so central to modern living arisen so quickly; there is little place for the rather considered, reactive approach of the traditional global policy makers.

As the fight between ICANN and VeriSign illustrates, before the Internet fully matures we must expect a few years of teenage rebellion.

Verisign Loses SiteFinder

6 October 2003 /

Following a demand from ICANN (the Internet Corporation for Assigned Names and Numbers) on 3 October, VeriSign, the .com and .net registry operator, has removed its much-criticised SiteFinder service.

SiteFinder changed the operation of the domain name system so as to direct requests for non-existent .com or .net domain names to VeriSign’s own search engine. According to ICANN, which published an Advisory notice on 3 October, SiteFinder also had extensive unwanted effects including causing software which relied on negative responses, for example, in testing the existence of a domain name before sending email to it, to fail. One of the most significant non-technical complaints was the fact that SiteFinder’s pages were in English, causing problems for other language speakers.

ICANN stated:-

…the changes to .com and .net implemented by VeriSign on 15 September have had a substantial adverse effect on the core operation of the DNS, on the stability of the Internet and the .com and .net top-level domains, and may have additional adverse effects in the future.

Further, VeriSign’s actions are not consistent with its contractual obligations under the .com and .net registry agreements. The contractual inconsistencies include, violation of the Code of Conduct and equal access obligations agreed to by VeriSign, failure to comply with the obligation to act as a neutral registry service provider, failure to comply with the Registry-Registrar Protocol, failure to comply with domain registration limitations, and provision of an unauthorized Registry Service.

Accordingly, ICANN insisted that SiteFinder be suspended by 6pm US Pacific time on 4 October, failing which ICANN would take steps to enforce VeriSign’s contractual obligations. VeriSign responded shortly afterwards that it did indeed propose to withdraw SiteFinder, notwithstanding the fact that it had refused to do so in previous correspondence until further data had been gathered as to the effectiveness of the operation.

In announcing the withdrawal, VeriSign’s Russell Lewis, executive vice president of the company’s Naming and Directory Services Group complained that ICANN had not allowed “so much as a hearing” before formally asking for suspension of SiteFinder. He went on to state that ICANN’s objections related to “isolated and anecdotal issues”, constituting an attempt to regulate “non-registry services”.

This is an interesting comment from VeriSign as if SiteFinder is a non-registry service then it could potentially be regarded in some quarters as anti-competitive. There can only ever be one .com or .net registry. If the operator, with built-in dominance in the marketplace, uses the registry to provide revenue generating non-registry services, this looks suspiciously like abuse of a dominant position.

So where does this leave VeriSign? In ICANN’s Advisory, some sympathy was expressed with VeriSign’s concerns about the process for evaluation of proposed changes to the registry. Consequently, ICANN’s CEO Paul Twomey has asked for a new procedure to be created. The process of developing this policy should be completed by the middle of next January.

Meanwhile, many commentators will see this as yet another seminal moment in the development of Internet policy and governance as ICANN has finally proved it is able to enforce its authority when it believes that the stability of the Internet is affected by a registry operating under its contract.

Verisign Stands Firm Against Net Bodies

23 September 2003 /

Internet authority ICANN has ordered VeriSign – the operator of the .com and .net top level domains – to suspend its controversial use of wildcard DNS while it conducts an investigation into the system. But VeriSign has refused to stop, citing the need to collect and review the data arising so as to assess the impact of the changes.

VeriSign’s “Site Finder” service was introduced last week and resulted in users who mistyped certain domains in their browser being taken to a web site run by VeriSign, rather than receiving the usual error message. Site Finder suggested a list of related domains that the user may have been trying to reach and provided a directory of web sites, which included sponsored links and other advertising.

To enable the service, VeriSign used its position as registrar of .com and .net to create a “wildcard address record” so that all attempts to reach a site, except those with valid domain names, resulted in redirection to Site Finder. At the level of the Domain Name System, the service synthesizes records for non-existent domains when they are requested.

Consequences

Almost immediately after launch, VeriSign was inundated with complaints from Internet users who saw the move as an attempt to hijack web traffic that would otherwise result in an error message or redirection to a search service of the user’s choice. The main problems experienced include:

Instead of an error message in the appropriate native language, Internet users around the world saw VeriSign’s English language web site;

Failure of some spam filters that are designed to check for registered domains;

All email that was sent to non-existing domains was sent to VeriSign’s server to be bounced by them.

Other concerns were also raised, including that the system represented a single point of failure that could be targeted by hackers. Privacy concerns over monitoring of mistyped or misdirected email were brought up.

