Skip to main content

Competition, Consumer Trust and Consumer Choice Review (CCT)

Sign up to learn more

CCT Review Wiki Workspace Page Introduction to Reviews
Learn more about Reviews, their purpose and process for conducting and opportunities to participate
CCT Implementation Progress CCT Fact Sheet

Objectives of the CCT Review

Under the Bylaws (Section 4.6(d)), ICANN is committed to ensuring that it will adequately address issues of competition, consumer protection, security, stability and resiliency, malicious abuse issues, sovereignty concerns, and rights protection prior to increasing in the number of new generic top-level domains under an application process initiated after 1 October 2016 (“New gTLD Round”).

The review team for the CCT Review (“CCT Review Team”) examines the extent to which the expansion of gTLDs has promoted competition, consumer trust and consumer choice.  It also assesses the effectiveness of the New gTLD Round’s application and evaluation process, as well as the safeguards put in place to mitigate issues arising from the New gTLD Round.

For each of its recommendations, the CCT Review Team should indicate whether the recommendation, if accepted by the Board, must be implemented before opening subsequent rounds of new generic top-level domain applications periods.

The CCT Review Team shall also assess the extent to which prior CCT Review recommendations have been implemented and the extent to which implementation of such recommendations has resulted in the intended effect.

Implementation of CCT Recommendations 

Out of the 35 CCT Final recommendations, the Board approved a total of 17:

  • On 1 March 2019, the Board accepted Recommendations 1, 17, 21, 22, 30, 31 subject to costing and implementation considerations. The Board approved the plan for implementation of these accepted recommendations on 26 January 2020 with a note that implementation is subject to prioritization.
  • On 22 October 2020, the Board approved Recommendations 6, 7, 8, 11, 13, 16, 18, 20, 23, 24, 26 subject to prioritization.

Currently, a total of six (6) recommendations remain pending further Board action: Recommendations 2, 3, 4, 5, 14, 15.

Fourteen (14) recommendations, in whole or in part, were passed through to the community for consideration: Recommendations 9, 10, 12, 16, 19, 20, 25, 27, 28, 29, 32, 33, 34, 35.

The table below provides information relating to the implementation of Board approved recommendations. Implementation status of recommendations should be understood as follows:

  • Complete: a recommendation implemented in full and for which implementation documentation is available.
  • In progress: a recommendation for which work has started to address deliverables identified during the implementation design. Implementation design is the preparatory phase for implementation during which a cross-functional project team develops guidelines that include deliverables for implementation, costing out resources, risk assessment, as well as an inventory of existing work etc.
  • Not started: Work has not started because of a dependency on another recommendation and/or process.

Where available, the priority level assigned by the community (where P1 corresponds to the highest priority and P4 to the lowest) is inserted in the table below. For more information on prioritization, see here

Rec #

Implementation Status

Priority Level Assigned by the Community


Implementation Update as of 15 November 2022

*This updated table reflects current and reclassified implementation status categories of "Complete", "In Progress", and "Not started". Previously, it showed implementation design status. Because of this update, the status of some recommendations may have changed from prior reporting to now represent their implementation status.


In progress


Formalize and promote ongoing data collection.

Implementation will take place in phases, with existing resources used for the initial definition and planning stages. Ongoing and operational activities may have incremental costs related to staffing, procurement, software, and other tools.


Not started


Partner with mechanisms and entities involved with the collection of TLD data. As feasible, collect TLD registration number data per TLD and registrar at a country-by-country level in order to perform analysis based on the same methods used in the Latin American and Caribbean DNS Marketplace (LAC) Study.



In progress


Collect domain usage data to better understand the implications of parked domains.

Implementation activities will include investigating existing definitions of parking, including the CCT-RT's definition and its data collection methodologies, and initiating discussions with the ICANN community.


In progress


Conduct periodic surveys of registrants that gathers both objective and subjective information with a goal of creating more concrete and actionable information.

Implementation will include the development of a consumer/end-user/public survey.


