It’s not been a good week for auDA, the .au policy and regulatory body, and their backend registry provider Afilias. First on Tuesday there was a security incident that auDA claims saw “a small number of domains” disappear for half an hour. Then today with the launch of second level (or .au direct) registrations, there has been another stuff up that sees all new second level/direct registrations having to be manually entered after registration with no timeframe given for a resolution.
The disclosures by whistleblower Frances Haugen about Facebook — first to the Wall Street Journal and then to “60 Minutes” and Congress — ought to be the stuff of shareholders’ nightmares: When she left Facebook, she took with her documents showing, for example, that the corporation knew Instagram was making girls’ body-image issues worse, that internal investigators knew a Mexican drug cartel was using the platform to recruit hit men and that the company misled its own Oversight Board about having a separate content appeals process for a large number of influential users.
Our democratic habits have been killed off by an internet kleptocracy that profits from disinformation, polarization, and rage. Here’s how to fix that.
The Australian government’s News Media Bargaining Code, where Facebook and Google have been coerced to pay money to many news outlets, has been in the news recently. But the folks at Juice Media have taken a comical look at what they’re calling the News Corp Media Bargaining Code. It’s hilarious, and the best analysis of the code you’ll find anywhere.
Donald Trump has been impeached for trying to kill the results of our last election, but we should have no illusions that whatever happens at his trial, the weapon he used is still freely available for others to deploy. It’s a realm called “cyberspace” — where we’re all connected but no one is in charge.
Executive Summary: The combination of retreating US leadership and the COVID-19 pandemic has emboldened China to expand and promote its tech-enabled authoritarianism as world’s best practice. The pandemic has provided a proof of concept, demonstrating to the CCP that its technology with ‘Chinese characteristics’ works, and that surveillance on this scale and in an emergency is feasible and effective. With the CCP’s digital authoritarianism flourishing at home, Chinese-engineered digital surveillance and tracking systems are now being exported around the globe in line with China’s Cyber Superpower Strategy.
Infrastructure that works well rarely stands out. The internet infrastructure provided by Cloudflare, which provides a content delivery network that safeguards millions of sites online, is a notable exception. Last year, Cloudflare came under intense pressure to stop providing its services to 8chan, the online message board popular among white supremacists, after the gunmen in three separate shootings posted manifestos on the site prior to their attacks. 8chan had relied on the company’s content delivery network to keep its message board online and accessible. After initially saying it had no legal obligation to do so, the company eventually relented and denied 8chan the use of its services.
In the latest Domain Pulse Q&A series looking at the year in review and year ahead, we speak to ICANN board member Chris Disspain. Chris discusses the progress of the next round of new gTLD applications, the challenges of GDPR has thrown at ICANN relating to WHOIS, a 2019 highlight being finalisation of the new strategic plan especially in the way the ICANN community focused and pulled together to get it done and then what the future may hold for him after he completes his term on the ICANN board. He also would like to see a little more kindness “in the ICANN context”.
Domain Pulse: What were the highlights, lowlights and challenges of 2019 in the domain name industry, both for you and/or the industry in general?
Chris Disspain: The challenge of GDPR and its relevance to WHOIS has consumed an immense amount of time in 2019. And universal acceptance is a real issue for many especially but not exclusively in the IDN world.
The finalisation of the new strategic plan has been a highlight especially the way that the ICANN community focused and pulled together to get it done. And the streamlining of reviews work!
There are always lowlights. Calling them out isn’t necessarily helpful.
DP: What are you looking forward to in 2020?
CD: Enjoying my last year as a board member, making a difference and riding off into the sunset….. only to return later in 2021 wearing a different hat…..Or perhaps not!
DP: What challenges and opportunities do you see for the year ahead?
CD: Every issue has both a challenges and opportunities … Some examples for us are GDPR, various contractual matters, the sub-pro work, ccNSO work on retirement of ccTLDs, the ongoing work on IGOs acronyms, the ongoing community work-load and so on.
DP: How have new gTLDs fared in 2019?
CD: Some good, some bad I expect. But given that different gTLDs have different measures of success that’s quite a hard question to address. A brand likely doesn’t care about registration levels. A geographic may have a limited market and be happy with that. I guess the only real test will be to see what sort of applications come in in a next round.
