The ICANN76 conference in Cancun wrapped up on March 16 and, while the setting might seem odd for a conference on policy and internet governance, it was a productive few days.

In her opening remarks, ICANN Board Chair Tripti Sinha spoke about this time as an “inflection point.” ICANN’s role in managing the domain name system is under scrutiny while the EU and countries around the world consider how their local and international laws should intersect with the policies developed through the ICANN Community’s multistakeholder model. ICANN’s multistakeholder model is effective and responsive; with the support of the ICANN Community, it is able to create policy and update industry standards efficiently. We’re glad to be a part of that policy and standards development work. 

The inflection point theme carried through to working groups and open dialogue meetings held throughout the conference. The Community is on the cusp of change and, while our policy work may be affected by legislative changes around the world, we still need to push through and finalize the work that’s been in progress for quite some time. 

Here’s a look at how some of this work is progressing. 

DNS Abuse

We wrote in our ICANN75 recap that the Registrar Stakeholder group was considering initiating contract negotiations to modify the sections of the Registrar Accreditation Agreement (RAA) governing how Registrars respond to reports of DNS Abuse. This work is underway, with a joint team of Registrar and Registry representatives negotiating coordinated changes to both the RAA and Registry Agreement (RA) with ICANN Staff. These discussions have been collaborative and quite productive. The group has drafted specific contractual language specifying reasonable, achievable, and enforceable obligations while remaining within the boundaries of ICANN policy and processes. The Community will have the opportunity to review these changes and comment on them during the open Comment Period standard for contractual changes.

✅ Revised contractual language should be published for comment by June 2023 and the contract amendments could be finalized by the end of this year. 

Registration Data Policy & Data Disclosure Request Service

The Registration Data Policy from Phase 1 of the EPDP has gone through both Public Comment periods. ICANN Org is now working on reviewing the last round of comments to determine which need to go back to the full Implementation Review Team for consideration. ICANN Org is also working on a detailed implementation plan, which is unusual but may prove essential in coordinating changes across Registrars, Registries, and third-party data escrow providers. We look forward to receiving more details so we can finalize our own implementation plans and get this work closed out. 

The Whois Disclosure System has now been greenlit by the Board, under the new name “Registration Data Request Service.” This service should be up and running before the end of 2023 and will be used for at most two years to gather disclosure request volumes which will then help inform the Board’s decision on whether to build the full Standardized System for Access and Disclosure of non-public domain registration data. 

Tucows plans to participate in that Registration Data Request Service, allowing third parties to use this central system to initiate a data disclosure request for domains on our platform. At the same time, we’ll continue to use our TACO platform for the actual disclosure part of the process. And, of course, we’ll continue to take in requests directly, as we have been doing for years. We believe that gathering industry-wide request volume data is an important enough task to put effort into supporting it. We’ll also continue to track basically the same information ourselves, and we look forward to the outcome of the Board’s decision. 

✅ The new Registration Data Policy is expected to be published for implementation soon and the Registration Data Request Service will be up and running by the end of this year. 

Transfer Policy

We love participating in this Policy Development Working Group, advocating for improvements that help streamline the transfer process while ensuring it remains secure against domain theft. The Working Group’s focus at this time is the transfer reversal process. Specifically, we’re considering if the current, rarely-used Dispute Resolution Policy is sufficient or if something more lightweight should be created. Right now, the transfer reversal process involves a costly and time-consuming escalation to a third-party review board. This seems unnecessary, and we’d be in favour of creating a defined process that allows registrars to coordinate transfer reversals between themselves where possible. 

✅ This is another step on the path toward making domain management easy, secure, and portable for registrants. 

Next round of gTLDs

ICANN created a great deal of excitement back in 2012 when it launched the most recent round of new gTLDs, creating more than 1200 extensions like .xyz, .link, and .online. At the time, the Internet Community understood that the guiding policies and outcomes of the launches would be reviewed before any more TLDs would be created, in order to determine what changes to the process (if any) would be beneficial.

To that end, the New gTLDs Subsequent Procedures Working Group (“SubPro WG”) was chartered in January 2016. Years later, in February 2021, they issued their Final Report (PDF). The report is quite long, containing more than 300 Outputs (an official term for policy recommendations), and is accompanied by a more than 400 page Operational Design Assessment (“ODA”) which attempts to quantify the operational impacts of implementation. 

The ICANN Board has approved some of the recommendations, while almost 40 remain open. The GNSO Council is now forming a small team to review and triage those open recommendations, considering which can be easily resolved with just some follow up questions and which need to go back to the PDP Working Group for more attention. 

We will provide updates about next steps as the process unfolds, and if you wish to learn more, please let us know.

✅ Policy decisions are coming soon, and we’ll be tracking that work closely as we anticipate adding new TLDs to our platform!

SOI Transparency

This is a new topic for this blog, although the Task Force has been working on this for some time now. Every participant in the ICANN policy development process must publish a “Statement of Interest” (SOI) disclosing their employer, location, and areas where they may have a material interest in the outcome of the policy process which could cause a conflict of interest. The SOI Task Force is charged with reviewing SOI requirements to determine if they are adequate or any changes are required. 

The team was able to agree on proposed changes to enhance the transparency of participation in the multi-stakeholder model but one sticking point has cropped up: some members are concerned about the ability for certain parties to disclose their clients’ identities, even when they’re advocating for those clients’ interests in the policy process. We believe that this concern can be alleviated by simply requesting that clients of such parties provide informed consent for their representative to disclose on whose behalf they are participating at ICANN.

This may require multiple SOIs, perhaps even one for each Policy Development Working Group (PDP WG) someone is involved in. The PDP WG structure is a primarily representative model, where each Stakeholder Group, Supporting Organization, and Advisory Council sends members to advocate for the group’s position, rather than their own individual interests. Of course, participation at ICANN is open to everyone, underscoring the need for everyone to be transparent about who one is representing while participating.

✅ Transparency is important, and our Community standards for disclosure should reflect that. We look forward to these updated requirements being put in place for all ICANN participants 

This concludes our ICANN76 policy review! Please feel free to reach out if you want to share your thoughts on these or any other domain policy topics. See you next time!