New global top-level domain names: Europe, the challenger

“There are roughly two dozens now, but soon, there could be hundreds[1],” writes the Internet Corporation for Assigned Names and Numbers (ICANN), the organisation responsible for managing and coordinating the system of unique identifiers and names on the internet - on its webpage dedicated to the creation and forthcoming implementation of the new generic top-level domain names (gTLDs).

gTLDs are the highest level of domain names in the domain name system (DNS), including .com, .net and .org; their number has been restricted to twenty-two for several years, and ICANN has implemented several restrictions on the ways in which they are operated. Thanks to the new gTLDs programme, businesses and organisations are now able to apply for their own customised top-level domain names, thereby greatly expanding their current number. ICANN’s move is the most recent controversial one in a subfield of internet governance, the management of the Domain Name System (DNS) of the “network of networks”, which is already rife with political and economic controversies. What are the implications of this “turn” to new gTLDs? This article attempts to outline them, and, it addresses the impact of the new gTLDs programme on Europe’s action-taking in the internet governance realm. The article also considers the likely impact of the new programme on ICANN’s governance and weight vis-à-vis other important internet governance actors.

The Domain Name System and ICANN: an internet governance “hot potato”

The Domain Name System of the internet establishes the domain name space in the same way that the Internet Protocol establishes the Internet address space[2]. The DNS translates between alphanumeric domain names and their associated internet protocol (IP) addresses necessary for routing packets of information over the internet. For this reason, it is oftentimes called the internet’s “phone book”.

The DNS, through this address resolution process, handles billions of queries per day. In a very simplified way, the DNS can be described as a wide database management system, arranged hierarchically but distributed globally, across countless servers. The internet’s root name servers contain a master file, the root zone file, listing the IP addresses and associated names of the official DNS servers for all top‐level domains. The management of the DNS has always been a central task of internet governance, and ICANN is ultimately responsible for managing the assignment of domain names (delegated through internet registrars), and for controlling the root server system and the root zone file.

There have been a number of controversies in this area, that continue to this day, involving institutional and international power struggles over DNS control, and issues of legitimacy, democracy, and jurisdiction. Notably, debates have addressed the extent to which the privileged historical ties between ICANN and the United States government continue to exist, despite the  increasing internationalisation of the internet, which may call for a more prominent role of other countries in ICANN governance; this controversy continues to be a heated topic in internet governance discussions. There are additional policy implications in the DNS: it was originally restricted to ASCII characters, precluding the possibility of domain names in many language scripts such as Arabic, Chinese or Russian. Internationalised domain names (IDNs) have been introduced in May 2010. Further DNS issues concern the relationship between domain names and freedom of expression, security, and trademark dispute resolution for domain names.

The DNS is perhaps, nowadays, the best illustration of governments’ and companies’ tendency to govern or manage the internet by co-opting infrastructures of internet governance for purposes other than the ones they were initially designed for[3]. Domain name seizures that use the DNS to redirect queries away from an entire web site, rather than just the infringing content, have been considered as a suitable means of intellectual property rights enforcement – to be carried out by internet registries, internet registrars, or even DNS operators such as internet service providers. DNS-based enforcement was at the heart of controversies and internet boycotts over the legislative efforts to pass the Protect IP Act (PIPA) and the Stop Online Privacy Act (SOPA) (Ammori, 2011). Governance by infrastructure enacted through the DNS by private actors was also visible during the WikiLeaks saga, when Amazon and EveryDNS blocked Wikileaks’ web hosting and domain name resolution services[4].

Generic top-level domain names

Top-level domains are the highest level of domains in the DNS,  installed in the root zone of the name space; generic TLDs, a category of these highest-level domains[5], are familiar to the public as widely used internet addresses’ suffixes such as .com, .net, and .org. They can be either unsponsored – domains that operate under policies established by ICANN “on behalf” of the global internet community – or sponsored, proposed and funded by private agencies or organisations that establish and enforce the rules restricting the use of the domain. The number of gTLDs has been slightly increasing since ICANN’s inception, but has stabilised at twenty-two for several years.

