ICANN content policing power grab may be dead

A move by ICANN to grant itself more formal “content policing” powers may be dead, after the community was split on the issue and governments failed to back the move.

The Governmental Advisory Committee yesterday sent comments essentially opposing, for now at least, the idea of ICANN reforming its bylaws to give it more powers over internet content, making it very unlikely that ICANN would be able to get such amendments approved by its community overseers.

The comments came a few days after ICANN extended the deadline for responses to a December 2023 consultation on whether applicants in the next new gTLD round should be able to sign up to so-called Registry Voluntary Commitments that regulate content in their zones.

RVCs would be an appendix to ICANN Registry Agreements which would commit a registry to, for example, ban certain types of registrant or certain types of content from domains in their gTLDs.

They’re basically a rebadged version of the Public Interest Commitments found in RAs from the 2012 round, in which the likes of .sucks agreed to ban cyberbullying and .music agreed to ban piracy.

But they’ve got ICANN’s board and lawyers worried, because the Org’s bylaws specifically ban it from restricting or regulating internet content. They’re worried that the RVCs might not be enforceable and that ICANN may wind up in litigation as a result.

ICANN has therefore proposed a framework (pdf) in which RVCs would be enforced by ICANN only after an agreed-upon third-party auditor or monitor found that a registry was out of compliance.

The board sent out several pages of questions to all of its Supporting Organizations and Advisory Committees in December, asking among other things whether the bylaws needed to be amended to clarify ICANN’s role, but the responses were split along traditional lines.

Registries and registrars were aligned: there’s no need for a bylaws change, because ICANN should not allow RVCs that regulate content into its contracts at all.

“ICANN should maintain its existing bylaws which exclude content from its mission, and allowing any changes to this could be a slippery slope opening ICANN to becoming a broader ‘content police’,” the Registrars Stakeholder Group said in its response, giving this amusing example:

An example of a content restriction is provided in the proposed implementation framework for .backyardchickens (e.g. no rooster-related content). Restricting rooster-related content would require a significant amount of policing, and could even prohibit valuable content that would benefit such a TLD. For example, a backyard hen farmer might want to promote the pedigree lineage of the roosters that helped sire the hens, show pictures of the roosters that were the fathers, etc. All of this could in theory be prohibited,but would also require review and subjective analysis. This would be a very slippery slope for ICANN, and a substantial departure from its mission. Restricting rooster content would then put ICANN in the place of enforcing laws that prohibit backyard roosters, rather than relying upon the competent government authorities charged with overseeing residential animal husbandry.

The Non-Commercial Stakeholders Group was more strident in its tone, even raising the possibility of legal action if ICANN went down the content policing route, saying “the best way for the Board to address content-related PICs and RVCs is to make it clear that it will reject them categorically.” It added:

The prohibition on content regulation in ICANN’s mission is extremely important and very clear. Mission limitations were a critical part of the accountability reforms that were required before ICANN would be released from US government control in 2016… NCSG will mount a legal challenge to any attempt to dilute this part of the mission.

The opposing view was held by the Business Constituency, the Intellectual Property Constituency, and the At-Large Advisory Committee, which is tasked with representing the interests of ordinary internet users.

They all said that ICANN should be able to allow content-related RVCs in registry contracts, but the IPC and BC said that no bylaws amendment is needed because the bylaws already have a carve-out that enables the Org to enforce PICs in its agreements. The ALAC said a bylaws amendment is needed.

“There is a distinction between ICANN regulating, i.e imposing ‘rules and restrictions on’ services and content, versus the registry operator voluntarily proposing and submitting to such rules and restrictions,” the IPC wrote.

“There is also a distinction between ICANN directly enforcing such rules and restrictions on third parties, i.e. registrants, versus ICANN holding a registry operator to compliance with the specifics of a contractual commitment,” it added.

The last community group to submit a response, fashionably late, was the GAC, which filed its response yesterday having reviewed all the other responses submitted so far. The GAC arguably has the loudest voice at ICANN, but its comments were probably the least committed.

The GAC said that ICANN should only go ahead with a bylaws amendment if it has community backing, but that the community currently lacks consensus. It said, “at this stage there are not sufficient elements to justify commencing a fundamental bylaws amendment to explicitly enable the enforcement of content-related restrictions”.