In progress


Conduct periodic end-user consumer surveys. Future review teams should work with survey experts to conceive more behavioral measures of consumer trust that gather both objective and subjective data with a goal toward generating more concrete and actionable information.

Implementation will include the development of a consumer/end-user/public survey.


In progress

Items 1, 2, 4 (in part) prioritized as P1

Items 3, 4 (in part), 5 prioritized as P2

ICANN should collect data in conjunction with its related data collection activities on the impact of restrictions on who can buy domains within certain new gTLDs (registration restrictions) to help regularly determine and report:

1. Whether consumers and registrants are aware that certain new gTLDs have registration restrictions;

2. Compare consumer trust levels between new gTLDs with varying degrees of registration restrictions; [...]

Implementation of recommendation 13 items 1, 2, 4 (in part) will include the development of a consumer/end-user/public survey.

Item 3 will require an agreement with a vendor to conduct the study.

Implementation of recommendation 13 items 4 (in part) and 5 will include a voluntary pilot survey of Contracted Parties




Further study the relationship between specific registry operators, registrars, and DNS Security Abuse by commissioning ongoing data collection, including but not limited to, ICANN DAAR initiatives. [...]

See implementation documentation.




ICANN should collect data about and publicize the chain of parties responsible for gTLD domain name registrations.

See implementation documentation.




In order for the upcoming WHOIS Review Team to determine whether additional steps are needed to improve WHOIS accuracy, and whether to proceed with the identity phase of the Accuracy Reporting System (ARS) project, ICANN should gather data to assess whether a [...]

See implementation documentation.


In progress


Assess whether mechanisms to report and handle complaints have led to more focused efforts to combat abuse by determining:

(1) the volume of reports of illegal conduct in connection with the use of the TLD that registries receive from governmental and quasi-governmental agencies;

(2) the volume of inquires that registries receive from the public related to malicious conduct in the TLD;

(3) whether more efforts are needed to publicize contact points to report complaints [...]

Implementation will include a voluntary pilot survey of Contracted Parties


In progress

Item 2 prioritized as P2

Include more detailed information on the subject matter of complaints in ICANN publicly available compliance reports. Specifically, more precise data on the subject matter of complaints, particularly: (1) the class/type of abuse; (2) the gTLD that is target of the abuse; (3) the safeguard that is at risk; (4) an indication of whether complaints relate to the protection of sensitive health or financial information; (5) what type of contractual breach is being complained of; and (6) resolution status of the complaints, including action details. These details would assist future review teams in their assessment of these safeguards.

Contractual Compliance had already included four of these factors (class/type of abuse, safeguard at risk, documented risk to sensitive health or financial information, and type of contractual breach) in its reporting, as noted by the Board in its 1 March 2019 Board resolution on the CCT Final Report. A fifth data point offering "resolution status of the complaints, including action details" was added in August 2019.

With respect to the recommendation that the reporting should include the gTLD being abused, the Board directed ICANN org to "investigate the potential negative impacts of implementing this item on enforcement of compliance, track this effort and propose a mitigation plan in case of any negative effects."

Although ICANN Contractual Compliance has the data, discussion and alignment within the org and/or community is required on how to approach publishing such information.


Not started


Initiate engagement with relevant stakeholders to determine what best practices are being implemented to offer reasonable and appropriate security measures commensurate with the offering of services that involve the gathering of sensitive health and financial information. Such a discussion could include identifying what falls within the categories of "sensitive health and financial information" and what metrics could be used to measure compliance with this safeguard.



In progress


ICANN should gather data on new gTLDs operating in highly-regulated sectors to include the following elements:

A survey to determine:

1) the steps registry operators are taking to establish working relationships with relevant government or industry bodies; and

2) the volume of complaints received by registrants from government and regulatory bodies and their standard practices to respond to complaints. [...]

ICANN Contractual Compliance currently reports on volume and nature of complaints received regarding gTLDs operating in highly-regulated sectors.

