Generic Top-Level Domain Update

In 2012, the Internet Corporation for Assigned Names and Numbers (ICANN) introduced the generic Top-Level Domain (gTLD) Program to implement new Top-Level Domains into the Internet’s addressing system. To help explain the gTLD Program, this article highlights three important aspects of the Program, including: 1) background information on ICANN’s new gTLD Program and the evaluation process for applicants, 2) statistics from the first round of applications in the gTLD Program, and 3) mechanisms that rights holders may use to protect themselves (which ICANN labeled “Rights Protection Mechanisms”).

Background

A gTLD is a segment of a domain name. Currently, there are 22 gTLDs, including the familiar .com, .edu, .mobi, and .org, and another 250 country-code Top-Level Domains (ccTLDs), such as.us, .ca, and .uk. An applicant may now apply for a gTLD to be about anything they would like, such as .donut, .pencil, or .apple, for example.

A gTLD application indicates a business commitment to become a registry. Becoming a registry entails a number of significant responsibilities for a gTLD operator: for instance, the gTLD operator must purchase and maintain hardware and software and pay a non-refundable $185,000 application fee and $25,000 per year in registration fees.[1]

ICANN evaluates each gTLD applicant based on procedures outlined in its gTLD Applicant Guidebook.[2] The initial evaluation is split into two parts: string review and applicant review. The first review focuses on the applied-for gTLD string. The string review comprises three elements:

• The applied-for gTLD string must not create a probability of user confusion due to similarity with other existing Top-Level Domains (TLDs), reserved names, applied-for strings, and Internationalized Domain Name country-code TLDs (IDN ccTLDS);
• The applied-for gTLD string must not adversely affect Domain Name System (DNS) security or stability such as experiencing a non-trivial load of unanticipated queries; and
• The applied-for gTLD string, in four cases, must have documentation of support of non-objection from the relevant governments or public authorities where:
  • the string is a representation, in any language, of the capital city name of any country or territory listed in the ISO 3166-1 standard;
  • the string is a city name, where the applicant declares that it intends to use the gTLD for purposes associated with the city name;
  • the string is an exact match of a sub-national place name, such as a county, province, or state, listed in the ISO 3166-2 standard; or
  • the string is listed as a UNESCO region[3] or appears on the “Composition of macro geographical sub-regions, and selected economic and other groupings” list.[4]

The second review, which focuses on the applicant, analyzes:

• Whether the applicant has the requisite technical, operational, and financial capability to operate a registry; and
• Whether the registry services offered by the applicant might adversely affect DNS security or stability.

The applicant must demonstrate a clear understanding and accomplishment of groundwork toward the key technical and operational aspects of a gTLD registry operation. This demonstration is accomplished through answering questions 24-44 in the Applicant Guidebook.[5] These questions inquire into the applicant’s intended technical and operational approach for those registry functions that are outward facing, including interactions with registrars, registrants, and various DNS users. Further, these questions request information regarding the applicant’s intended technical and operational approach for those registry functions that are internal to the infrastructure and operations of the registry, including security policies, geographic dispersion of incoming network traffic, Whois information, system architecture, network architecture, and data backup policies.

The applicant also must demonstrate financial capability to run a registry.[6] This demonstration is accomplished through submission of financial statements, including balance sheets, income statements, statements of capital, cash flow statements, letters of independent certification, and projection templates. The applicant must also describe and explain the expected operating costs and capital expenditures of setting up and operating the proposed registry, such as DNS resolution for registered domain names, operation of the Shared Registration System, Provision of Whois service, registry data escrow deposits, and maintenance of a properly signed zone in accordance with Domain Name System Security Extension (DNSSEC) requirements.

Statistics

The first round of new gTLD applications opened on January 12, 2012 and closed on May 30, 2012. Although ICANN reaffirmed a commitment to a second round of applications for the gTLD Program, it has yet to release timing information.[7] For the first round, ICANN received 1,930 applications. The entire list of applications is available at ICANN’s website.[8] Of those applications, a large majority are standard applications.

