Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
GoDaddy’s GlobalBlock supports blockchain names
GoDaddy’s Brand Safety Alliance has finally released the list of TLDs supported by its new GlobalBlock brand protection service, and it’s notable for including a couple dozen extensions that aren’t real TLDs at all.
Formally announcing its launch today, the company said GlobalBlock will initially allow trademark owners and others to block their marks and variants in about 600 “extensions” and published the list on its web site.
The term “extension”, as opposed to “TLD”, is important, as the headline number seems to count zones where names are registerable at the third level — so .bar.pro and .cpa.pro and .com.cx and .net.cx, for examples, are individually counted.
I count a total of 457 TLDs on the currently published list, of which 27 are distinct ccTLDs.
But I also about 20 strings that aren’t real TLDs. As well as pseudo-gTLD .it.com, a lot of supported extensions appear to on blockchain naming systems such as Unstoppable Domains (proving, once again, that Unstoppable chose entirely the wrong brand for its service).
The blockchain TLDs currently listed are: .altimist, .anime, .binanceus, .bitcoin, .blockchain, .crypto, .dao, .go, .hi, .klever, .kresus, .manga, .nft, .polygon, .pudgy, .unstoppable, .wallet, .x and .zil.
About 270 of the real gTLDs on the list belong to Identity Digital, with GoDaddy Registry accounting for about 35.
Google Registry has 28 gTLDs on the list, seven of which aren’t even publicly available yet, such as .search and .map. This in either incredibly cheeky — selling blocks in TLDs in which cybersquatting is literally impossible — or a sign that Google plans to release more of its dormant gTLD inventory soon.
Other registries with multi-TLD representation on the list include Global Registry Services, GMO Registry, Internet Naming Co, ZACR and Nominet (though, while .wales and .cymru are currently listed, .uk is not).
Notable by their absence are portfolio registries Radix, XYZ and ShortDot.
UPDATE: This story was updated several hours after publication to remove the reference to Handshake. Unstoppable Domains is the only blockchain naming system to so far be in the GlobalBlock ecosystem.
Dueling domain blocking services to launch at ICANN 79
Norwegian startup NameBlock is set to launch its suite of brand protection and domain security services later this week, with a somewhat different take on the market to its primary competitor.
Recently appointed CEO Pinky Brand tells me the company plans to formally launch March 1, the day before the ICANN 79 public meeting begins in Puerto Rico.
The company is coming out with two services to begin with — BrandLock, which allows trademark owners to block their marks across multiple TLDs, and AbuseShield, which blocks hundreds of variant domains that are considered at the most risk of abuse.
BrandLock is perhaps most directly comparable to the DPML service offered by Identity Digital, GoDaddy’s AdultBlock, and the multi-registry GlobalBlock service that is also due to formally launch in San Juan next week.
The service requires the buyer to own a verified trademark, and the exact match of that mark will be blocked over a multitude of ccTLDs and gTLDs. Brand said reseller partners may choose to bundle different TLDs thematically or offer them as one-offs.
He said he expects it to retail for $40 to $50 per domain per year, so presumably makes the most sense for the more-expensive TLDs or for buyers who have other reasons to want a block rather than a defensive registration.
The value proposition seems a lot clearer for AbuseShield, which is notable for not requiring a trademark to get protection — it’s more of a security pitch than a brand-protection story.
Under AbuseShield, when a registrant buys a name in a participating TLD, they will be given the option to pay to block a couple hundred potentially abusive variant domains in that same TLD, for a far lower cost than they’d pay to defensively register them individually.
Using data from NameBlock’s majority shareholder iQ Global, the company identifies homographic variants and common “abuse prefixes” — strings such as “login” and “https” — to compile a list of domains to be blocked. A feature called VariantCatcher will automatically block already-registered risky domains at the registry when they expire, for no extra cost.
“We want to make the abuse prevention market much, much wider than it has been before,” Brand said. “You’d pay $89 to $129 a year the block the 100 to 250 variations that we know are most likely to be used by someone to do you harm.”
At first, the service will be available through NameBlock resellers, currently those registrars focused on corporate services, but the company plans to make an API available in a few months that will let retail registrars offer the service as an up-sell in their storefront.
At launch, NameBlock has around 15 resellers, such as MarkMonitor, CSC, 101Domain, Encirca and Gandi, Brand said. Registries for about a dozen TLDs will be on board, but Brand said he expects this to grow to 40 to 50 in a couple months.
CoCCA which makes registry software used by 57 ccTLDs, has already announced its support for NameBlock’s services.
