Implementation

Rec #

Status

Description

Implementation Update as of 17 February 2022

1

In Progress

Formalize and promote ongoing data collection.

ICANN org is preparing to begin the "Model Definition" phase. Implementation will take place in phases, with existing resources used for the initial definition and planning stages. Ongoing and operational activities may have incremental costs related to staffing, procurement, software, and other tools.

6

In Progress

Partner with mechanisms and entities involved with the collection of TLD data. As feasible, collect TLD registration number data per TLD and registrar at a country-by-country level in order to perform analysis based on the same methods used in the Latin American and Caribbean DNS Marketplace (LAC) Study.

ICANN org is conducting implementation planning.

7

In Progress

Collect domain usage data to better understand the implications of parked domains.

ICANN org is conducting implementation planning. Implementation activities will include investigating existing definitions of parking, including the CCT-RT's definition and its data collection methodologies, and initiating discussions with the ICANN community.

8

In Progress

Conduct periodic surveys of registrants that gathers both objective and subjective information with a goal of creating more concrete and actionable information.

ICANN org is conducting implementation planning.

11

In Progress

Conduct periodic end-user consumer surveys. Future review teams should work with survey experts to conceive more behavioral measures of consumer trust that gather both objective and subjective data with a goal toward generating more concrete and actionable information.

ICANN org is conducting implementation planning.

13

In Progress

ICANN should collect data in conjunction with its related data collection activities on the impact of restrictions on who can buy domains within certain new gTLDs (registration restrictions) to help regularly determine and report:

1. Whether consumers and registrants are aware that certain new gTLDs have registration restrictions;

2. Compare consumer trust levels between new gTLDs with varying degrees of registration restrictions; [...]

ICANN org is conducting implementation planning on this recommendation.

Implementation of parts 1, 2, 4 of this recommendation is planned as part of the registrant and end-user surveys in recommendations. 8 and 11.

Part 3 entails extending part of the "Statistical Analysis of DNS Abuse in gTLDs" study. This will also entail initiating a procurement process, i.e., enter into agreement with a vendor to conduct the study.

Implementation of Part 5 is planned  through a voluntary pilot survey using ICANN resources, for which a questionnaire will be developed as the initial step.

16

Completed

Further study the relationship between specific registry operators, registrars, and DNS Security Abuse by commissioning ongoing data collection, including but not limited to, ICANN DAAR initiatives.

ICANN org will continue to collect data and generate monthly reports on an ongoing basis. DAAR itself is not and cannot be a compliance/enforcement tool. Rather, it is a tool that monitors third party reputation lists to indicate possible concentration of DNS security threats.

Discussions with the community on ways in which DAAR system can be improved are ongoing.

17

Completed

ICANN should collect data about and publicize the chain of parties responsible for gTLD domain name registrations.

Implementation is complete, consistent with current policy requirements. ICANN org will review and report on any implementation work needed as a result of ongoing or future policy work conducted by the ICANN community.

18

Completed

In order for the upcoming WHOIS Review Team to determine whether additional steps are needed to improve WHOIS accuracy, and whether to proceed with the identity phase of the Accuracy Reporting System (ARS) project, ICANN should gather data to assess whether a [...]

No further action is required at this time. If future RDS reviews request that data, ICANN org will provide the information to help inform their work.

20

In Progress

Assess whether mechanisms to report and handle complaints have led to more focused efforts to combat abuse by determining:

(1) the volume of reports of illegal conduct in connection with the use of the TLD that registries receive from governmental and quasi-governmental agencies;

(2) the volume of inquires that registries receive from the public related to malicious conduct in the TLD;

(3) whether more efforts are needed to publicize contact points to report complaints [...]

This recommendation was approved in part and passed through to the community in part for consideration. The portion of the recommendation that has been approved will be addressed through voluntary pilot survey using ICANN resources, for which a questionnaire will be developed as the initial step.

