Document Actions

Special Issue on Law and Governance in the Digital Era

Regulating Online Content through the Internet Architecture: The Case of ICANN’s new gTLDs

  1. Caroline Bricteux


The process introduced by the Internet Corporation for Assigned Names and Numbers (ICANN) to assess and allocate new generic top-level domains (gTLDs) offers a vehicle for content regulation at two levels. First, regarding the gTLD itself, objection procedures were set up to allow third parties to challenge an applied-for gTLD deemed to be contrary to “general principles of international law for morality and public order” or detrimental to broadly defined communities. The real target of these objections managed by the International Chamber of Commerce was not the gTLD itself, but the potentially controversial content that might be published under it. Second, these preventive measures were coupled with a strengthened anti-abuse policy for new gTLDs. ICANN amended its standard agreements with domain name registries and registrars to impose additional safeguards, compliance with “all applicable laws”, and remedies such as suspension of the domain name, which is a powerful tool to deny access to online content. Surprisingly these amendments were not discussed under ICANN’s consensus policy development process but added at the request of governments after the launch of the New gTLDs Program. These provisions, if actually enforced by ICANN, could lead to content policing by private entities without any measure to ensure due consideration of domain name holders’ freedom of expression.


1. Introduction*

Technical control of crucial Internet resources has well-known political, economic and social dimensions. Numerous studies have shown that Internet intermediaries – such as access providers, web hosting services or search engines – face pressure from various sources to regulate online content.  [1] Intermediaries are increasingly subjected to injunctions to deny access to illegal content,  [2] and under certain conditions they may additionally be held liable for content uploaded by third parties.  [3] Targeting intermediaries rather than content providers overcomes the difficulty of identifying the source and recipients of a particular piece of content on the Web. However efficient this strategy is to tackle illegal activities and abuse online, it has come under considerable criticism. Proponents of freedom of expression have repeatedly claimed that putting intermediaries under pressure to regulate content carries a significant risk of over-censorship, without transparent processes and guarantees that the competing rights and interests at stake will be carefully balanced by the intermediary.  [4]

I will argue in this paper that domain name registries and registrars might also serve as points of control  [5] for the content posted in the domain that they administer, in particular with regard to the new processes brought by the Internet Corporation for Assigned Names and Numbers (ICANN) to assess and allocate new generic top-level domains (gTLDs). Since 1998, ICANN has been in charge of the management of the Domain Name System (DNS), which operates the translation of user-friendly domain names into computer-friendly IP addresses. In June 2011 its Board of Directors announced the launch of the New gTLDs Program, a plan to implement an unprecedented expansion of the DNS by significantly increasing the number of generic top-level domains (gTLDs such as .com, .org or .net), with the aim of fostering diversity and encouraging competition at the top level of the Internet’s namespace. Worryingly, the process introduced by ICANN to assess and allocate new gTLDs offers a vehicle of content regulation at two levels. First, regarding the gTLD itself, objection procedures were set up to allow third parties to challenge an applied-for gTLD deemed to be contrary to “general principles of international law for morality and public order” or detrimental to broadly defined communities. The real target of these objections managed by the International Chamber of Commerce (ICC), was clearly not the gTLD itself but the potentially controversial content that might be published under it. Second, these preventive measures were coupled with a strengthened anti-abuse policy for new gTLDs. ICANN amended its standard agreements with domain name registries and registrars to impose additional safeguards, compliance with “all applicable laws”, and remedies such as suspension of the domain name, which is a powerful tool to deny access to online content. Surprisingly these amendments were not discussed under ICANN’s consensus policy development process but added at the request of governments after the launch of the New gTLDs Program. These provisions, if actually enforced by ICANN, could lead to content policing by private entities without any measure to ensure due consideration of domain name holders’ freedom of expression.

The rest of this paper is divided into four sections. I will start in Section B by examining the evolution of the DNS from its inception in the 1980s through the following three decades, in order to fathom the ambition of the New gTLDs Program. We will see that expanding the DNS raises more than technical questions, as delicate policy decisions have to be taken to set the standards and procedures governing the creation and allocation of new gTLDs. The following two sections will be devoted to two mechanisms introduced by the New gTLDs Program that ultimately produce a form of content regulation. Section C deals with the objection procedures and Section D deals with the new contractual obligations of domain name registries and registrars regarding abuse. Section E sums up the arguments and identifies potential future developments.

2. The Evolution of the Domain Name System

In June 2011, ICANN’s Board of Directors gave the green light for the New gTLD Program, which was announced to be “one of the biggest changes ever to the Internet's Domain Name System”.  [6] The DNS is a crucial feature for human Internet users, as it operates the translation of alphanumeric domain names (such as into the corresponding IP addresses (such as needed for the transmission of information across the network. The DNS differs significantly from the rest of the Internet’s decentralized and distributed architecture: it must be operated on a centralized basis to ensure that every domain name is unique and that a website name will always lead to the same address, regardless of the geographical location of the user typing the name in his web browser.  [7] In the early days of the Internet, the naming and addressing system relied on a single distributed file, which had to be updated whenever a new computer joined the network. This highly centralized directory rapidly became unable to accommodate the Internet’s fast growth. Therefore, the DNS was developed in the 1980s to enable the decentralization of the naming and addressing functions, while retaining some degree of centralized control to ensure consistency and uniqueness of the identifiers. The key was the hierarchical division of the namespace into different levels of domains. This tree-shaped hierarchy is reflected in the arrangement of domain names, from right to left and separated by dots: (1) a top-level domain (TLD); (2) a second-level domain (SLD or 2LD); (3) an eventual third-level domain (3LD), and so on. To give an example, with, .be is the TLD, .ac is the SLD and ulb is the 3LD. Two main categories of TLDs coexist: generic top-level domains (gTLDs) such as .com, .biz and .xxx, and two-letter country-code top level domains (ccTLDs), such as .be for Belgium, .de for Germany and .cn for China. The hierarchical structure of the DNS enables the storing of information about each level at different name servers, which can in turn perform the domain name resolution function, i.e. the name-to-number translation. At the top of the hierarchy lies the root, a single file that contains the list of the authoritative servers for each top-level domain.

The hierarchical design of the DNS is reflected in its management, with powers devolving from TLDs to sub-domains. ICANN is placed at the apex of the hierarchy and has administered the DNS root since 1998. Until 1998 the DNS was maintained relatively informally by contractors of the U.S. government, which was funding research on packet switching technology and its applications. As the Internet evolved into a major commercial and communication platform in the mid-1990s, businesses and foreign governments pressured the U.S. authorities to increase competition and privatize control over the DNS. After requesting comments, the National Telecommunications and Information Administration (NTIA), an agency of the U.S. Department of Commerce, released a Statement of Policy in June 1998, which called upon the Internet community to form a private not-for-profit corporation to manage the DNS.  [8] This resulted in the formation of a new corporation under California law, ICANN.  [9] ICANN is characterized by a multi-stakeholder governance model and bottom-up decision-making processes: its policies are initiated and developed within supporting organizations whose members represent both commercial and non-commercial interests of the DNS. Final decisions are taken by ICANN’s Board of Directors. Advisory committees complete this complex structure to give an opportunity to governments, among others, to make their voices heard within ICANN.  [10]

