Back in 2011, if you asked most major brands what a gTLD, the RySG, GAC, or even ICANN was, most would not have been able to make much sense of the acronyms.

Now, those who are in the process of launching their own .BRAND and/or .GENERIC gTLD have gotten up to speed on that alphabet soup. However, staying up to speed on ICANN policies and fulfilling the obligations of the Registry Agreement will be ongoing commitments for all new Registry Operators.

Before New gTLDs & .BRANDs

Until a short time ago, the Internet Corporation for Assigned Names and Numbers (ICANN) was an organization that was not on most brands’ radar.

Brands may have heard about ICANN when learning that they had to worry about trademark protection in a new top-level domain (TLD) like .XXX. With the approval of the New gTLD Program and the opening of the application period in January 2012, though, that all changed.

Now, with their own .BRAND application(s), many brands quickly became immersed (at times to their dismay) in the world of ICANN and domain names.

The Application Process

Brands especially found themselves having to climb a steep learning curve to quickly handle the demands of ICANN during the application process, including:

  • Addressing the “one size fits all” requirements in the Applicant Guidebook
  • Providing personal information on Officer and Board members and submitting these individuals to background checks by ICANN
  • Meeting financial requirements not geared towards strategic corporations such as providing financial statements and acquiring unconditional Letters of Credit
  • Completing these tasks within three months’ time

Some brands may have sighed in relief after their applications were in, thinking that all the work was behind them.

However, brands are now recognizing that they cannot just forget about ICANN once their .BRAND (or .GENERIC) launches.

Ensuring Compliance with the Registry Agreement

Following the application period, brands understood that some input and work would be needed in order to develop and launch a .BRAND or .GENERIC TLD. However, the nuanced obligations of a Registry Operator and the direct and ongoing impact the Registry Agreement and ICANN policies would have on these same brands was never as well understood.

While it would be impossible to catalog every way that ICANN policies, developments, and activities of supporting organizations and advisory committees directly or indirectly influence and affect Registry Operators and their contractual obligations, below are a few key areas of the Registry Agreement that are currently affecting brands (and really, all Registry Operators).

  1. Altering the Registry Agreement: Article 7.7

While each applicant executes its own Registry Agreement for each gTLD, Article 7.7 of the Registry Agreement permits the ICANN CEO or the Chair of the Registries Stakeholder Group (RySG) to initiate a process to amend the Registry Agreement once per year. While this process is time consuming, involves negotiations, a public comment period, and an approval by both parties (the RySG and the ICANN Board), once approved, the amendment to the Registry Agreement will become effective for all Registry Operators 60 days after ICANN provides notice.
All Registry Operators are given the opportunity to participate and comment on the proposed amendments, as well as vote on the Proposed Revisions. However, .BRANDs should be aware of these provisions and follow relevant developments closely, since all registries will be affected by these modifications to the Registry Agreement – whether or not they choose to participate in the ICANN process.

  1. How Will the Public Interest Commitments be Interpreted: Specification 11

In July 2013, ICANN published an updated version of the Registry Agreement, which included Specification 11, the Public Interest Commitments in response to the Governmental Advisory Committee’s (GAC) Safeguard Advice.

Much has already been said about the addition of the specification, which was approved over a year after the close of the gTLD application period. Specification 11 adds obligations for registries such as the requirement to only use 2013 accredited registrars, prohibits closed generic gTLDs, and requires Registry Operators to conduct periodic technical analyses to assess whether any security threats, such as malware of phishing, are present in the gTLD, in addition to other obligations.

However, most, if not all, Registry Operators still feel a great sense of uncertainty around how this Specification will be enforced since different parties can interpret the obligations included in the specification differently.

For example, section 3b of Specification 11 requires periodic technical analysis to assess security threats in the gTLD. Based on conversations to date, it is clear that ICANN and Registry Operators interpret this provision differently – there is even disagreement among different Registry Operators. To this day, the question of how ICANN Compliance intends to interpret and enforce this requirement remains.

This will affect all Registry Operators, including brands, especially if an across-the-board standard is required of all registries. Given that Specification 11 does not relate to critical registry functions that back-end registry services providers are responsible for, it also may require brands to leverage their back-end provider for an additional service, or use another third-party provider.

  1. Providing Public Zone File Access: Specification 4

As required by Specification 4 of the Registry Agreement, all Registry Operators must provide third-party access to the registry’s zone file data.

