What If There Were An Application For Dot Wikileaks?

What would happen if the Internet Corporation for Assigned Names and Numbers (ICANN), the domain name system oversight body, received an application for a .wikileaks top level domain name (TLD) next year, under its new system of opening up the internet for domains? It could make an interesting example of how well the complex system to apply for new TLDs works and how much political intervention is possible in the system. At the 39th ICANN meeting in Cartagena, Colombia this week, the self-regulatory body is trying to finalise issues in the published Final Applicant Guidebook – and it is governments and trademark owners that are calling for more time and more procedures.

The hot issue discussed by the worldwide internet community, the witch-hunt against Wikileaks by commercial service providers in the US and various countries, is no topic for the private DNS self-governance body, according to ICANN CEO Rod Beckstrom. “We have not been approached by governments on this,” Beckstrom said in answer to questions from Intellectual Property Watch at an ICANN press conference.

In a related question, just before the meeting in Cartagena, Beckstrom underlined in a blog post that ICANN had no part in the intellectual property-related takedowns of over 80 .com domains following actions by the US Immigration and Customs Enforcement agency (ICE), a branch of the Department of Homeland Security.

“ICANN does not take down domain names – we have no technical or legal authority to do that. We have no involvement in the takedown of any website, which is an issue of national authority,” Beckstrom wrote in the blogpost. The seizure of domains undertaken by ICE had been criticised for targeting a group of sites promoting hip-hop and rap music, “showcasing new artists and helping fans connect and share information about the music they love,” according the Electronic Frontier Foundation.

EFF warned that “these seizures may be just a short preview of the kind of overreaching enforcement we’ll see if the Congress passes the Combating Online Infringement and Counterfeits Act (COICA).” The COICA bill, if passed through US Senate and House of Representatives, would allow US authorities to take action against websites, even if non-US-based, by obliging providers to filter according to an official blacklist. One hip-hop expert said the recent seizures equalled a “war on hip-hop.”

Michele Neylon, CEO of Irish domain name registrar Blacknight Solutions, who is active in ICANN’s discussions about a future registrar accreditation agreement, said the takedowns of the 82 domains were done at the registry level. “From what I have been able to gather, none of the registrars were contacted or informed about the domains ‘going dark’, which is hardly ideal,” he said.

As with Wikileaks, the seizures did not prevent the more determined from bringing their content back online using different domain names. Wikileaks’ content now is mirrored on over around 800 websites globally under a variety of country code (like .de for Germany) and generic domain names from .info to .no, .jp or .co, the domain ccTLD of the Colombian host of the ICANN meeting. And technically, a revival of the currently unreachable wikileaks.org domain was possible, experts said.

The Wikileaks domain has not been seized, as in the case of the 82 seized sites. Instead, Wikileaks domain name system (DNS) providers EveryDNS stopped its service on 3 December. Restoring access to wikileaks.org should be possible, experts told Intellectual Property Watch, by choosing a new hosting company.

“In general, a government would have to issue a legal note or a court order for domain names to be required to be taken down,” explained Ram Mohan, CTO of Afilias, the registry behind the .org domain that is managed by the Public Interest Registry (PIR). “There is no mechanism by which ICANN can require a particular domain name such as wikileaks.org to be taken down by a registry or a registrar,” he said.

If case such a request were placed by ICANN, unless there was a contractual obligation to do so, there would be no obligation on the part of the registry or the registrar to comply. ICANN had itself historically kept away from such requests or actions, said Mohan. There was one notable exception, experts note: during the mad days of the conficker attack, ICANN cooperated with registries and registrars to take down so-called fast-flux domains, in which the attacker moved quickly from one domain to the next.

Given the politicisation of the issue, not everybody buys into the logic that ICANN really has no role here. Joao Damas, one of the experts on DNS active in the Internet Engineering Task Force, told Intellectual Property Watch, “Aren’t they supposed to be the body that governs the behaviour of TLDs, or at least gTLDs?” The latter refers to generic top level domains, like .com, which are not restricted to certain types of use, like, say, .museum is.

An appeal of a similar nature to ICANN was made by a German Green Party politician during the German government’s annual IT Summit. Malte Spitz, member of the executive committee of the Green Party, declared in a 7 December press release: “The recent events (related to Wikileaks) mark a catastrophic failure in global internet governance.”

ICANN especially missed its obligation to putting pressure on registries and registrars not to buckle when it comes to government intervention, Spitz warned. “Otherwise,” Spitz asked, “what will happen when we face an international crisis and conflicts between states?” Which infrastructure can still be trusted in the future, when data can just be thrown out from Amazon’s cloud, for example, he asked.

Spitz said he is afraid that the internet is no longer a free communication medium. In Germany – as in other countries – some service providers said upfront to their users they would not allow hosting of Wikileaks mirrors, yet had to back-pedal somewhat after a public outcry demanding that users themselves are responsible for content.

Lutz Donnerhacke, domain name system expert at IKS Jena and candidate for ICANN’s At-large Advisory Committee, said he had had no problem so far in providing the wikileaks.de domain and felt assured that wikileaks.org could be brought online again. But Donnerhacke agreed to some extent that ICANN could make a difference, because the organisation is “writing the rules and procedures for registries and registrars” and is just in the process of doing so for the new gTLDs.

ICANN in Charge of “Rule Books”

Donnerhacke said ICANN is developing in its policy process the rules on what names would be possible – or impossible – as new TLDs in the future, and who could file objections. It also developed standard procedures for the registration of second level domains, like washington.wikileaks for example, and what enforcement mechanisms must be used if domain users did not comply. One example that would allow the takedown of the domain would be to use wrong name or address data in the Whois database – Wikileaks lost its Swiss PostFinance banking account because of a similar rule in their terms and conditions, he registered under an obviously wrong postal address.

Donnerhacke also pointed to the very difficult debate about “objections to future TLDs” based on morality and public order. A dot.wikileaks application might be objected to by the US government. Whether ICANN would or would not reject it would it depend on what procedure it establishes for the objections. According to ICANN Vice Chair Kurt Pritz, the ICANN board recently rejected the inclusion of the category “political discrimination” as a criteria for an objection against a new TLD. Other than “incitement to discrimination” based on racial, sexual or religious grounds, “discrimination based upon political or other opinion is in fact widely accepted and practiced in democratic societies,” the ICANN board wrote.

ICANN’s leadership hopes to outsource the possibly delicate questions if a certain TLD applied for by somebody from “country A” was declared contradictory to the morals in “country B” and therefore be unacceptable from the respective government point of view. The ICANN Board would prefer to stay out of the business of making decisions in those cases. But does this help to prevent overzealous objections by governments from .whistleblower to .gay?

Moreover, much tighter rules for TLDs and domain name registration in the new TLD world is requested by trademark owners and big business. According to Mark Cavell from the UK Department for Business, Innovations and Skills (BIS), “this is where the most contributions were coming from.”

The International Trademark Association (INTA), the European Communities Trademark Association (ECTA), and the World Intellectual Property Organization all have expressed the same problems, namely that the trademark protection mechanisms foreseen for an expanded name space were “not effective enough.” With regard to hopes of signing the already voluminous Final Applicant Guidebook and announcing a start of applications of .wikileaks, .gay, .sport or .nyc in May, Cavell said, “We’re not there yet.” Cavell went as far as to say that he was “still not convinced that the benefit of the new gTLD programme was outweighing the cost.”

Cavell’s comments were applauded by many governments. The National Telecommunications and Information Administration (NTIA) had before the Cartagena meeting said an informed decision about the new gTLD procedure at this meeting was “unrealistic” and ICANN was risking violation of the Affirmation of Commitments, a document signed by ICANN and the US National Telecommunication and Information Administration that lists ICANN’s responsibilities toward the international community. NTIA representative Suzanne Sene listed IP protection, consumer protection, geographic names and the much-debated objection procedure as open issues.

WIPO in its statement to the latest Application Guidebook had been requesting higher standards protecting rights for the Applicant Guidebook, including easier and cheaper access to a new clearinghouse and stricter rules for the Uniform Rapid Suspension system (URS), which is like the existing Uniform Domain Dispute Resolution Procedure (UDRP), but is a faster procedure against trademark violation. Here WIPO criticises, for example, the “unclear provider tracking obligations that exclude registration behaviour.” Also, WIPO again proposed a standard for “wilful blindness” in a new “post-delegation dispute resolution procedure” (PDDRP). If a registry operator “knowingly permitted, or could not have reasonably unaware of” infringements, he would be responsible, according to the WIPO proposal.

This would even go beyond current US law, warned Jeff Neuman, vice president of Neustar, in what he said was a personal statement during one of the Cartagena sessions on the new TLD process. Neuman was among those who asked ICANN to move forward with the introduction of the new names after the community has worked out concepts in a variety of special rights working groups, including the Implementation Recommendation Team (IRT), the Special Trademark Issues Working Team (STI), the Internationalized Domain Name Working Group (IDNWG), the Zone File Access Advisory Group (ZFAAG), the High Security Top-Level Domain Advisory Group (HSTLD-AG) and others. Neuman said in Cartagena: “I was on the IRT, I was on the STI, but I think right now we’ve got everything to move forward and test it out.”

Even before this potential testing starts, the Wikileaks domain will continue to provide a stress test for the DNS as an open and accessible infrastructure. The Internet Society this week clearly warned that the incident around Wikileaks “dramatically illustrates” that the “principles of free expression and non-discrimination” that were essential to preserve the openness and utility of the internet “are currently at risk.”

While the ISOC recognised that the Wikileaks content was subject of concern to a variety of individuals and nations, the organisation wrote, “We nevertheless believe it must be subject to the same laws and policies of availability as all internet sites. Free expression should not be restricted by governmental or private controls over computer hardware or software, telecommunications infrastructure, or other essential components of the internet.”