DP: What progress do you see on a new round of applications for new gTLDs in 2020?
CD: Significant but it’s a long track that needs to be carefully navigated. As a board member (actually the only current board member) who was on the board from the beginning of the last gTLD round I know many of the issues that will need to be dealt with in the updated policy. Some of these are complicated and contentious but I’m hopeful that with the extraordinary work of the Sub-pro WG and the support of the community generally we’ll get there reasonably soon.
DP: What one thing would you like to see addressed or changed in the domain name industry?
CD: Well, in the ICANN context, I think a little more kindness would be good. And a ‘fix’ for the structural challenges within the GNSO would make a huge difference to the ability of the ICANN multi-stakeholder model to deal effectively and efficiently with the constantly changing industry dynamic.
Chris was also the founding CEO of Australia’s ccTLD policy and regulatory body, auDA.
Previous Q&As in this series were with:
Loïc Damilaville, Market Research Manager at Afnic – here
What happens when a Brand changes its company name, which has a .brand new gTLD, such as through a takeover, merger or just a name change? Thereâs currently no quick process in place to allow them to obtain a new gTLD to reflect the change. This is one of the many issues raised by Loïc Damilaville, Market Research Manager at Afnic who manages the French ccTLD as well as 17 new gTLDs, in todayâs Q&A looking at the year just gone and the year ahead.
Damilaville delves
into many issues facing the industry including growth, or lack of growth, rates
for top-level domains, the financial issues forcing some gTLD operators to sell
their gTLDS, the vulnerability of some TLDs to Chinese domainers, future rounds
of new gTLD applications, challenges faced by smaller TLDs, particularly new
gTLDs. Here heâs concerned about how to get registrars to carry them and
without a presence on platforms, Damilaville is also concerned about how the
industry is flourishing for many
of the
established players, but quite hostile to newcomers and real innovations.
Thereâs a lot more in Damilavilleâs Q&A, so please read on!
Domain Pulse: What were the highlights, lowlights and challenges of 2019 in the domain name industry, both for you and/or the industry in general?
Loïc Damilaville: In terms of trends, 2019 has seen the continuing decline of Legacy TLDs, apart from .COM which is enjoying an enviable – even if surprising – growth rate. Surprising because with its nearly 150 million domains it still grows by 5% a year. Is this single TLD “aspirating” the market? What is driving this growth?
“Penny
TLDs”, that is to say TLDs whose domain names are “given” or sold at a very low
price, have increased their volumes, but we doubt that these millions of domain
names are actually used. They shall be considered as highly volatile and not
relevant to assess the good or bad health of the market.
The
market
remains vulnerable to the domaining effect: in 2019, lots of Chinese domainers have
transferred their investments from new gTLDs
to .TW and this one has literally exploded in a few months. At the present
time, we see the reverse effect with a .TW affected by
deletions and a .ICU boosted, quite at the same time, by new creations.
It may mean that these domaining waves are done by a relatively small number of
coordinated big investors.
This
phenomenon affects the stability
of the market. For instance one
may consider
that new gTLDs have boomed at the end
of 2019 but this boom is almost 100%
caused by the
.ICU effect, with most of the other new
gTLDs experiencing a decrease in their new
registrations. A global improvement in volumes doesn’t mean that most of the
players are doing well.
This
situation drives some registries faced with financial difficulties to sell their TLDs to
big players which are also fighting increasingly on the back-end registry
market. What is interesting as regards to these back-end activities is
that they are researched not only by registries of small TLDs unable to get
some costly technologies and infrastructures by themselves, but also by
registries of very big TLDs, maybe for the same reasons, with a difference of
scale. This is the sign of a kind of professionalisation
of the market, but also of a concentration
process, with a handful of
players on the worldwide level. On the local or regional level, lots of
middle-sized players are managing some geoTLDs and/or .BRAND TLDs.
The
concentration
continues at the registry
and registrar levels, some back-ends being both of them. This phenomenon
requires (and is allowed by) the growing presence of investment funds in the
capital of these players. Although made with dubious methods, the .ORG takeover
by Ethos Capital is just one example of this structural evolution of the
market.
The
Second Round
is a topic, but more an icy one
than a hot one. We should wait for Winter to leave ;-).