However, the GAC still thinks that RVCs “will continue to serve as tools for addressing GAC concerns pertaining to new gTLD applications during the next round” and that it wants them to be enforceable by ICANN, with consequences for registries found in breach.

The GAC said that it “will continue to explore options to address this important question”.

This all means that ICANN is a long way from getting the community support it would need to push through a bylaws amendment related to content policing. That’s considered one of the “Fundamental Bylaws” and can only be changed with substantial community support.

Such amendments require the backing of the Empowered Community. That’s the entity created in 2016 to oversee ICANN after it severed ties with the US government. It comprises individuals from five groups — the GAC, the GNSO, the ccNSO, the ALAC and the Address Supporting Organization.

For a fundamental bylaws amendment to get over the line, at least three of these groups must approve it and no more than one must object.

With the GNSO, given its divisions, almost certainly unable to gather enough affirmative votes, the GAC seemingly on the fence, and the ASO and ccNSO recusing themselves so far, only the ALAC looks like a clear-cut yes vote on a possible future bylaws amendment.

Perhaps that’s why ICANN chair Tripti Sinha has written to the ASO and ccNSO in the last few days to ask them whether they’d like to think again about ducking out of the consultation, giving them an extra two weeks to submit comments after the original March 31 deadline.

The ccNSO handles policy for country-code domains and the ASO for IP addresses. Both have previously told ICANN that gTLD policy is none of their business, but Sinha has urged them both to chip in anyway, because “the ICANN Bylaws govern us all”.

GoDaddy’s next .xxx contract may not be a done deal

ICANN has published what could be the next version of GoDaddy’s .xxx registry contract, and is framing it as very much open to challenge.

The proposed Registry Agreement would scrap the “sponsored” designation from .xxx, substantially reduce GoDaddy’s ICANN fees, and implement the strictest child-protection measures of any gTLD, as well as make ICANN Compliance’s job a lot easier by standardizing terms on the new gTLD program’s Base RA.

But, as eager as ICANN usually is to shift legacy, pre-2012 gTLDs to the Base RA, this time it’s published the contract for public comment as if it’s something GoDaddy is unilaterally proposing.

It’s “ICM’s proposal”, according to ICANN’s public comment announcement, referring to GoDaddy subsidiary ICM Registry, and “ICM has requested to use the Base Registry Agreement form, as well as to remove the sponsorship designation of the .XXX TLD”.

This is not the language ICANN usually uses when it publishes RA renewals for public comment. Normally, the proposed contracts are presented as the result of bilateral negotiations. In this case, ICANN and ICM have been in renewal discussions for at least three years, but the contract is being presented as something GoDaddy alone has asked for.

The new RA would remove almost all references to sponsorship and to IFFOR, the pretty much toothless “sponsor” organization ICM created to get its .xxx application over the line under the rules of the Sponsored TLD application round that kicked off back in 2003.

Instead, it loads a bunch of Public Interest Commitments, aimed at replicating some of the safeguards IFFOR oversight was supposed to provide, into the Base RA.

GoDaddy would have to ban and proactively seek out and report child sexual abuse material. It would also prohibit practices that suggest the presence of CSAM, such as the inclusion of certain unspecified keywords in .xxx domains or in the corresponding web site’s content or meta-content.

(ICANN notes that these PICs may become unenforceable, depending on the outcome of current discussions about its ability to enforce content-related terms of its contracts).

GoDaddy and IFFOR have both submitted letters arguing that sponsorship is no longer required. The existence of sister gTLDs .adult, .sex, and .porn as unsponsored gTLDs, also in the GoDaddy Registry stable, proves the extra oversight is not needed, they say. Registrants polled do not object to the changes, they say.

GoDaddy’s cost structure would also change under the new deal. Not only would it save $100,000 a year by cutting off IFFOR, but it would also inherit the Base RA’s 50,000-domain threshold for paying ICANN transaction fees.

This likely means it won’t pay the $0.25 transaction fee for a while — .xxx was at about 47,500 domains under management and shrinking at the last count. It hasn’t reported DUM over 50,000 since January 2023.

While the renewal terms may seem pragmatic and not especially unreasonable, they’ve already received at least one public objection.

Consultant Michael Palage, who was on the ICANN board for the first three years of .xxx’s agonizing eight-year path to approval, took to the mic at the ICANN 79 Public Forum earlier this month to urge the board to reject GoDaddy’s request.

