Last fall, the U.S. Department of Commerce cut a controversial three-year, no-bid deal with the Internet Corporation for Assigned Names and Numbers (ICANN), an oh-so-powerful nonprofit organization answerable to no one, to continue managing the domain name system for Web site addresses including the world's most popular extensions, .com, .net and .org. When the behind-closed-doors contract was made public, ICANN vowed to open up the process it uses to OK new domain names, to improve the accuracy of "WHOIS" contact information, and to become more accountable to the public. But if hush-hush ICANN's shameful history is a reliable indicator, only more disappointment lies ahead.
Take, for example, the cavalier way ICANN has vetted top-level domain names. Three years ago, in the most recent round of approvals, 47 applicants ponied up $50,000 each to have their proposed domains considered, but only .biz, .museum, .name, .pro, .aero, .coop and .info made the cut. The process was arbitrary, it smacked of censorship, and, by ICANN's own admission, it was shrouded in secrecy.
In October 2003, ICANN announced that more top-level domain names will become available, after they are evaluated in a somehow more open, yet unspecified process. The results of this evaluation are supposed to be released in September 2004. At the same time it finally gave in to unrelenting international pressure and agreed to consider long-standing and totally reasonable demands for Web addresses with non-English characters.
But there is no basis to believe that ICANN's Orwellian process will ever become fair and predictable. And ICANN has absolutely no plans to let a competitive market decide which names are to be allowed.
The organization should approve just about any top-level domain name unless it's confusingly similar to an existing name. But, so far, reason has eluded ICANN.
It has also failed miserably in keeping an obscure, but vulnerable super-database of Web site owners accurate, and the registrants whose personal data are collected safe from cybercriminals.
Here's how the system works, and why privacy advocates are joining scores of foreign governments in pressuring ICANN to clean it up. When an applicant signs up for a domain name, it pays a retailer or "registrar" for the privilege. ICANN's contracts with all its registrars require them to collect personal information about registrants, keep it current, and make it public. And it's the casual maintenance of this personal information, known as WHOIS, which is infuriating civil libertarians, consumer groups and nations around the world.
WHOIS was developed to help network administrators keep the Internet running smoothly, and for no other reason. But the database is loaded with inaccurate data, undermining its very purpose, and ICANN is doing virtually nothing to enforce its contract rights against noncompliant registrars. Worse still, the organization has resisted every effort to protect the privacy of registrants, unethically exposing them to stalkers, spammers, and governments that punish dissidents.
However, a recently filed lawsuit may help cut ICANN down to size. VeriSign, Inc., the registry for domain names in the .com and .net areas, sued ICANN in late February, claiming that ICANN was blocking VeriSign from introducing new services, in violation of antitrust laws, ICANN's agreements with VeriSign and ICANN's stated purpose of promoting competition. For example, VeriSign wants to institute a service called SiteFinder, intended to help Internet users who misspell domain names locate the web sites they want.
Other proposed VeriSign services include a wait list for people who want to claim expired domain names; a system to allow companies owning multiple domain name registrations to renew all of their domain names at the same time; and a method for allowing .com domain name registrations containing characters in languages such as Chinese.
VeriSign claims that ICANN has imposed unfair and unreasonable conditions on ICANN's ability to offer these new services. According to VeriSign, other domain name registries (particularly country code registries, which operate outside the .com area) are allowed to offer similar services, yet ICANN is preventing VeriSign from doing so. VeriSign is seeking not only monetary damages, but also an injunction prohibiting ICANN from sticking its nose in to say what services VeriSign can offer.
ICANN deserves all the criticism it gets. Its sluggish and grudging approval of new domain names, its penchant for secrecy, its sloppy management, and its insensitivity to human rights define a gatekeeper without moral authority. It's time for both Congress and the courts to step in and reassert public accountability in the Internet's core computer systems.
The Lane Report is a publication of The Law Offices of Marc J. Lane, a Professional Corporation. We attempt to highlight and discuss areas of general interest that may result in planning opportunities. Nothing contained in The Lane Report should be construed as legal advice or a legal opinion. Consultation with a professional is recommended before implementing any of the ideas discussed herein. Copyright, 2003 by The Law Offices of Marc J. Lane, A Professional Corporation. Reproduction, in whole or in part, is forbidden without prior written permission.