TLD operator comments

The Internet community was quick to condemn the move on these and other technical grounds, with Nominet – the .uk naming authority – reassuring UK Internet users that they would not consider introducing such a system in the UK. The French naming authority – AFNIC – responded in stronger terms, although not mentioning VeriSign directly, noting:

“…[wildcards] represent an abuse of power by registries who implement them for an entire zone…”

The matter was referred to ICANN – which has responsibility for the IP address space allocation and domain name system management. ICANN then asked the Internet Architecture Board (IAB) and its Security and Stability Advisory Committee for their comments.

IAB responds

The IAB has already reached its conclusion, noting:

“… [we] strongly suggest that the burden of proof in such cases should be on the registry to demonstrate that their intended use of wildcards will not pose a threat to stable operation of the DNS or predictable behaviour for applications and users.

We recommend that any and all TLDs which use wildcards in a manner inconsistent with this guideline remove such wildcards at the earliest opportunity.”

The IAB go on to note that many Internet Service Providers are adopting varying approaches; some are blocking VeriSign’s service while others are making patches to their systems to reverse the wildcard responses. Some are apparently following VeriSign’s lead in offering a similar system of their own. Because different ISPs are doing different things, the Internet has become rapidly less predictable than it was, or, as the IAB seem to be suggesting, the ‘principle of least astonishment’ has been violated.

Consultation

VeriSign’s move is significant both in terms of the technical changes that were made and that it shows that such changes can be implemented unilaterally with almost no official consultation with the Internet community. It is important to note that ICANN acted retrospectively – responding to VeriSign’s changes after the event, rather than supervising and approving major changes before they happened.

Meanwhile, VeriSign has formed an ‘independent technical review panel’ to determine the nature and extent of the operational impact of the development. In a letter from VeriSign’s Executive Vice President, Russell Lewis, VeriSign makes it clear that it has no intention of acceding to ICANN’s request that the service be voluntarily suspended.

Some commentators have indicated that VeriSign’s refusal places the Internet in a governance crisis as the response arguably amounts to a challenge to ICANN’s authority. Both the search engine service Netster and the domain name registrar Go Daddy have decided on more direct action, having taken court proceedings against VeriSign under antitrust law.

This perhaps is a good illustration of the fact that structures which oversee Internet policy and governance are still in their infancy and there will inevitably be changes and developments to the ways in which the Internet is run that will affect all Internet users.

Unless ICANN grasps the nettle and reasserts its authority there is good reason to believe that the operators of top level domains can take similar actions without resort to ICANN’s consensus-driven policy development processes. ICANN would thereby run the risk of becoming increasingly irrelevant to, and detached from, what actually happens on the Internet.

.Org Operator Condemns Verisign’s Site Finder

23 September 2003 /

The Public Interest Registry (PIR) operator of the .org top level domain, have announced their opposition to VeriSign’s deployment of the domain name system wildcard service – “Site Finder”.

The VeriSign wildcard redirects traffic that would otherwise have resulted in a “no domain” response to a VeriSign-operated website with search results and links to paid advertisements. (see: VeriSign stands firm against net bodies)

In a letter to Dr. Paul Twomey, President & CEO of the Internet Corporation for Assigned Names and Numbers (ICANN) PIR urged ICANN to take whatever remedial action was needed to remove Site Finder from the DNS.

“Such an action, emphasizing the central responsibility of all service providers, would be an important step in preserving the openness and accessibility of the Internet,” explained PIR Board Chairman David W. Maher.

Maher also promised that PIR would not offer an equivalent service in the .org space, noting:

We believe that any such efforts to alter the TLD DNS systems, of which the VeriSign Site Finder appears to be the most prominent example, adversely affect the Internet infrastructure and the entire Internet community…Internet services such as the WWW and e-mail rely on DNS to function, and there should be no interference with the established protocols until there is complete assurance of no negative impact on the DNS.

Concluding his letter, Maher recommended in robust terms that ICANN should use its position to force VeriSign to stop using Site Finder:

…we urge ICANN to take whatever remedial action is needed to remove all “wildcard” DNS systems, including VeriSign’s Site Finder, from the DNS. Such action, emphasizing the central responsibility of all service providers, would be an important step in preserving the openness and accessibility of the Internet.

These comments are significant given the force of the opposition from PIR – who are, after all, the Internet’s third largest generic top level domain (behind .com and .net) – housing over 2.9 million domain names worldwide.

However, it remains to be seen how ICANN will respond.

© Tim Brown

This is a personal site. The views expressed are my own.

© 2026 Tim Brown

Theme by Anders NorénUp ↑