FINAL VERSION TO BE SUBMITTED IF RATIFIED
The final version to be submitted, if the draft is ratified, will be placed here by upon completion of the vote.
FINAL DRAFT VERSION TO BE VOTED UPON BY THE ALAC
The final draft version to be voted upon by the ALAC will be placed here before the vote is to begin.
Introduction: This submission should be read together with the previous ALAC submission (dated 13 December 2016) to the Draft Report on Competition, Consumer Trust and Consumer Choice (CCTR). In this submission, we will only comment on the new sections that impact on Internet end users. We note our earlier response to the Report:
In conclusion, the outcomes of Assessment are, at best, equivocal. While there has been some expansion in registry numbers and new market entrants, only 15% of the new domains have the characteristics of primary registration. From an end user perspective, most of the resultant new registrations are speculative, defensive, unused or parked – adding little of value to end users. And from an industry, there is no clear evidence of lower prices or more choice. Based on this Assessment, there is little evidence of benefit to end users with the introduction of new gTLDs.
The new sections of the Report add useful information and analysis from the three additional reports (a discussion on parking, a study on costs to brand owners, and a study on DNS abuse). Our comments are on parking and DNS abuse. While there is an interesting discussion and recommendations on Rights Protection Mechanisms, the issues raised and recommendations do not impact significantly on end users.
Parking: Findings from the parking discussions show that 68% of new gTLD registrations are parked. As the report notes, there are several ways in which a name would be considered as ‘parked’, only one of which is that the name displays advertisements, offers the domain for sale, or is used as a vector to distribute malware. (CCRT p. 8) The report also notes the significant geographic differences in parking practice; the parking rates for China are ‘very high’, whereas in the Latin American/Caribbean area, 78% of the new gTLDs are active. (CCTR p. 10-11). In any case, this report could not ‘identify any direct relationship between parking and DNS abuse’, but suggested there may be ‘some correlation between parking and malware’. (CCTR p. 12) In its recommendation, the report suggests the high rate of parked domains could have an impact on competition in the domain name landscape, and recommends that further information is collected on parking data.
ALAC Supports Recommendation 3 on the collection of parking data.
DNS Abuse: The DNS study provides very useful information not only about the incidence of abuse, but about the situations when it occurs, with real implications on steps that could be taken to address the issue. The Report noted that there has been a ‘significant increase’ in phishing attacks in 2016. As the report then notes, some registration operators do not act until there are complaints – contrasting with others who do check registrant credentials, block domain name strings similar to known phishing targets and scrutinize domain name resellers. (CCTR p. 21-2)
The findings suggest, however, is that abuse is ‘not rampant’ – that five new gTLDs accounted for over 58% of blacklisted gTLD domains. (CCTR p. 24).
Early in the discussion on DNS Abuse, the Report includes the nine steps that can be taken to mitigate DNS abuse. (CCTR p. 18). However, the report then notes that factors such as registration restrictions, price and registrar specific practices are more likely to affect abuse rates, ‘making low priced domain names with easy registrations attractive attack vectors’. (CCTR p. 23) As the Report then acknowledged, low cost names may also be appealing for registrants ‘with legitimate interests and the overarching goal of a free and open Internet’. Therefore, the ‘monetary incentives’ targeted at registry operators may be appropriate to prevent ‘systematic abuse’ by supporting proactive screening and the detection of malfeasance’. (CCTR p. 25)
The Report suggests four recommendations to address DNS Abuse. These include recommendations for;
- Recommendation A: negotiations on amendments to the registry agreements to provide incentives for the adoption of proactive abuse measures
- Recommendation B: negotiations on amendments to registry agreements to including provisions on preventing the systemic use of specific registrars for technical DNS abuse
- Recommendation C: Conduct a study – that is made publicly available – on the relationship between specific registry operators, registrars and DNS abuse
- Recommendation D: (which was not unanimously supported by the CCT WG) to establish a DNS Abuse Resolution Policy (DADRP) to deal with registry operators and registrars that are identified as having excessive levels of abuse.
The Report also includes Recommendation 5, calling for ICANN to: ‘collect data about and publicize the chain of parties responsible for gTLD domain registration.
This recommendation is included as an ‘individual statement’ not included in the body of the report because there was ‘insufficient time’ for it to be fully discussed by the Review Team. The explanation for this recommendation is that, at present, ‘there is no consistent mechanism for determining all of the ICANN contracted and non-contracted operators associated with a gTLD domain name registration. Whois records often do not distinguish between registrars and resellers.
The ALAC supports Recommendations A, B,C,D, and ‘Recommendation 5’ relating to DNS Abuse
FIRST DRAFT SUBMITTED
The first draft submitted will be placed here before the call for comments begins.
Introduction: This submission should be read together with the previous ALAC submission (dated 13 December 2016) to the Draft Report on Competition, Consumer Trust and Consumer Choice (CCTR). In this submission, we will only comment on the hew sections that impact on Internet end users. We note our earlier response to the Report:
In conclusion, the outcomes of Assessment are, at best, equivocal. While there has been some expansion in registry numbers and new market entrants, only 15% of the new domains have the characteristics of primary registration. From an end user perspective, most of the resultant new registrations are speculative, defensive, unused or parked – adding little of value to end users. And from an industry, there is no clear evidence of lower prices or more choice. Based on this Assessment, there is little evidence of benefit to end users with the introduction of new gTLDs.
The new sections of the Report add useful information and analysis from the three additional reports (a discussion on parking, a study on costs to brand owners, and a study on DNS abuse). Our comments are on parking and DNS abuse. While there is an interesting discussion and recommendations on Rights Protection Mechanisms, the issues raised and recommendations do not impact significantly on end users.
Parking: Findings from the parking discussions show that 68% of new gTLD registrations are parked. As the report notes, there are several ways in which a name would be considered as ‘parked’, only one of which is that the name displays advertisements, offers the domain for sale, or used as a vector to distribute malware. (CCRT p. 8) The report also notes the significant geographic differences in parking practice; the parking rates for China are ‘very high’, whereas, in the Latin American/Caribbean area, 78% of the new gTLDs are active. (CCTR p. 10-11). In any case, this report could not ‘identify any direct relationship between parking and DNS abuse’, but suggested there may be ‘some correlation between parking and malware’. (CCTR p. 12) In its recommendation, the report suggests the high rate of parked domains could have an impact on competition in the domain name landscape, and recommends that further information is collected on parking data.
ALAC Supports Recommendation 3 on the collection of parking data.
DNS Abuse: The DNS study provides very useful information not only about the incidence of abuse, but about the situations when it occurs, with real implications on steps that could be taken to address the issue. The Report noted that there has been a ‘significant increase’ in phishing attacks in 2016. As the report then noted, some registration operators do not act until there are complaints – contrasting with others who do check registrant credentials, block domain name strings similar to known phishing targets and scrutinize domain name resellers. (CCTR p. 21-2)
The findings suggest, however, is that abuse is ‘not rampant’ – that five new gTLDs accounted for over 58% of blacklisted gTLD domains. (CCTR p. 24).
Early in the discussion on DNS Abuse, the Report includes the nine steps that can be taken to mitigate DNS abuse. (CCTR p. 18). However, the report then notes that factors such as registration restrictions, price and registrar specific practices are more likely to affect abuse rates, ‘making low priced domain names with easy registrations attractive attack vectors’. (CCTR p. 23) As the Report then acknowledged, low cost names may also be appealing for registrants ‘with legitimate interests and the overarching goal of a free and open Internet’. Therefore, the ‘monetary incentives’ may be appropriate to prevent ‘systematic abuse’3by supporting proactive screening and the detection of malfeasance’. (CCTR p. 25)
The Report suggests four recommendations to address DNS Abuse. These include recommendations for;
- Recommendation A: negotiations on amendments to the RAA to provide incentives for the adoption of proactive abuse measures
- Recommendation B: negotiations on amendments to including provisions on preventing the systemic use of specific registrars for technical DNS abuse
- Recommendation C: Conduct a study – that is made publicly available – on the relationship between specific registration operators and registrars and DNS abuse
- Recommendation D: (which was not unanimously supported by the CCT WG) to establish a DNS Abuse Resolution Policy (DADRP) to deal with registry operators and registrars that are identified as having excessive levels of abuse.
The Report also includes Recommendation 5, calling for ICANN to: ‘collect data about and publicize the chain of parties responsible for gTLD domain registration.
This recommendation is included as an ‘individual statement’ not included in the body of the report because there was ‘insufficient time’ for it to be fully discussed by the WG. The explanation for this recommendation is that, at present, ‘there is no consistent mechanism for determining all of the ICANN contracted and non-contracted operators associated with a gTLD domain name registration. Whois records often do not distinguish between registrars and resellers.
The ALAC supports Recommendations A, B,C,D, and ‘Recommendation 5’
13 Comments
Carlton Samuels
This statement seems to me the best response to the additional information in the updated report, cautious optimism.
-Carlton
Justine Chew
Hi Carlton,
I'd like to ask whether – by your comment here – you have changed your mind about disagreeing with Recommendation D, or that despite disagreeing with Recommendation D, you think the ALAC should support the Recommendation which discloses a minority view against the proposal to create DADRP?
Thanks,
Justine
Holly Raiche
Hi Justine
My eading of Carlton is that he supports Recommdation D - which is about having a dispute resolution for the issue. I was well aware - as I'm sure Carlton is - that there was a Minority Report in relation to that recommendation, but I personally support the recommendation. Im happy to hear from others on the issue.
Justine Chew
Hi Holly,
Thanks for your reply but I think I may have been misunderstood. I posed my question to Carlton because he was one of the members of the CCTRT who held the Minority View regarding Recommendation D.
Cheers,
Justine
Kaili Kan
This statement is well written. Fully agreed.