Until 30 September 2016, ICANN’s authority over the DNS derived from a crucial contract with the U.S. government – acting through the NTIA – regarding the so-called IANA functions.  [11] The IANA contract, which was initially signed in 2000 and renewed several times,  [12] made ICANN responsible for coordinating the Internet unique identifiers (domain names, IP addresses, and protocol parameters). The U.S. government retained oversight over ICANN through this contractual relationship, notably by its ability to impose new contractual terms during renewal rounds.  [13] The U.S. government oversight was highly controversial, not only because the privatization of the DNS management was incomplete, but also because other governments did not have similar powers and only played an advisory role within ICANN. Following years of criticism, the U.S. government announced in March 2014 its intention to relinquish its remaining oversight role and to transition that responsibility to the global multi-stakeholder community, excluding a government-led or an inter-governmental replacement.  [14] ICANN was designated as the convener of the process to develop a transition proposal with all stakeholders across the global Internet community. In March 2016, after two years of intense discussions, this process culminated in the submission of a transition proposal to the NTIA.  [15] Notably, the text proposed to transfer the performance of the IANA functions to a new, separate legal entity, which would be formed as an affiliate of ICANN. This new entity would become the IANA functions operator, while ICANN would assume the role played until then by the NTIA. In addition, ICANN’s actions would be subject to strengthened accountability mechanisms. The transition had indeed prompted a parallel discussion on ICANN’s accountability, as the U.S. government oversight was seen as a tool to keep ICANN accountable to its stakeholders.  [16] The NTIA accepted the proposal in August 2016  [17] and the IANA contract was allowed to expire in October 2016.  [18] Since then, the IANA functions have been performed by a new affiliate of ICANN, called Public Technical Identifiers.  [19]

As part of its DNS managing duties, ICANN contracts with registries  [20] and accredits registrars with whom the registries deal. These constitute the lower levels of the DNS administrative hierarchy. Domain name registries are in charge of maintaining and coordinating the database of all the SLD registered within a TLD. There can be only one registry per TLD to ensure coherence and consistency of the database. Registrars offer domain name registration services to the general public (registrants) and collects clients’ information and payment in order to make a unique SLD entry into the registry.

The addition of new gTLDs to the global namespace had been on the forefront of ICANN’s agenda since 1998. Back then only seven gTLDs created in the 1980s were available: .com, .edu, .gov, .int, .mil, .net and .org. Adding new gTLDs became crucial in the 1990s to improve competition in the registration market. Since 1993 the management of the domain name registration services (both registry and registrar functions) for .com, .net and .org had been performed by a sole company – Network Solutions Inc. (NSI) – under a cooperative agreement with the National Science Foundation (NSF).  [21] At that time, registration of a SLD was subsidized by the NSF and free of charge for the end user. This practice changed with the transformation of the Internet into a commercial platform in the mid-1990s. Demand for domain names was rocketing and costs to support them became unsustainable given the NSF’s budget constraints.  [22] Therefore, in 1995 NSF amended the cooperative agreement with NSI to allow the company to charge an annual fee of $50 per domain name registered.  [23] This was the start of a very lucrative business for NSI, with hundreds of millions dollars at stake in the .com domain. Inevitably, this government-blessed monopoly generated a high level of controversy and was one of the driving forces behind the reform of the DNS management and the creation of ICANN. The U.S. government favored two ways to open up the domain name market to competition.  [24] First, registry and registrar functions were separated: NSI had to agree to design a shared registry system that would allow competing registrars to market domain name registrations in .com, .net and .org, while retaining its monopoly on the registry function.  [25] Second, the addition of new gTLDs was encouraged to provide an alternative to .com and let new registries enter the registration market.

Before the New gTLDs Program, ICANN launched two rounds of domain name expansion for gTLDs, which resulted in the delegation of fifteen new gTLDs between 2001 and 2011. The first expansion round took place in 2000 and was designed to evaluate the policy and practical issues associated with the addition of new gTLDs. Rather than choosing new gTLDs and assigning them to new operators, ICANN decided to call for proposals from prospective registries. 47 applications were received and the ICANN Board selected seven new gTLDs (.aero, .biz, .coop, .info, .museum, .name, .pro).  [26] Interestingly, the Board refused to choose any of the proposals for a .kids gTLD, fearing that approving such a domain would bring it uncomfortably close to the business of content regulation.  [27] One applicant, ICM Registry, was even applying for both .kids and .xxx, arguing that, together, these new gTLDs would enhance online child safety by clearly delineating child-friendly and adult-only content areas.  [28] According to M. Mueller, ICANN did not want to take the responsibility for certifying the appropriateness of the material posted in a .kids domain.  [29] The .xxx application was also rejected,  [30] but it was resubmitted during the second round of new gTLD applications launched in 2003. This second round called for proposals for sponsored new gTLDs  [31] , i.e. specialized gTLDs that serve the needs of a defined community not otherwise adequately represented in the DNS.  [32] Ten proposals were received and the ICANN Board ultimately selected .asia, .cat, .jobs, .mobi, .post, .tel, .travel and .xxx as new sponsored gTLDs.  [33]

The two rounds of expansion elicited criticism for being “painfully slow, unpredictable and entirely discretionary”  [34] and “anything but well-organized”.  [35] M. Mueller and L. McKnight denounced the lack of uniform selection criteria and the absence of a regular timetable for accepting and deciding upon the applications.  [36] ICANN itself acknowledged that similar proposals could be treated differently.  [37] Moreover, during the second round of DNS expansion, the .xxx proposed by ICM Registry for “the responsible online adult-entertainment community”  [38] caused a major controversy within ICANN.  [39] This application received preliminary Board approval in June 2005 to begin negotiating the terms of the registry agreement, which would only be formally approved in March 2011. In the meantime, ICANN had experienced pressures from a variety of constituencies against the application. Several members of the Governmental Advisory Committee (GAC) condemned an apparent legitimation of online pornography. There were also concerns regarding the actual community support for .xxx after complaints from members of the adult entertainment industry fearing that such a TLD would facilitate filtering and censorship. As a result of these pressures, the Board ended up withdrawing its approval in March 2007.  [40] This was an unprecedented victory for the GAC, which encouraged its members to weigh in to exert more influence in the ICANN arena.  [41] This success was short-lived however. ICM Registry challenged the Board’s reversal through ICANN’s Independent Review Process.  [42] In 2010 the review panel found that ICANN’s volte-face on the .xxx application “was not consistent with the application of neutral, objective and fair documented policy” and therefore violated its bylaws.  [43] Although the opinion was not binding, the Board decided to re-open negotiations with ICM Registry and finally approved the new .xxx TLD in March 2011.  [44]

The handling of the .xxx application was concomitant with heated discussions within ICANN about a New gTLDs Program that would offer a much more ambitious expansion of the DNS. The long policy development process  [45] ultimately favored a new approach: instead of arbitrarily pick a few new gTLDs out of a large pool of applications, ICANN decided to establish transparent and predictable selection criteria in an Applicant Guidebook (AGB)  [46] that would be fully available to the applicants prior to the initiation of the process.  [47] Any word (in any language or script) could be proposed and all applications that would meet the conditions would be granted without restricting the number of new gTLDs. Since the launch of the Program in 2012, the growth of the DNS has already been quite substantial. As of October 2016 and out of the 1,930 admissible proposals received by ICANN, over 1,100 new gTLDs have been delegated into the DNS.  [48] These new gTLDs are very diverse: they represent trademarks and company names (such as .google, .chanel or .bmw), professions and economic sectors (such as .lawyer, .pharmacy or .bank), geographical areas (such as .amsterdam, .tirol or .vlaanderen), religious terms (such as .bible or .church) or generic terms (such .global, .cool or .fail).  [49] This unleashing of global human imagination did not come without restrictions: next to strict financial  [50] and operational criteria, processes were put in place to ensure the consideration of rights, interests and values beyond a mere technical evaluation of the applications.

