Senator Elizabeth Warren and Rep. Jerry Nadler recently wrote a letter complaining that VeriSign overcharges for .com domains due to its market power. They sent it to the Department of Justice and the National Telecommunications and Information Administration (NTIA). While you can make a reasonable case that the claim is true, two more interesting questions are "Why now?" and "Why bother?"
Africa's digital ecosystem is growing rapidly, with internet access becoming a central driver for innovation, business, and socio-economic development. As this digital adoption expands, so too does the importance of domain governance, particularly the effective management of Top-Level Domains (TLDs). Unfortunately, over the years, African registries have struggled to manage their TLDs, often leading to missed opportunities, inefficiencies, and a loss of competitive edge in the global domain market.
Abusive behavior that leverages the domain name system (DNS) continues to be a problem, with a reach that has been widely and credibly documented. There is little doubt that bad actors continue to use the DNS for nefarious and costly purposes. While the amendments made in 2024 to ICANN's Registry Agreement (RA) and Registrar Accreditation Agreement (RAA) were a step in the right direction, more advanced tools are needed to bring abuse rates down.
Over the past twenty years of my engagement in the ICANN multistakeholder process, one topic that has always been near and dear to me has been improving the accuracy and access to domain name registration data in a way that respects the legal rights of both registrants and requestors of registration data. Sadly, the glacial pace at which ICANN develops and implements policy has prevented a holistic solution to the problem.
AI is bringing changes to the domain registration process by enhancing user experience, improving registrar operations, and empowering registries. In recent years, AI has entered the industry via the huge growth of new website builders. Today, new developments in the field offer an opportunity to align the interests of all stakeholders, from end user to registry.
Over the past several weeks, there has been significant discussion about Verisign and its management of the .com top-level domain (TLD) registry. Much of this discussion has been distorted by factual inaccuracies, a misunderstanding of core technical concepts, and misinterpretations regarding pricing, competition, and market dynamics in the domain name industry.
On June 9 CircleID published an insightful article by Thomas Rickert entitled "Demystifying Art 28 NIS2." In that piece Thomas set forth two alternative interpretations of Article 28(6) of NIS2, and argued that TLD registries should not be required to maintain a separate database of the registrant data under NIS2. In my view, Thomas' approach is inconsistent with the remainder of Article 28, and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states.
On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as "NIS2"), which was published in the official journal on December 27, 2022. Being a directive, NIS2 requires transposition into national law. According to Art. 41 of NIS2, the transposition into national law must take place by October 17, 2024 and the measures must be applied as of October 18, 2024.
Every day, there are tens of thousands of domain names registered across the globe -- often as a key first step in creating a unique online presence. Making that experience possible for Verisign-operated top-level domains (TLDs) like .com and .net is a powerful and flexible technology platform first introduced 25 years ago.
Now just more than a quarter of the way into the pilot program, ICANN's Registration Data Request Service (RDRS) again will be the subject of intensive discussions during the ICANN80 meeting in Kigali in early June. This includes further consultations hosted by the Commercial Stakeholder Group (CSG) and including registrars, data requestors and ICANN Org.