Elsewhere at ICANN 79, you’ll find the Brand Safety Alliance, a GoDaddy-led initiative purveying the new GlobalBlock service, which is more of brand-protection play
As I’ve previously blogged, because portfolio registries GoDaddy and Identity Digital are involved, GlobalBlock can provide blocking coverage in hundreds of TLDs — over 560 at the current count — with prices starting at about $6,000 a year retail.
While GlobalBlock and NameBlock are certainly operating in the same space, there appears to be enough variation between the two services that the market might be able to support both.
UK gov takes its lead from ICANN on DNS abuse
The UK government has set out how it intends to regulate UK-related top-level domain registries, and it’s taken its lead mostly from existing ICANN policies.
The Department for Science, Innovation and Technology said last year that it was to activate the parts of the Digital Economy Act of 2010 that allow it to seize control of TLDs such as .uk, .london, .scot, .wales and .cymru, should those registries fail to tackle abuse in future.
It ran a public consultation that attracted a few dozen responses, but has seemingly decided to stick to its original definitions of abuse and cybersquatting, which were cooked up with .uk registry Nominet and others and closely align to industry norms.
DSIT plans to define abuse in the same five categories as ICANN does — phishing, pharming, botnets, malware and vector spam (spam that is used to serve up the first four types of attack) — in its response to the consultation, published yesterday (pdf).
But it’s stronger on child sexual abuse material than ICANN. While registries and registrars have developed a “Framework to Address Abuse” that says they “should” take down domains publishing CSAM, ICANN itself has no contractual prohibitions on such content.
DSIT said it will require UK-related registries to have “adequate policies and procedures” to combat CSAM in their zones. The definition of CSAM follows existing UK law in being broader than elsewhere in the world, including artworks such as cartoons and manga where no real children are harmed.
DSIT said it will define cybersquatting as “the pre-emptive, bad faith registration of trade marks as domain names by third parties who do not possess rights in such names”. The definition omits the “and is being used in bad faith” terminology used in ICANN’s UDRP. DSIT’s definition includes typosquatting.
In response to the new document, Nominet tweeted:
The response highlights that Government recognises the work registries already do to support law enforcement agencies prevent the registration of domains to carry out illegal activity and "expect the existing voluntary arrangements to be used as the first port of call".
— Nominet (@Nominet) February 23, 2024
DSIT said it will draft its regulations “over the coming months”.
Freenom settles $500 million Meta lawsuit and will exit domain business
Facebook has claimed another domain industry scalp. Freenom said this week it has settled the cybersquatting lawsuit filed against it by Meta last year, and that it is getting out of the domain name business.
The registry/registrar said in a brief February 12 statement (pdf) that it will pay Meta an undisclosed sum and has “independently decided to exit the domain name business”.
Just how “independent” that decision was is debatable. The company lost its ICANN registrar accreditation last year and is believed to have lost its government contracts to run the ccTLDs for Equatorial Guinea, Central African Republic, Mali, Gabon, and possibly also Tokelau, its flagship .tk domain.
Meta had claimed in its complaint that Freenom had typosquatted its trademarks thousands of times, including domains such as faceb00k.ga. It sued for 5,000 counts under US anti-cybersquatting law, seeking $100,000 for each infringement, for a cool half-billion bucks in total.
Freenom and its network of co-defendant affiliates said in their defense that Meta had access to an abuse API that allowed it to turn off such domains, but had never used it. It also claimed many of the cited typosquats had already been shut down by the time the suit was filed.
It seems the names in question were likely those registered by abusive third-parties that were reclaimed and monetized by Freenom under its widely criticized free-domains business model, which made its TLDs some of the world’s most-abused.
But the claims on both sides evidently will not be tested at trial. The last court filing, dated late December, showed the two parties were to enter mediation, and Freenom put out the following statement this week:
Freenom today announced it has resolved the lawsuit brought by Meta Platforms, Inc. on confidential monetary and business Terms. Freenom recognizes Meta’s legitimate interest in enforcing its intellectual property rights and protecting its users from fraud and abuse.
Freenom and its related companies have also independently decided to exit the domain name business, including the operation of registries. While Freenom winds down its domain name business, Freenom will treat the Meta family of companies as a trusted notifier and will also implement a block list to address future phishing, DNS abuse, and cybersquatting.
Meta said in its Q4 Adversarial Threat Report this week that the settlement showed its approach to tackling DNS abuse is working.
Freenom’s gTLD domains have been transferred to Gandi. It’s less clear what’s happening to its ccTLD names, though social media chatter this week suggests the company has been giving registrants in affected ccTLDs nine-year renewals at no cost.
