Skip to main content

Contractual Compliance Monthly Update | Issue 3

Welcome to the third issue of the ICANN Contractual Compliance Newsletter. This newsletter provides information, summaries, analysis and advisories relevant to ICANN's Contractual Compliance program.

Recently, ICANN sent a notice of breach to a registrar for failing to comply with the Uniform Domain Name Dispute Resolution Policy ("UDRP"). This issue contains the most up-to-date information on this matter. To encourage community dialogue and assist registrars in understanding their contractual obligations under the UDRP, information on an upcoming workshop on UDRP compliance is in this issue. There is also some information on compliance actions taken by ICANN to address perceived registrar failure to investigate Whois inaccuracy claims (as required by Section 3.7.8 of the Registrar Accreditation Agreement ("RAA").

This Newsletter aims to inform readers and encourage community dialogue regarding contractual compliance matters.

To ensure the continual improvement of the Contractual Compliance Program and the Contractual Compliance Newsletter, please provide comments at To subscribe to this Newsletter, simply click on the link below and provide the requested information:

1. ICANN Sends Notice of Breach Regarding UDRP Non-Compliance

ICANN sent a notice of breach to ICANN-accredited registrar, Red Register, Inc. on 15 May 2008 Despite repeated requests from ICANN and the National Arbitration Forum ("NAF"), Red Register, Inc. failed to comply with UDRP Rule 16 and paragraph 4(k) of the UDRP.

The UDRP is a consensus policy that must be complied with by all ICANN accredited registrars pursuant to Section 3.8 of the RAA.

Perhaps not a widely known registrar obligation, Rule 16 of the UDRP requires registrars to communicate plans to implement UDRP Provider decisions. This rule states in relevant part, "The concerned Registrar(s) shall immediately communicate to each Party, the Provider, and ICANN the date for the implementation of the decision in accordance with the Policy."

Paragraph 4(k) of the UDRP requires registrars to implement decisions rendered by dispute resolution providers, unless official documentation is received, within a specific period of time, that a lawsuit has commenced "against the complainant in a jurisdiction to which the complainant has submitted under Paragraph 3(b)(xiii) of the Rules of Procedure."

ICANN provided Red Register 15 days to cure the cited breaches. The breach notice clearly stated that Red Register had until 6 June 2008 to do so. ICANN recently received a communication regarding Red Register, Inc.'s intention to cure the cited breaches and transfer the domain name in dispute in order to avoid ICANN pursing additional remedies available to it under the RAA.

Red Register, Inc. became an ICANN accredited registrar in 2007. It has approximately 25,000 domain names under management.

On a monthly basis, ICANN receives UDRP complaints from dispute resolution providers and attorneys representing trademark owners. ICANN staff investigates each claim. Where noncompliance is found, ICANN attempts to resolve these matters, first by informally requesting that the concerned registrar comply with the relevant UDRP provisions immediately. If the registrar does not comply with these requests, then ICANN escalates its compliance actions.

Based on ICANN's complaint records, from January 2008 through May 2008, ICANN received UDRP-related complaints in two primary categories: registrar failure to verify (this is the process UDRP service providers use to obtain information from registrars that is necessary to initiate an arbitration proceeding) and registrar failure to implement decisions. Registrars are advised to timely respond to dispute resolution providers' requests for verification information and timely implement UDRP decisions to avoid compliance notice and action by ICANN.

UDRP Issues Breakdown

2. Registrars Questioned Regarding Unchanged Whois Inaccuracy Reports

In an effort to improve Whois data accuracy and determine if registrars are complying with their contractual obligation to investigate Whois data inaccuracy claims, ICANN commenced a Registrar Investigation of Whois Inaccuracy Claims Audit. This ongoing audit, assesses whether registrars are taking action in response to reports of Whois inaccuracy filed through ICANN's Whois Data Problem Report System ("WDPRS").

Related to this, on 19 May 2008, a Washington Post article titled, Most Spam Sites Tied to a Handful of Registrars, identified ten registrars as "the most favored by spammers." ICANN would like to note that it does not have contractual authority to address spam matters since spamming is an activity engaged in by registrants, not registrars. However, spammers have been known to attempt to conceal their identity by providing inaccurate or incomplete Whois data. Some believe there is a direct connection between spamming and inaccurate Whois data. ICANN has contractual authority to require registrars to investigate claims of Whois inaccuracy and in that respect, it has acted.