Among
the very hot topics of 2019 we have noticed security issues,
fights against all kind of DNS abuses, the painful
consequences of GDPR for the IP community, and the emergence of services
combining data, monitoring and qualification of domain names in terms of
notoriety, risks etc.
Referring
to our “7As” model (*) we
shall consider that 2019 has not seen great improvements in Awareness,
Amplitude, Advantages, Access, Adoption, Activity nor Affect. The domain name
market may be a little too self-oriented and that could explain some of the
difficulties met by new TLDs to
“meet their market”.
LD: The main trends of the market should remain the same: decline in Legacy gTLDs, and maybe a 4 percent growth for .COM due to their forecast price increase.
ccTLDs
will be affected by the .TW and .UK deletes, but apart from this phenomenon the
growth should not be above 3-4%.
New gTLDs will still be split between high volumes
generic
TLDs and the others. Geos seem to be
stronger than Communities and little Generics but the average volume remains
low. Brands will continue to progress slowly but surely. They are the most
promising segment of this market.
Security,
monitoring and data issues
will have more and more audience in relation with the DNS Abuse efforts. Tools
designed to manage the GDPR limitations will enjoy a strong interest since the needs for identifying and tracking
“abusers” have not vanished, those “abusers” feeling encouraged by the anonymity guaranteed by GDPR
and the failure of ICANN to provide any reliable, quick and low-cost solution
to rights owners.
DP: What challenges and opportunities do you see for the year ahead?
LD: The big challenge for domain names is to exist by themselves, that is to say, to be actually perceived by users as added-value components of their internet presence and not just something technical, necessary to be reached on the internet, whether it is a .COM, .FR or .ANYTHING.
Another
big challenge is for
the registrars to find their way into a more diversified domain name world. One
of the main burdens
for new gTLDs is to reach their
potential customers, a task they can’t do if they are not referenced by the
registrars which actually reach these customers.
But registrars seem to lack enthusiasm to sell new gTLDs
which are not at first sought
by their customers, and a vicious circle is in force: big registrars proposes
to their customers the TLDs they already know (and buy), and the new gTLDs
are kept in the shadows and not bought as the
customers don’t know them very well and do not trust them.
We
may also mention the “Next Round” as a challenge for the ICANN
Community, but – in relation with what precedes – also for the market players
in general. In the current organisation of the market, more
generic TLDs will create only more confusion without being able to reach their customers. The
situation of .BRANDs and .GEOs are very different because in both cases the
“market” already exists: big companies will become used
to consider that having their own TLD is a “must have”. And GeoTLDs
are appealing to the
feelings of proximity and local pride of their “natural” customers.
This
leads to another big challenge. Apart
from the high-volume oriented ones, the new or future TLDs will be more and
more focused on niches, whether they
be geographical or sectorial. This means
that we will see a lot of TLDs with very low volumes compared to those we are
used to see. In order to allow them to be financially viable, there MUST be a
deep thought about the global financial organisation
of the market.
At
the ICANN level,
the $25,000
flat fee is a burden that strangles many little TLDs and obliges them to sell
their domain names at uncompetitive prices compared to .COM and big ccTLDs.
At
the back-end level, things are more difficult to analyse but we should see in the future the emergence of some low-cost
solutions targeting little TLDs and some
value-added solutions targeting big TLDs
or TLDs wanting to propose very specific services
to their registrants. The homogeneous market as we know it nowadays is probably
condemned but the transition to new
models will take a long time. The growing influence of financial people in the
management of TLDs should be an
opportunity by providing some new
means, but it
can also be a threat because
innovations may imperil the forecasted
Return on Investment rates. When you buy a cash cow, you do not want it to
become a risky bet.
DP: What progress do you see on a new round of applications for new gTLDs in 2020?
LD: There will be progress but it would be hazardous to say that everything should be settled at the end of the year. One main question â that is not addressed by the focus on process â is to ask what kind of «new round» we really want, and basically if we want a «round» or a continuous process.
It
seems very logical and strategically important to allow the .BRANDs to benefit from
a special, expedited and
permanent process as
soon as the candidates are eligible to certain rules avoiding «optimization» by some «smart»
guys. There are lots of reasons
in favour of this special
process: these TLDs are for
internal use only, and since the big companies are often changing their names,
creating some new trademarks, etc., they should be able to change their
.BRANDs when they need to do so. For the time
being, having a .BRAND is a strategic strength if you intend to keep the same
name for the next decades, but it can also become a trap if you are obliged to
change your companyâs name because of a merger or any other event.
