Home / Blogs

“In the Public Interest”

Gaining clarity on the NTIA-Verisign Cooperative Agreement.

Prior to November 30th of this year, the National Telecommunications and Information Administration (NTIA) must decide whether to renew or allow to expire its Cooperative Agreement with Verisign, the private-sector corporation that operationally controls the root of the Internet.

Addressing Competition Concerns vs. Internet Governance

The Cooperative Agreement is unusually obscure, especially considering its central role in the operation of the Internet’s Domain Name System (DNS). In fact, the original document is strangely unavailable. It is possible to determine that it, historically, has contained provisions governing the DNS. However, over the years, various amendments have made obsolete most, if not all, of those provisions. Today, the only component remaining of any consequence is NTIA’s unilateral right to review and amend the .COM registry agreement for purposes of promoting competition and consumer choice in the DNS.

The nature and scope of NTIA’s wide-ranging authority to regulate competition are often misperceived. But, historically, any issue pertaining to the .COM registry agreement was deferred to NTIA for final approval. For example, many remember, in 2012, when NTIA acted unilaterally to limit the wholesale pricing of .COM registrations to $7.85. But far fewer are likely to remember that the Internet Corporation for Assigned Names and Numbers (ICANN) deferred to NTIA for final approval of its’ 2006 settlement agreement with Verisign—pertaining to competition concerns involving Verisign’s 2003 SiteFinder initiative—saying in a press release at the time, that the settlement:

...will now proceed to the U.S. Department of Commerce for final approval, and the entire settlement is dependent upon this approval before it is finalized. USDOC approval is required due to the unique history of the .COM generic top-level domain and it is the only gTLD which requires such approval. (emphasis added)

Investment Indicates Importance

Verisign has a demonstrated track record of excellence at performing a focused set of essential functions that don’t require breakthrough innovation nor competitive proficiency. One of the biggest risks to the Verisign-run Internet infrastructure are Distributed Denial-of-Service (DDoS) attacks, which are mitigated by maintaining enough available network resources to absorb the attack. With 21 years of uptime, Verisign is so confident in their massive overprovisioning that they even sell DDoS mitigation as a service.

A review of several years of publicly available financial reports reveals this: the world’s leading provider of key Internet infrastructure and services—the entity more responsible than any other for the integrity of the root zone of the global Internet—allocates less than 7% of free cash flow to reinvestment in core infrastructure and pockets the rest in the form of stock buybacks.

Getting to the heart of the matter, if Verisign requires so little of the money they make from “the public interest” to maintain the critical Internet infrastructure with which they are entrusted - then why is it permitted to maintain such extraordinary margins?

Inaction Risks Corrosive Consequences

To be sure, this makes Verisign a Wall Street darling, and a favorite of Warren Buffett whose Berkshire Hathaway holds 14% or more of the company in its portfolio.

Mr. Buffet’s enthusiasm is understandable when you consider that, in 2017, the company generated free cash flow of $703 million on $1.17 billion in revenue—that’s more than 60% margin. But it keeps getting better—this year’s forecast predicts profit margins approaching 68%.

But how much time will elapse before ICANN, facing a budget shortfall, remembers that it also represents the public interest and is justified in receiving extra financial assistance from its largest ratepayer?

The answer to this doesn’t require a crystal ball—it’s already happened. The 2011 registry agreement renewal of .NET included a provision creating a “special development fund” to collect $0.75 per domain name registration per year. The funds are placed into ICANN’s general treasury with no required reporting or audits. So far, it’s generated more than $80 million in unaccountable cash payments to ICANN from its largest ratepayer—the same thing applied to .COM would have generated more than $800 million since 2011. That is a transformative number for ICANN, yet would be written off—literally a tax deduction - as the cost of doing business by its’ largest ratepayer.

In 2011, when the .NET registry agreement was renewed, a senior Verisign executive was quoted saying, “Except with respect to the need for Department of Commerce approval under the Cooperative Agreement, the terms governing the renewal of both the .net and .com agreements are similar.” Because of the “special development fund” this statement was not entirely true. This underscores the critical nature of NTIA’s right to review and amend the .COM registry agreement as an essential regulatory tool and effective accountability safeguard.


This matter pertains to regulatory activities that address competition concerns regarding an Internet infrastructure company—not strictly an Internet governance issue. Modifying the price restriction and/or other possible regulatory actions are domestic concerns. Nobody claims that the European Union can’t bring enforcement actions against Internet businesses nor argues that ICANN should launch stakeholder working groups to settle specific competition concerns.

As I’ve suggested in comments previously submitted to NTIA, a consent decree could be an effective solution that would transition oversight from NTIA to the U.S. Department of Justice which has an Antitrust Division with the requisite expertise. If this avenue isn’t available, then the Cooperative Agreement should be renewed for another full term with NTIA committed to a full review and vigorous oversight that protects “the public interest.”

The data used here is publicly available for anyone to review and draw their own conclusions. I encourage anyone interested to examine the data and draw their own conclusions.

By Greg Thomas, Founder of DNSDecrypt

Greg Thomas is founder of DNSDecrypt and author of How to Save the Internet in Three Simple Steps: The Netizen’s Guide to Reboot the Root. The views expressed in this article are solely those of Greg Thomas and and are not made on behalf of or for any other individual or organization.

Visit Page

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Brand Protection

Sponsored byCSC


Sponsored byVerisign

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API