The .xxx affair constituted an important precedent for ICANN when discussing the liberalization of the generic top-level domain market; it showed that the addition of new gTLDs is, above all, a complex political question. Prior to the launch of the New gTLDs Program, ICANN had to decide which strings of characters would and would not be acceptable TLDs, but also consider who should manage sensitive identifiers and how to reject undesirable new TLDs. The designers of the DNS wanted to avoid being pulled in such delicate debates by denying any meaning to domain names. According to them, the functions of the DNS were very narrow: it was simply a convention for naming computers attached to the Internet, not a form of directory assistance.  [51] Yet domain names changed function with the introduction of the World Wide Web, which integrated them in web addresses or Uniform Resources Locators (URLs) such as As the term resource locator suggests, URLs were not just mere addresses but locators for content posted on the web.  [52] Domain names became signboards – identifiers for the content posted on the website they were directing to. Consequently, people got the natural tendency to attribute social meanings to the TLDs,  [53] as is powerfully illustrated in the .xxx case. Drawing lessons from that controversial affair, ICANN decided to relieve its Board of the assessment of the social meaning of the strings proposed as gTLDs. Instead, objection procedures were established in the AGB to let independent experts take decisions about TLDs that anyone may find offensive, polarizing, or controversial  [54] . I examine these procedures in the following section and argue that they served as a preventive mechanism of content control.

3. Objection Procedures: Ex Ante Control of Content

A formal objection procedure was developed in the New gTLDs Program to ensure the consideration of rights, interests and values falling outside the scope of ICANN’s assessment of applications.  [55] Objectors could file their objection on four enumerated grounds (string confusion, legal rights, limited public interest and community) to an independent dispute resolution service provider (hereinafter, DRSP), which then appointed panels of expert(s) to issue determinations.  [56] Two types of review could be performed by the panels, depending on the grounds of objection: in the case of string confusion or legal rights objections, only the applied-for string was examined to determine whether it was confusingly similar to an existing TLD or to another applied-for gTLD string, or whether it would be likely to infringe the objector’s trademark. These grounds of objection do not raise particular concern regarding content control. The same cannot be said about the two other grounds of objection, which I will examine more closely below. Not only the applied-for gTLD, but as also the proposed registry management and commitments made by the applicant, played an important role in the determination on the grounds of limited public interest and community. The experts had to determine whether the application would be contrary to general principles of international law for morality and public order, or would cause detriment to a broadly defined community. The International Center of Expertise of the International Chamber of Commerce (ICC) was designated as a DRSP for the objections filed on the grounds of limited public interest and community. Another distinguishing feature of these two grounds of objection can be found in the role played by a new character in ICANN’s complex ecosystem: the independent objector.  [57] Acting “solely in the best interests of the public who use the global Internet”,  [58] the independent objector was designated to file objections against “highly objectionable terms”  [59] on the grounds of limited public interest and community. The independent objector was acting independently from ICANN, as neither its staff nor its Board had authority to direct or require the independent objector to file or not file any particular objection.

In principle, the Board of ICANN was not supposed to directly deal with conflicts arising from third parties’ allegations such as in the .xxx case. However, there is room for interpretation regarding the binding nature of expert determinations. No specific appeal process was mentioned to challenge expert determinations; neither did the DRSPs adopt procedures to review the work of the appointed panels, nor to provide a unified interpretation of the dispute resolution standards. The Guidebook tersely provides that the expert determination will be considered as an “advice that ICANN will accept within the dispute resolution process”.  [60] In the independent objector’s view, this wording is unfortunate as it seems to imply that ICANN reserves its right not to follow expert determinations, which could pave the way for allegations of arbitrary decisions.  [61] This interpretation is confirmed when looking at Module 5 of the Guidebook (Transition to Delegation), which provides that ICANN’s Board of Directors has “ultimate responsibility for the New gTLD Program” and that it reserves its “right to individually consider an application for a new gTLD to determine whether approval would be in the best interest of the Internet community”. It adds that “under exceptional circumstances, the Board may individually consider a gTLD application”.  [62] Upon that argument, the Board decided, in specific cases, either to direct a re-evaluation of the objection proceedings by a new panel (the .hospital case), or to overturn a determination (the .amazon case).

The rest of this section is divided in three parts: I will start by examining the results of the objection procedure on the grounds of limited public interest (I) and community (II). Then I will consider ICANN’s role regarding the production and implementation of a global standard for freedom of expression online (III).

3.1. Limited Public Interest

The expert panel hearing a Limited Public Interest objection had to determine whether the applied-for gTLD string was contrary to “general principles of international law for morality and public order”.  [63] The AGB provided for an illustrative, non-exhaustive list of international instruments where such general principles of international law for morality and public order could allegedly be found.  [64] It added that, a contrario, national laws not based on principles of international law were not valid grounds for a Limited Public Interest objection. According to ICANN, under these principles, everyone has the right to freedom of expression, but the exercise of this right carries with it special duties and responsibilities. The Guidebook provided four grounds upon which applicants’ freedom of expression could be restricted. These standards were developed by ICANN’s staff after conducting both a comparative study in nine jurisdictions  [65] and consultations with international law specialists. This research work concluded that considering the variety of potential gTLD strings that might be at issue in dispute proceedings, “panels should have discretion to apply general principles to individual cases”.  [66] At the same time, ICANN’s staff identified public policy rules considered to be “widely if not universally, accepted as grounds for limiting freedom of expression”,  [67] to guide the experts in the exercise of their discretion. These rules constituted the first three grounds of restriction, incorporated in the AGB as follows: incitement to or promotion of (1) “violent lawless action”; (2) “discrimination based upon race, colour, gender, ethnicity, religion or national origin, or other similar types of discrimination that violate generally accepted legal norms recognized under principles of international law”; and (3) “child pornography or other sexual abuse of children”. The fourth ground expressed the discretion granted to the expert panels, as it enabled them to assess the conformity of applied-for gTLDs with “specific principles of international law as reflected in relevant international instruments of law”. In practice, all the Limited Public Interest objections were based upon this broad fourth ground.

Anyone could file a Limited Public Interest objection, as the AGB did not impose standing requirements. Limited Public Interest was however the least used ground of the objections procedure: only twenty-three objections were filed against health-related strings (.health, .healthcare, .med, .medical, .hospital) and strings linked to the financial sector (.broker, .ira, .mutualfunds, .retirement). Few private parties used this opportunity and most of the Limited Public Interest objections were filed by the independent objector. Most of the Limited Public Interest objections were either dismissed by the expert panels or withdrawn before the final determination. Only one objection was upheld – in the .hospital case – with a dissenting opinion.  [68] However, this similarity in outcome should not conceal that expert panels had very divergent opinions on their scope of examination and the subsequent substantive assessment of the cases, especially regarding objections brought against health-related strings.

The independent objector filed several objections against gTLDs related to the health sector, alleging that these strings, viewed in context with the intended purpose stated in the application, would be contrary to the right to health enshrined in Article 25 of the Universal Declaration of Human Rights and in other instruments of international law such as the International Covenant on Economic, Social and Cultural Rights. In the independent objector’s view, “any good-faith-interpretation of the meaning of the right to receive or have access to health-related information will conclude that this right implies to receive or have access to reliable and trustworthy information”.  [69] Therefore, the independent objector argued that any applicant for a health-related gTLD should demonstrate that it would effectively and continuously manage the gTLD in such a way that the right to health with all of its implications – including the necessity of reliability and trustworthiness – is fully respected. The independent objector reviewed the health-related applications against this general background and found that none of the applicants met the standards outlined above. One of the independent objector’s recurring concerns was that applicants would apply the same operating rules and protection measures for all the gTLDs that they requested, without showing awareness of the specificities of a health-related TLD.