While a Registry Operator can do this on its own or through a Centralized Zone Data Access Provider (CZDA Provider), the Registry Operator must enter into an agreement with any Internet user that is found to be qualified. This will allow the individual the ability to download the zone file data once every twenty-four hours. Access can be denied if the user does not provide the required credentials and/or if the Registry Operator reasonably believes that the user will use the data for unlawful purposes or any use prohibited under Section 2.1.5.

While a .BRAND’s back-end provider will be responsible for providing the registry’s zone file data, it will be the responsibility of the Registry Operator to review and approve users for access.

Despite being straightforward and simple, this is an ongoing task that the brand will be responsible for and will continue throughout the life of the TLD.


Though these requirements are a bit all over the map, these three examples demonstrate how all Registry Operators, including those with a .BRAND, face multiple ongoing responsibilities. Registry Operators will all be affected by ICANN developments and policy decisions, as well as the activities within ICANN stakeholder groups.

Most brands recognized that operating a gTLD, even a .BRAND, would be more involved than launching and operating a single domain name. However, as brands have discovered through the application, evaluation, and delegation processes to date, there is more running a compliant gTLD than outsourcing the critical registry and data escrow functions.

While the recent focus of the New gTLD Program has been centered around contention sets, auctions, and contracting, it isn’t too early for Registry Operators (especially brand owners) to start thinking about Registry Onboarding.

What is Registry Onboarding?

According to the process laid out by ICANN, Registry Onboarding takes place after the execution of the Registry Agreement, and before Delegation of the gTLD into the root (when the gTLD becomes a “live” gTLD). As a prerequisite for Delegation, the Registry Onboarding process consists of syncing the Registry Operator with ICANN to ensure smooth ongoing operations. It includes important steps such as completing Pre-Delegation Testing, establishing emergency points of contact with ICANN, and registering with the Trademark Clearinghouse.

What’s the timeframe?

Officially, the Registry Operator must complete the Registry Onboarding process within 12 months of signing the Registry Agreement. However, the Registry Operator could tackle multiple tasks simultaneously, and it may be able to complete the entire onboarding process in 8 weeks or less with proper preparation.

What do brand owners need to know?

It’s important to make sure arrangements with your back-end provider are clear and that you have a process in place, especially if you want to move quickly through the onboarding process. Here are a few key considerations new Registry Operators should keep in mind as they move through the process.

First, the Registry Operator should connect with the back-end registry service provider to review responsibilities and coordinate communication with ICANN. While ICANN provides instructions in the Welcome Kit for New gTLD Registry Operators, the delineation between the Registry Operator’s responsibility and the back-end’s responsibility is not always clear.

The Registry Operator should also establish clear internal points of contact and responsibilities. Unlike previous phases of the New gTLD Process, the onboarding process will require the Registry Operator to manage two communication portals with ICANN – the Customer Service Center (CSC) Portal and the Global Domains Division (GDD) Portal. Moreover, 22 points of contact must be provided to ICANN during onboarding. One individual may take on multiple responsibilities, but the Registry Operator should ensure that it is fully aware of the expectations.

Finally, the Registry Operator’s contract with the back-end may include additional fees for onboarding services. Therefore, it is important to review the relationship with the back-end registry service provider to ensure that there are no surprises.

What’s next?

Registry Onboarding serves as a basis of the operational relationship between the Registry Operator and ICANN. Once this step is completed, the Registry Operator will be able to proceed to the TLD Launch phase, and eventually to general registration and use.

We’ve dipped into the alphabet soup of Internet governance meetings, and now it’s time to cover the whole new set of acronyms cropping up in news feeds this week.

These acronyms are coming out of ICANN 51, the Internet Corporation for Assigned Names and Numbers’ (ICANN) public meeting being held in Los Angeles this week. There are three of these meetings a year, and a variety of stakeholders – Internet users, businesses, policy makers, government representatives – are meeting up in various combinations to take on pressing issues in the DNS (the Domain Name System.) The DNS translates the domain name you type into the corresponding IP address, and connects you to your desired website.

First, a little more on ICANN: ICANN is an internationally organized, non-profit corporation responsible for coordinating the technical services required for the ongoing operation of the Internet. As a private-public partnership, ICANN says it is dedicated to preserving the operational stability of the Internet; to promoting competition; to achieving broad representation of global Internet communities; and to developing policy appropriate to its mission through bottom-up, consensus-based processes.

So, what are some of the groups that comprise this bottom-up, consensus-based policy development process?

