ICANN currently has over 900 accredited registrars, each with a Registrar Accreditation Agreement (RAA) in effect. The form of the RAA is identical regardless of the characteristics of the registrar, so that compliance efforts can be carried out in a consistent manner across all registrars.
The gTLD Registrar Compliance Program was developed by first compiling a full listing of all obligations enumerated in the accreditation agreement. These provisions were then divided into seven general Compliance Areas.
The Compliance Area may track a registrar's responsiveness, the nature and accuracy of its customer service functions, and its cooperation with other registrars to resolve shared problems.
This is a broad area in which accredited registrars have several obligations, including:
- provision of free public Whois service on Port 43 and via web;
- submitting all required data elements to the registries;
- updating data elements in a timely manner;
- providing for bulk access to Whois data in accordance with the required bulk access agreement;
- taking reasonable steps to correct inaccuracies upon notification;
- providing annual Whois data reminders to registrants.
Measures for ensuring compliance in this area may include routine Whois queries for each registrar, review of bulk access agreements, and investigation of registrar handling of inaccuracy and data reminder notifications.
- Data Escrow
Registrars will be required to submit an electronic copy of their database to an escrow agent according to an approved schedule and format. They must also enter into the appropriate agreement with ICANN, the registrar and the escrow agent.
- Business Practices
These include a registrar’s obligation not to represent that they have superior access to a registry, not to activate a domain name registration without reasonable assurance of payment. Registrars must also register names only for fixed periods and not register names contrary to an ICANN policy listing excluded names. Compliance in this area will be determined through routine and random reviews of registrar websites, promotional materials and customer communications, as well as through regular review of complaints from consumers or other interested parties.
- Registration Agreement
Registrars must maintain a registration agreement which must include certain terms as enumerated in Section 3.7.7 of the RAA and related consensus policies (e.g., the UDRP). Compliance checks will involve periodic review of each registrar’s posted agreement for compliance with these terms.
- Consensus Policy Compliance
Registrars are obligated to comply with any consensus policies adopted by ICANN. Consensus policies applicable to registrars at the current time are:
- Uniform Domain Name Dispute Resolution Policy (adopted by ICANN Board 26 August 1999; form of implementation documents approved 24 October 1999).
- Whois Data Reminder Policy (adopted by ICANN Board 27 March 2003; implementation documents issued 16 June 2003).
- Policy on Transfer of Registrations between Registrars (revision adopted 7 November 2008; effective 15 March 2009).
- Whois Marketing Restriction Policy (effective on 12 November 2004, adopted by ICANN Board 27 March 2003; implementation documents issued 12 August 2004).
- Restored Names Accuracy Policy (effective on 12 November 2004, adopted by ICANN Board 27 March 2003; implementation documents issued 12 August 2004).
- Expired Domain Deletion Policy (effective on 21 December 2004, adopted by ICANN Board 31 October 2003; implementation documents issued 21 September 2004).
As each of these policies has a variety of requirements binding on registrars, ICANN will use various means to test compliance including surveys, review of sample registrar materials, and data from third parties such as dispute resolution providers.
Registrars are obligated to pay yearly and variable accreditation fees to ICANN. Compliance efforts here are handled by the ICANN finance staff in coordination with the compliance staff as necessary.
Registrars must maintain $500,000k of general commercial liability insurance. ICANN will perform periodic audits to ensure that registrars are compliant with this requirement.
In order to insure that individual registrars are in compliance in these areas, ICANN will:
- Collect data from complaints received from registrants, registrars, and other interested parties such as dispute providers, etc.
- Monitor the efficiency and effectiveness of registrar responses to problems that have been identified
- Monitor the accuracy of registrar contact information
- Track data on the relative volume of complaints including domain dispute complaints and Whois data challenges, among others
- Review issues raised involving transfers whether as the gaining or losing registrar
- Conduct periodic reviews of registrar website and online forms
- Work closely with Chief Financial Officer to monitor payment delinquencies or other financial concerns
- Periodically request current proof of insurance
- Conduct more in depth reviews upon sale or transfer of a registrar’s accreditation
- Implement a series of escalating penalty provisions as adopted by ICANN, which may include:
- Public notice of violations
- Limits on access to registries or ability to accept transfers
As noted above, the existing models for ICANN’s agreements have been set into separate compliance areas. The schedules for the compliance areas can be adjusted prior to publication for each calendar year, if staff determines that a given area should receive more or less attention.
ICANN will continue to place a high priority on efficiency and consistency in its compliance program, and, when appropriate, work with the supporting organizations and advisory committees.