The initial question for the experts appointed by the International Centre of Expertise of the ICC was to set their scope of examination and therefore determine whether they should restrict their analysis to the applied-for gTLD or take other elements into account. The answer to this question was not obvious. The Applicant Guidebook states that the panel will conduct its analysis on the basis of the applied-for gTLD string itself” and that “the panel may, if needed, use as additional context the intended purpose of the TLD as stated in the application”.  [70] Experts drew different conclusions from this wording. Most panels followed a broad interpretation of this provision, which was also favored by the independent objector. In the .healthcare case for example, the panel found that it should “look at how the TLD will be operated as proposed in the application”  [71] and emphasized that the issue at stake was the propriety and the regulation of the proposed gTLD.  [72] Some experts adopted a stricter interpretation of the AGB standard and, therefore, significantly limited their scope of examination. In the .medical case, the panel considered that the starting point had to be “whether the string .medical is contrary to general principles of international law for morality and public order, not whether the internet content potentially available under that string conforms to such principles”.  [73] In other words, the subject matter for the determination of the Panel was “the applied-for gTLD string .medical itself, not the way Applicant intends to manage that string”.  [74] A similar strict interpretation of the AGB standard was adopted by the panel in two consolidated .health cases. The panel found that the primary conjecture of the independent objector – i.e. that a .health registry as operated by the applicant would not be adequately safeguarded or protective enough of human rights to health – changed “nothing to the fact that the word “health” is by no means inherently objectionable”.  [75]

This divergence of opinions was mirrored in the substantive assessment of the objections by the expert panels, which all acknowledged that the right to health is a fundamental right and a specific principle of international law. The expert panels favoring a strict interpretation of their scope of examination quickly dismissed the objections.  [76] In the other cases, the panels either examined the independent objector’s arguments within the context of the applicants’ registration policies and commitments to protect the public interest (such as eligibility requirements or anti-abuse remedies),  [77] or they chose to balance the claims related to the right to health with the right to freedom of expression. These latter cases triggered another disagreement among experts. In the .med cases, the panel considered that a restriction of free expression cannot be justified solely on the basis of its purported positive consequences on the right to health. Following such a path would, in the view of the panel, result “in endless expansions in the permissible limitations of freedom of expression by reference to consequentialist arguments about the impact that a particular restriction could have on the enjoyment of other rights”.  [78] According to the panel, the information-related element of the right to health is the right to have access to information that is reliable and trustworthy but does not include the right to be protected from the mere risk of misleading or unreliable information.  [79] As the independent objector failed to prove a significant risk of dissemination of misleading or unreliable information, while the applicant provided “various assurances, most notably in relation to the administration of the gTLD”,  [80] the panel dismissed the objections.

The expert determination issued in the .hospital case adopted a completely different approach regarding the kind of balance to strike between the right to health and freedom of expression. The majority of the panel stated that freedom of expression is connected with special duties and responsibilities and that, in the .hospital case, “those duties include an application of very specific protection and an awareness of the importance of the role of hospitals in delivering credible healthcare objectives”.  [81] The majority found that the applicant “failed to avert its mind to these responsibilities” and as a consequence, the application breached the right to health and fell outside of the scope of freedom of expression.  [82] The majority elaborated further that the case was an example of “a hard case which requires not only the simple application of legal rules, but also balancing different values and rules”.  [83] In that case, freedom of expression and the development of services in the Internet had to be balanced with the right to health and even right to life.  [84] According to the majority of the expert panel, there was “no doubt that human health and its safety tips the scale in finding the Objection to be justified”.  [85] However, one of the panelists presented a dissenting opinion, stating that he was unable to concur with the majority in upholding the objection. In his view, it was “not the task of an expert panel to rewrite the application standards for gTLD strings and to supplement them with higher standards in the public interest”.  [86] Even if he was sympathetic to the majority’s concern about the lack of a specific guarantee to ensure reliability and trustworthiness of the information under the .hospital gTLD, he could not “tell from the current ICANN registration prerequisites that such an implied substantive, content-wise check is a precondition for a gTLD string registration”.  [87]

The .hospital expert determination rendered in December 2013 clearly stands out from the other eight Limited Public Interest expert determinations on health-related gTLDs. The losing applicant, Ruby Pike LLC – a subsidiary of Donuts Inc., which applied for 307 new gTLDs under various aliases – immediately argued that the panel failed to apply the standards defined by the Guidebook and exceeded its powers. In the absence of a specific appeal mechanism, Ruby Pike LLC resorted to two of ICANN’s accountability mechanisms to challenge the determination. First, Ruby Pike LLC submitted a request of reconsideration to the ICANN Board Governance Committee (BGC).  [88] Several losing parties turned to the BGC for review of an expert determination – most of the time without success – as the BGC constantly refused to perform a substantive review of the determinations. The BGC’s review was limited to whether the panel (or ICANN staff in accepting the determination) violated any established ICANN policy or process.  [89] The BGC denied Ruby Pike LLC’s request in February 2014, determining that there was no evidence that the panel deviated from the standards set forth in the Guidebook.  [90] Second, Ruby Pike LLC initiated a Cooperative Engagement Process  [91] regarding the determination. As part of this process, the ICANN Board evaluated Ruby Pike LLC’s claims and decided in February 2016 to direct a re-evaluation of the objection proceedings by a new expert panel appointed by the ICC.  [92] The Board found that the determination was seemingly inconsistent with the expert determinations resulting from all the other health-related Limited Public Interest objections, thereby rendering it potentially unreasonable. The Board took into consideration, inter alia, that the .hospital case was one of the four virtually identical Limited Public Interest objections brought against subsidiaries of Donuts, Inc. and that the .hospital determination was the only one in favor of the objector. The new expert panel was instructed by the Board to determine whether the original expert panel could have reasonably come to the decision reached in the first expert determination through an appropriate application of the standard of review as set forth in the Guidebook, considering the other eight Limited Public Interest expert determinations on health-related gTLDs.  [93]

The final expert determination on the objection filed against .hospital was rendered in August 2016 and resulted in the reversal of the original determination. The new expert panel favored a strict interpretation of its scope of examination and found the first expert determination to be unreasonable because it placed too much emphasis on the intended purpose of the applied-for gTLD  [94] and because it restricted the applicant’s freedom of expression in favor of a concern – the access to accurate information concerning health-related issues – which is not a specific principle of international law.  [95] In the new panel’s view, whether Ruby Pike LLC can adequately manage the use of .hospital through the use of safeguards or other measures is a policy matter for ICANN to address at a different stage of the application process.  [96]

3.2. Community Objections

Community objections were intended for the cases of substantial opposition to a gTLD application from a significant portion of the community to which the gTLD string may be explicitly or implicitly targeted.  [97] Strict standing requirements were imposed on the objectors: next to the independent objector, only “established institutions associated with clearly delineated communities” were eligible to file a community objection.  [98] As to the substantive assessment of the cases, the AGB set out four conditions, which had to be met cumulatively for a community objection to prevail. The objector had to prove (1) that the community invoked was a clearly delineated community; (2) that community opposition to the application was substantial; (3) that there was a strong association between the community invoked and the applied-for gTLD string; and finally (4) that the application created a likelihood of material detriment to the rights or legitimate interests of a significant portion of the affected community. For each ground, the Guidebook provided an illustrative list of factors that could be taken into account by the panel while examining the objection. A balancing of the factors, as well as any other relevant information, had to be weighed by the panel in order to draw its conclusions.

In contrast to limited public interest, community was the most used ground of objection: 104 objections were filed resulting in seventy-three expert determinations.  [99] Out of the 48 cases that passed the standing test, 15 objections were upheld and 33 were dismissed, mainly because the panel did not find a likelihood of material detriment.

