ICANN77: Concrete progress and the search for a future leader

ICANN77: Concrete progress and the search for a future leader

Last month, the 77th Summit of ICANN, the Internet’s regulatory body, was held in Washington DC. This second summit of 2023 was once again rich in meetings and exchanges, with 90 sessions held over four days.

Here is a look back at the highlights of this event.

Successful outcomes

While ICANN summits have often left a mixed impression due to the multitude of subjects debated and processes made more cumbersome by the consensual approach sought by the organisation, we can welcome the fact that ICANN77 was marked by the successful conclusion of several of them, starting with the Registration Data Consensus Policy.

In May 2018 ICANN hastily applied a Temporary Specification to all stakeholders with a package of measures directly linked to the GDPR that the European Union had just applied. These measures included the masking of personal data in generic domain name registration databases. This set of obligations was intended to be renewable for one year and was to be replaced by a permanent framework. The body responsible for generic name policies, the GNSO, therefore quickly convened a process for developing new policies, a PDP, which was divided into several workstreams. Phase 1 of the PDP concerned the long-term binding framework they were looking for. The result was the Registration Data Consensus Policy, which has now been finalised. This work has been extended because the subject of personal data on domain names overlaps with many other texts (21 policies in all) which have also been revised. While stakeholders will have at least 18 months to apply the new policy, aspects relating to the collection, processing and storage of personal data linked to domain names will be altered.

Phase 2 involves the creation of a standardised system for accessing hidden personal data on domain name contacts for legitimate purposes, such as investigations into cybercrime. This resulted in the creation of a prototype that will be deployed this Fall. Over the next two years, this prototype should enable the organisation to validate whether or not it should develop a permanent global tool. It is therefore a reasonable step, because it is prudent. It would have been risky to develop a particularly expensive global system whose use was uncertain. But this issue is also directly linked to the accuracy of the data. What is the point of requesting access to masked contact data if it is unreliable?

On this subject, ICANN has launched a project in 2021 on the accuracy of registration data. But ICANN came up against the fact that in order to assess the accuracy of the data, it needed a legal basis for accessing the data. This forced the body to put this project on hold last year, when negotiations began to create a Data Protection Agreement between ICANN and the stakeholders.

Two contractual amendments in 2023

On the contractual side, it should be noted that the contracts linking ICANN with the registry operators on the one hand and the registrars on the other are in the process – and this is unprecedented – of being amended twice in the same year. The first revision will come into force next month to organise the transition between the Whois protocol and the RDAP protocol. The second revision, which is about to be put to the stakeholders for a vote, aims to step up the fight against DNS abuse. As far as DNS abuse is concerned, it should be remembered that this subject has long been a staple of ICANN summits, in the sense that it has been debated for several years without ever coming to a conclusion due to a lack of consensus. The need to step up action against these attacks has therefore never been so close to being written into the contracts.

ICANN is looking for its future leader

In another unprecedented development, on 21 December last year, ICANN announced the resignation of Goran Marby, its President. Sally Costerton took on the responsibility and was rapidly appointed Interim President of the organisation. This experienced leader, who already has around ten years’ experience in the organisation, was logically closely watched at ICANN76, but was also well received by the community. She took ownership of the issues very quickly and was very proactive in pushing them forward. ICANN77 was an opportunity to propose a session called CEO Search Committee. The profile of the future president was drawn up, along with his or her eight responsibilities: management of the IANA function, development of new DNS system policies, the program for new generic extensions, strategic management, management of the governance body, commitment and exchanges within the community, management of responsibility and, of course, the role of representative of the body. The perspective given for the appointment of this future face of ICANN is the second quarter of 2024.

The next round of new generic extensions at the centre of attention

As is often the case at ICANN summits, the subject of the next round of new generic TLDs was on the menu for most of the discussions. The fact that the previous application window dates back to the beginning of 2012 is obviously no coincidence. At her first summit as President of ICANN, Sally Costerton made good progress on this issue, with ICANN76 concluding with the ICANN Board adopting 98 of the 136 recommendations arising from the process of developing new policies for the next round. 38 recommendations remain to be clarified, and this work is currently underway, with completion scheduled for the second half of this year.

At the same time, implementation of the other recommendations and revision of the Applicant Guide Book have begun. However, two other subjects complete the picture: the possibility of creating closed generic TLDs, a sort of model similar to brand TLDs but which would be made possible on generic terms, and the revision of policies for internationalised TLDs and domain names, i.e. in native languages. The first subject should soon be put into orbit via a process of development of new policies planned over nearly two years. As for the second, its policy development process could last until November 2025. The organisation’s intention is to bring these two issues to a successful conclusion before the next round.

At the time of the 2012 round of new generic extensions, internationalised extensions and domain names were already being strongly promoted as a vector for the success of this innovative process. However, this was without taking into account universal acceptance, which was still in its infancy and which has fortunately made considerable progress since then. The RDAP protocol for registration data was also already considered as an alternative to Whois to be implemented with the new generic TLD program. However, RDAP is only set to replace Whois after a transition period of 18 months. As for closed generic extensions, they were also considered in 2012 but abandoned due to a lack of consensus. They could finally see the light of day under terms to be defined during the next round. As for abuse of the DNS, another subject that has been debated for years, it is also on the point of leading to additional obligations that will affect registries and registrars alike.

If Nameshield is already offering you solutions to help you deal with infringements of your online assets and your gTLD projects, it should be noted that the obligations incumbent on companies that manage domain names are constantly increasing, but also that with ICANN the issues are almost always resolved in the end.

See you in Hamburg in October for ICANN78.

Image source : ICANN’s website

Author: Arnaud Wittersheim

Head of Operations Department Nameregistry - Compliance - Nameshield