Implementation of recommendation 23 items A, C (in part), D will include a voluntary pilot survey of Contracted Parties

With respect to audit on registration practices, ICANN org will continue to monitor complaint trends in this area, and to plan for an audit if any risk is identified.


In progress

Item B prioritized as P2

a. Determine whether ICANN Contractual Compliance should report on a quarterly basis whether it has received complaints for a registry operator's failure to comply with either the safeguard related to gTLDs with inherent governmental functions or the safeguard related to cyberbullying.

b. Survey registries to determine:

1) whether they receive complaints related to cyberbullying and misrepresenting [...]

ICANN org's Contractual Compliance reporting includes data that addresses Recommendation 24 item A.

Implementation of recommendation 24 item B will include a voluntary pilot survey of Contracted Parties


In progress


A study to ascertain the impact of the New gTLD Program on the costs required to protect trademarks in the expanded DNS space should be repeated at regular intervals to see the evolution over time of those costs. The CCT Review Team recommends that the next study be completed within 18 months after issuance of the CCT Final Report, and that subsequent studies be repeated every 18 to 24 months. The CCT Review Team acknowledges [...]



Not started

Not eligible for prioritization

Expand and improve outreach into the Global South.

Engaging potential applicants in diverse regions is dependent on the communications and engagement plan for a potential next round of gTLDs. Operational assumptions and considerations for implementation will be explored in the Operational Design Assessment (ODA) to be provided to the Board in support of their consideration of the Subsequent Procedures Final Report recommendations.


Not started

Not eligible for prioritization

The ICANN organization to coordinate the pro bono assistance program.

The New gTLD Subsequent Procedures PDP Working Group Final Report (Recommendation 17.1) provides guidance that the Applicant Support Program's pro bono assistance element should continue in Subsequent Procedures along with other elements of the program. Recommendation 17.1 along with others related to Applicant Support, which address CCT Rec 31, are being considered as part of the SubPro Operational Design Phase (ODP). Operational assumptions and considerations for implementation will be explored in the Operational Design Assessment (ODA) to be provided to the Board in support of their consideration of the Subsequent Procedures Final Report recommendations.

Review Progress and Milestones

The graphic below illustrates phases and status of each review - a  indicates that all activities within a given phase have been completed.  The chart that follows the graphic provides further details of key activities and milestones within each phase – you can view these details by clicking on each of the phases in the graphic.  The table also contains links to relevant documents.

Competition, Consumer Trust and Consumer Choice
PhaseActivityDescriptionStart DateDocuments
Conduct ReviewCall for Volunteers ExtensionExtension of call for volunteers to submit application2 Nov 2015
ApplicationsApplications Received for CCT16 Nov 2015
Appointment of review team membersAppointment of review team members based on AoC requirements23 Dec 2015
Terms of ReferenceDocument outlining the scope of work adopted by the review team23 Mar 2016
Call for VolunteersCall for Volunteers1 Oct 2015
CCT Draft ReportDraft report published for public comment7 Mar 2017
CCT Issues New Sections to Draft Report RecommendationsCall for input on new sections to the draft report. 27 Nov 2017
CCT Final ReportCompetition, Consumer Trust, and Consumer Choice Review Final Report8 Sep 2018
CCT Final Report Executive SummaryExecutive summary of the CCT Final Report8 Sep 2018
Board Action on Final RecommendationsBoard receipt of the Final ReportBoard receipt of the Final Report5 Oct 2018
Public comment on Final ReportFinal Report & Recommendations posted for public comment8 Oct 2018
Extension of Public CommentAnnouncement of extension of public comment on CCT Final Report29 Nov 2018
Board Action on RecommendationsBoard resolution taking action on 35 recommendations1 Mar 2019
Board Action on RecommendationsBoard resolution approving eleven (11) recommendations within October 2020 Scorecard22 Oct 2020
PlanningPlan for Implementation and Next StepsAccepted Recommendations - Plan for Implementation and Next Steps11 Sep 2019
Board Action on Plan for ImplementationBoard resolution on implementation of six accepted recommendations26 Jan 2020

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."