Skip to main content
Resources

Contractual Compliance Monthly Update | Issue 8



Hyangwonjeong Pavilion, Lake Seoul, Korea

Purpose:

This Newsletter is to inform readers and encourage community dialogue regarding ICANN's contractual compliance program. For more information please see link to past newsletter archive:

http://www.icann.org/en/compliance/newsletter/

Feedback:

We are soliciting questions/topic ideas that you would like to see reported in future newsletters. Please forward all questions/topic ideas to: compliance@icann.org.

Schedule Change:

The Contractual Compliance Newsletter moved from a monthly to a quarterly publication schedule to provide readers with more information about contractual compliance matters. We are taking the additional time to gather more facts and publish more concentrated issues on a quarterly basis.

1. Recent Enforcement Action Summaries

Please go to our website for more detailed information regarding enforcement actions. http://www.icann.org/en/compliance/

ICANN sent a notice of breach to Registrar, CodyCorp.com Inc. on 8 October 2009 based on this Registrar's failure to escrow gTLD Registration Data, failure to provide a working website and failure to provide Whois services. CodyCorp.com Inc. must cure the breaches set forth in ICANN's notice of breach by 29 October 2009 or risk termination of its RAA.

ICANN terminated Registrar, Red Register, Inc. , on 11 September 2009 based on this Registrar's failure to pay accreditation fees. Additional concerns regarding this Registrar were noted in ICANN's termination notice including, failure to maintain accurate primary contact information, failure to provide a working website and failure to provide Whois services. Consistent with the terms of the Registrar Accreditation Agreement, the termination became effective 26 September 2009. The domain names managed by Red Register were bulk transferred to ICANN accredited Registrar, DirectNIC.

ICANN terminated Registrar, Desto! Inc., on 8 October 2009 based on this Registrar's failure to pay accreditation fees. Consistent with the terms of the Registrar Accreditation Agreement, the termination is effective 23 October 2009. Desto! Inc. did not have any domain names under management.

ICANN did not renew the Registrar Accreditation Agreements for Registrars, Tahoe Domains Inc., Simply Named Inc, dba SimplyNamed.com and South America Domains Ltd., dba namefrog.com based on various contract violations that were not resolved prior to the expiration of the registrars' accreditation agreements.

From 1 January 2009 to 14 October 2009, ICANN opened over 4,000 enforcement actions. Opening enforcement actions is part of ICANN's normal contractual compliance escalation process. Generally, the process includes the following: initial notice of non-compliance, follow-up notice of non-compliance, breach notice and escalation where a party does not cure the breach that may result in RAA termination.

Approximately 75% of ICANN-accredited registrars that received these initial notices of non-compliance cured the identified breaches, thus negating the need for further enforcement action. ICANN actively pursues those remaining registrars and those that fail to cure breaches are considered for termination on a case-by-case basis, while ICANN concurrently considers registrant data protection issues.

In 2009, ICANN's escalated enforcement activities resulted in the transmission of 184 breach notices, the termination of 9 Registrar Accreditation Agreements and the non-renewal of 7 Registrar Accreditation Agreements, over the objection of those registrars based on contract non-compliance.

2. UDRP Complaint Statistics

ICANN staff routinely investigates UDRP complaints from dispute resolution providers and attorneys representing trademark owners. To assist UDRP complainants, ICANN provides an electronic tool for complaint processing: http://www.internic.net/UDRPIntakeReportSystem.html.

ICANN staff attempts to resolve UDRP complaints informally by requesting that the concerned Registrar immediately comply with the relevant UDRP provisions, when noncompliance is found. ICANN is compelled to escalate matters when Registrars fail to comply with ICANN's informal requests. ICANN's complaint records reveal that ICANN received UDRP-related complaints in two primary categories from June 2008 to June 2009: Registrar failure to verify (this is the process UDRP service providers use to obtain information from Registrars that is necessary to initiate an arbitration proceeding) and Registrar failure to implement decisions.

Registrars are encouraged to timely respond to dispute resolution providers' requests for verification information and timely implement UDRP decisions to avoid compliance notices and action by ICANN.

Verification

ICANN received an estimated 82 verification related compliance issues. The term "verification" does not appear in the UDRP, and is commonly used to refer to the step of the Approved Dispute Resolution Provider review, at which point the Provider contacts the registrar prior to commencement of UDRP proceedings. In most cases, staff contacted the registrar and forwarded the request to the registrar.

Failure to Implement Decisions

  • 31 UDRP Provider decisions were challenged by respondents in a court of law. In each case, ICANN staff requested documents from the registrar to determine if the registrar had proper justification for not implementing the decision. The majority of contested decisions were contested by a small number of respondents who had several domain names.
  • 7 decisions were implemented due to escalated compliance action.
  • 8 decisions were implemented after compliance staff, registrars and complainants resolved transfer related issues.
  • 12 issues were improperly submitted to compliance staff as UDRP issues.
  • 1 notice of breach was sent for failure to implement a UDRP decision.