GNSO: The Generic Names Supporting Organization is one of the groups that helps coordinate global Internet policy at ICANN. It is responsible for creating policy applicable to generic top-level domains (gTLDs) and is comprised of four stakeholder groups (SG):

  • Commercial Stakeholder Group
    • Here you’ll find the Business Constituency (BC), Internet Service Providers (ISP Constituency), and Intellectual Property professionals (IP Constituency)
  • Non-Commercial Stakeholder Group
    • Non-Commercial users and non-profits
  • Registrars Stakeholder group
  • Registries Stakeholder group
    • Sometimes you’ll hear about the opinions of the “NTAG” – this is the New TLD Applicant Group, entities whose TLDs aren’t operational yet but who might be preparing to enter into the stakeholder group as full voting members once they operate those TLDs. In the mean time, the NTAG helps organize the voices of applicants.

You may also hear about “Advisory Committees” such as:

  • ALAC: The At-Large Advisory Committee is where you can find individual Internet users represented in the policy development process.
  • GAC: The Governmental Advisory Committee (GAC) is an advisory committee comprised of appointed representatives of national governments, multi-national governmental organizations and treaty organizations, and distinct economies. It advises the ICANN Board on matters of concern to governments. The GAC operates as a forum for the discussion of government interests and concerns, including consumer interests. As an ICANN advisory committee, the GAC has no legal authority to act but it does report its findings and recommendations to the ICANN Board.
  • SSAC: The Security and Stability Advisory Committee advises the community on – you guessed it – the security and stability of the Internet as it pertains to technical matters of operation, registration, and administration.

There’s plenty more to ICANN, but knowing how different stakeholders group together can help give you a bigger picture of how the multistakeholder model works. For more acronyms and definitions visit – a great resource to point folks to for a reference on the world of ICANN and new gTLDs.

The Alphabet Soup

shutterstock_37478005Next week, the World Congress on Information Technology (WCIT) will provide a gathering place for business, media, academics, policymakers, technology professionals, and organizations in Guadalajara, Mexico. The conference brings this diverse community in information and communication technology together in order to provide a “proper platform for the industry, policy makers and academy to show their peers, how ICT innovations are helping them to create new alternatives for a challenging world” – a discussion platform rather than a meeting that ends with policy or regulation decisions.

This may be a little confusing because there also exists the World Conference on International Telecommunications (WCIT), the United Nation (UN)-led initiative that sometimes makes the news.

In the alphabet soup of meetings that may have come across your radar, you may have also seen the following: The Internet Governance Forum (IGF), which met in Istanbul, Turkey in early September, and the International Telecommunications Union (ITU) Plenipotentiary Conference to be held in Busan, South Korea from October 20 to November 7 – sometimes just called the “Plenipot”. These two meetings are associated with the UN in different ways: IGF gathers various parts of the Internet community for discussion through a UN mandate. According to its fact sheet (found here), there is no “negotiated outcome” (in other words, it produces no immediate policy or treaty), but rather it “informs and inspires those with policy-making power in both the public and private sectors.” The Plenipot, on the other hand, is convened as an official meeting of the UN’s ITU. This event, held every four years, covers “issues that require international cooperation following technological development, pending global issues, international agendas in telecommunications, and follow-up measures for major summit-level conferences”.

And, of course, there’s ICANN 51, the Internet Corporation for Assigned Names and Numbers’ (ICANN) own public meeting, which will be held in Los Angeles from October 12 to October 16. ICANN’s public meetings, which take place three times a year, gather the Internet community to contribute to policies on domain name management that have far-reaching effects on businesses from an IT, marketing, and legal perspective.

What does it spell out?

All of these organizations help comprise a complex Internet governance ecosystem with their various mandates, not to mention their overlapping constituencies. For example, you’re likely to see ICANN officials not only at the ICANN meeting, but also at the WCIT meeting in Guadalajara next week. You’re likely to see some national governments represented at each of the meetings listed above.

While it may seem difficult to keep track of it all, understanding how these different organizations fit together in the larger puzzle of Internet governance and how their activities impact things like Internet policy and how commerce is conducted online is crucial for well-informed brand owners.

The upcoming ICANN 51 meeting can be a place to start, especially if you are a company with a presence in the U.S. and have concerns about the time and resources that will have to be dedicated to getting involved in Internet governance. Most meetings related to Internet structure and governance are held around the world in rotating locations that can be difficult to attend due to time and travel budget constraints. However, with ICANN 51 in Los Angeles, it can be an opportunity to get your feet wet, go to sessions, participate in some of the after-hours discussions, and get up to speed on major policy decisions that affect brands’ digital strategy decisions.

Many organizations have opportunities to work on issues remotely, for example, by participating on working groups and submitting public comments. However, with much work done on-the-ground at these meetings, seeing one for yourself at least once can help demystify the dynamics at play.

If you decide to head to LA, we’ll see you there – otherwise, stay tuned for updates from ICANN 51 in October.


On September 11, 2014, ICANN released an updated Auction Schedule for all remaining contention sets – a situation where more than one organization applied for the same gTLD. The outcome of these ICANN Auctions affects not only the new gTLD applicants involved, but also brand owners looking to register in new gTLDs.

Because of past delays, today’s auction will be the first to settle multiple contention sets in a single round: .BUY, .TECH, and .VIP. All of these strings have multiple applicants and Google and Donuts are featured in all three. It is also the first ICANN Auction for a Latin alphabet string. Thus far, the only contention set resolved by ICANN Auction has been a Chinese IDN, which Beijing Tele-info Network Technology Co., Ltd. won out over Afilias.

The .BUY contention set in particular is a good example of how an auction winner can have a major impact on whether or not a brand owner decides to register in a new gTLD.

The .BUY contention set is between Donuts, Amazon, Google, and Famous Four Media. If Donuts were to win .BUY, brand owners concerned with defensive registrations who have purchased the Donuts DPML Block would be able to breathe easy, as the Block would cover this string. If Famous Four Media wins the contention set, most brand owners will have to proactively register domains in the string to protect their trademarks. Another scenario is if Amazon wins the auction. In its application, Amazon proposed to operate .BUY as not fully open; however, the exact registration policy has not been released. Some brand owners may be able to register in an Amazon-owned .BUY while others may not. This could have significant implications for brands’ online strategies.

As a reminder, the ICANN Auction is the resolution method of last resort. In some cases, applicants involved in a contention set have reached private deals to reach a resolution. Sometimes, especially when the applicants involved have applied for multiple gTLDs, an applicant will give up one string in exchange for keeping another. While the details of these private settlements are not made public, many of the applicants involved in the contention sets up for Auction today have been party to such settlements.

In other instances, these settlements involve paying out the “losing” applicant or applicants for sums that range from the thousands to millions of dollars.

Will the ICANN Auctions result in similar string prices? Or, will holding out for an ICANN Auction lower the sticker price? Further, will the outcome of these ICANN Auctions cause other applicants in contention sets to change course, either in favor of ICANN Auctions or against? We’ll find out soon enough!

The auction began today at 9 AM, but how long it will go is anybody’s guess – the auction is an ascending-clock model, which means that bidders must match the minimum bid for each unit of time in order to move on to the next round. The longer more than one bidder is willing to stay in the auction, the longer it will take to reach a conclusion.


shutterstock_130365155New gTLD registries previously on hold because of potential name collision problems are free to go live now that the New gTLD Program Committee (NGPC) has approved a framework to guide them.

The NGPC Name Collision Occurrence Management Framework also frees up scores of names at high risk of collision that had been blocked at the second level for strings already in the Root Zone.

Name collision refers to the unintended consequences that may occur when a new gTLD string matches an existing string on an internal network. In other words, as new gTLDs and second-level domains go live, they could “collide” with an exact match already in use within private networks.

Readers of will recall that ICANN has been grappling with the issue since March 2013 when Verisign warned of security concerns caused by potential name collisions. In the fall of 2013, ICANN published an initial proposal stating that two strings, .HOME and .CORP, should be deferred from delegation indefinitely, while another two dozen new gTLDs could not be categorized. Those two dozen gTLDs were effectively left in limbo with no clear path forward while ICANN deliberated a final plan. All other strings were allowed to proceed using an Alternative Path to Delegation that required registries to block a list of terms thought to be at high risk of collision at the second level.

A resolution was reached last week when ICANN adopted the mitigation plan proposed by JAS Global Advisors, an independent information security firm. The plan requires all registries that delegate after a certain date to institute a 90-day “controlled interruption” period during which technical experts will monitor the domain name environment. During that period, only NIC.TLD may be registered. Other names may be allocated but not activated.

Registries that have delegated already must also adhere to the 90-day delay but only for second-level names on their blocked lists that they wish to release. New gTLDs that have launched but registered no name other than NIC.TLD may choose to undergo the 90-day name hold period, during which all names will be on hold not just the names on their block lists. Following the 90-day period, all eligible names will be released.