Just like most objections on the ground of limited public interest, the proposed registration policy was paramount to the assessment of community objections. Panels paid attention to the presence of three types of safeguards: eligibility requirements, ex post anti-abuse policies, and commitments to involve the targeted community in the management of the gTLD. First, most of the panels reviewing applications for strings related to regulated sectors considered that eligibility requirements were necessary to preserve consumer trust and the reputation of the community. For example, in the .architect case, the panel found that it would be incompatible with the public interests linked to the work of architects (primarily public safety) and with the consumers’ legitimate expectations to allow the domain name .architect to be used by anyone other than a licensed architect. The panel stated explicitly that free speech was not an unlimited right and could be subject to limitations in the public interest.  [100] Most objections regarding gTLDs targeted to regulated sectors (such as .medical  [101] and .insurance  [102] ) were likewise upheld if the applicant did not plan to restrict registration to members of the targeted sector.

Second, ex post anti-abuse measures were generally featured in the challenged applications and those measures were well received by the expert panels. For example, the anti-abuse policy proposed by the applicant for .islam and .halal was an important basis in the panel’s finding that there was no likelihood of detriment to the Muslim community.  [103] The panel welcomed the applicant’s commitment to operate the gTLDs in a manner that would prevent “radical content or criticism of Islam and the Muslim faith” and to “take immediate and severe action against this should it occur”.  [104] Not only did the applicant propose to implement strict eligibility requirements, but it would also subject all second-level domains to a policy of use and impose penalties and suspensions upon those who violated the user’s policy.  [105]

Third, involvement of the community was another important element in the experts’ evaluation of the applications. The expert panels were not unanimous on that question: in cases regarding TLDs targeting regulated sectors  [106] and sports,  [107] lack of community involvement and unaccountability of the registry to the targeted community was sufficient to create a likelihood of material detriment, whereas in the .gay and .amazon cases, panels were unimpressed by the claim that the commercial operation of the gTLD would be equivalent to exploitation of the targeted community. In three objections brought against applications for .gay made by commercial entities, the International Lesbian, Gay, Bisexual, Trans and Intersex Association (ILGA) claimed that taking a group’s name and using it to create a profitable business should be regarded as exploitation, unless it is done for and endorsed by the relevant community. Such an endorsement existed for a fourth applicant for the .gay string, Dotgay, which had filed an application supported by ILGA and other LGBTQ organizations.  [108] The three other applicants were all planning to operate the .gay for profit and in an open manner, allowing anyone to register a .gay domain name.  [109] In ILGA’s view, these applications constituted a major damage for the gay community, insofar as they could deprive the community of the chance to operate its own string. The panel acknowledged that this lost chance might be regarded as detrimental to the legitimate interests of the gay community, but considered that this detriment alone was not sufficient to uphold the objection. In the panel’s view, the explicit exclusion in the AGB of “detriment that consists only of the applicant being delegated the string instead of the objector”  [110] applied in that case, even if ILGA and Dotgay were separate institutions, because they shared identical interests.  [111] Moreover, the panel made it clear that its task was not to determine which applicant would be the best registry for a gTLD sought by different parties.  [112]

In the .amazon case, the panel was similarly not convinced by the arguments brought forward by the independent objector against applications filed by the online retailer Amazon. Amazon wished to use its trademark “amazon” (in English, Japanese, and Chinese) as a closed gTLD, meaning that the only eligible registrants would have been Amazon and its subsidiaries. According to the independent objector, this registration policy entailed a risk of misappropriation, because granting exclusive rights on the strings to a private company would prevent the use of the domains for public interest purposes related to the protection, promotion and awareness-raising on issues related to the Amazon region. The panel did not follow these arguments for two reasons.  [113] First, the panel noted that even if the objection was successful, the Amazon community would still not be entitled to use the gTLDs, since it did not apply for them. Therefore the panel found that the use of the strings was not crucial to the protection of the Amazon community’s interests. Second, the panel considered that “amazon” had been used as a brand, trademark and domain name for nearly two decades, also in the States forming part of the Amazon community, without any evidence that this has caused harm to the Amazon community’s interests. In the panel’s view, “it is unlikely that the loss of the “.com” after “Amazon” will change matters”.  [114] The objection was then rejected and the application process should have continued; however, Amazon’s success was short lived. Indeed, the Governmental Advisory Committee reached a consensus against the .amazon applications  [115] and obtained the rejection of the applications by the Board.  [116] Pursuant to the AGB, if the GAC advised that there was a consensus among the GAC members that a particular application should not proceed, it would “create a strong presumption for the ICANN Board that the application should not be approved”.  [117] The .amazon case was particularly controversial: it took almost a year for the Board to balance the competing interests of governments and of Amazon, and to finally decide in favor of the GAC.

3.3. A global standard for freedom of expression

With the New gTLDs Program, ICANN produced and enforced a form of global standard for freedom of expression, more precisely of the grounds that could justify restrictions to the imagination of prospective registries for new gTLDs. It has been without doubt the most delicate policy question facing ICANN since 1998, going far beyond its technical mandate to coordinate the Internet’s identifiers. Furthermore, it was indeed a burdensome task, considering the diversity of existing laws governing speech around the globe. This long policy development process resulted in relatively broad standards. Consequently, expert panels appointed by the International Chamber of Commerce adopted different interpretations of the AGB standards, which led to opposite determinations in similar cases. In the Limited Public Interest objection proceedings, the most obvious point of disagreement was the panels’ scope of examination, as discussed above. Most of the panels accepted to review the intended purpose of the application even if the applied-for gTLD was not highly objectionable as such, while other panels opting for a stricter interpretation of the AGB easily concluded that words like “health” or “medical” did not violate the right to health. The discretion granted to the expert panels undermined the objectives of predictability and fairness of the new gTLD application process, in the absence of a system of binding precedents or independent review mechanisms to ensure a harmonized interpretation of the AGB standards.  [118] The ICANN Board only provided for ad hoc review mechanisms in the case of seeming inconsistency, which resulted in particularly lengthy dispute resolution proceedings in those few cases. As seen with the controversial .hospital case, it took almost three years to correct the too broad interpretation of the AGB favored by the original expert panel. The independence of the objection process was also undermined by these potential interventions of the ICANN Board.

ICANN has engaged in very delicate debates by developing this global standard for freedom of expression and it is not the end of the story. ICANN is now requested by various constituencies (intellectual property interests and some governments) to assume greater responsibilities for policing illegal content on the Internet, by increasing the obligations of domain name registries and registrars confronted with reports of abuse within the domains they administer. In the following section, I will examine this heated debate and examine how these technical operators could be transformed into points of control of online speech.

4. New Contractual Obligations of Domain Names Registries and Registrar

Obligations imposed by ICANN on domain name registries were substantially increased with the New gTLD Program. This evolution was not the goal of the program, but rather the consequence of several advices submitted to the ICANN Board by the Governmental Advisory Committee and implemented by ICANN after the publication of the Applicant Guidebook. Indeed, while the AGB left it up to the applicants to decide whether or not they would use eligibility criteria or heightened rights protection mechanisms, the GAC lobbied to impose mandatory safeguards on broad categories of new gTLDs. As a consequence, standards applicable to the registration policies for new gTLDs were amended during the course of the evaluation of the applications.