ICANN received applications for exact matches of strings in 230 cases. Predictably, there are multiple applicants for descriptive gTLDs such as .app, .book, .buy, or .llc. There are also multiple applicants for the gTLD .law. A disparity exists for the number of applications per applicant. For example, some companies applied for one gTLD, while others chose to apply for multiple. A largest number of gTLD applications for any one company was 307.[9]

Rights Protection Mechanisms

The gTLD Program contains mechanisms, known as Rights Protection Mechanisms (RPMs), to protect intellectual property interests, community interests, consumer protection, and DNS stability. These mechanisms can be roughly divided into five categories: Trademark Clearinghouse, Uniform Domain Name Dispute Resolution (UDRP), Uniform Rapid Suspension System (URS), Post-Delegation Dispute Resolution Procedure (PDDRP), and Malicious Conduct Mitigation.[10]

Trademark Clearinghouse[11]

The Trademark Clearinghouse is a centralized database of verified data on registered trademarks. The Clearinghouse is designed to minimize the time and cost to trademark rights holders by allowing them to register their trademark data with one centralized source for a one-time fee, rather than having to register their trademark data with every new gTLD registry operator. The Clearinghouse, therefore, facilitates the use of RPMs rather than performing the function of a RPM.

Two examples of such RPMs are Sunrise Registrations and Trademark Claims Services. A Sunrise Registration is the name for a period during which trademark owners can purchase domain names before the general public. A Trademark Claims Service, on the other hand, provides notice to a prospective domain name registrant of a potential conflict between the domain name and an existing trademark. It also provides notice to the trademark owner if the domain name is registered following the registrant’s representation of non-infringement. However, the Trademark Claims Service is limited to exact matches of a domain name to a word mark.

UDRP[12]

The UDRP is an existing ICANN process for clear cases of bad-faith, abusive registration, and use of domain names. The UDRP provides a mechanism to keep cyber-squatting disputes out of the courts. Although the UDRP is optional for trademark owners, it is mandatory for gTLD registrants. The UDRP does not prevent either party from submitting a dispute to a national court of competent jurisdiction. Complainants must have rights in a trade or service mark, even unregistered rights. Personal names, descriptive terms, and geographical identifiers may be actionable to the extent they have acquired distinctiveness through secondary meaning.

URS[13]

The URS is not meant to replace the UDRP, but rather to act as a quicker complement. For example, the initial administrative review of a URS must be conducted within two business days of submission of a Complaint to a URS Provider. Upon completion of the administrative review, a registry operator must “lock” the domain within 24 hours of receiving a Notice of Complaint from a URS administrator. Thus, a rights holder can suspend a domain name within 3-5 days. Similar to the UDRP, the URS is intended for clear cases of trademark abuse. The only remedy available to a URS complainant is the temporary suspension of a domain name for the duration of the registration period.

PDDRP

The PDDRP is an administrative option for trademark owners to file an objection against a registry operator for operation or use of its gTLD that caused or materially contributed to trademark abuse. The PDDRP provides an opportunity for an administrative review, a threshold review, an expert panel, discovery, hearings, an expert determination, and appeal of the expert determination.

Malicious Conduct Mitigation[14]

ICANN adopted further mechanisms to reduce the potential for malicious conduct. For instance, all registry applicants must be reviewed for past criminal history. Further, an enhanced Whois record, called “Thick Whois,” at the registry level means rights holders have more robust access to ownership information of the registry operator to facilitate rapid resolution of malicious conduct issues. Additionally, all gTLD registry operators must establish a single point of contact responsible for handling abuse complaints.

 © 2012 McDonnell Boehnen Hulbert & Berghoff LLP

 
snippets is a trademark of McDonnell Boehnen Hulbert & Berghoff LLP. All rights reserved. The information contained in this newsletter reflects the understanding and opinions of the author(s) and is provided to you for informational purposes only. It is not intended to and does not represent legal advice. MBHB LLP does not intend to create an attorney–client relationship by providing this information to you. The information in this publication is not a substitute for obtaining legal advice from an attorney licensed in your particular state. snippets may be considered attorney advertising in some states.