Report on 66th ICANN Meeting

The 66th international meeting of the Internet Corporation for Assigned Names and Numbers (ICANN) took place in Montreal from November 2nd to 7th, 2019. ICANN66 was this year’s Annual General Meeting (AGM). The AGM includes time for internal stakeholder group and constituency work, gTLD policy work, and cross-community interaction. Among others, the community focused on the following topics in Montreal: DNS Abuse, EPDP Phase 2 discussing access to domain name registration data, Universal Acceptance, the Subsequent Procedures to review new gTLD program policy and implementation, and also the Dot Amazon file.

By loading the video, you accept YouTube's privacy policy.
Learn more

Load video

Always unblock YouTube

Cherine Chalaby, ICANN Board Chair, opening ceremony remarks in Montréal, Canada.

By loading the video, you accept YouTube's privacy policy.
Learn more

Load video

Always unblock YouTube

Göran Marby, ICANN CEO and President, opening ceremony remarks in Montréal, Canada.

Traditionally, the AGM is also used to showcase ICANN’s work to a broader global audience, with more time dedicated to capacity building and leadership training sessions. The AGM is also where new members of the ICANN Board of Directors take up office. The meeting in Montreal was the last one with outgoing Board Chair Cherine Chalaby and the first with the incoming Board Chair Maarten Botterman.

By loading the video, you accept YouTube's privacy policy.
Learn more

Load video

Always unblock YouTube

Sally Newell Cohen, ICANN Senior VP of Global Communications, sat down with outgoing Board Chair Cherine Chalaby and Maarten Botterman, the incoming Board Chair, to discuss last term’s achievements and priorities for the next term.

ICANN holds three international meetings per year, which rotate among five geographic regions and three meeting formats with different subject areas of focus.

The impact of the European General Data Protection Regulation (GDPR) on the WHOIS system for the registration of domain names remains one of the key issues for the ICANN community. On 17 May 2018, the ICANN Board of Directors adopted a Temporary Specification (the “Temp Spec”) to respond to the requirements of the GDPR regarding the processing of personal data within the context of “registration data”. Shortly after the adoption of the Temp Spec, the Expedited Policy Development Process Working Group (EPDP) was tasked with reviewing the Temp Spec to develop a permanent consensus policy on domain name registration data.

The EPDP team completed its “Phase 1” in March 2019 – which established the permanent consensus policy for the collection, storage, and publication of registration data – and is currently in the implementation phase, also called “Phase 2”.

The second phase of the EPDP focuses on the identification and description of use cases to better understand who wants to obtain non-public registration data for what purpose on which legal basis. The basis of this discussion is EPDP’s approach to a system that was previously called “Universal Access Model” but which has been rightfully rebranded to the “Standardized System for Access and Disclosure” (SSAD) and/or the “Hamburger Model”.

We also discussed the safeguards required in order to prevent abuse / misuse of the system. Now, a description of use cases does not make a policy, which is why a zero-draft of a policy was created based on the findings of the use-case exercise. The zero-draft consists of building blocks on different topics, such as purposes of requestors, user groups (LEAs, IP enforcers, cyber security researchers etc.), acceptable use policy, retention and deletion of data, accreditation of requestors, response requirements, disclosure agreements, query policy (e.g. possible rate limitations and rules around “bulk” access), etc.

The EPDP team is working to publish its Phase 2 initial report as soon as possible, but a delivery date yet has to be decided upon.

Five sessions in total were dedicated to this field of interest at ICANN66, which reflects the importance of the EPDP for broad sections of the ICANN Community.

The ICANN community has a long track record of discussing DNS abuse, but the topic is nonetheless currently ranking high on the official ICANN agenda, and so it did in Montreal. Shortly before the meeting in Montreal, eco members Blacknight, GoDaddy, PIR, Tucows, Neustar, Donuts, Afilias, and others put out a framework on how to handle certain types of DNS abuse (malware, botnets, phishing, pharming, and spam).