The GAC submitted advice to the ICANN Board on two general issues related to the New gTLD Program: (1) the binding and enforceable nature of the commitments made by the prospective registries in their applications; and (2) the imposition of safeguards for broad categories of strings. The GAC advice was accepted by the Board in both cases, which led to amendments to the Registry Agreement (RA), which is the formal written and binding agreement between the applicant and ICANN that sets forth the rights, duties, liabilities and obligations of the applicant as a registry operator. ICANN uses a standard-format Registry Agreement rather than personalized agreements. A revised standard agreement was developed during the application process, based on a draft agreement annexed to Module 5 of the AGB, and formally adopted in July 2013.  [119] As registries cannot offer direct registration services to the public, they enter into agreements (Registry-Registrar Agreement, RRA) with registrars. Registrars are required to obtain accreditation from ICANN (through a Registrar Accreditation Agreement, RAA) to be able to offer registration services to the public and enter into registration agreements with the prospective domain name holders.  [120]

The first GAC advice requested the Board of ICANN to explain how ICANN would ensure that any commitment made by applicants, in their applications or as a result of any subsequent change, would be overseen and enforced by ICANN. Specifically, the GAC advised that these commitments should be transformed into binding contractual commitments, subject to compliance oversight by ICANN.  [121] In response to the GAC and as part of the revision of the Base Registry Agreement, the ICANN Board introduced a new schedule (Specification 11) to the agreement: the Public Interest Commitments (PICs).  [122] The Public Interest Commitments Specification is a mechanism to allow a registry operator to commit to certain statements made in its application for the gTLD,  [123] as well as to specify additional public interest commitments  [124] . Pursuant to the terms of the revised Base Registry Agreement, these commitments become part of the agreement  [125] and are enforceable by ICANN through a new dispute resolution mechanism.  [126] Registries have to agree to implement and adhere to any remedies ICANN imposes, which may include the termination of the Registry Agreement.  [127] In February 2013 ICANN requested all applicants to submit a TLD-specific Public Interest Commitments Specification and received a total of 499 PIC Specifications.  [128] Until then, the process was voluntary and applicants were free to submit commitments to be incorporated in the Registry Agreement.

The second general advice submitted by the GAC called for the adoption of safeguards applicable to broad categories of new gTLDs.  [129] Among the six safeguards recommended by the GAC to apply to all new gTLDs, three are particularly interesting in terms of the content control obligations they entail for all new gTLD registries. Under the headline “Mitigating abusive activity”, the GAC advised that registry operators should “ensure that terms of use for registrants include prohibitions against the distribution of malware, operation of botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law”.  [130] Then, the GAC advised that a mechanism to make complaints on these grounds should be adopted by the registry operators,  [131] as well as “real and immediate consequences for the demonstration of (…) violations of the requirement that the domain name should not be used in breach of applicable law; these consequences should include suspension of the domain name”.  [132]

The general safeguards proposed by the GAC were adopted by the ICANN Board and implemented as mandatory PICs in Specification 11 of the Base Registry Agreement.  [133] However, because the registry operator does not have a direct contractual relationship with the domain name holders, the Board adopted a PIC Specification that requires the registry operator to “include a provision in its Registry-Registrar Agreement (RRA) that requires Registrars to include in their Registration Agreements a provision prohibiting Registered Name Holders from distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law, and providing (consistent with applicable law and any related procedures) consequences for such activities including suspension of the domain name”.  [134] Section 2.8 of the Registry Agreement also provides that a registry “shall take reasonable steps to investigate and respond to any reports from law enforcement and governmental and quasi-governmental agencies of illegal conduct in connection with the use of the TLD”. Additionally, Specification 11(1) of the Registry Agreement requires registries of new gTLDs to use only registrars that are party to the 2013 Registrar Accreditation Agreement (RAA).  [135] As a result, registrars that wanted to offer registration services for new gTLDs were obliged to sign a new RAA with ICANN, even if their accreditation under the previous agreement had not expired yet. The new version of the RAA, adopted in June 2013, notably includes a new section 3.18 entitled “Registrar’s Abuse Contact and Duty to Investigate Reports of Abuse”. It provides that registrars must establish a dedicated email address to “receive reports of abuse involving Registered Names sponsored by Registrar, including reports of Illegal Activity”. All reports must be investigated by the registrar and responded to “appropriately”. Information regarding “procedures for the receipt, handling, and tracking of abuse reports” must be published on the website of the registrar, which must “document its receipt of and response to all such reports”. Additional requirements apply if the abuse complaint is filed by “law enforcement, consumer protection, quasi-governmental or other similar authorities”: the reports must be reviewed “within 24 hours by an individual who is empowered by Registrar to take necessary and appropriate actions in response to the report”. The RAA indicates that “in responding to any such reports, Registrar will not be required to take any action in contravention of applicable law”.  [136]

Domain name suspension, which is provided in Specification 11(3)a of the Registry Agreement as a potential consequence to illegal activities of the domain name registrant, is a powerful tool to deny access to online content. The registry, which controls the authoritative record for resolving each SLD within its TLD, has the technical capacity either for deleting the connection between the domain name and the associated IP address in the database, or for diverting a domain name to another IP address, such as one pointing to a law enforcement message (see below). Domain name resolution can also be suspended by the registrar that assigned the domain name.  [137] In both cases an Internet user who would type the web address containing the suspended domain name in his web browser would not be able to find the requested website. The DNS would return a non-existent or different domain response. This technique is easy to implement as it is not necessary to locate and confiscate the server hosting the content. Indeed, the content itself is not taken down – it can still be accessed via the IP address but most Internet users would be unable to do so, because they would not know the IP address of a specific website.

Using the DNS as a tool for law enforcement is not a new strategy. In 2008 the U.S. Congress enacted a law (the “Prioritizing Resources and Organization for Intellectual Property (PRO-IP) Act”) to expand the scope of civil forfeiture (the process by which the government can seize property that was used in connection with an illegal activity) to encompass the seizure of property used to facilitate copyright infringement and counterfeiting.  [138] Civil forfeiture operates in rem: it is brought against the property and not against its owner, based on the legal fiction that the property itself is guilty of wrongdoing.  [139] Civil forfeiture has been increasingly used by the U.S. Immigration and Customs Enforcement (ICE), in an initiative called “Operation in Our Sites”,  [140] to seize thousands of domain names of websites infringing copyright or proposing counterfeited goods. U.S. jurisdiction is asserted on domain names that are administered by a U.S.-based registry (like Verisign for the .com TLD) or that were purchased through an U.S.-based registrar, regardless of the location of the activities of the domain name holder. As a consequence, the domain name may be seized, even if U.S. courts would not have personal jurisdiction over the domain name holder.  [141] In practical terms, the seizure is accomplished with an ex parte court warrant ordering the domain name registry to redirect traffic from the seized domain to a website with a law enforcement message from the U.S. government.

With the new mandatory safeguard advised by the GAC, the role of registries and registrars as critical Internet points of control to deal with online illegal activities is reinforced. In the procedure of seizure described above, DNS operators have to comply with decisions made by judicial authorities without having to examine themselves if the content is illegal.  [142] By contrast, under the new obligations of the RA and RAA, registries and registrars must offer a point of contact to receive reports of abuse from law enforcement agencies and must respond “appropriately” to these reports,  [143] therefore implying a form of examination of the claim of abuse. Additionally, anyone can report to a registrar an allegedly illegal activity involving a domain name. Nothing prevents registries and registrars from using domain name suspension as a reaction to these reports, even if there is no court order or warrant to support it. And the new contractual obligations of registries and registrars are not limited to issues of copyright infringement and counterfeiting: any activity contrary to applicable law could lead to the suspension of the domain name.