Specifically, Section 3.7.8 of the Registrar Accreditation Agreement states in relevant part,

"Registrar shall, upon notification by any person of an inaccuracy in the contact information associated with a Registered Name sponsored by Registrar, take reasonable steps to investigate that claimed inaccuracy. In the event Registrar learns of inaccurate contact information associated with a Registered Name it sponsors, it shall take reasonable steps to correct that inaccuracy."

ICANN's Whois Data Problem Report System ("WDPRS") allows the public to register domain name Whois inaccuracy reports and those reports are sent to the relevant registrars for investigation. Registrars identified as taking no action regarding a substantial percentage of Whois inaccuracy reports regarding domain names under their management, are sent "notices of concern" and requested to provide information regarding the steps they took to investigate specific Whois inaccuracy claims. ICANN analyzes the information provided by these registrars and determines whether a contract violation has occurred. If a contract violation is found, ICANN determines the most appropriate action based on the facts and circumstances, including increased monitoring of records, warnings and notices of breach of contract.

Some of the registrars identified in a recent Washington Post article had already received notices from ICANN regarding their Whois inaccuracy investigation practices. ICANN examined WDPRS data regarding the other registrars identified in this article and it was determined that most had a significant percentage of WDPRS reports that had gone unchanged. As such, ICANN sent notices to those registrars as well.

This audit and ICANN's other efforts to improve Whois accuracy are ongoing and registrars are advised to investigate every claim of Whois inaccuracy as required by Section 3.7.8 of the RAA to avoid compliance notice and action.

3. Why Domain Name Issues are Not Always a Matter of Contractual Compliance

There remain occasional misconceptions about ICANN's authority. Some appear to believe ICANN is an Internet enforcement agency, with broad power to shut down websites, restrict website content, and penalize Internet users for unethical behavior. This is not the case.

For example, whenever new issues arise, such as front-running, fast flux, or domain name tasting, it is often asked, "What is ICANN's contractual compliance department doing about this?" The truth is, ICANN's Registrar Accreditation Agreement ("RAA") was consummated in 2001 and many of the issues that that the ICANN community is currently grappling with were not contemplated when the RAA was written. Moreover, the parties engaged in some of the new practices that the ICANN community is studying do not involve the actions of contracted parties (registrars or registries) exclusively. Hence, the RAA and the registry agreements do not always provide neat solutions to current issues. Some issues are more appropriately addressed through the enactment of new policies or RAA amendments, while other issues are clearly outside of ICANN's mission. Some issues can be addressed by ICANN outside of the contractual compliance role or by other parts of the Internet community.

In the interest of providing clear information regarding ICANN's contractual authority to the public, ICANN provides a link at the bottom of its home page where it states, "Have a Registrar Problem? Find Answers," Here, ICANN seeks to inform potential complainants regarding the scope of ICANN's contractual authority at its Public Information Site regarding domain name registrations. See also, Additionally, ICANN provides information regarding its contractual authority in its complaint responses.

Along these lines, ICANN will consistently describe its contractual authority when addressing issues in the future. This will work to move public discussion on issues forward with greater alacrity.

4. UDRP Compliance Workshop in Paris on 26 June 2008

In an effort to facilitate community dialogue regarding the UDRP and assist registrars in understanding their contractual obligations regarding this consensus policy, ICANN is hosting a UDRP compliance workshop at its 32nd International Public Meeting in Paris, France on 26 June 2008 at 1:00pm. The following panelists have confirmed their participation:

Leena Ballard, Legal Officer, Arbitration and Mediation Center, WIPO
John Berryhill, Trademark and Patent Attorney
Kristine Dorrain, Internet Legal Counsel, NAF
Margie Milam, Corporate Secretary and General Counsel, MarkMonitor
David Taylor, Partner, Lovells, LLP

Panelists will share their views regarding the advances and successes that have occurred since the adoption of the UDRP. Additionally, panelists and audience members will discuss UDRP compliance activities, challenges and the future direction of the UDRP.

Parties recommended to attend this workshop include, Registrars, Registrants, Trademark Attorneys and UDRP Dispute Resolution Service Providers.

5. Whois Data Accuracy Study Update

As reported in the April 2008 Contractual Compliance Newsletter, ICANN has undertaken a Whois Data Accuracy Study of domain name Whois contact information accuracy. ICANN is working with an organization that has conducted similar survey studies in the past to provide advice and possibly provide consultation services to assist ICANN in conducting the study.

Upcoming Events

ICANN's 32nd International Public Meeting (Paris, France 22 June - 27 June):

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."