The framework also addresses types of DNS abuse that go beyond the contractual obligations imposed by ICANN to the contracted parties.

During multiple sessions dedicated to the discussion of DNS abuse, it was obvious that there are as many different definitions for what constitutes DNS abuse across the ICANN community as there are stakeholders and constituencies. The Plenary Session on DNS Abuse was well received, in which the questions “What is DNS abuse? What can be done now to combat DNS abuse? What should be done?” were discussed with representatives from the Business Constituency (Mason Cole,) the Governmental Advisory Committee (Gabriel Andrews), the Non-Commercial Stakeholder Group (Farzaneh Badii), the Registrars Stakeholder Group (Graeme Bunton), the Registries Stakeholder Group (Brian Cimbolic) and the Security & Stability Advisory Committee (Jeff Bedser).

The discussion around DNS abuse is partially fueled by the still ongoing discussion concerning the “Standardized System for Access and Disclosure” (SSAD). Several law enforcement bodies report constant issues with regards to access to WHOIS data to handle issues of DNS abuse. Against the background that some ccTLDs have already implemented a wide range of measures to handle DNS abuse, law enforcement is asking the community to consider the adoption of existing practices from the ccTLD world into the gTLD space, too.

The community from Germany and those active on the German domain market in particular followed the discussion very closely because of the ongoing discussion about appropriate measures against fake-shops and the corresponding potential responsibilities of the parties involved in the value chain, which are still unclear. This reflects a statement by Farzaneh Badii “I think that the problem that we have is not really in the definition. The problem that we have is that we have a patchwork of solutions here and there but we don’t have a cohesive governance mechanism to know.”

The ICANN66 agenda in Montreal included a number of working sessions of the Commercial Constituencies within the Generic Names Supporting Organization (GNSO) to which the Internet Service Providers & Connectivity Providers working group (ISPCP) contributes, including a closed session with Appointed GNSO Board Members. The meeting in Montreal was the first in the new term of Wolf-Ulrich Knoben as re-elected ISPCP chair.

The short closed meetings were used to discuss the agenda-setting for the respective longer open meetings of the CSG and ISPCP.

The agenda of the ISPCP covered the following topics:

Thomas Rickert gave an update on the second phase of the EPDP, explaining the current status of the “Standardized System for Access and Disclosure” and the description of use cases. The ISPCP members agreed to review the use cases which are currently being discussed and provide feedback on them.

Xavier Calvez, Shani Quidwai and Becky Nash from the ICANN Finance Team gave an update on ICANN’s FY19 Financial Results, Reserve Fund Replenishment, the planning process of the FY21 Budget and the FY21-FY25 Operating and Financial Plan. The ICANN organization’s activities and projects result directly or indirectly from bylaws, and from decisions made by the Board based on community-led policies or recommendations. According to the team, the FY21 draft budget and 5-year plan will be a balanced budget where expenses plus a planned contribution to the reserve fund will not exceed funding.

During the ICANN meeting the ISPCP member ETNO published a position paper on DNS over HTTPS (DoH), which lead to the discussion within the ISPCP to draft their own paper on DoH to get actively involved. Lars Steffen and other representatives of organizations with a diverse membership were solicited to come up with a more solution-oriented approach.

Acknowledging that the interest in DNS abuse is gaining momentum in the ICANN community, the ISPCP also agreed to work on a joint position and best practices to handle the issue.

The CSC ensures the satisfactory performance of the Internet Assigned Numbers Authority (IANA) naming function. The CSC is responsible for monitoring the Public Technical Identifier’s (PTI) performance of the IANA naming function against the service level expectations in the IANA Naming Function Contract. Against this background, the CSC analyzes performance reports provided by PTI and publishes its findings. In the following video, the outgoing chair Byron Holland, CEO of the eco member CIRA, discusses the successes and future of the CSC and shares some insights.