Despite the “all’s cleared” sign, problems remain.

Given the likelihood of collision with internal networks, the NGPC announced that .MAIL, .HOME, and .CORP will remain indefinitely deferred from delegation. ICANN has referred these strings to the Internet Engineering Task Force (IETF) to determine the best way to handle them.

Trademark owners also face a quandary. We have seen in the past how technical issues often conflict with business considerations, and the name collision mitigation plan is another example.

Among the names on the formerly blocked lists are, by some estimates, thousands of trademarks, which in some cases, brand owners were unable to register during Sunrise periods. In some cases, registries allowed trademark owners to reserve their marks, assuming the blocked names would eventually be released. In other cases, registries offered no such service and simply held back the blocked trademarks.

Thus, in some cases, brand owners never had a chance to register their marks ahead of the general public, which means trademarked terms will be available to one and all if the brand owner doesn’t move swiftly.

Protecting brand owners throughout the new gTLD application and delegation process has always been FairWinds Partners’ priority. The ICANN community will discuss this conundrum over the coming months. FairWinds will be watching closely and working with relevant ICANN groups to help to ensure that ICANN develops a remedy that helps businesses protect their trademarks.

So you want to be a registry.

Each of the 650 applicants for new top-level domains (TLDs) took on daunting, new responsibilities when they decided to invest in the next big Internet thing. But their multi-year application process – jumping through high hoops, adjusting to the untried and unknown, and enduring multiple rule changes – may seem like duck soup compared to the challenges of running a registry.

The first thing to keep in mind is that it takes a village to raise a registry. New TLD registries will be faced with everything from the sublime to the ridiculous, from tedious tasks to complex hurdles. You and your team cannot and should not tackle the responsibility alone. Internally, successful registry operators will rely on a variety of people and departments – IT, legal, marketing, business strategy, and more – not only for their expertise but to ensure accountability for the many moving parts. Externally, registry operators will have to work with multiple vendors for technical and administrative needs.

FairWinds Partners breaks down the major responsibilities:

Administrative ServicesAt the top of this list, perhaps, is the job of ensuring the registry remains in compliance with ICANN regulations, which as most applicants know are subject to change. There will be monthly reports to file; fees will have to be paid; the registry’s credit worthiness must be kept up to date; and name collision issues will have to be tracked. These duties span a variety of professional disciplines that should be handled by the appropriate departments, or may, in some cases, be outsourced.

Coordination of Technical Partners - The registry operator must file new registrations on a weekly basis with a data escrow provider that will ensure the integrity of the TLD if the registry fails. While the back-end provider – the technical operator of the registry – creates the report, the registry operator must actually convey it to the escrow provider. The registry’s Whois information, Domain Name Service look-up, and reserved names list also will have to be maintained accurately, as will the DNS and EPP standards. Maintaining these standards will be the responsibility of the registry back-end provider. Finally, the registry operator must identify a point of contact and a process for dealing with any malicious activity that occurs within the registry’s websites.

Registration Strategy and Procedure - These should reflect your organization’s existing domain name strategy. Your registration strategy will be based on your Registry/Registrar Agreement and will help define your relationship with your registrars, and foster an understanding of their pricing, registration policies, reserved names, and audits. To a closed .BRAND registry, many of these tasks may seem unnecessary. They’re not. Each task will help registry operators articulate a clear purpose and mandate for their registries: Who may register? Which names are reserved for the registry? What are the costs of registration? And what sort of registration guidelines should be imposed?

Rights Protection Mechanisms – A number of processes are available to protect trademark holders and the general community, and registries must be familiar with each one in the event their practices are challenged. The Trademark Clearinghouse is the most fundamental rights protection mechanism, and comes into play for every registry during TLD sunrise periods, when trademark holders get the first shot at registrations. Other protection mechanisms include the registry-restriction dispute resolution procedure, the trademark post-delegation dispute resolution procedure, Public Interest Commitment dispute resolution procedure, and Uniform Rapid Suspension. Each of these procedures has its own set of guidelines and requirements that registries must learn in case a dispute arises.

Running a registry is a big job, and while many of these responsibilities can be outsourced, a registry operator will need on-staff employees to direct, oversee, or assist in the running of the registry. At a minimum a registry needs its own legal, IT, and digital strategy teams involved at some level.

Operating their own registries may be an unnerving experience for many owners of new top-level domains. That’s why it’s important to involve other departments and colleagues. There is safety – and value – in numbers.

Teamwork building process with cogs for blog on running a registry.