Palage said there have been “material violations of the Registry Agreement” that he planned to inform ICANN Compliance about. He added that approving the new deal would set a bad precedent for all the other “community” registries ICANN has contracts with.

The situation has some things in common with the controversy over the proposed acquisition of Public Internet Registry and .org a few years ago, in that the proposal entails ignoring promises made by a registry two decades ago.

Whether .xxx will attract the same level of outrage is debatable — this deal doesn’t involve nearly as many domains and does not talk to the price registrants pay — but it could attract noise from those who believe ICANN should not throw out its principles for the sake of a quieter life.

One place we might look for comment is the Governmental Advisory Committee, which was the biggest reason .xxx took so long to get approved in the first place.

But the timing of the comment period opening is interesting, coming a week after ICANN 79 closed. It will end April 29, about six weeks before the full GAC next meets en masse, at ICANN 80.

It’s not impossible that the new contract could be approved and signed before the governments get a chance to publicly haul ICANN’s board over the coals.

ICANN 79: anonymous trolls and undercover lawyers

Transparency, an ICANN watchword since day one, was a noticeable thematic undercurrent at the community’s 79th public meeting in Puerto Rico last week.

The problem of lawyers representing unnamed clients in policy-making groups was raised in several fora, while another section of the community seems to have separately been infiltrated by the same kind of anonymous trolls that plagued ICANN during its infancy.

Governments were especially keen that the GNSO clean house by tightening up its disclosure rules, following an abortive attempt at reform at the Hamburg meeting last October, and they found allies in the Contracted Parties House, which had killed off the reform after deciding it did not go far enough.

Under the current GNSO rules of engagement, everyone who volunteers to participate in policy-making has to file a Statement of Interest, disclosing information such as their employer, community group affiliations, and so on. Among other things, volunteers are asked:

Do you believe you are participating in the GNSO policy process as a representative of any individual or entity, whether paid or unpaid? Please answer “yes” or “no.” If the answer is “yes,” please provide the name of the represented individual or entity. If professional ethical obligations prevent you from disclosing this information, please so state.

The exemption is believed to be designed primarily for American lawyers in private practice, some of whom say they may sometimes be ethically prevented from disclosing the identity of their clients.

But this creates problems for community volunteers, and for the rest of us.

For policy-makers: sometimes, in a working group, you won’t know who you’re really arguing with. The guy opposite, in the expensive suit who keeps inexplicably rubbing her nostrils, could be a mouthpiece for almost any corporation, industry association, or government.

For the rest of us: we don’t know who is really making the policies that impact how domain names are sold, managed, and regulated. Those may seem trivial issues in the grand scheme of things, but they touch on issues such as free speech, data privacy, and how much money comes out of your pocket when you buy a domain.

An attempt last year by the GNSO to update its SOI rules was shot down by the Contracted Parties House because the proposed changes kept the lawyer disclosure exemption.

The Non-Contracted Parties House gave the changes their unanimous approval.

The GNSO Council Committee for Overseeing and Implementing Continuous Improvement, which came up with the changes, looked at 351 SOIs from two recent large policy working groups and found that “a maximum of 0.03% members were making use of the exemption.”

I think that means just one person.

But the scale of the issue is irrelevant compared to the principle, according to some.

Swiss GAC rep Jorge Cancio noted during a session with the CPH last week, “even if there’s a very small number of cases where people use some exceptions for not explaining whom they are working for, even if it’s just 10 people out of 1,000 participants, this already tarnishes the whole of the system”.

Registries Stakeholder Group chair Sam Demetriou concurred: “We believe in and we are strong supporters of the multistakeholder model, but in order for a model to be multistakeholder, you need to know who those stakeholders are. It is inherent in the entire system and the definition.”

The GAC’s position is that everyone participating in policy-making needs to be up-front about their interests, in accordance with global norms. In a session with the GNSO Council, UK rep and vice-chair Nigel Hickson urged the GNSO to sort out the SOI issue before ICANN meets again, set for Kigali this June, because ministers will be present, wanting answers.

Separately at ICANN 79 last week, there was a parallel debate going on about whether a group affiliated with ICANN should force its members to even file SOIs at all.

The Universal Acceptance Steering Group isn’t technically an ICANN body — a Supporting Organization or Advisory Committee — but it is funded and supported by ICANN and carries out ICANN work. It’s been around since 2015 but so far hasn’t required members to submit SOIs.