By loading the video, you accept YouTube's privacy policy.
Learn more

Load video

Always unblock YouTube

Byron Holland, Chair, Inaugural CSC, discusses the successes and future of the CSC.

In Montreal, the new gTLD Subsequent Procedures Working Group (SubPro) continued to evaluate a number of key issues contained in its analysis of community input on policy recommendations, in its Initial Report and Supplemental Initial Reports. The SubPro Working Group has the task of reviewing the new guidelines and implementation of the gTLD program and recommending possible changes for future rounds of new gTLDs.

The work has been split up into five parallel Work Tracks, focusing on:

overall process, support, and outreach
legal and regulatory issues
string contention, objections, and disputes
Internationalized Domain Names and technical and operational issues
the use of geographic names as new gTLDs at the top-level.

The Working Group has already completed its review of public comments for both its Initial Report and its Supplemental Initial Report for the Work Tracks 1-4, and confirmed general support for the recommendation to use the Applicant Guidebook for future new gTLD application rounds. The Guidebook will receive a number of updates including improvements to ensure easier understanding for the general public for new gTLD applications and provide both more practical guidance in general, and more specific guidance with regards to different application types, e.g. with regards to dotBrand Top-Level Domains.

The Work Track 5 Final Report will also generally maintain the 2012 status quo regarding the handling of geographic names at the top level, with few relatively minor updates and clarifications:

the gNSO policy recommendations will be updated to be consistent with the 2012 Applicant Guidebook, bringing the gNSO policy in line with current implementation;
two-character ASCII codes will continue to be reserved for ccTLDs ;
The ISO3166-1 standard of long and short-form names will continue to be protected.

All two-character letter-letter ASCII combinations at the top level for existing and future country codes will continue to be reserved.

The Working Group plans to deliver its Final Report to the GNSO Council by the end of Q1 2020.

SubPro is expected to complete its Final Report by the end of Q1 2020. The next round of new gTLD launches is expected to take place as a series of application and evaluation rounds, rather than a continuous process of applications and launches.

The Governmental Advisory Committee (GAC) again put the recent developments regarding the .amazon application on the agenda and discussed the respective ICANN Board decision.

On 15 May the ICANN Board came to the conclusion of finding “the Amazon corporation proposal of 17 April 2019 acceptable, and therefore directs the ICANN org President and CEO, or his designee(s), to continue processing of the .amazon applications according to the policies and procedures of the New gTLD Program. This includes the publication of the Public Interest Commitments (PICs), as proposed by the Amazon corporation, for a 30-day public comment period, as per the established procedures of the New gTLD program."

During the session, the representatives from Colombia, Venezuela, Peru, and Brazil read their respective statements criticizing the decision of the ICANN Board, because they feared the ICANN decision did not sufficiently take into account the interests of the South American governments involved and undermined the rights of sovereign states. The GAC asked the Board again to explain why it considered that the conclusion to proceed with the .amazon application process was in line with the GAC Advice provided before. The advice requested the .amazon application not be granted without a mutually agreeable solution.

Especially Brazil made a very clear statement in Montreal, questioning the decision of the ICANN Board to proceed with the .amazon application in favor of the Amazon corporation, stating that .amazon would have a status comparable to a country TLD in this context. Brazil asked the ICANN Board to appoint an independent mediator to negotiate a mutually beneficial and acceptable solution.

GAC representatives from the US and Israel stated that they don’t see any further need to delay the delegation process of the .amazon application, whereas China supported the position of Brazil and the European Commission encouraged the Board to establish a final mediation process.

The Montréal GAC Communiqué does not include any further advice on this issue.

The Universal Acceptance Steering Group (UASG) was present at five sessions in Montreal. Universal Acceptance is the concept that all domain names should be treated equally. Domain names and email addresses should be accepted, stored, processed and displayed in a consistent and effective manner. The different sessions reflected the new concept of splitting up the full day workshop on Day Zero according to the UASG’s working group structure to give more people the opportunity to attend the UASG sessions: