Summary and Analysis of Public Comments

[Marika Konings <marika.konings@xxxxxxxxx>]

Disclaimer: This summary is not a full and complete recitation of the relevant 
comments received. It is an attempt to capture in broad terms the nature and 
scope of the comments. This summary has been prepared in an effort to highlight 
key elements of these submissions in an abbreviated format, not to replace 
them. Every effort has been made to avoid mischaracterizations and to present 
fairly the views provided. Any failure to do so is unintentional. The comments 
may be viewed in their entirety at 
http://forum.icann.org/lists/pednr-wg-questions/.

Summary and analysis of public comments for Post-Expiration Domain Name 
Recovery Policy Development Process

Comment period ended: 10 September 2009

Summary published: 24 September 2009

Prepared by: Marika Konings, Policy Director

I.              BACKGROUND

To what extent should registrants be able to reclaim their domain names after 
they expire? At issue is whether the current policies on the renewal, transfer 
and deletion of expired domain names are adequate. To this end, the GNSO 
Council initiated a Policy Development Process (PDP) on 24 June 2009 and 
chartered a Working Group to answer the following questions:

1.    Whether adequate opportunity exists for registrants to redeem their 
expired domain names;

2.    Whether expiration-related provisions in typical registration agreements 
are clear and conspicuous enough;

3.    Whether adequate notice exists to alert registrants of upcoming 
expirations;

4.    Whether additional measures need to be implemented to indicate that once 
a domain name enters the Auto-Renew Grace Period, it has expired (e.g., hold 
status, a notice on the site with a link to information on how to renew, or 
other options to be determined);

5.    Whether to allow the transfer of a domain name during the Redemption 
Grace Period (RGP).

The Post-Expiration Domain Name Recovery Working Group that was launched 
following the adoption of its charter by the GNSO Council on 24 June 2009 
requested public input to inform its deliberations to answer the questions 
outlined above.

II.             GENERAL COMMENTS and CONTRIBUTIONS

Fourteen (14) community submissions from 13 different parties have been made to 
the public comment forum. The contributors are listed below in alphabetical 
order (with relevant initials noted in parentheses):

Andrew Allemann (AA)
Editor (E)
R K Hayden (RH)
HMA (HMA)
Pieter van Ieperen (PI)
Intellectual Property Constituency by Paul McGrady (IPC)
Krist Jake (KJ)
Brian Lowe (BL)
Ed Muller (EM)
Kristina Rosette, (KR)
Mike Secord (MS)
Thomas Taenzer (TT)
WIPO Arbitration and Mediation Center (WIPO)

III.           SUMMARY & ANALYSIS

A number of contributors responded directly to the charter questions or certain 
comments could be categorized under these questions, others raised broader 
issues and considerations for the WG to consider in relation to its 
deliberations on post-expiration domain name recovery. A summary of all 
comments can be found hereunder.

In relation to the charter questions, the following comments were submitted:

1.    Whether adequate opportunity exists for registrants to redeem their 
expired domain names

MS believes that 'registrants have sufficient time to redeem an expired domain 
name'. RH also agrees that there is adequate opportunity.

E notes that the main problem is the lack of consistency and use of different 
renewal policies, timeframes and practices by registrars. According to E this 
results in 'the user to make more mistakes'.

PI believes adequate opportunity does not exist as 'registrars are under no 
obligation to grant "auto renew grace" or "redemption grace" to registrants'.

The IPC notes that it would not be 'opposed to requiring a mandatory 30-day 
renewal grace period following the expiration date along with an additional 
email reminder to the Registered Name Holder to be sent on the fifteenth day of 
the mandatory renewal grace period to provide additional safeguards to a 
registrant'.

2.    Whether expiration-related provisions in typical registration agreements 
are clear and conspicuous enough

BL notes that registrants are responsible for renewing a domain name 
registration in a timely fashion, as they know at the outset when the domain 
name will expire by entering into a time-limited contract with the registrar.

MS believes that 'registration agreements are pretty clear about expired 
domains'.

RH notes that the issue is that expiration-related information 'is not 
conspicuous enough' and 'domains auto-renew and provisions for cancellation are 
either antiquated or unclear'.

PI notes that 'registrars seem to need many words to describe that registrants 
have no rights at all after expiration'.

The IPC notes that the RAA (3.7.5.5 and 3.7.5.6) clearly set out the 
obligations for registrars. If registrars are not complying, ICANN's Compliance 
Department should take the appropriate enforcement actions to ensure 
compliance. In this regard, the IPC recommends that 'ICANN's Contract 
Compliance staff require each accredited registrar to provide it with current 
copies of, or a link to, its standard registration agreement form, and to keep 
such copies or links up to date'.

3.    Whether adequate notice exists to alert registrants of upcoming 
expirations

BL and MS both point out that this 'depends on the registrar'. BL notes that 
'every registration includes contact details so the registrar has a way to 
contact the registrant'. MS notes that 'a registrar that does not send out 
reminders (easy to automate) is just making a big business mistake.