As anyone who attended or remotely lurked on the ICANN 79 Public Forum last week will know, the UASG came in for a lot of criticism, mostly from remote participants, some of whom have managed to pull off the near-miraculously impressive achievement of having a non-existent Google footprint.

I’m not of course suggesting that some of the people in the Public Forum chat room were trolls using pseudonyms, but… actually, yes, that is what I am suggesting.

These participants had beef with the UASG for imposing a new strict SOI requirement — rules coming into force right now give participants a few months to file their SOIs or get kicked off the UASG mailing list — and suggested UASG leadership had broken with ICANN rules by unilaterally imposing the requirement.

Said mailing list is notable for being lightly used, but with occasional traffic spikes, usually during discussions of anything related to elections or UASG leadership, from participants using free webmail addresses and often what appear to be joke names (Yisrael Memshelet, really?).

Sometimes, these participants have helped steer the mailing list discussion, and at least one question from an aforementioned Google-resistant remote participant was read out at last week’s Public Forum and responded to (kinda) by a board member. ICANN received so many remote UASG questions during the Public Forum that it said it would provide a consolidated written response after the meeting.

It seems ICANN is suffering from twin related transparency problems right now — lawyers who don’t want to reveal their clients, and trolls who don’t want to reveal their identities — neither of which is ideal for its legitimacy.

Governments back down on new gTLD next round delay

ICANN’s Governmental Advisory Committee has decided not to force the Org to pay for a independent cost/benefit analysis of the new gTLD program, removing the potential for timeline friction ahead of the planned 2026 next-round launch.

In its latest communique, published following the ICANN 79 meeting in Puerto Rico last week, the GAC has essentially told ICANN that it broke its bylaws by not following eight-year-old GAC advice, but meh, whatever, just don’t do it again.

As I reported last week, governments had grown concerned that ICANN had not delivered the “objective and independent analysis of costs and benefits” of the new gTLD program that the GAC had asked for in 2016. Such an analysis was supposed to be a prerequisite for the next round going ahead.

What ICANN had delivered instead was a relatively hastily prepared summary of the next round’s policy recommendations, Org’s analysis of these recommendations, and the community-led review of competition, consumer protection and trust issues, the CCT review.

The Puerto Rico communique says that this response “cannot be considered to constitute a cost-benefit analysis, nor to be objective and independent” but that the GAC does not wish to throw up a road-block to the next round going ahead on schedule. It reads:

The GAC recognizes that the Community (with involvement of the GAC) is taking forward the next round of new gTLDs and has set a corresponding timeline. The GAC, therefore, believes that conducting further analysis at this stage would not serve the intended purpose.

The GAC encourages the Board to ensure that GAC advice, which the Board has accepted, is effectively implemented and its implementation is communicated to the GAC.

GAC chair Nicolas Caballero of Paraguay summarized it as the committee telling the ICANN board “we’re not aiming by no means at stopping the next round or anything like that, but that we want to be taken seriously”.

The original draft of the communique, drafted by Denmark, the US, the UK and Switzerland delegations, also contained text noting that the analysis ICANN provided was written by staff or community stakeholders, who were neither independent nor objective, but this was removed during a drafting session last week after objections from Iran, whose rep said it sounded too critical of the multistakeholder process.

It seems ICANN, and others who stand to make a lot of money from the new gTLD program, have dodged a bullet here, with the GAC essentially backing away and backing down from its potentially delay-causing previous demands.

GAC spinning up new gTLD curveball at ICANN 79?

ICANN’s Governmental Advisory Committee had a habit of throwing delaying curveballs before and during the 2012 new gTLD application round, and it might be planning a repeat performance before the upcoming 2026 round.

The GAC today assembled at ICANN 79 in Puerto Rico to discuss the latest developments in planning for the next round, and a major concern emerged around ICANN’s response to its request for a cost/benefit analysis.

The GAC had first asked for such an analysis at the Helsinki meeting in 2016, but after the ICANN 78 Hamburg meeting last October noted that it had still not received one.

At ICANN 56, the GAC had asked that an “objective and independent analysis of costs and benefits… drawing on experience with and outcomes from the recent round” should be a prerequisite for a next round going ahead.

After its Hamburg reminder, ICANN threw together a summary (pdf) of three existing documents that it presumably hoped would check that box and shush the GAC or give the GAC an excuse to shush itself.