First GlobalBlock prices revealed — they ain’t cheap
Trademarks owners, organizations and celebrities could find themselves paying the thick end of ten grand for the “peace of mind” offered by the new GoDaddy-led GlobalBlock trademark protection service.
101domain, which often has some of the least-expensive pricing, has become the first registrar to publish its prices for the domain-blocking service, which entered beta this week.
The base GlobalBlock service, which offers single-string blocking in 560 gTLDs and ccTLDs, is going for $5,999 per year, according to the 101domain storefront. The GlobalBlock+ version, which covers potentially tens of thousands of variants and typos, starts at $8,999 a year.
None of the other 20 approved GlobalBlock resellers I checked are currently publishing prices.
Some simple division shows us that the basic service works out to roughly $10.71 per domain per year — a bit more than Verisign will charge for a wholesale .com when its prices go up later this year — but the average per-domain cost should go down as more registries sign up to GlobalBlock.
With the GlobalBlock+ service offering to block 50,000 domains or more, the per-domain price obviously shrinks to pennies.
GlobalBlock is offered by the Brand Safety Alliance, a GoDaddy initiative, but it has support from the likes of Identity Digital, which has hundreds of gTLDs in its stable. Dozens of gTLD registry operators have recently asked ICANN’s permission to offer GlobalBlock and rival offering NameBlock.
The BSA has previously said it expects to launch with over 650 TLDs on board. A calculator on its web site suggests 511 are currently operational, but it has not yet named the participating TLDs.
Donald Trump loses second UDRP case
Former US president Donald Trump has lost a second cybersquatting case related to his Mar-a-Lago resort, where he lives in Florida.
A three-person WIPO panel late last month ruled that DTTM Holdings, which has owned a trademark on the term Mar-a-Lago since 1997, had failed to show that the registrant of maralago.com, Michael Gargiulo, did not have a legitimate interest in the domain.
Gargiulo, an investor who bought the domain from a third party in 2021, had argued that “mar a lago” is a generic term, meaning “sea to lake” in Spanish and other languages. He also said it could mean the personal name “Mara Lago”.
DTTM failed to convince the WIPO panel otherwise. It ruled (pdf) that “the Complainant was unable to provide persuasive specific evidence to overcome the Respondent’s arguments”. It did not rule on whether the registration was made in bad faith.
It’s the second Mar-a-Lago case DTTM has lost recently. Late last year it lost a UDRP complaint against a company called Marq Quarius (from which Gargiulo acquired maralago.com) over the domain mar-a-lago.com.
The single panelist in the earlier case (pdf) ruled that while the registrant’s defense (that the three words in the domain corresponded to the names of dead pets) strained credulity, there was no evidence of bad-faith cybersquatting.
Trump uses maralagoclub.com for the club’s official web site.
UK cybersquatting complaints hit record low
There were fewer cybersquatting complaints filed against .uk domain holders in 2023 than in any other year since Nominet started reporting its annual stats, according to the latest annual Nominet DRS report.
There were just 511 complaints filed last year, down from 568 in 2022, according to the latest report. That’s the lowest number for at least the last 14 years Nominet has been reporting its annual DRS stats. The highest number was 728, in 2015.
Just 48% of cases resulted in a domain being transferred to the complainant (compare to the 82% WIPO reported for its UDRP cases in 2023), up from 43% in 2022, Nominet said.
The number of disputed domains was 680, down from 745 in 2022, but the number of domains in .uk complained about rocketed from 26 to 122, the second-highest level since Nominet opened the second level for direct registrations a decade ago.
The number of disputed .co.uk domains was down from 686 in 2022 to 538 in 2023.
The decline in cybersquatting complaints come as .uk as a whole continues to shrink. The second and third levels combined lost a net 366,778 domains in 2023, ending December at 10,732,479 domains, according to Nominet stats.
.ai helps UDRP cases rise in 2023, WIPO says
The number of cybersquatting cases filed with the World Intellectual Property Organization increased 7% in 2023, WIPO said this week.
The total UDRP filings, 6,192, includes national ccTLD variations that WIPO handles but not UDRP filings with other providers.
WIPO said that 82% of cases resulted in the domain being transferred to the complainant, with the complaint being denied in just 3% of cases.
The organization does not publish data on Reverse Domain Name Hijacking findings, but RDNH.com, which tracks these things, shows 31 RDNH finding at WIPO in 2023.
.com accounted for 80% of complaints. WIPO said that the most complained-about ccTLDs were .co (Colombia), .cn (China), .mx (Mexico), .au (Australia) and .ai (Anguilla).
Perhaps unsurprisingly, given its rapid growth in registrations, Anguilla’s .ai saw a sharp uptick in UDRP filings last year, up from just four in 2022 to 43 in 2023, according to the WIPO web site.
Meta given 30 days to stop using Threads trademark
A small UK software firm has given Facebook owner Meta, well known in the domain industry for pursuing cybersquatters, 30 days to stop using the brand name “Threads” or face legal action.
Meta launched a Twitter clone called Threads back in July and quickly gathered over 100 million users (since declining to eight million daily active users), but Threads Software of London says its UK trademark dates back to 2012.
“Threads Software Limited and its lawyers have today (30 October) written to Meta’s Instagram giving it 30 days to stop using the name Threads for their service in the UK. If it does not, Threads Software Limited will seek an injunction from the English Courts,” the company said in a press release (pdf).
The company further claimed that Meta’s lawyers have tried to buy the domain threads.app from it four times this year but were turned down each time. Meta is using threads.net, Threads Software uses threads.cloud.
Threads Software says it operates a service that “captures, transcribes, and organises all of a company’s digital messages (emails and phone calls) into one easily searchable database”.
Managing director John Yardley said in the press release: “We recognise that this is a classic ‘David and Goliath’ battle with Meta. And whilst they may think they can use whatever name they want, that does not give them the right to use the Threads brand name.”
“We want them to stop using the Threads name with immediate effect. If they do not, we will seek an injunction from the UK courts,” he added.
The irony here is of course that Meta owns some of the most-cybersquatted brands out there and is one of the most litigious enforcers of its intellectual property.
Government to regulate UK-related domain names
The UK government is to trigger a law that would allow it to take control of .uk, .wales, .cymru, .scot and .london if their registries get thoroughly abused and they fail to do anything about it.
The Department for Science, Innovation and Technology said today it is to activate (or “commence”) the parts of the Digital Economy Act of 2010 that give it the power to appoint a new manager for any “UK-related” TLDs.
DSIT would only be able to exercise these powers if the registry in question had let DNS abuse or cybersquatting run amok and failed to follow government orders to fix it. I don’t believe any of the affected registries are currently in such a state.
The government has now launched a consultation, running until the end of August, to get industry and public feedback on its definitions of abuse and what it called “unfair domain use”, meaning cybersquatting.
Nominet, which runs .uk, .wales and .cymru, said in a statement:
The proposed prescribed requirements are consistent with Nominet’s current voluntary procedures, which Government has made clear it believes Nominet operates in a perfectly satisfactory manner. As the Government has had a reserve power to “step in” ever since the DEA was introduced, the purpose of the new provisions is to give Government a formal mechanism to do so, should it ever be required. Our understanding is that Government is enacting these provisions now to ensure the UK meets international best practice on governance of country code top-level domains in line with key global trading partners and future global trading commitments.
Based on my first read, I expect registries and registrars will think it looks generally pretty palatable. It seems DSIT has followed ICANN and the industry’s lead in terms of what qualifies as abuse, and Nominet said in a statement tonight that all three affected registries have been meeting with DSIT to craft the consultation.
Domain investors may take issue with the precise wording of the cybersquatting definition, however.
The definitions of abuse cover the industry standard five bases: malware, phishing, botnets, pharming and spam (insofar as it facilitates any of the other four) and cybersquatting is defined thus:
the pre-emptive, bad faith registration of trade marks as domain names by third parties who do not possess rights in such names. This includes ‘typosquatting’, when an end user takes advantage of common misspellings made by Internet users who are looking for a particular site or a particular provider of goods or services, in order to obtain some benefit.
Domainers will notice the document talks about “bad faith registration”, whereas UDRP talks about bad faith “registration and use”, which is sometimes an important edge-case distinction in cybersquatting disputes. Nominet’s DRS uses bad faith registration “or” use.
Where the consultation gets vague, and the potential for debate arises, is when it talks in general, high-level terms about how dispute resolution procedures should be designed.
Failure to deal with child sexual abuse material, as defined in the Convention on the Rights of the Child, in an affected TLD could also result in the government appointing a new registry.
The four gTLDs affected by the legislation all are considered geographic under ICANN rules and had to secure local government support when they applied for their strings. ICANN has a contractual right to terminate them if that government says so.
After the consultation is complete, DSIT intends to make its definitions law through secondary legislation.
This post was updated shortly after publication to add Nominet comments.
Recent Comments