3. Contractual Compliance Advisories

In order to help registries and Registrars understand their contractual obligations, this newsletter will occasionally include advisory information intended to clarify RAA and Registry Agreement provisions. For more information please see link to the new section: http://www.icann.org/en/registrars//en/registrars/accreditation-agreement-en.htm

Registrar Audit Responses

  • New RAA section 3.14 requires Registrars to respond to audit requests within 15 days.
  • Registrars are encouraged to timely respond to ICANN's audit requests to avoid compliance enforcement action.

ICANN conducts various audits to see if Registrars are compliant with the RAA. In the past, ICANN was lenient in terms of deadlines with audit requests. However, with the new RAA section 3.14, the Contractual Compliance Team will strictly enforce this requirement. To avoid escalated compliance action, ICANN encourages each registrar to review the new RAA Section 3.14 regarding registrar audit responses as well as any documents transmitted by ICANN regarding theregistrar audit responses.

New RAA section 3.14 requires Registrars to respond to audit requests within 15 days.

4. New gTLD Program Contractual Compliance Risk Assessment

Risk Assessment
Identify Document Prioritize Mitigate Manage

The Contractual Compliance Team will initiate a new gTLD program contractual compliance risk assessment as part of the enterprise risk management work underway at ICANN. The risk assessment will identify, document, prioritize, mitigate and manage the contractual compliance risks associated with new gTLDs.

During the past three months, we compiled a list of contractual compliance risks. We will prioritize the risks on the basis of likelihood of occurrence and severity of impact to ICANN and its constituencies. Once the risks are prioritized, we'll confirm the ranking with the assistance of key representatives from ICANN and its constituencies. Our team will then consider what additional risk management and internal control actions should be adopted by Contractual Compliance prior to the launch of the new gTLDs.

5. Recent Workshops

ICANN held two workshops at ICANN's 35th International Public meeting in Sydney, Australia.

ICANN's Contractual Compliance staff hosted a Whois Data Accuracy Study workshop at ICANN's 35th International Public meeting held in Sydney Australia 21-26 June 2009.

The purpose of the workshop was to allow attendees an opportunity to ask questions concerning the verification methodology, the domain name sampling plan and other details relevant to the Whois Data Accuracy Study. ICANN, in collaboration with the National Opinion Research Center, is conducting the Whois Data Accuracy Study to provide useful information to ICANN constituencies and the Internet community regarding the percentage of Whois data accuracy that exists within the Whois database.

Jenny Kelly, Vice President of Telephone Survey and Support Operations from the NORC answered questions and gave details regarding the process that will be followed to conduct the Whois Data Accuracy Study.
The workshop was open to all attendees.

ICANN Staff hosted a workshop regarding Registrar UDRP Best Practices. The purpose of the workshop was to allow attendees an opportunity to provide comments regarding a proposed Registrar UDRP Best Practices Document.

The Best Practice document is intended to eliminate possible confusion with regard to what Registrars are required to do upon receipt of a UDRP complaint. Various representatives attended the workshop including, Registrars, dispute resolution providers, trademark attorneys and others.

Attendees were given the time to engage in a discussion regarding the proposed Registrar UDRP Best Practices Document developed by members of the Registrar Constituency. They were also given the opportunity to offer recommendations to ensure that the proposed Registrar UDRP Best Practices Document accurately reflects the requirements of the UDRP.

6. International Outreach Efforts

North America:

Stacy Burnette, Director of Contractual Compliance, participated in the North American Regional Registrar/Registry Gathering in Toronto, Canada, 20-21 August 2009. The purpose of Ms. Burnette's presentation was to provide an update on recent compliance activities and the status of ongoing studies and audits. Topics discussed included ICANN's:

  • 2010 Contractual Compliance Operational Goals
  • 2010 Registry Audit Schedule
  • 2010 Registrar Audit Schedule
  • Recent Compliance Actions Taken by the Contractual Compliance Team

Asia Pacific:

ICANN is seeing the primary growth in new registrar accreditation applications coming from the Asia Pacific region and is committed to continuing its outreach efforts in this region.

To this end, in September 2009, Tim Cole, Chief Registrar Liaison and Pam Little, Senior Director, Contractual Compliance, Asia Pacific (a native Chinese speaker who recently joined the ICANN staff, based out of ICANN's Sydney office) visited a number of registrars in Beijing and Xiamen.

Their visits were well received by the registrars (which collectively cover over 70 percent of gTLD domains sponsored by registrars in China) and provided a rare opportunity for exchange of information and ideas and discussion on recent ICANN topics and developments.

Tim and Pam also took the opportunity to explain the features of the new 2009 Registrar Accreditation Agreement (RAA). Most registrars recognized the amendments and new provisions (new enforcement tools and remedies) are intended to provide better protections for registrants and indicated they were comfortable to proceed with the new RAA (in fact, a number of them signed it before Tim and Pam left China).

In addition to providing information to the registrars, Tim and Pam also learned more about some of the unique challenges facing registrars in the region that will prove helpful as ICANN continues to develop its resources to support registrars and to enhance compliance.