Olivier Crepin-Leblond
From Slovene Consumer Association
On 15/12/2017 13:42, Krisper, Marjan wrote:
I read your report. It is comprehensive and covers all topics of Competition and Consumer Trust regarding gTlD. Recommendations also cover all problems, so i don't have any additional proposals. The most important are registrars restrictions and enforcement for new gTLD.
My opinion is that document is too long, almost 150 pages. But this is general problem with all ICANN documents.
Best regards
Marjan Krisper
Slovene Consumer Association
Justine Chew
Several comments come to mind:-
Introduction
Parking
Some suggested edits and/or typos to note:-
*I confess I am somewhat confused between the reference to Recommendation 3 in the table on p.6 and Recommendation 5 on p.12*
Cheers,
Justine
Holly Raiche
Thank youfor your recommendations, which will be incorporated into the final draft
Holly Raiche
To provide more specific feedback on the points you raise:
Abdulkarim Ayopo Oloyede
I do agree with the first draft.My only comment is on the survey itself. This is because it seems that it's majorly the big companies that responded.
Holly Raiche
The Report refers to more than one study: are you talking about the parking survey or the DNS study?
Holly Raiche
My proposed revised draft, taking into account comments made above, is below:
Introduction: This submission should be read together with the previous ALAC submission (dated 13 December 2016) to the Draft Report on Competition, Consumer Trust and Consumer Choice (CCTR). In this submission, we will only comment on the new sections that impact on Internet end users. We note our earlier response to the Report:
In conclusion, the outcomes of Assessment are, at best, equivocal. While there has been some expansion in registry numbers and new market entrants, only 15% of the new domains have the characteristics of primary registration. From an end user perspective, most of the resultant new registrations are speculative, defensive, unused or parked – adding little of value to end users. And from an industry, there is no clear evidence of lower prices or more choice. Based on this Assessment, there is little evidence of benefit to end users with the introduction of new gTLDs.
The new sections of the Report add useful information and analysis from the three additional reports (a discussion on parking, a study on costs to brand owners, and a study on DNS abuse). Our comments are on parking and DNS abuse. While there is an interesting discussion and recommendations on Rights Protection Mechanisms, the issues raised and recommendations do not impact significantly on end users.
Parking: Findings from the parking discussions show that 68% of new gTLD registrations are parked. As the report notes, there are several ways in which a name would be considered as ‘parked’, only one of which is that the name displays advertisements, offers the domain for sale, or is used as a vector to distribute malware. (CCRT p. 8) The report also notes the significant geographic differences in parking practice; the parking rates for China are ‘very high’, whereas in the Latin American/Caribbean area, 78% of the new gTLDs are active. (CCTR p. 10-11). In any case, this report could not ‘identify any direct relationship between parking and DNS abuse’, but suggested there may be ‘some correlation between parking and malware’. (CCTR p. 12) In its recommendation, the report suggests the high rate of parked domains could have an impact on competition in the domain name landscape, and recommends that further information is collected on parking data.
ALAC Supports Recommendation 3 on the collection of parking data.
DNS Abuse: The DNS study provides very useful information not only about the incidence of abuse, but about the situations when it occurs, with real implications on steps that could be taken to address the issue. The Report noted that there has been a ‘significant increase’ in phishing attacks in 2016. As the report then notes, some registration operators do not act until there are complaints – contrasting with others who do check registrant credentials, block domain name strings similar to known phishing targets and scrutinize domain name resellers. (CCTR p. 21-2)
The findings suggest, however, is that abuse is ‘not rampant’ – that five new gTLDs accounted for over 58% of blacklisted gTLD domains. (CCTR p. 24).
Early in the discussion on DNS Abuse, the Report includes the nine steps that can be taken to mitigate DNS abuse. (CCTR p. 18). However, the report then notes that factors such as registration restrictions, price and registrar specific practices are more likely to affect abuse rates, ‘making low priced domain names with easy registrations attractive attack vectors’. (CCTR p. 23) As the Report then acknowledged, low cost names may also be appealing for registrants ‘with legitimate interests and the overarching goal of a free and open Internet’. Therefore, the ‘monetary incentives’ targeted at registry operators may be appropriate to prevent ‘systematic abuse’ by supporting proactive screening and the detection of malfeasance’. (CCTR p. 25)
The Report suggests four recommendations to address DNS Abuse. These include recommendations for;
The Report also includes Recommendation 5, calling for ICANN to: ‘collect data about and publicize the chain of parties responsible for gTLD domain registration.
This recommendation is included as an ‘individual statement’ not included in the body of the report because there was ‘insufficient time’ for it to be fully discussed by the Review Team. The explanation for this recommendation is that, at present, ‘there is no consistent mechanism for determining all of the ICANN contracted and non-contracted operators associated with a gTLD domain name registration. Whois records often do not distinguish between registrars and resellers.
The ALAC supports Recommendations A, B,C,D, and ‘Recommendation 5’ relating to DNS Abuse
John Laprise
Concur