The
Geo-TLDs should also be allowed fast procedures if they are requested by
legitimate authorities.
The
fact that ICANN is only able to provide a «round» every ten years is not a proof of its
efficiency. That said, we are aware that it depends strongly on its own
Community and should not be considered the only responsible of
these delays.
DP: What one thing would you like to see addressed or changed in the domain name industry?
LD: Lots of the points we could address have already been talked about. The main issue is that some problems or deficiencies, or even some threats to some players, are benefitting others, and reciprocally. The situation of the domain name industry results mostly from compromises built through power relations between its members and their «external» partners such as governments, right owners, customers etc.
These
compromises are not fully optimal and many of them are so weak that they are
constantly challenged by the dissatisfied parties. One may remark that it is the story of
life: but the
parties involved should make an effort to reach a long-term win-win deal more than
seeking for deals which only protect their own interests
in the short term.
The global situation for this market â still flourishing for the established players, but quite hostile to newcomers and real innovations â would be improved by a new approach of the challenges it faces. It is still waiting for its «New Deal» and will probably still wait for a long time, not for the better.
Organisations, on average, receive benefits 2.7 times their investment, and more than 40% are seeing benefits that are at least twice that of their privacy spend according to Ciscoâs 2020 Data Privacy Benchmark Study. Privacy has become a big issue globally in recent years, particularly following the introduction of the European Unionâs General Data Protection Regulation (GDPR) that caused domain name registrars and registries to make major changes to their practices.
The Cisco study, released in observance of International
Data Privacy Day, also found that up from 40% last year, over 70% of organisations
now say they receive significant business benefits from privacy efforts beyond
compliance, including better agility, increased competitive advantage and
improved attractiveness to investors, and greater customer trust.
Other benefits included companies with higher accountability scores (as assessed using the Centre for Information Policy Leadershipâs Accountability Wheel, a framework for managing and assessing organisational maturity) experience lower breach costs, shorter sales delays, and higher financial returns while 82% of organisations see Privacy Certifications as a Buying Factor. These included privacy certifications such as the ISO 27701, EU/Swiss-US Privacy Shield, and APEC Cross Border Privacy Rules system becoming an important buying factor when selecting a third-party vendor. India and Brazil topped the list with 95% of respondents agreeing external certifications are now an important factor.
In a blog post, Robert Waitman, Director, Data Privacy Security and Trust Office at Cisco said âthe results of this study highlight that privacy is good for business, beyond any compliance requirements.â Waitman writes Cisco recommends organisations:
Invest in privacy beyond the legal minimum; most organizations are seeing very positive returns on their privacy spending.
Work to obtain external privacy certifications; these have become an important factor in the buying process.
Build in privacy accountability and maturity to achieve security benefits, reduced sales delays, and higher returns.
Ciscoâs 2020 Data Privacy Benchmark Study is their third
annual look into corporate data privacy practices worldwide and shows growing
tangible benefits for businesses that adopt strong privacy practices.
The study is based on results from a double-blind survey of
over 2,800 security professionals in organisations of various sizes across 13
countries. It provides deep insight into the state of privacy a year and a half
after the effective date of the European Unionâs General Data Protection
Regulation (GDPR), widely considered a turning point on how organisations
control and manage the use of personal data. Customer demands for increased
data protection and privacy, the ongoing threat of data breaches and misuse by
both unauthorised and authorised users, and preparation for the GDPR and
similar laws around the globe spurred many organisations to make considerable
privacy investments â which are now delivering strong returns.
The European Unionâs General Data Protection Regulation (GDPR), introduced in May 2018 but adopted in 2016, has been a focus in the domain name world due to required changes to contact information that has been required for WHOIS and ICANNâs ham-fisted attempts to deal with the situation which led to ICANN losing multiple court actions and exemptions provided to many registrars located within the EU regarding information they were required to collect under their Registrar Accreditation Agreements. Additionally, almost all, if not all, country code top level domain (ccTLD) registries located either within the EU or who allowed EU citizens to register their domains were required to make changes as to the information they required registrars to collect upon registering a domain name.