Home / Blogs

TLD Registration Enforcement: A Call for Automation - Part I

The past year has brought a rise in so-called “open and chartered” top-level domains (TLDs). Like the traditional open TLDs of .COM, .NET, and .ORG, these namespaces encourage large-scale registrations, but they differ in that they limit who can legitimately register domains. So far, many thousands of their registrations seem to break the stated rules. It’s therefore worth thinking through their respective enforcement efforts—before the situation gets out of control.

First, a review of some specific open chartered TLDs. Neulevel operates two: Consistent with its name, .BIZ requires that its domains be used primarily for bona fide business or commercial purposes. Similarly, .US requires that its registrants be American citizens or residents, American companies or organizations, or companies with a bona fide American presence. In addition, the Global Name Registry runs .NAME; a permissible .NAME domain matches its registrant’s personal legal name, a name by which the registrant is commonly known (like a nickname, pseudonym, or stagename), or the name of a fictional character in which the registrant has rights.

The rules sound straightforward. But as it turns out, quite a few registrations seem to flout them.

.BIZ. It’s hard to know what constitutes a “bona fide” business; nearly any web site might have some commercial purpose. But .BIZ rules insist that domain resellers and speculators lack a bona fide business use. To that end, .BIZ specifically prohibits “the unsolicited offering to sell, trade or lease the domain name for compensation.” Wondering if this rule had much effect, Professor Jonathan Zittrain and I set out earlier this summer in search of domains that included such offers. A simple automated search in short order yielded some 4,000+ .BIZ names that, on their default web pages or in their WHOIS data, reported that they were for sale. Some registrants registered hundreds of names configured in this way.

.US. Any .US domain name registered with an American address—for the registrant or for at least one of administrative, billing, or technical contacts—is arguably likely held by an American citizen or resident. Such domains constitute the overwhelming majority of .US registrations to date. But what about the thousands of .US names without a single American contact? Some may be citizens or residents (despite providing non-US addresses), while others may have a bona fide business presence in the US but fail to list it in their registration details. But a portion may be in breach of .US registration rules. One .US registrant registered 834 .US names to an address in Antigua and Barbuda, including such names as all-animalsex.us, britany-spears-pictures.us, and celebrity-gallery.us; other registrants registered hundreds to addresses in Australia, Canada, Germany, the Netherlands, and Switzerland, and reviewing the specific registrations shows more than a few that match well-known trademarks.

.NAME. The .NAME rules are somewhat more complicated than in .BIZ and .US, but spotting non-conforming .NAME registrations can nonetheless be surprisingly easy. There exists no person with first name “harley-davidson” and last name “collector,” I reasoned, yet one registrant picked up harley-davidson.collector.name—and 231 other .NAMEs to boot. Others bought names like pillsbury.doughboy.name and touchstone.pictures.name; even harvard.university.name was taken, and not to any institution headquartered in Cambridge, Mass.! In total my automated run though the database found 5000+ .NAMEs seemingly inconsistent with .NAME rules .

The problem—if it is one—and what can be done about it

Seeing these so-called “nonconforming” registrations, one wonders what, if anything, ought to be done about the situation. For affluent challengers, each of these TLDs offers a UDRP-like procedure to dispute a registrant’s eligibility. For example, .NAME provides the “Eligibility Requirements Dispute Resolution Procedure” (ERDRP). But at $1100+ per domain name, this procedure is arguably too expensive to resolve the thousands of names linked above, and it’s therefore little surprise that the .NAME ERDRP has decided only three cases to date.

One obvious alternative to ERDRP is to do nothing. Indeed, looking at the various humorous .NAME registrations (the.best.name and its ilk), others have questioned whether nonconforming registrations ultimately much matter. This was the reasoning of Global Name Registry in their June 2002 response to my study of .NAME, and even putting aside the registry’s clear interest in selling more domains, GNR is not alone. After all, enforcement costs money, especially when performed by a careful staff. Assigning these costs to registries, and passing them on to consumers is, at the least, controversial.

But might there be another way? Noting that English dictionary words may be common names in other languages, GNR posited that automated systems are “daunting”—and so they are if they must be accurate in every instance. But what if every new .NAME with purported first name “the” was put in a queue for human review rather than accepted immediately? Human review of 1% of new names wouldn’t cost much. And this limited review might well do away with at least the most egregious of non-conforming registrations to date. It’s not hard to imagine a similar “flag” on non-American .US registrations, or a script that periodically searches .BIZ domains for suspect phrases like “this domain is for sale.”

More generally, any new TLD with registration restrictions might do well to consider sensible automated means of enforcement. In the experimental framework of ICANN’s New TLD Program, applicants are expected to test a variety of approaches. But if registration restrictions are to be taken seriously, and if registrants are to comply with the rules on the books, research suggests that lackadaisical enforcement may not suffice. Some prospective TLD operators may not favor continual enforcement efforts—even when implemented in automated systems that impose minimal costs—and they’re welcome to submit applications that truthfully describe their intention to omit enforcement of registration restrictions. However, as trademark holders see the mounting costs of protecting their interests in new TLD—of taking domains like touchstone.pictures.name froms the speculators who grabbed them first—the consensus may yet tilt in favor of TLDs with more procedural checks rather than fewer.

Why demand rigorous enforcement of the registration restrictions on the books? What are further implications for prospective registries, TLD evaluations, and the consensus process? I’ll do my best to speak to these questions in the October 9 issue of CircleID.

BLACK FRIDAY DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Benjamin Edelman, Assistant Professor, Harvard Business School

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global