The documents were the report of the Competition and Consumer Trust Review Team, the Subsequent Procedures PDP Working Group Final Report (which created the policy recommendations for the next round) and ICANN’s Operational Design Assessment of SubPro (which talked about how ICANN would implement those recommendations).

It was a pretty flimsy response, and GACers weren’t buying it, pointing out today that the three documents in question were all produced by the ICANN community or ICANN staff and couldn’t really be said to be “objective and independent”. Nor could they be said to amount to an “analysis of costs and benefits”.

“I had the pleasure to read through the report, and see whether it’s a cost/benefit analysis, and whether it’s an objective and independent analysis,” the GAC rep from Denmark said. “And I must say that my answer or reply to those questions would be no, and a big no.”

Other GAC members in Europe and North America seemed to agree that either the cost/benefit analysis they had asked for still hadn’t been delivered and that perhaps it wouldn’t be great for the GAC’s credibility if it didn’t press the issue.

The UK rep, who was chairing the session, observed that GAC members’ higher-uppers in government, such as ministers, sometimes ask what economic impact gTLD expansion might have and that an answer might be useful.

The contrarian opinion came, as it so often does, from Iran, whose rep suggested that a cost/benefit analysis might be pointless and maybe the GAC should just put the issue to bed.

What happens if the analysis shows the costs outweigh the benefits, he asked, should ICANN just scrap the next application round and 13 years of policy work?

It seems a request for ICANN to pay for an independent cost/benefit analysis of the new gTLD program could make its way into the GAC’s formal advice-delivering communique later in the week, potentially throwing friction into the roll-out of the next round.

In my opinion, there is no real answer to the question of whether the new gTLD program is a net benefit.

Beyond the billions of dollars of economic activity that will be created, whether it’s beneficial is purely a subjective opinion, and paying a bunch of overpriced consultants to wave their hands in the air for a year before spitting out the 300-page PDF equivalent of a Gallic Shrug probably won’t provide any meaningful clarity.

Whois policy published without life-saving disclosure rule

ICANN has updated its Registration Data Policy, the rules that govern what data registries and registrars need to collect from registrants and when to publish or supply it through Whois lookups or disclosure requests.

When it becomes enforceable in August next year, the new RDP will make full-fat ICANN Whois policy compliant with EU privacy law for the first time since the General Data Protection Regulation came into effect in May 2018.

But the new policy, which replaces a functionally very similar temporary policy, is notable not only for the extraordinary amount of time it took to produce, but also for not containing a disputed requirement for registrars and registries to quickly turn over private Whois data when human life is at risk.

The policy dictates what contact information registrars must collect from their customers, what they must share with their registries, escrow agents and others, and what they must redact in the public Whois (or Registration Data Directory Services, as it will become known when Whois is retired next January).

It also says that registries and registrars must acknowledge private data disclosure requests no more than two business days after receipt and respond to the requests in full less than 30 calendar days after that, barring delays caused by “exceptional circumstances”.

But, due purely to ICANN community politicking, the policy for now omits previously considered language on “urgent” disclosure requests for use in “circumstances that pose an imminent threat to life, of serious bodily injury, to critical infrastructure, or of child exploitation”.

I’d like to think such circumstances are incredibly rare, but if there’s a situation where a Whois disclosure could help prevent a bomb going off at a major internet exchange, a trans rights activist being hounded into suicide, or a little kid getting raped on a livestream, the new ICANN policy does not account for that.

The version of the policy published in July last year (pdf) did include an urgent requests provision, requiring contracted parties to either turn over the data or tell the requester to get lost within 24 hours of receipt.

But it also contained a bunch of exceptions that could allow registrars to extend that deadline by up to three business days. When weekends and public holidays are taken into account, this could mean as much as a full calendar week to process an “urgent”, potentially life-saving request.

For that reason, the Governmental Advisory Committee wrote to ICANN (pdf) last August to ask it to revisit the policy language, chuck out the reference to “business” days, and stick to a 24-hour response window

The original Expedited Policy Development Process Working Group that came up with the policy recommendations had not specified how long registrars and registries should have to respond to urgent disclosure requests, punting that decision to the Implementation Review Team that drafted the final language.

An August 2022 draft (pdf) put out for public comment made the response window two business days, with a possible one-day extension, but this was reduced to 24 hours last year in what registrars describe as a “significant compromise” given the operational reality of responding to disclosure requests.

In August last year, the Registrars Stakeholder Group told ICANN (pdf) that its members “are committed to responding to Urgent requests in the most swift and expeditious manner possible” but said it objected to the GAC’s last-minute demands for the urgent disclosures policy to be rewritten.

From the registrars’ perspective, handling disclosure requests for personal data is not a simple ask. It’s a legal decision, balancing the privacy rights of the registrant with the rights of others to access that information.

Get it wrong, and you’re open to litigation and fines substantial enough to be expressed as a percentage of your revenue. And, money aside, who wants to be the guy who, for example, accidentally helps the Iranian morality police murder a bunch of schoolgirls for wearing the wrong type of hat?

But the argument between the registrars and the governments comes down to issues of ICANN process. Both the GAC and the RrSG claimed the urgent disclosures bunfight highlights deficiencies in ICANN multistakeholderism, but for different reasons.

ICANN’s response to this disagreement was to remove the urgent requests clauses from the policy altogether, in the hope that further talks can find a solution. Chair Tripti Sinha wrote to the RrSG and GAC a couple weeks ago to tell them:

the Board concluded that it is necessary to revisit Policy Recommendation 18 concerning urgent requests in the context of situations that pose an imminent threat to life, serious bodily harm, infrastructure, or child exploitation, and the manner in which such emergencies are currently handled. For this, we believe that consultation with the GNSO Council is required.

ICANN has essentially kicked the can, which was what the GAC had asked for. The RrSG wanted the July 2023 language (one-plus-three days) or August 2022 language (two-plus-one days) published in the final policy.

It’s stuff like this that makes one scratch one’s head, stroke one’s chin, and wonder whether ICANN really is fit for purpose.

There were 2,312 days between the day the European Commission first proposed the GDPR to the day it became effective in all EU member states.

But 2,590 days will have passed between the day the GNSO Council initiated the EPDP and the day the new Registration Data Policy will become effective on all contracted parties, next August.

The lumbering, then-28-state European Union was faster at passing policy than ICANN, even when ICANN was using an “expedited” process.

And what ICANN eventually came up with couldn’t even agree on ways to help tackle murder, economic catastrophes, and the rape of kids.

ICANN bans closed generics for the foreseeable

There will be no applications for closed generic gTLDs in the 2026 application round, ICANN has confirmed.

While the Org has yet to publish the results of last weekend’s board meeting, chair Tripti Sinha has written to community leaders to let them know that companies won’t be able to apply for exclusive-use, non-trademark strings for the foreseeable future.

The ban follows years of talks that failed to find a consensus on whether closed generics should be permitted, and subsequent advice from the Governmental Advisory Committee, backed up by the At-Large Advisory Committee, that they should not.

Apparently quoting board output from its January 21 meeting, Sinha wrote (pdf):

the Board has considered the GAC Advice and has determined that closed generic gTLD applications will not be permitted until such time as there is an approved methodology and criteria to evaluate whether or not a proposed closed domain is in the public interest.

Closed generics were permitted — or at least not explicitly outlawed — in the 2012 application round, but were retroactively banned by ICANN following GAC advice in 2013, stymying the plans of dozens of applicants.

Ironically, it was the clumsy wording of the 2013 advice that saw the debate re-open a few years ago, with the initiation of a closed-doors, Chatham House Rules “facilitated dialogue” between the pro- and anti- camps, which also failed to reach a consensus.

By drawing a line under the issue now, ICANN has finally officially removed closed generics as a potential delaying factor on the next gTLD application round, which is already 13 years late.

Closed generics ban likely to remain after another policy group failure

Closed generic gTLDs are likely off the table for ICANN’s next application round, after a secretive policy development working group failed to reach a consensus on how they could be permitted.

The chairs of the ALAC-GAC-GNSO Facilitated Dialogue on Closed Generic gTLDs have put their names to a draft letter that essentially throws in the towel and recommends ICANN sticks to the status quo in which closed generics are not permitted.

The chairs of the three committees write that they “believe that it is not necessary to resolve the question of closed generic gTLDs as a dependency for the next round of new gTLDs, and we plan to inform the ICANN Board accordingly.”

In other words, whatever latency related to needing a closed generics policy that was built in to ICANN’s recent April 2026 target for opening the next application round could be eliminated from the timeline.

The three chairs added (emphasis in original PDF):

We agree with the ICANN Board (in its original invitation to the GAC and the GNSO to engage in a facilitated dialogue) that this topic is one for community policy work, rather than a decision for the Board. As such and based on our collective belief that there is neither the need nor the community bandwidth to conduct additional work at this stage, we also plan to ask that, for the next round, the Board maintain the position that, unless and until there is a community-developed consensus policy in place, any applications seeking to impose exclusive registry access for “generic strings” to a single person or entity and/or that person’s or entity’s Affiliates (as defined in Section 2.9(c) of the Registry Agreement) should not proceed. Finally, we also plan to inform the Board that any future community policy work on this topic should be based on the good work that has been done to date in this facilitated dialogue.

But that position — still a draft — is already facing some push-back from community members who disagree about what the current status quo actually is.

The 2012 application round opened up with the assumption that closed generics were A-okay, and it received hundreds of such applications.

But the governments of the GAC, no doubt stirred by competition concerns, balked when they saw big companies had applied for gTLD strings that could enable them to dominate their markets.

The GAC demanded that closed generics must service the public interest if they were to be permitted, so ICANN Org — in what would turn out to be an Original Sin injected into the destiny of future rounds — retroactively changed the rules, essentially banning closed generics but allowing applicants to withdraw for a refund or open up their proposed registration policies.

The third option was to defer their applications to a future application round, by which point it was assumed the community would have established a closed generics policy. No applicant took that option.

But making that policy was the job of a committee called SubPro, but when turned its attention to the issue, entrenched positions among volunteers took hold and no consensus could be found. It couldn’t even agree what the status quo was. The group wound up punting the issue to the ICANN board.

The discussion moved on last year when ICANN decided to launch the “Facilitated Dialogue”, forcing the GAC and the GNSO to the negotiating table in last-ditch attempt to put the issue to bed for good.

Ironically, it was the 2013 GAC advice — made at time when the governments drafted their advice in secret and were deliberately ambiguous in their output — that killed off closed generics for a decade that ICANN used to reopen the issue. The GAC hadn’t wanted a blanket ban, after all, it just wanted to mandate a “public interest” benefit.

The assumption was that the Facilitated Dialogue would come up with something in-between a ban and a free-for-all, but what it actually seems to have come up with is a return to the status quo and disagreement about what the status quo even is.

It really is one of those situations where ICANN, in its broadest definition, can’t see to find its ass with two hands and a flashlight (and — if you’ll indulge me — a map, GPS coordinates, and a Sherpa).

Governments call for ban on gTLD auctions

Governments are calling for a ban on new gTLD contention sets being settled via private auctions, a practice that allowed many tens of millions of dollars to change hands in the last application round.

ICANN’s Governmental Advisory Committee said in its ICANN 77 communique that it formally advises ICANN: “To ban or strongly disincentivize private monetary means of resolution of contention sets, including private auctions.”

Private auctions typically see the losers split the winner’s winning bid among themselves. The GAC endorsed the At-Large Advisory Committee’s recommendation that applicants should be forced to ICANN-run “last resort” auctions, where ICANN gets all the money, instead.

The concern is that companies with no intention of actually operating a gTLD will file applications purely in order to have a tradeable asset that can be sold to competing applicants for a huge profit.

In the 2012 round, 224 contention sets were settled in private, often via auctions. ICANN not only allowed but encouraged the practice.

For example, publicly listed portfolio registry Minds + Machines disclosed tens of millions of income from losing private auctions, some of which was reinvested into winning auctions for gTLDs that it did intend to run.

Another applicant, Nu Do Co, did not win a single auction it was involved in, with the exception of the ICANN-run “last resort” auction for .web, where its winning $135 million bid was secretly funded by Verisign.

In the case of .web, rival bidders urged NDC to go to private auction until almost the last moment, eager to get a piece of the winning bid. It remains the subject of legal disputes to this day.

The current GNSO “SubPro” policy recommendations do not include a ban on private settlements, instead saying that applicants should affirm that they have a “bona fide” intent to operate the TLD, under penalty of unspecified sanctions if they lie.

The recommendations include a set of suggested red flags that ICANN should look out for when trying to determine whether an applicant is game the system, such as the number of applications filed versus contention sets won.

It’s pretty vague — the kind of thing that would have to be ironed out during implementation — and the ICANN board of directors has yet to formally approve these specific recommendations.