It remains to be seen how registries and registrars will apply the new obligations embodied in the RA and RAA and how closely ICANN will control their implementation. But the absence of measures to safeguard registrants’ freedom of expression gives cause for concern that the DNS could be used as a tool to censor online content. ICANN has disavowed this worrying interpretation of the new contract terms. As articulated by A. Grogan (ICANN’s Chief Compliance Officer), “though the appropriate interpretation of 2013 RAA is the subject of debate, there are clear-cut boundaries between ICANN enforcing its contracts and the enforcement of laws and regulations” by existing institutions like law enforcement authorities, regulatory agencies and the judicial systems. He added that “a blanket rule requiring suspension of any domain name alleged to be involved in illegal activity goes beyond ICANN's remit and would inevitably put ICANN in the position of interpreting and enforcing laws regulating website content. At worst, it would put ICANN squarely in the position of censoring, or requiring others to censor, Internet content”.  [144] The CEO of ICANN reiterated this strong statement at the 54th General Meeting of ICANN in October 2015.  [145] However, the issue is far from going away, as intellectual property groups are still demanding an active cooperation from registrars and registries against illegal online activities. Moreover, ICANN is not in a comfortable position. As pointed out by D. Post, one may wonder about the purpose of inserting these new provisions into the standard agreements if ICANN had no intention of enforcing them.  [146] Additionally, these uncertainties could lead to registries and registrars adopting voluntary practices to rapidly suspend domain names that are allegedly being used for unlawful or abusive purposes.  [147]

5. Conclusion

The New gTLD Program is both a tremendous tool to expand the Internet and a vehicle to set alarming precedents with regard to freedom of expression online. Throughout this paper, my aim has been to show that this program will not only revolutionize the DNS but also formalize the role of domain name registries and registrars as points of control for the content posted under all new gTLDs. The New gTLD Program, which aimed at fostering competition and diversity in the DNS, carries threats of censorship at two levels. First, regarding the top level of the domain, passionate discussions took place regarding the strings of characters that could be delegated as new gTLDs and upon which grounds applicants’ freedom of expression could be restricted. Obviously it was not the gTLD per se that was targeted by this policy, but the potentially offensive or controversial content that might be published under the new identifiers. Therefore, proposed registration policies were paramount to the determinations of experts appointed by the International Chamber of Commerce. Second and more worryingly, as a result of governmental pressures, registries and registrars are now designated points of contact for dealing with alleged abuse committed in the domain they administer. They are expected to take appropriate measures to respond to reports of abuse and may suspend domain names of websites proposing allegedly illegal content. No process has been put in place to ensure due consideration of the registrants’ freedom of expression.

Now that the application process for new gTLDs is coming to an end, one should keep an eye on two future developments. First, it will be interesting to follow the compliance of new gTLDs registries with their Public Interest Commitments and the willingness of ICANN to impose remedies on recalcitrant registries and registrars. Second, with regard to “old gTLDs” introduced in the 1980s and during the two rounds of expansion in 2000 and 2004, it will be crucial to follow if the new obligations, particularly the new Specification 11, will apply to them when they will renew their Registry Agreement. Particular attention should be paid to the Registry Agreement between ICANN and Verisign for .com, which is set to expire on 30th November 2024  [148] .

* Caroline Bricteux is a PhD researcher in law at the Perelman Centre for Legal Philosophy, Université libre de Bruxelles. The author warmly thanks the organizers of and all participants in the Third Netherlands Institute for Law and Governance PhD Forum Law and Governance in the Digital Era (VU Amsterdam, 20 November 2015), where an earlier version of this work was presented.

[1] See, among others: J. Balkin, ‘Old-School/New-School Speech Regulation’ (2014) 127 Harvard Law Review pp. 2296-2342; L. DeNardis, ‘Hidden Levers of Internet Control’ (2012) 15(5) Information, Communication and Society pp. 720-738; B. Frydman and I. Rorive, ‘Regulating Internet Content through Intermediaries in Europe and the USA’ (2002) 23(1) Zeitschrift für Rechtssoziologie, pp. 41-59.

[2] See P. Savola, ‘Proportionality of Website Blocking: Internet Connectivity Providers as Copyright Enforcers’ (2014) 5(2) JIPITEC pp.116-138; M. Husovec, ‘Injunctions against Innocent Third Parties: The case of Website Blocking’ (2013) 4(2) JIPITEC pp. 116-129.

[3] For an overview of existing models of intermediary liability, see R. MacKinnon, E. Hickok, A. Bar and H. Lim, Fostering Freedom Online: the Role of Internet Intermediaries (Paris: UNESCO/Internet Society, 2014), pp. 39 et seq.

[4] See, for example, the Report of the Special Rapporteur on the promotion and protection of the right to freedom and expression, Frank La Rue, to the UN Human Rights Council, A/HRC/17/27, 16 May 2011, spec. §§ 42-43.

[5] J. Zittrain, ‘Internet Points of Control’ (2003) 44(2) Boston College Law Review pp. 653-688.

[6] ICANN, Regular Meeting of the Board, Resolution 2011.06.20.01, 20 June 2011,

[7] According to the Internet Society, this global reach is a fundamental characteristic of the Internet (Internet Society, Internet Invariants: What Really Matters, 3 February 2012,

[8] U.S. Department of Commerce, NTIA, Management of Internet Names and Addresses, Statement of policy, Federal Register, vol. 63, nr. 111, 10 June 1998, p. 31741.

[9] For a detailed account of ICANN’s inception, see M. Mueller, Ruling the root: Internet governance and the taming of cyberspace (Cambridge, MA: MIT Press, 2002); M. Froomkin, ‘Wrong Turn in Cyberspace: Using ICANN to Route around the APA and the Constitution’ (2000) 50(1) Duke Law Journal pp. 17-184 and J. Weinberg, ‘ICANN and the Problem of Legitimacy’ (2000) 50(1) Duke Law Journal pp. 187-260.

[10] On the role of governments within ICANN, see J. Weinberg, ‘Governments, Privatization, and “Privatization”: ICANN and the GAC’ (2011) 18 Michigan Telecommunications and Technology Law Review pp. 189-218.

[11] IANA stands for the Internet Assigned Numbers Authority.

[12] The latest version of the IANA contract was awarded in July 2012 (IANA Functions Contract, 2 July 2012, This contract was originally set to expire on the 30th of September 2015 and was extended to the 30th of September 2016 to leave time to complete the transition process initiated in March 2014 (L. E. Strickling, An Update on the IANA Transition, 17 August 2015, ).

[13] See K. McGillivray, ‘Give it away now? Renewal of the IANA functions contract and its role in internet governance’ (2014) 22(1) International Journal of Law and Information Technology pp. 3-26.

[14] U.S. Department of Commerce, NTIA, NTIA Announces Intent to Transition Key Internet Domain Name Functions, 14 March 2014,

[15] IANA Stewardship Transition Coordination Group, Proposal to Transition the Stewardship of the IANA Functions from the U.S. Commerce Department’s NTIA to the Global Multistakeholder Community, 10 March 2016, .

[16] Cross Community Working Group on Accountability, Supplemental Final Proposal on Work Stream 1 Recommendations, 23 February 2016, .

[17] U.S. Department of Commerce, NTIA, Update on the IANA Transition, 16 August 2016, .

[18] U.S. Department of Commerce, NTIA, Statement of Assistant Secretary Strickling on IANA Functions Contract, 1 October 2016, .

[19] ICANN, ICANN Announces Incorporation of Public Technical Identifiers (PTI), 11 August 2016, .

[20] For historical reasons ICANN does not have a contract with all the ccTLD registries.

[21] Cooperative Agreement Between NSI and U.S. Government, 1 January 1993, .

[22] J.B. Beyster and M.A. Daniels, Names, Numbers, and Network Solutions. The Monetization of the Internet (La Jolla: The Foundation for Enterprise Development, 2013), p. 73.

[23] Amendment 4 to Cooperative Agreement between NSI and U.S. Government, 13 September 1995, ).