21

Include more detailed information on the subject matter of complaints in ICANN publicly available compliance reports. Specifically, more precise data on the subject matter of complaints, particularly: (1) the class/type of abuse; (2) the gTLD that is target of the abuse; (3) the safeguard that is at risk; (4) an indication of whether complaints relate to the protection of sensitive health or financial information; (5) what type of contractual breach is being complained of; and (6) resolution status of the complaints, including action details. These details would assist future review teams in their assessment of these safeguards.

Contractual Compliance had already included four of these factors (class/type of abuse, safeguard at risk, documented risk to sensitive health or financial information, and type of contractual breach) in its reporting, as noted by the Board in its 1 March 2019 Board resolution on the CCT Final Report. A fifth data point offering "resolution status of the complaints, including action details" was added in August 2019.

With respect to the recommendation that the reporting should include the gTLD being abused, the Board directed ICANN org to "investigate the potential negative impacts of implementing this item on enforcement of compliance, track this effort and propose a mitigation plan in case of any negative effects."

Although ICANN Contractual Compliance has the data, discussion and alignment within the org and/or community is required on how to approach publishing such information. Completion of this step is contingent on ongoing community discussions pertaining to reaching a common understanding of what DNS abuse is, and related terms, as well as best practices that the DNS industry could adopt, expand or improve upon.

22

In Progress

Initiate engagement with relevant stakeholders to determine what best practices are being implemented to offer reasonable and appropriate security measures commensurate with the offering of services that involve the gathering of sensitive health and financial information. Such a discussion could include identifying what falls within the categories of "sensitive health and financial information" and what metrics could be used to measure compliance with this safeguard.

ICANN org is conducting implementation planning on this recommendation.

23

Partially Completed

ICANN should gather data on new gTLDs operating in highly-regulated sectors to include the following elements:

- A survey to determine:

1) the steps registry operators are taking to establish working relationships with relevant government or industry bodies; and

2) the volume of complaints received by registrants from government and regulatory bodies and their standard practices to respond to complaints. [...]

ICANN Contractual Compliance currently reports on volume and nature of complaints received regarding gTLDs operating in highly-regulated sectors.

For the data that is to be obtained through a voluntary pilot survey, ICANN org will develop a questionnaire and review a sample of domain websites.

With respect to audit on registration practices, ICANN org will continue to monitor complaint trends in this area, and to plan for an audit if any risk is identified.

24

Partially Completed

a. Determine whether ICANN Contractual Compliance should report on a quarterly basis whether it has received complaints for a registry operator's failure to comply with either the safeguard related to gTLDs with inherent governmental functions or the safeguard related to cyberbullying.

b. Survey registries to determine:

1) whether they receive complaints related to cyberbullying and misrepresenting [...]

ICANN Contractual Compliance currently reports on this data on a monthly basis.

For the data that is to be obtained through a voluntary pilot survey, ICANN org will develop a relevant questionnaire.

26

In progress

A study to ascertain the impact of the New gTLD Program on the costs required to protect trademarks in the expanded DNS space should be repeated at regular intervals to see the evolution over time of those costs. The CCT Review Team recommends that the next study be completed within 18 months after issuance of the CCT Final Report, and that subsequent studies be repeated every 18 to 24 months. The CCT Review Team acknowledges [...]

ICANN org is conducting implementation planning on this recommendation.

30

In Progress

Expand and improve outreach into the Global South.

The New gTLD Subsequent Procedures PDP WG work is complete, and the policy recommendations are before the Board. The delivery of a report on engagement with underserved or underrepresented stakeholders is connected to the overall communications strategy associated with another gTLD round and is related to CCT Recommendation 29 (passed through to the GNSO). Ongoing engagement to diverse stakeholders and regions as well as cross-functional work continues ahead of the planning for another gTLD round.

31

In Progress

The ICANN organization to coordinate the pro bono assistance program.

The New gTLD Subsequent Procedures PDP Working Group Final Report (Recommendation 17.1) provides guidance that the Applicant Support Program's pro bono assistance program should continue in subsequent procedures along with other elements of the program.

Should the Board accept this policy recommendation, ICANN org would develop a detailed implementation plan for the pro bono assistance program as part of the overall implementation plan for the next round of new gTLDs.