AA notes that in his view 'most registrars do an effective job informing 
customers of upcoming expirations', even after the domain name registration has 
expired. He states that 'the number one reason people neglect to renew their 
domains is because they have incorrect contact information', which means they 
do not receive notices from the registrar, a view also supported by the IPC 
which points out that this is in violation of section 3.7.7.1 of the RAA 
(requirement for the Registered Name Holder to provide or maintain accurate 
contact information). In AA's view, 'those that use invalid information are 
likely doing so on purpose and don't need to be protected for the purpose of 
expired domains'. He does suggest that registrars should be required to include 
the existing Whois information in the reminder, instead of a link to this 
information which seems to be current practice. The IPC recommends the Working 
Group to 'examine the data necessary to determine if there is a correlation 
between non-renewed domain names and reminder notices which are undeliverable 
due to a bad email address or inaccurate contact information'.

RH and E are of the opinion that there is adequate notice.

PI raises the issue that notices might not reach the registrant 'because of the 
"reseller" problem'.

4.    Whether additional measures need to be implemented to indicate that once 
a domain name enters the Auto-Renew Grace Period, it has expired (e.g., hold 
status, a notice on the site with a link to information on how to renew, or 
other options to be determined)

BL suggests that a domain name registration should be marked 'reserved' to 
highlight the interim status, at which point only the registrant at the time of 
expiration is allowed to renew the domain name registration.

AA notes that 'the practice of changing DNS servers upon expiration is a 
Catch-22', as on the one hand it would alert the registrant that their domain 
name has expired, but on the other hand it might prevent them from receiving 
email notices if the email is linked to the domain name registration.

AA also notes that 'expiration dates are confusing' as the Whois data normally 
show the registry expiration date which is automatically renewed for a year, 
which might result in the registrant assuming that this is the actual date of 
expiration. He therefore suggested that the WG should explore 'ways that 
registries can display this data without confusing customers', an idea also 
supported by MS and PI. MS suggests that an alternative might be to have 'the 
status show pending renewal / deletion'. PI suggests that the Whois status 
should state '"registered" before and "expired" after expiration'. The IPC also 
proposes consideration of 'an update to the Whois record, analogous to the 
"disputes notice" found in Section 3.7.5.7 of the RAA, to reflect that the 
domain name is now expired and to provide information on how to effectuate a 
redemption and renewal'.

MS is of the opinion that a notice on the site should be 'mandatory', possibly 
in combination with a note stating 'contact your service provider to renew'. He 
opposes the inclusion of a renewal link as in the case of a reseller, the 
registrant is supposed to renew through the reseller not the registrar who 
might not offer direct registration services.

PI proposes that DNS deactivation should be 'mandatory upon expiration 
(exception being an informational webpage)'.

5.    Whether to allow the transfer of a domain name during the Redemption 
Grace Period (RGP)

In the view of MS, 'registrars are not the owner of a domain name and should 
not have any rights to it, unless the registrant gives away his (or her) 
rights'. He notes that if a registrant explicitly cancels a registration, it 
might be different as it is clear the registrant 'does not want it any more'.

RH does not agree that a transfer of a domain name should be allowed during RGP 
as 'the registrant is effectively in default during the RGP' and allowing a 
transfer 'would seem to be giving them benefits they have not paid for'.

PI notes that this question is premature as 'most registrars don't even allow 
transfer in the auto renew grace period'. He adds that in theory this could be 
an option, but only if the registrant prior to expiration would control the 
transfer.

The IPC believes that a transfer of a domain name during RGP should not be 
allowed apart from a transfer to the original Registered Name Holder.

General and other comments

BL is of the opinion that it is ICANN's responsibility to ensure that 
registrars provide 'clear information regarding the expiry' of domain name 
registrations, at the time of registration as well as by using a 'warning / 
reminder services' as the expiration date approaches. Furthermore, ICANN should 
take responsibility for 'implementing the grace period by reserving expired 
domains for a minimum period'.

KJ suggests to use the term 'legacy registrant' in order to be able to 
distinguish between the registrant prior to expiration and the registrant after 
expiration, who might be a different person or entity.

EM refers to domain name warehousing in the list of topics in the RAA on which 
new and revised policies may be developed. He notes that 'registrars are merely 
transacting facilities for the registration of a domain name. They do not act 
as lessors [sic], banks or rental agencies in any manner. If a domain is really 
the property of a registrar, then registration agreements should reflect that. 
Presuming that they are merely a facilitator of a transaction, they should be 
as relative to the exchange as a real estate agent is to a home rental - it is 
never the broker's property.' He argues that 'there should be no ownership by 
registrars, no right to hold and no right to scuttle names away under aliases 
and false names'. EM is of the opinion that 'any person who has lost a domain 
due to expiration and finds that domain now the property of a registrar or one 
of its aliases instead of a real, public entity should have the right to 
reclaim these names in a clear and concise ICANN policy'.

