[gnso-vi-feb10] "Not in your own TLD" = lipstick on a pig

[Jothan Frakes <jothan@xxxxxxxxx>]

Hopefully folks are enjoying their summertime (at least here in the
Northern Hemisphere) and that's why the volume has shrunk on the VIWG.

Anyway, if there are collaborations going on with respect to
additional compilations of these harms lists, I am not seeing it in
public discussions and I haven't been invited to play in that
treehouse.  More likely people are enjoying their summer with family
and loved ones.

All said, I have been pretty consistent about expressing that a 'Not
in your own TLD' will be problematic.

I have spent some time coming up with some harm examples and wanted to
bring them forth to the list.

Having a rule that states 'not in your own TLD' is window dressing,
with lots of room to be abused in a manner that could harm registrants
or create inequity between registrars and registrants.  Aside from the
appearance that it seems to address a number of issues vis a vis
perceptions in the presence of any beneficial or controlling
ownership, it just seems like it could and would be a rule that gets
totally gamed.

Per my Jul 8 post I think the 'as long as it's not in your own TLD'
argument is a distinction without a difference.  In my view it's
simply not possible to counter the variety of ways a registrar COULD
or MAY exploit this sort of Exception.

As I look at some of the stated harms that could occur if a registrar
becomes a registry, it seems to me almost all of them can still occur
in the presence of a rule  to prevent the registrar from 'selling' its
own TLD:

http://www.circleid.com/posts/domain_name_registry_registrar_vertical_separation/

http://forum.icann.org/lists/2gtld-guide/msg00033.html

http://www.icann.org/correspondence/lubsen-to-dengate-thrush-12oct09-en.pdf

http://forum.icann.org/lists/crai-report/msg00013.html

http://forum.icann.org/lists/crai-report/msg00020.html

By way of example, let's say registrar 'A' operates the registry for
.WEB and registrar 'B' operates the registry for .INC.  Here are just
a few examples how harms could occur even though the cross owned
registrar  does not sell the TLD:

a)    Registries often have play trusted role as a 'judge' between
conflicting registrars.  The registry often is in the position to be
the fail-safe point for registrar bad actions.

For example, registries can effectively act as adjudicators in some
Transfer Disputes (TDRPs) between registrars or resolve a matter prior
to a TDRP being necessary.  In the example above the WEB registry and
the INC registry could agree to a deal where they would ALWAYS favor a
TDRP towards each others registrar.

 'A' would ALWAYS decide .WEB TDRPs in favor of 'B' and 'B' would
ALWAYS decide .INC TDRPs in favor of 'A'.

b)    A similar issue might emerge within handling of UDRP/ URS.

'A' and 'B' COULD conceivably agree to a reciprocal deal in which they
thwarted UDRP judgments in each others TLD (for example -  via the
geographic location of an owned registrar  as described in first
reference posting above).

c)    Non-discriminatory treatment of registrars can and has be
thwarted by discrete reciprocal marketing deals - e.g. 'A' gives 'B' a
preferential deal on .WEB names if 'B' gives 'A' a preferential deal
on .INC names.

It can also be thwarted by registrars concealing their ownership of
resellers in that TLD - e.g.  it will be extremely difficult, if not
impossible, to detect that registrar A owns resellers of .WEB names.

d)    Tasting/ Front Running -   As it sees all check commands in
.WEB,  registrar 'A' can taste or front run this second level string
in other TLDs (on the premise that a registrant who is interested in
the string in .WEB might also be interested in the string in other
TLDs).

Beyond these, I think it is possible to go through nearly every harm
we will list in the 'harms' documents, and narrate a reasonable or
existing scenario that shows a 'not in my TLD' exception does not
serve to mitigate the harm.  I understand some of these harms can also
be caused by contractual relationships,  rather than by cross
ownership.

There is an order of magnitude greater likelihood the harms will occur
from bad actors in a fully cross-owned environment where control
between registry and registrar is absolute (and not simply by
contract).    If one owns an asset, one inevitably has more control
over how it is used.  One would also have greater control over how
transparent or opaque its activities are to other parties.  I am not
suggesting that any actors who support 100% cross ownership are
proposing anything in order to game a system nor that such an
ownership is completely problematic.

My point is that 'not in your own TLD' is essentially the same pig,
but with lipstick on.

The IPC, I think said it well here --   "The hybrid model that the
Report proposes is deeply flawed and should not be given serious
consideration.  While restricting registries from owning registrars
that service only other gTLDs has some superficial appeal, the net
result would be an incentive for registries owning registrars to
collude to grant each other favorable treatment to the disadvantage of
registrars who are not affiliated with either. Furthermore, there is
no external oversight to ensure compliance with these requirements,
nor any indication of who would have standing to assert claims.
Without an oversight regime and meaningful penalties for violations,
the Report's proposed hybrid registration model invites
anticompetitive collusion."

 PIR also said it well  - "The proposed experiments in the Report do
take account of the risks of self-dealing by registrars that own
registries. The Report attempts to deal with these by proposing to
prohibit registrars from offering registrations in a registry that it
owns. This would be totally ineffective; there are now almost 900
ICANN accredited registrars.The identities of the real parties with
interests in most of them are not public information. It would be all
too easy for (the owners of) registrars to create new shell registrars
to evade this prohibition by monopolizing or restricting access to
registrations in the registry owned by the original registrar. The end
result would be a severe negative impact on competition among
registries and among registrars.

As we assess the various harms I believe we need to be aware that the
'as long as its not in my own TLD' exception will not really mitigate
any of the harms but rather has the potential to spawn a myriad of
complex and opaque back room deals to route around them.

I remain convinced that it is a bad idea to place a 'not in your own
TLD' restriction in place in the presence of any % of ownership (and
I am not suggesting opposition to any % of ownership - just a silly
rule) that the board in its wisdom would grant in the final
applicant guidebook this year.


-Jothan

http://blog.jothan.com
http://www.jothan.com