'ICANN's general counsel should lose his job over this'
Dot Registry CEO reacts to extraordinary judgment against DNS overseer
Interview It has been four years since Shaul Jolles, as CEO of Dot Registry, filed applications for five new internet extensions – .corp, .inc, .llc, .llp and .ltd – and wrote a check for just under $1m to have them considered by domain name system overseer ICANN.
Unlike the other applicants for the three US corporate entity suffixes .inc, .llc, .llp – and there are no fewer than 21 other applicants – Dot Registry took the unusual step of applying for a special "community" status, meaning that the company would have to jump over a number of additional hurdles to be given priority status.
And in order to pass that test, he spent over a year enlisting Secretaries of State right across the United States to officially support his application.
Unlike the other companies that would sell .inc domains on the open market to anyone, Dot Registry will instead require people who want a domain to have an actual incorporated business (.inc) or a limited company (.llc) or limited partnership (.llp), and to be registered with their state to get it.
Concerned that the wide-open use of legal business suffixes would lead to an explosion in scams, the states signed up. And Dot Registry sent another $22,000 per name to have them evaluated by ICANN as "community" names.
Almost exactly two years to the day later, Jolles received the answer from the independent company that ICANN hired to carry out the evaluations, the Economist Intelligence Unit (EIU). He knew right away something was wrong.
Up to a point
"My applications are good, really good. I would say they were the best of all those that were put in," he says, referring to the other 25 "community priority evaluation" or CPE applications. "But the moment I saw we got five points, I understood. There was no question here: I knew they were trying to fail us."
Out of a possible 16 points, of which applicants needed to score 14 to pass, Dot Registry's three applications had all hit an identical 5. It was so low a score that Jolles knew something wasn't right, and immediately started preparing for an official reconsideration of the decision by a subset of ICANN's board called the Board Governance Committee (BGC).
He started checking in with the different Secretaries of State to make sure nothing peculiar had happened and was immediately struck by some inconsistencies. "They didn't verify all the letters of support," he told us. "But then others had been sent multiple emails. One Secretary of State was actually sent 12 emails."
The emails were odd: the first one asked the secretary to confirm they had sent the letter. When they responded yes, they received another asking if they were authorized to send such a letter of support. When they answered yes, they were asked under what grounds they were authorized to do so. When they provided proof, they received another email asking them if they specifically endorsed the Dot Registry bid, and so on.
"From the very beginning I knew that, for some reason, there was going to be an issue with the evaluation," Jolles says.
When it wasn't ICANN's evaluators, it was his possible competitors'. One of them, he claims, went to a representative of the European Commission and convinced them that there were thousands of .inc companies in Europe that would be disadvantaged by Dot Registry's US-based bid. The representative drew up an objection and sent it to ICANN. When Jolles saw it, he got in contact and explained that there was no such conflict and that they had been misled.
The representative withdrew their objection and informed ICANN. But, Jolles found out two years later, ICANN never told the evaluators of the withdrawal, and even though it was published on ICANN's website, they never located it either. As a result, they worked on the assumption that European governments were opposed to the idea.
That could be explained away as a simple cock-up, but the more Jolles dug into the evaluation of his application, the more he became convinced that something more sinister was going on.
He hired an expert to dig into all the other evaluations and compare them to his own, and discovered that the EIU had treated his applications differently from the others, even adding new requirements that didn't exist before.
Dot Registry produced an extensive rundown of mistakes and unusual circumstances in its application and sent it to ICANN's BGC, confident that it would undertake a full investigation. It didn't. In fact, the BGC did nothing at all with that work and relied solely on the advice of ICANN's own legal team to reject his request for reconsideration out of hand.
And so he filed for a review of that rejection using ICANN's last resort Independent Review Panel (IRP). Just under two years and nearly $250,000 later, he received his answer: he had been working against ICANN's legal team the whole time.
The extent to which ICANN manipulated its own processes to reject Dot Registry's applications and then make it impossible for the company to find out why, or to have that decision reviewed, is almost Kafkaesque.
Far from being independent evaluators, documents provided to the IRP led it to conclude that the ICANN staff actually supervised the EIU and was "intimately involved" in the drafting of its reports. Incredibly, ICANN staff proposed the wording that the EIU's zero-scoring on one key section of the report stemmed from "research" that the EIU was supposed to have carried out. The IRP was unable to find any sign that such research existed.
"The whole thing is a sham," Jolles tells us. "My biggest takeaway from the judgment was that I wasn't surprised."
Sponsored: Becoming a Pragmatic Security Leader