Sections
INTA Bulletin


August 1, 2013 Vol. 68 No. 14 Back to Bulletin Main Page

ICANN Adopts GAC Advice on Whois, Security Enhancements


INTA representatives last month participated in the second meeting this year of The Internet Corporation for Assigned Names and Numbers (ICANN), which was held July 14—18 in Durban, South Africa.

Many of the developments that have occurred between ICANN’s last meeting in Beijing and the Durban meeting should result in stronger protections for trademark owners.

Safeguarding New gTLDs
Following a request for public comment in April—to which INTA’s Internet Committee replied with extensive recommendations—ICANN’s Board of Directors held several meetings to consider and adopt advice from its Government Advisory Committee (GAC) on the introduction of new generic top-level domains (gTLDs).

In particular, ICANN accepted the GAC’s input on implementing additional safeguards across each new gTLD that will be introduced over the coming years. The new protections are outlined below:

Whois Verification and Checks
ICANN is finishing the development of a new Whois tool that will provide the ability to check false, incomplete or inaccurate Whois data. The tool is being designed to allow ICANN’s staff to begin to “proactively identify potentially inaccurate gTLD data registration in gTLD registry and registrar services, explore using automated tools, and forward potentially inaccurate records to gTLD registrars for action; and to publicly report on the resulting actions to encourage improved accuracy.” In light of this activity, ICANN has agreed to implement the GAC’s advice that checks identifying registrations in a gTLD with deliberately false, inaccurate or incomplete Whois data be conducted at least twice a year. To achieve this, ICANN will perform a periodic sampling of Whois data across registries in an effort to identify potentially inaccurate records. ICANN will also maintain statistical reports that identify the number of inaccurate Whois records identified.

Mitigating Abusive Activity
ICANN will mandate that new gTLD Registry Operators require their Registrars to include in their Registration Agreements a provision prohibiting registrants from “distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law,” and providing consequences for such activities, including suspension of the domain name.

Security Checks
ICANN will include a provision in the New gTLD Registry Agreement requiring Registry Operators periodically to conduct a technical analysis to assess whether domains in its gTLD are being used to perpetrate security threats, such as pharming, phishing, malware and botnets. The provision will also require Registry Operators to maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operators will maintain these reports for the agreed contracted period and provide them to ICANN upon request. The contents of the reports will be publically available as appropriate.

Documentation of Inaccurate Records
As detailed above, ICANN will maintain statistical reports that identify the number of inaccurate Whois records identified as part of the checks to identify registrations with deliberately false, inaccurate or incomplete Whois data. Registry Operators will be required to maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operators will maintain these reports for the agreed contracted period and provide them to ICANN upon request. The contents of the reports will be publically available as appropriate.

Making and Handling Complaints; Consequences
Registry Operators will be required to ensure that there is a mechanism for making complaints regarding malicious conduct in the TLD. ICANN will also mandate that new gTLD Registry Operators provide consequences (consistent with applicable law and any related procedures) for abusive conduct, including suspension of the domain name.

ICANN announced no change to its current policy on singular and plural gTLDs, which potentially allows both versions of the same new gTLD to coexist. There have been concerns within the trademark community that such a system could lead to consumer confusion and additional defensive registrations.
On a separate issue, ICANN has determined that the Registry Operator of a “Generic String” may not impose eligibility criteria that limit registrations exclusively to a single person or entity and/or that person’s or entity’s “Affiliates.” For the first time, ICANN defines “Generic” as a “string consisting of a word or term that denominates or describes a general class of goods, services, groups, organizations or things, as opposed to distinguishing a specific brand of goods, services, groups, organizations or things from those of others.”

Additional GAC Advice on New gTLDs
The ICANN Board continues to consider how to address GAC advice pertaining to broad categories of new gTLDs, including those domains that are connected with regulated markets or that raise heightened consumer protection concerns and other sensitivities. As a temporary measure, ICANN will defer moving forward with the contracting process for these strings, pending further dialogue with the GAC. ICANN is also holding off on a decision for providing protection to the names of intergovernmental or international non governmental organizations.

New Registrar Accreditation Agreement (RAA)
ICANN has adopted a new form of its Registrar Accreditation Agreement (RAA), and will require that all New gTLD Registry Operators use the agreement. As a result, all domain names sold in new gTLDs will be subject to the terms of the new RAA.

Some enhanced features are requiring the creation of an “abuse point of contact” at each registrar, a limited Whois verification and validation—either email address or phone number—and new provisions governing a registrar’s obligations for its resellers. The new agreement also contains stronger contractual compliance measures, including broader suspension and termination tools.

With respect to Proxy and Privacy services, the new RAA will require that information be made available on items such as customer service processes and when a provider will relay information on the underlying user of the domain name registration. While ICANN did not address all of the recommendations from INTA and the intellectual property community regarding these services, a formal accreditation program for service providers may be developed under ICANN’s policy development process.

Next Meeting
ICANN’s next international meeting will take place in Buenos Aires, Argentina, November 17—21. INTA’s Internet Committee will continue to participate with ICANN on issues of concern to the trademark community. If you have questions about participating at ICANN, please contact INTA External Relations Manager Claudio DiGangi at cdigangi@inta.org.

Although every effort has been made to verify the accuracy of items in the INTA Bulletin, readers are urged to check independently on matters of specific concern or interest.

© 2013 International Trademark Association