The GAC’s latest advice also has concerns about the “last resort” auctions that ICANN conducts, which see ICANN place the winning bid in a special fund, particular with regards non-commercial applicants.

The GAC advised ICANN: “To take steps to avoid the use of auctions of last resort in contentions between commercial and non-commercial applications; alternative means for the resolution of such contention sets, such as drawing lots, may be explored.”

Some previous ways to mitigate contention gaming include Vickrey auctions, where every applicant submits a high bid at the time of application and the applicant with the highest bid pays ICANN the amount of the second-highest bid.

Bidding before one even knows whether the gTLD string will be subject to contention is seen as a way to dissuade applicants from applying for strings they don’t really want.

ICANN directors said repeatedly at ICANN 77 last week that the Org will be hiring an auctions expert to investigate the best way to handle auctions and reduce gaming.

Governments backtracking on closed generics ban

ICANN’s Governmental Advisory Committee appears to be backpedaling on its commitment to permitting so-called “closed generic” gTLDs in the next application round.

The GAC’s output from ICANN 76, which took place in Cancun last week, contains a paragraph that suggests that governments are reverting to their decade-old position that maybe closed generics are not a good idea.

The GAC, GNSO and At-Large have been engaging in a “facilitated dialogue” for the past few months in an attempt to figure out whether closed generics should be allowed and under what terms.

The GAC is now saying “no policy option, including the prohibition of Closed Generics, should be excluded if no satisfactory solution is found”. It had agreed to the dialogue on the condition that prohibition would not be an outcome.

A closed generic is a single-registrant gTLD matching a dictionary word that is not a trademark. Think McDonald’s controlling all the names in .burger or Jack Daniels controlling the whole .whiskey zone.

These types of TLDs had not been banned in the 2012 application round, resulting over 180 gTLD applications, including the likes of L’Oreal applying for .makeup and Symantec’s .antivirus.

But the GAC took a disliking to these applications, issuing advice in 2013 that stated: “For strings representing generic terms, exclusive registry access should serve a public interest goal.”

This caused ICANN to implement what amounted to a retroactive ban on closed generics. Many applicants withdrew their bids; other tried to fudge their way around the issue or simply sat on their gTLDs defensively.

When the GNSO came around to developing policy in 2020 for the next new gTLD round, it failed to come to a consensus on whether closed generics should be allowed. It couldn’t even agree on what the default, status quo position was — the 2012 round by policy permitted them, but in practice did not. The matter was punted to ICANN.

A year ago, ICANN said the GAC and GNSO should get their heads together in a small group, the “facilitated dialogue”, to resolve the matter, but the framing paper outlining the rules of engagement for the talks explicitly ruled out two “edge outcomes” that, ICANN said, were “unlikely to achieve consensus”.

Those outcomes were:

1. allowing closed generics without restrictions or limitations OR

2. prohibiting closed generics under any circumstance.

The GAC explicitly agreed to these terms, with then-chair Manal Ismail (who vacated the seat last week) writing (pdf):

The GAC generally agrees with the proposed parameters for dialogue, noting that discussion should focus on a compromise to allow closed generics only if they serve a public interest goal and that the two “edge outcomes” (i.e. allowing closed generics without restrictions/limitations, and prohibiting closed generics under any circumstance) are unlikely to achieve consensus, and should therefore be considered out of scope for this dialogue.

Now, after days of closed-door facilitated dialogue have so far failed to reach a consensus on stuff like what the “public interest” is, the GAC has evidently had a change of heart.

Its new Cancun communique states:

In view of the initial outputs from the facilitated dialogue group on closed generics, involving representatives from the GAC, GNSO and At-Large, the GAC acknowledges the importance of this work, which needs to address multiple challenges. While the GAC continues to be committed to the facilitated dialogue, no policy option, including the prohibition of Closed Generics, should be excluded if no satisfactory solution is found. In any event, any potential solution would be subject to the GAC’s consensus agreement.

In other words, the GAC is going back on its word and explicitly ruling-in one of the two edge outcomes it less than a year ago had explicitly ruled out.

It’s noteworthy — and was noted by several governments during the drafting of the communique — that the other edge outcome, allowing closed generics without restriction, is not mentioned.

It’s tempting to read this as a negotiating tactic — the GAC publicly indicating that a failure to reach a deal with the GNSO will mean a closed generics ban by default, but since the facilitated dialogue is being held entirely in secret it’s impossible to know for sure.