Over the years, the demand for more gTLDs has been constant, just as has ICANN’s consideration of many proposals, by different actors, for practical ways to go about their implementation. These proposals range from adoption of policies for unrestricted gTLDs to chartered gTLDs for specialised uses by dedicated organisations. ICANN’s new gTLD programme, approved in June 2011 under the banner of “promot[ing] competition in the domain name market while ensuring internet security and stability[6]”, ends most restrictions on gTLDs and allows businesses and other organisations to apply for their own customised top-level domain names. This constitutes the first significant expansion of the system in existence today, and has the potential of carrying important implications for the future of the DNS, if not in the way the internet operates, in terms of potential changes in “the way people find information on the internet or how businesses plan and structure their online presence[7]".

The unveiling of the new gTLDs programme

Roughly a year after its announcement of the programme, ICANN held a press conference in London to mark the “Reveal Day[8],” during which its Senior Vice President Kurt Pritz noted that over 500 companies and organisations had applied for nearly 2,000 TLDs. The announcement was not exempt from controversy, for a number of reasons. United States-based organisations and companies accounted for more than half of the applications, with the domain name registry Donuts applying for more than three times the number of gTLDs as the next largest applicant[9]. This US focus is possibly attributable to an issue of cost: ICANN set the fee for each TLD application at $185,000, while noting that financial assistance to organisations that wanted to register for TLDs but could not meet the applications fees was provided, and the geographical spread was, in fact, wider than it expected – ICANN’s CEO, Rod Beckstrom, was quoted as saying that “To have 17 applications from Africa is actually encouraging, it’s a significant expansion[10]”.

While emphasising the positive side of the programme’s goals (“enhancing competition and consumer choice, and enabling the benefits of innovation[11]”, in addition to increased control, innovative business models, and even community engagement and geographic celebration[12]), ICANN had been adamant about the responsibilities that applying for a new gTLD would entail. These include the preservation of some financial stability over a minimum of three years, compliance with all the obligations of the registry agreement with ICANN (with enhanced restrictions when running a community-based TLD), and employment of highly skilled technical operators. Thus, ICANN compared these responsibilities to those of Verisign[13], the American company currently operating two of the internet’s thirteen root name servers: “When you apply for a new gTLD you are applying to run a registry business. You will be responsible for a critical and highly visible piece of internet infrastructure. Just as Verisign is responsible for all the domain names registered in the .com top-level domain, so you would be responsible for all the domain names registered in your .something gTLD[14].” Additional risks were identified in unforeseen competition from unexpected sectors, and the “uncharted territory” that the new sector, with its lack of already-tested and proven business models, could entail for its pioneers[15].

New gTLDs are just around the corner?

The first implementation within the new gTLDs programme – i.e., the actual insertion of a new TLD into the internet root to render them operational – may be happening within a few months. July 1st, 2013, has been proposed as the earliest possible date and a pilot program is currently underway. This is earlier than what had previously been anticipated, and for applicants as well as some users, it has been welcomed news; however, all dates remain tentative. In particular, ICANN has underlined - at the very moment in which a March briefing by the organisation was announcing the schedule of the first release - that priority will be given to its core mission of preserving the technical stability of the internet’s naming and addressing system, which seems to imply that the first implementation will be delayed if its broad impact cannot be thoroughly assessed or raises concerns. IT consultant and former ICANN member, Stephane Van Gelder, noted that “Security and Stability Reviews are ongoing as the program ramps up towards launch, with constant monitoring of the potential technical impact of new gTLDs going live. This will only happen once ICANN is satisfied that doing so carries no technical risk to the Internet[16]."

Earlier this year, ICANN’s Governmental Advisory Committee – the body that provides advice and input from governments to ICANN on issues of public policy, especially where there may be an interaction between ICANN's activities and national laws, or international agreements – gave the ICANN Board its thoughts on the first batch of applications. While two applications received outright objections[17], governmental advice came for the most part in the form of “safeguards”. The Governmental Advisory Committee noted that specific categories of TLDs require additional protections or restrictions to be implemented; for example, it asked for the singular and plural versions of the same basic string not to be considered separately (e.g., .game and .games). It also requested that the signing of any new gTLD contract be dependent upon the completion of the new registrar contract currently being finalised[18].

European perplexities on content and procedures

The European Commission (EC) is not elated by the ways in which the program is being carried out, and has expressed perplexities on both the content of some applications and the procedures with which ICANN has handled government objections to new gTLDs[19]. On November 29, 2012, the EC, in the person of Linda Corugedo Steneberg, Director at the Communications Networks, Content and Technology Directorate, issued a letter to ICANN[20] with a list of 58 applications deemed problematic, including .sex, .sexy, .free, .green, .eco, .health, .doctor, .baby, .sale and .security[21].

However, the letter also pointed out that the EC’s initiative should not be considered as an Early Warning, i.e., a notice from ICANN’s Governmental Advisory Committee members that an application is seen as potentially sensitive or problematic by one or more governments[22]; instead, the listing of a new gTLD was to be considered as a signal that further discussions between the EC and the relevant applicant were necessary. The letter has also been interpreted as an implicit critique of ICANN’s procedures, pointing out that even if the Governmental Advisory Committee does not officially advise against these applications, the EC may decide to take other action against them: “the fact that the letter […] explicitly states that the warnings are definitely not official Early Warnings [...] sends a worrying signal that the EC is not in the mood to play by ICANN’s rules[23].” In addition, the EC expressed its disappointment about the limited number of applications coming from developing countries, making explicit that “this is clearly an area where ICANN needs to re-focus its efforts[24].”

In the larger context of the relationship between sovereign governments and ICANN, the European Commission’s action is considered quite significant, because by explicitly opting out of the Early Warning process and naming its own list of potentially problematic gTLD applications, the EC is bypassing the Governmental Advisory Committee as ICANN’s prescribed process for governments and intergovernmental bodies to provide input on domain name policy matters. FairWinds Partners, a digital strategy consulting firm, interestingly concludes in this regard that “the European Commission brought new gTLD applications into the legal realm of legislation and policy, quietly implying that ICANN has no jurisdiction in such matters. The European Commission has sent the message that it is not within ICANN’s purview to oversee issues that impact a nation’s (or in this case, a union of nations) economy, culture, freedoms of speech and expression, or industry regulations – this power rests with the sovereign governments of those nations[25].” FairWinds further states that, in addition to echoing past criticisms of ICANN processes, the EC’s action “raises issues of adjudication: if other governments follow the European Commission’s lead or even take a step further by deeming whether or not a new gTLD is allowed to exist independently of ICANN’s assessment, who holds the ultimate authority to determine the fate of the gTLD, ICANN or the government?[26]” The letter of the EC could set a critical precedent.

ICANN weighing even more in the internet governance arena?

In a number of ways, the new gTLD programme makes ICANN even more central an actor in internet governance. By framing the programme as a promoter of competition in the domain name market, while at the same time seeking to maintain internet security and stability, ICANN’s activities and policies also have the potential, as the organisation itself underlines, to influence the way internet users find information online, or the ways in which companies arrange and display their online presence.

As a consequence, ICANN is now, more than ever, under scrutiny of international actors, of which the European Commission is a notable example. Despite claims by ICANN that “this is a not-for-profit initiative [and if] the fee collection exceeds ICANN’s expenses, the community will be consulted as to how that excess should be used[27],” there are concerns that “what can’t be overlooked today is the fact that [the new gTLDs’] unveiling will be most beneficial for big business. Companies that don’t find themselves on or anywhere near the Fortune 500 list probably don’t have hundreds of thousands of dollars set aside for a rainy day, especially if that day approaches but the forecast is mixed[28]”. The fee set by ICANN may discourage most smaller businesses for applying, while it will not be a major issue for bigger players.

Moreover, the argument is made that the actual implementation of the new gTLDs, that ICANN is pushing for July, may be premature, causing problems for the very internet security and DNS stability that ICANN is claiming to preserve. The concern comes from one of ICANN’s long-time supporters, Verisign. The company notes in a recent report[29] the little consideration ICANN has given to registry operators that will need to prepare for the changes, including dealing with security implications that may affect the working of the whole internet[30]. Verisign appears to be implying that ICANN may be using the (excessively?) speedy implementation of the new gTLDs programme to reinforce its own powerful position in the internet governance landscape - and, to pursue this primarily political objective, may maintain this “neck-breaking” schedule to the detriment of internet stability, if necessary. Will the implementation of the new gTLDs reassure those who, as Verisign, feel that the programme displays an increasingly “ICANN-centric role[31]” in the governance of a critical area of internet infrastructure? Only the close future will tell, but one thing is certain: the new gTLD programme has important implications for both the stability and security of the internet’s infrastructure, and the ways in which users experience the internet daily - from online search habits to e-commerce. As such, it should be implemented gradually and cautiously; ICANN has fifteen years of experience on which it can build to ensure that this is the case.