Feeds

Of ICANN and the registrar zombies

Or, how I stopped worrying and learned to love our internet overlords

High performance access to file storage

Vint Cerf, the "Father of the Internet" kept encouraging - this is not a joke - registrants to complain to the the equivalent of the Better Business Bureau in the country of origin of dodgy or uncooperative registrars, as if someone realistically would call the BBB halfway around the globe, to a country whose language they might not even speak, to lodge a complaint against a hometown enterprise. That's certainly a business-friendly solution, and one way to look at it, but Registerfly was an American company with mostly American customers who already understood well how worthless a complaint to such an organization is, which is why they wanted ICANN's nuts. Is that seriously a model for preventing a future Registerfly-style collapse?

In fact, in a somewhat self-serving factsheet published by ICANN on its website today, in which it tries to take credit for helping improve Registerfly's performance after an audit last summer without providing much explanation for ICANN's subsequent hands-off approach, ICANN clearly states that "ICANN's mission is to ensure the stable and secure operation of these unique identifier systems (such as domain names and numeric addresses), which are vital to the Internet's operation." Can't seem to find anything in there about the invisible hand of the market - in fact if anything it's the opposite, although that's not what Cerf's pals at the American Department of Commerce (DOC) want to hear.

ICANN's ongoing murky relationship with the DOC could well be at the root of this idealogical obstinance. However, to suggest that the invisible hand of the market will right the wrongs of Registerfly is laughable. Sure, the market has punished Registerfly - after all, the company is bankrupt - but markets are famously bad at dealing with externalities, in this case the registrants whose domains have vanished, and even ICANN is admitting that the current system is not working. Some form of regulation involving data escrow is clearly in order, and thankfully on the way.

ICANN CEO Paul Twomey was somewhat more nuanced than Cerf about the interplay between market forces and ICANN's role. Twomey also acknowledged that the real problem for ICANN is what happens in the period preceding the collapse of a registrar, when thin-margin companies teeter on the brink of collapse, and customers fall through the cracks. These so-called "zombie registrars" enter a vicious cycle in which customer service spirals downward and more customers flee, leaving mounting debts and a further erosion of service and the company's bottom line.

The use of market forces has admirably driven the cost of owning a domain name down from $50 per month to free, in some business models, and failure is as much a part of the market as success. The escrow system is an important part of the ICANN's role in maintaining its core responsibility, which is the stability of the net itself.

Property rights

The comments after the speeches and the panel revealed a continuing debate within the ICANN community about what a domain really is. The debate centered around whether or not it should be treated as a license or a property right, though from a legal perspective a license is simply a relatively narrowly drawn type of property right.

The registrars want it to be classed as a license to lessen their own potential liability - if you don't renew your license you lose it, simple as that. However, as the Security and Stability Advisory Committee (SSAC) Chair Dr. Stephen Crocker noted in the panel discussion, domain names perform a more critical role in certian business than a typical license. As he put it, it's not like having the electricity turned off. It truly is something more serious, and ICANN needs to acknowledge that.

In fact, in some ways a domain is more important to some businesses than any physical property right could ever be - although it performs some of the functionality of a physical address, for many domain holders, the domain is not just where to find them on the internet, it is very essence of their brand. Fundamentally, it is their business, in the same way that if the words "Coca Cola" somehow magically and impossibly vanished from the world's languages, and then reappeared in the hands of a rival, never to return, the original owners would be irreparably harmed.

The debate about what ICANN is for is a healthy one, but it is also one that as far as its responsibility towards registrars goes, needs to move quickly. As ICANN acknowledged publicly today, there are other sketchy registrars out there - out of over 850 registrars, 40 don't even have websites and another 27 don't maintain a Whois database for their registrants. Suggestions for a best practices statement and additional compliance tools are worthy, but ICANN needs clearly to do a better job enforcing the agreements it has now, although an overhaul of the Registrar Accreditation Agreement (RAA) needs to be done once ICANN installs the data escrow system.

The silver lining to the Registerfly fiasco is that this discussion is long overdue, and ICANN is listening. ®

Burke Hansen. attorney at large, heads a San Francisco law office

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Singapore decides 'three strikes' laws are too intrusive
When even a prurient island nation thinks an idea is dodgy it has problems
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
France bans managers from contacting workers outside business hours
«Email? Mais non ... il est plus tard que six heures du soir!»
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.