AA points out that 'resellers may have an incentive to let domains expire since 
they can get a cut' from the auction proceeds.

KR presents the WG with 'an "expiration" scenario that has significant 
implications'. In this scenario, a registrant has explicitly requested the 
registrar to cancel the domain name registration long before the expiration 
date. As a result, the registrar removed the domain name registration from the 
'registrant's "control panel" at the registrar, moved the name to an account 
controlled by the registrar, did not delete the name at the registry, and left 
the Whois data completely unchanged'. As a result, the registrant was presented 
with a cease and desist letter, even though he had cancelled the domain name 
registration months ago. KR notes that this type of behavior can result in 
significant harm as the registrant might be held responsible for a registration 
that he or she cancelled months ago, in addition to possibly creating 'a 
situation in which a registrar engages in unlawful conduct - criminal conduct 
beyond trademark infringement - and the registrant becomes the unwitting 
victim'. WIPO also note that Whois records do not ' indicate whether a 
registrant has requested deletion of a domain name, thus, a complainant in a 
UDRP proceeding would not be able to exercise its rights under paragraph 
3.7.5.7' of the EDDP.

E compares the loss of a domain name registration to the loss as 'one's 
utilities to the home (like shutting off water or gas)'. He suggests that a 
system could be explored that would link the duration of the auto-renew grace 
period to the duration of the registration; the longer the registration period, 
the more time you will have to recover your name during the auto-renew grace 
period. E also highlights the issue of cost of recovery during RGP, which 
'seems excessive'.

PI offers a number of solutions for consideration including; making 'the auto 
renew grace and redemption grace a mandatory registrar service with maximized 
fees'; 'set prohibition against standard registration agreements that "sign 
away" these service rights; and, 'prescribe that thick registry WHOIS and 
registrar WHOIS show all ex-registrant data'. In addition, he suggest exploring 
the merger of the auto-renew grace period and the RGP into 'one 
"expired-renewable" period, in which 'expiry will be an implicit delete order 
and can be handled (nearly) the same way as an explicit delete order'.

WIPO raises the question whether 'consideration could also be given to 
implications (if any) for the Uniform Domain Name Dispute Resolution Policy 
(UDRP)'. WIPO points out that it has noted issues in relation to UDRP 
proceedings as a result of different interpretations by registrars of the 
provisions of the Expired Domain Deletion Policy that relate to UDRP 
proceedings, namely provision 3.7.5.7 'In the event that a domain which is the 
subject of a UDRP dispute is deleted or expired during the course of the 
dispute, the complainant in the UDRP dispute will have the option to renew or 
restore the name under the same commercial terms as the registrant'. WIPO 
provides a link to a recent UDRP decision 'which illustrates some of the 
potential difficulties that can arise in this respect' (see 
http://www.wipo.int/amc/en/domains/decisions/html/2008/d2008-1263.html). In 
addition, WIPO notes that one core question is 'whether adequate notice exists 
under the current policies to timely alert parties in a UDRP proceeding of 
upcoming expirations and pending deletions' and wonders whether the WG could 
give consideration to clarify 'what (if any) reasonable notice obligations' 
could be.

In his comment, HMA outlines his complaints relating to the renewal policy of a 
specific registrar in which he claims that: the change of renewal date in Whois 
caused confusion; he was not able to transfer the name in the auto-renew grace 
period; his domain name was auctioned before his payment to the registrar was 
confirmed; the registrar refused the reversal of the third party transfer; and, 
he did not receive notice of changes to the auto-renewal policy. He notes that 
'post-expiry domain auctions are common practice by many major registrars but 
implementation of related clauses in the terms of service of each registrar 
vary significantly'. In relation to the specific registrar's practices, he 
objects to the fact that there is no opt-in opt-out mechanism available and 
that provisions in the registrant agreement give sole discretion to the 
registrar to transfer the name to a third party and are not easily understood. 
HMA points to a discussion on the GA list in which the issue of compliance with 
the EDDP in relation to providing an opt-in or opt-out mechanism has been 
raised before (see 
http://gnso.icann.org/mailing-lists/archives/ga/msg06431.html). HMA goes on to 
compare these practices and provisions with those of another registrar. HMA 
expresses the concern that certain registrars 'become the registry themselves 
by not releasing domains to the registry through deletion but reassigning them 
on their own'. He argues that more attention should be paid to compliance and 
enforcement of the Expired Domain Name Deletion policy (EDDP) which states in 
3.7.5.3 that 'a domain name must be deleted within 45 days of either the 
registrar or the registrant terminating a registration agreement'. In his view, 
'the registrars are exploiting an unintended situation rather than adding a 
valuable service to the domain industry. It is questionable if there is need 
for post-expiry auctions; registrants should trade their domains before expiry 
or decide to renew them if they desire to trade them'.

IV.           NEXT STEPS

The Post-Expiration Domain Name Recovery Working Group is expected to consider 
all the relevant comments as part of their deliberations on the charter 
questions.