[Comments-com-amendment-3-03jan20] Third Amendment to the .com Registry Agreement

[Greg Thomas]

Twice in my professional career, I have been employed by VeriSign
(2009-2010 and 2013-2016) in senior roles with direct responsibility for
designing and coordinating execution of policy programs that supported the
company’s continuing ability to manage core Internet infrastructure,
including the .COM and .NET domain name registries.  Consequently, I’ve
been helping to shape ICANN policy for over a decade and, though my
participation has been most often in the background, I’ve had a unique
opportunity to develop an informed perspective on the peculiar dynamics at
the root of the DNS.



Far too often, ICANN and its stakeholders are twisted like pretzels by
policy minutiae and process when the public interest would be better served
by a sharper focus on big-picture matters of principle.  A principled
approach to consideration of this Third Amendment to the .com Registry
Agreement would accurately perceive this moment as a rare opportunity for
stakeholders to evaluate both the tangible and intangible benefits – as
well as the offsetting costs – to the public interest that accrue from
VeriSign’s management of the Internet’s largest domain name registry.



An honest and forthright performance review by stakeholders is critically
important for many reasons, including the public interest imperative of
accountability and transparency, and it must recognize and acknowledge that
ICANN is unavoidably conflicted in matters involving its contracted
parties.  The recently announced investigation by California’s Attorney
General into the proposed sale of Public Interest Registry along with the
lucrative concession rights to operate the .ORG registry should be seen as
a sign that others are becoming aware of ICANN’s conflicts.



This proposed Amendment further fans the flames by creating the widespread
perception that ICANN has engaged in a quid pro quo by trading approval of
.COM price increases for $20 million — a stain of self-dealing that no
amount of security, stability, and resiliency (SSR) whitewashing can
remove.



This matter, like any involving ICANN and its largest ratepayer, is made
especially grim because of an aggravated imbalance between the two
organizations.  On one side there is a corporation with unlimited economic
resources, a reputation for behaving as an entitled monopolist, and a
proven track record of thin-skinned and aggressive tendencies, including an
itchy trigger finger when it comes to the creative and anti-competitive use
of legal counsel and the civil tort.  On the other side is a
consensus-driven debating society for smart and talented people that is
preternaturally broke.



We know that this lopsided state of affairs didn’t spring forth fully
formed like Athena from Zeus’ forehead — so how did this happen?



An admittedly non-legal theory is that the 2006 settlement agreement for
litigation between ICANN and VeriSign is the means by which VeriSign
obtained ICANN’s acquiescence for what is now called the “presumptive right
of renewal.”  Infrastructure providers in other industries often rely on
presumptive renewal that enable costly investment, but usually they are
also regulated and called “utilities.”  Now featured in every registry
agreement, this presumptive renewal is an anti-competitive contractual
innovation which has had the practical effect of granting a perpetual
concession, or de facto ownership and, as the saying goes, possession is
9/10 of the law.



Maybe it wasn’t possible to predict how this would develop over 15 years,
but it is possible to look back now and see that this effectively neutered
ICANN as a credible regulator, sold the public interest down the river, and
has created the dangerous dynamic where an insecure Goliath with unlimited
financial resources and a martyr complex is alternating between bullying
and buying as it seeks to preserve and prolong its concession.



These issues have consequences that reverberate beyond the billions of
dollars distributed by contracts managed by ICANN and, in fact, determine
the integrity and legitimacy of private sector-led governance at the root
of the Internet.  Considering the public concern about the power of
technology companies such as Google, Facebook and others, stakeholders
should ask themselves: if the Internet’s core is rotten, then what can be
expected at the edge but bitter fruit?



*Distribution of Child Sex Abuse Materials in .COM*



The distribution of child sexual abuse materials (CSAM) is reprehensible
and indefensible.  The Internet Watch Foundation, a group combatting CSAM
online, reported in 2017 that 59.5% of CSAM websites reside in the .com
registry, including the top 5 sites on the Internet.  In 2018, a coalition
of groups combatting CSAM online wrote to ex-NTIA Administrator David Redl
and said:



*Verisign is uniquely unforthcoming. We have regularly worked and had
conversations with just about every Internet company you can think of and
quite a few you are unlikely to know. Only Verisign has been so utterly
uncommunicative. This is a very poor show and runs completely contrary to
the spirit of multi-stakeholderism.*

The letter continues in strong and unmistakable language:

*To put the matter plainly, it is immoral for a business to attempt to
deflect responsibility by arguing these matters are the sole provenance of
law enforcement and courts. As the dominant Registry in the global system,
Verisign should be taking a leadership position, adopting voluntary
procedures to combat online child sexual abuse.*

Now, two years later in 2020, ICANN has permitted the definition of DNS
abuse contained in Amendment 3 – and which applies to the largest
“territory” of the Internet – to exclude CSAM.



Two questions ought to be answered before proceeding:



ICANN will allow a “sanctuary namespace” to persist for the distribution of
materials depicting the sexual exploitation of children in exchange for
four easy installation payments of $5 million each?



How does this accrue “for benefit of the public interest”?



*Verifying Operational Accuracy*



Technical proficiency has often been pointed to as demonstrating excellence
in registry operations, such as statements about twenty-plus years of
operational accuracy for .com.  On August 19, 2019, a hosting service
provider named InfinityFree experienced an outage that they described as
being caused by “a bug in VeriSign” and further summarized the matter on
their website:



*It’s not normal that domain registrars, domain owners or hosting providers
are able to cause changes to the domain names of other people registered
with other companies.  So this is quite a severe issue with VeriSign.  And
because of that, we are not able to fix this issue for you. *



Statements made during VeriSign’s most recent quarterly earnings call
referred to increasing investment in security that were mentioned with only
vague explanations and an abbreviated response to a question from a
financial analyst.



There are any number of things that could have happened here, including the
hosting provider being completely wrong.  But considering that VeriSign
apportions 97% of its free cash flow to stock buybacks rather than
infrastructure investment, isn’t the public interest best served by
determining if there was a technical failure of the registry before
permitting the registry operator to increase its 85% gross profit margin by
giving itself a raise?



*Conclusion*



Evaluating the Third Amendment’s benefits to the public interest shouldn’t
be restricted to merely compliance with the handful of technical SLAs in
the registry agreement, but should seek to measure other contributions such
as the registry operator’s conduct as a corporate citizen and how it
apportions the revenues generated from operating a concession for the
benefit of the public interest.  Care should be taken that the financial
resources and market position enjoyed by the registry operator of .COM
don’t become an impenetrable moat between the registry operator and the
public interest it serves.


Lastly, it may be possible to seek a ruling from a federal court that finds
the presumptive right of renewal to be inherently anti-competitive and
incompatible with industry self-regulation of the DNS.  Perhaps
California’s Attorney General will expand his inquiry and come to the same
conclusion. This presumptive renewal and the resulting sense of entitlement
causes significant harm and it should be excised from the root.

-- 
*GREG THOMAS*

*THE VIKING GROUP *

*web  <https://vikinginsight.com/>| twitter
<https://twitter.com/realgregthomas> | linkedin
<https://linkedin.com/in/game-changer>    *

*Schedule a call <https://x.ai/calendar/gregthomas>*


*Check out **DNSDecrypt <https://dns.substack.com/> and find **independent
information resources for Internet stakeholders and investors.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/comments-com-amendment-3-03jan20/attachments/20200214/cb9e315e/attachment.html>