Many registrars also have shown keen interest in the implementation of the new gTLD program and the potential business opportunities that new gTLDs and IDNs might bring.

As part of Contractual Compliance Team's efforts to reach out to registrars in the Asia Pacific region, on 30 September 2009, Pam visited IP Mirror Pte Ltd dba IP MIRROR and met with Active Registrar, Inc., the only two ICANN accredited registrars in Singapore.

On 1 October 2009, Pam visited Web Commerce Communications Limited dba Web-Nic.cc and met with IPXcess.com Sdn Bhd, the only two ICANN accredited registrars in Malaysia. These visits and meetings were very constructive and informative.

7. Audit Updates

Expired Domain Deletion Policy Audits

Objective: To determine if registrars are in compliance with ICANN's consensus policy concerning the expiry and deletion of domain names by conveying key information to registrants, such as the registrar's policy on the deletion and renewal of a domain name relative to its expiration date and fees registered name holders would have to pay for recovering domains that have enter the Redemption Grace Period (RGP).

Synopsis: ICANN audited websites of all ICANN accredited registrars who were at the time sponsoring domain names to see if the content required by the Expired Domain Deletion Policy, an ICANN consensus policy, was mirrored in the information conveyed to registered name holders.

The two-part audit had the following objectives:

Part I: Determine whether or not registrars posted their policy for deleting and renewing domain names on their websites.

Part II: Determine if registrars explained to current and potential registered name holders what the fees are/would be to recover domain names that enter the RGP.

Final results will be published in the next ICANN Contractual Compliance Semi-Annual Report.

Registrar Data Escrow (RDE) Audit:

The Registrar Data Escrow program requires registrars to submit, on a schedule and based on the specifications in the data escrow agreement, electronic data files for all gTLD registrations to ICANN's escrow agent, Iron Mountain, or a third party provider subject to ICANN's approval.

This data escrow provides registered name holders assurance that , in the event of a registrar failure, their domain registration information will be secure. To make sure that the data held in escrow could be used to reconstitute a registrar in case of a registrar failure, Iron Mountain conducts a primary and secondary audit of the data files sent by registrars.

Primary audit: Reviews the escrowed data for 60 domain name registrations for each registrar.

Secondary audit: Reviews the escrowed data for 30 additional domain name registrations (or if the balance is fewer than 30 domain names, then the remaining domain names in the list will be reviewed).

The audits started with approximately 50 registrar data files in July 2009, approximately 100 in August, and then approximately 200 per month until the end of the year.

8. Study Updates

Privacy/Proxy Registration Services Study

Objective: To determine the percentage of domain names, among the top 5 gTLDs, that were registered using a privacy or proxy service.

Synopsis: Using a sample of 2400 domains names registered under .com, .net, .info, .biz, and .org, ICANN, assisted by the National Opinion Research Center, matched domain names with their corresponding Whois records and coded the domain names in the sample based on characteristics of privacy or proxy registration service providers to determine if the registered name holder used one of these services when registering the domain name.

Whois Accuracy Study

The Contractual Compliance Team launched the Whois Accuracy Study in coordination with the National Opinion Research Center at the University of Chicago (NORC). Over the years, ICANN constituencies and others have observed inaccuracies in Whois contact data provided by registrants when registering and maintaining domain names. This study is intended to contribute to community discussion regarding Whois policy and inform ICANN on prospective activities aimed to address Whois inaccuracies. ICANN and NORC will host a workshop at ICANN 36 in Seoul, Korea, to provide an update regarding the study's progress. NORC's sample plan and proposed design methodology are available for the community to view at http://www.icann.org/en/compliance/norc-whois-accuracy-study-design-04jun09-en.pdf.

9. Current Events (where Contractual Compliance matters will be discussed)

  • WIPO Ten Years UDRP: What's Next? (12-16 October 2009) in Geneva, Switzerland
  • ICANN 36 in Seoul, Korea (25-30 October 2009)
  • TWNIC Conference on Domain Name Resolution and Trademark Protection in Taipei, Taiwan (2 November 2009)
  • Domain Name Industry Gathering in Tokyo, Japan (4 November 2009)
  • The Future of the Internet in São Paulo, Brazil (24 November 2009) and Buenos Aires, Argentina (27 November 2009)
  • ICANN 37 in Nairobi, Kenya (7-12 March 2010)

10. Consumer Complaint Update

ICANN receives thousands of complaints every year regarding a variety of domain name related issues. The chart on the following page provides details concerning the categories of complaints received. ICANN follows-up on all complaints received regarding suspected RAA violations and Registry Agreement violations.

ICANN does not, however, have contract authority to address complaints regarding internet content, SPAM, data protection, web hosting, data privacy and financial transactions. As a courtesy, ICANN forwards these complaints to the appropriate parties for handling.

11. Contacts

The Contractual Compliance Team

ICANN's Contractual Compliance Team is located in Marina del Rey, California; Washington D.C., and Sydney, Australia.

Our staff includes:

newsletter-oct09-en.pdf  [1.35 MB]

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."