Feeds

Of ICANN and the registrar zombies

Or, how I stopped worrying and learned to love our internet overlords

High performance access to file storage

Vint Cerf, the "Father of the Internet" kept encouraging - this is not a joke - registrants to complain to the the equivalent of the Better Business Bureau in the country of origin of dodgy or uncooperative registrars, as if someone realistically would call the BBB halfway around the globe, to a country whose language they might not even speak, to lodge a complaint against a hometown enterprise. That's certainly a business-friendly solution, and one way to look at it, but Registerfly was an American company with mostly American customers who already understood well how worthless a complaint to such an organization is, which is why they wanted ICANN's nuts. Is that seriously a model for preventing a future Registerfly-style collapse?

In fact, in a somewhat self-serving factsheet published by ICANN on its website today, in which it tries to take credit for helping improve Registerfly's performance after an audit last summer without providing much explanation for ICANN's subsequent hands-off approach, ICANN clearly states that "ICANN's mission is to ensure the stable and secure operation of these unique identifier systems (such as domain names and numeric addresses), which are vital to the Internet's operation." Can't seem to find anything in there about the invisible hand of the market - in fact if anything it's the opposite, although that's not what Cerf's pals at the American Department of Commerce (DOC) want to hear.

ICANN's ongoing murky relationship with the DOC could well be at the root of this idealogical obstinance. However, to suggest that the invisible hand of the market will right the wrongs of Registerfly is laughable. Sure, the market has punished Registerfly - after all, the company is bankrupt - but markets are famously bad at dealing with externalities, in this case the registrants whose domains have vanished, and even ICANN is admitting that the current system is not working. Some form of regulation involving data escrow is clearly in order, and thankfully on the way.

ICANN CEO Paul Twomey was somewhat more nuanced than Cerf about the interplay between market forces and ICANN's role. Twomey also acknowledged that the real problem for ICANN is what happens in the period preceding the collapse of a registrar, when thin-margin companies teeter on the brink of collapse, and customers fall through the cracks. These so-called "zombie registrars" enter a vicious cycle in which customer service spirals downward and more customers flee, leaving mounting debts and a further erosion of service and the company's bottom line.

The use of market forces has admirably driven the cost of owning a domain name down from $50 per month to free, in some business models, and failure is as much a part of the market as success. The escrow system is an important part of the ICANN's role in maintaining its core responsibility, which is the stability of the net itself.

Property rights

The comments after the speeches and the panel revealed a continuing debate within the ICANN community about what a domain really is. The debate centered around whether or not it should be treated as a license or a property right, though from a legal perspective a license is simply a relatively narrowly drawn type of property right.

The registrars want it to be classed as a license to lessen their own potential liability - if you don't renew your license you lose it, simple as that. However, as the Security and Stability Advisory Committee (SSAC) Chair Dr. Stephen Crocker noted in the panel discussion, domain names perform a more critical role in certian business than a typical license. As he put it, it's not like having the electricity turned off. It truly is something more serious, and ICANN needs to acknowledge that.

In fact, in some ways a domain is more important to some businesses than any physical property right could ever be - although it performs some of the functionality of a physical address, for many domain holders, the domain is not just where to find them on the internet, it is very essence of their brand. Fundamentally, it is their business, in the same way that if the words "Coca Cola" somehow magically and impossibly vanished from the world's languages, and then reappeared in the hands of a rival, never to return, the original owners would be irreparably harmed.

The debate about what ICANN is for is a healthy one, but it is also one that as far as its responsibility towards registrars goes, needs to move quickly. As ICANN acknowledged publicly today, there are other sketchy registrars out there - out of over 850 registrars, 40 don't even have websites and another 27 don't maintain a Whois database for their registrants. Suggestions for a best practices statement and additional compliance tools are worthy, but ICANN needs clearly to do a better job enforcing the agreements it has now, although an overhaul of the Registrar Accreditation Agreement (RAA) needs to be done once ICANN installs the data escrow system.

The silver lining to the Registerfly fiasco is that this discussion is long overdue, and ICANN is listening. ®

Burke Hansen. attorney at large, heads a San Francisco law office

3 Big data security analytics techniques

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.