[24] U.S. Department of Commerce, NTIA, Management of Internet Names and Addresses, Statement of policy, Federal Register, vol. 63, nr. 111, 10 June 1998, pp. 31745-31746.

[25] Amendement 11 to the DOC/NSI Cooperative Agreement, 6 October 1998, .

[26] ICANN, Second Annual Meeting of the ICANN Board, 16 November 2000, .

[27] ICANN, Report on New TLD Applications, III.B.1.c (“Restricted Content Group”), 9 November 2000, .

[28] ICANN, Registry Operator’s Proposal – Volume 2, 18 September 2000, . See as well Berkman Center for Internet and Society, « Accountability and Transparency at ICANN: An Independent Review », 20 October 2010, , pp. 94-96.

[29] M. Mueller (2002), supra note 9, p. 204.

[30] ICANN, Report on New TLD Applications, III.B.1.c (“Restricted Content Group”), supra note 27.

[31] ICANN, Regular Meeting of the Board, 31 October 2003, .

[32] Sponsored gTLDs have a sponsor representing the particular community to carry out a “delegated policy-formulation role” over a variety of matters regarding the TLD. See ICANN, Request for Proposals for new sponsored Top Level Domains (sTLDs), 15 December 2003, .

[33] ICANN, Status Report on the sTLD Evaluation Process, 19 March 2004 (updated on 3 December 2005), . The archive related to the sponsored gTLDs round can be consulted at .

[34] M. Mueller and L.W. McKnight, ‘The post-.COM internet: toward regular and objective procedures for internet governance’ (2004) 28 Telecommunications Policy, p. 495.

[35] J. Weinberg, ‘ICANN, “Internet Stability”, and New Top-Level Domains’ in Cranor, L. and Greenstein, S. (eds.) Communications Policy and Information Technology: Promises, Problems, Prospects (Cambridge, MA: MIT Press, 2002), p. 17.

[36] M. Mueller and L.W. McKnight (2004), supra note 34, p. 495.

[37] J. Weinberg (2002), supra note 35, pp. 19-20.

[38] ICANN, New sTLD RFP Application, .xxx, Part B. Application Form, .

[39] For a detailed account of the .xxx case, see Appendix D of Berkman Center for Internet and Society, ‘Accountability and Transparency at ICANN: An Independent Review’, supra note 28, pp. 90-124.

[40] ICANN, Board Meeting at ICANN Meeting 28, Resolution 07.18, 26-30 March 2007, .

[41] J. Weinberg (2011), supra note 10, p. 203.

[42] The Independent Review Process is an accountability mechanism set out in ICANN Bylaws that provides for an independent third-party review of Board actions (or inactions) alleged by an affected party to be inconsistent with ICANN’s Articles of Incorporation or Bylaws (ICANN, Bylaws, Article IV, Section 3).

[43] International Centre for Dispute Resolution , ICM Registry v. ICANN, case no. 50 117 T 00224 08, 19 February 2010, , §§ 149-152.

[44] ICANN, Regular Meeting of the Board, Resolutions 2011.03.18.23-2011.03.18.25, 18 March 2011, .

[45] For a detailed account of ICANN’s New gTLDs Policy Development Process see chapter 4 of P. White, Protocols of Power: Lessons from ICANN For International Regime Theory (2012) Doctoral thesis, University of Huddersfield, available from: .

[46] ICANN, New gTLD Applicant Guidebook, Version 2012-06-04, .

[47] For a comprehensive overview of the application process for new gTLDs, see T. Bettinger and M. Rodenbaugh, ‘ICANN’s New gTLD Program’ in Bettinger, T. and Waddel, A. (eds.) Domain Name Law and Practice: An International Handbook (Oxford, Oxford University Press, 2015), pp. 65-123.

[48] The statistics of the New gTLDs Program can be consulted at: .

[49] For a complete and up-to-date list of delegated strings, see .

[50] Each applicant had to pay a fee of USD 185,000 in order to have its application considered.

[51] M. Mueller (2002), supra note 9, pp. 78-81.

[52] Id., p. 108.

[53] D. Lindsay, International Domain Name Law. ICANN and the UDRP (Oxford/Portland: Hart Publishing, 2007), p. 10.

[54] M. Mueller, Networks and States: The Global Politics of Internet Governance (Cambridge, MA: MIT Press, 2010), pp. 201-204.

[55] The rules and standards applicable to the objection procedures are set forth in Module 3 of the Applicant Guidebook and in the ‘New gTLD Dispute Resolution Procedure’ attached thereto.

[56] For a comprehensive overview of the objection procedures’ rules and outcomes, see T. Bettinger, ‘Rights Protection Against Applications for New gTLDs (Pre-Delegation Dispute Resolution)’ in Bettinger, T. and Waddel, A. (2015), supra note 47, pp. 1077-1163.

[57] ICANN announced in May 2012 that Alain Pellet, a French professor of public international law, would serve as the independent objector.

[58] AGB, § 3.2.5.

[59] AGB, § 3.2.5.

[60] AGB, § 3.4.6.

[61] Independent Objector, Final Activity Report, 29 July 2014, , p. 31.

[62] AGB, § 5.1.

[63] AGB, § 3.5.3.

[64] The AGB mentions the following international instruments: the Universal Declaration of Human Rights (UDHR); the International Covenant on Civil and Political Rights (ICCPR); the Convention on the Elimination of All Forms of Discrimination Against Women (CEDAW); the International Convention on the Elimination of All Forms of Racial Discrimination; Declaration on the Elimination of Violence against Women, the International Covenant on Economic, Social, and Cultural Rights; the Convention against Torture and Other Cruel, Inhuman, or Degrading Treatment or Punishment; the International Convention on the Protection of the Rights of all Migrant Workers and Members of their Families; the Slavery Convention; the Convention on the Prevention and Punishment of the Crime of Genocide and the Convention on the Rights of the Child.

[65] The study included the following countries: Brazil, Egypt, France, Hong Kong, Japan, Malaysia, South Africa, Switzerland and the U.S.

[66] ICANN, New gTLD Program Explanatory Memorandum: Standards for Morality and Public Order Research, 30 May 2009, .

[67] ICANN, New gTLD Program Explanatory Memorandum: Morality and Public Order Objection Considerations in New gTLDs, 29 October 2008,‐gtlds/morality‐public‐order‐draft‐29oct08‐en.pdf , p. 4.

[68] All the expert determinations rendered on objections filed against new gTLD applications are fully available from: .

[69] All of the independent objector’s objections are available from: .

[70] AGB, § 3.5.3 (emphasis added).

[71] ICC, International Centre for Expertise, Independent Objector vs. Silver Glen LLC, 26 November 2013, EXP/411/ICANN/28 (.healthcare), § 25.

[72] Id., § 35 (emphasis added).

[73] ICC, International Centre for Expertise, Independent Objector vs. Steel Hill LLC, 2 January 2014, EXP/413/ICANN/30 (.medical), § 49 (emphasis added).

[74] Id. (emphasis added).

[75] ICC, International Centre for Expertise, Independent Objector vs. DotHealth LLC, 16 December 2013, EXP/416/ICANN/33 (.health), § 89; Independent Objector vs. Goose Fest LLC, 16 December 2013, EXP/417/ICANN/34 (.health), § 92.

[76] ICC, International Centre for Expertise, Independent Objector vs. DotHealth LLC, 16 December 2013, EXP/416/ICANN/33 (.health), § 103; Independent Objector vs. Goose Fest LLC, 16 December 2013, EXP/417/ICANN/34 (.health), § 106; Independent Objector vs. Steel Hill LLC, 2 January 2014, EXP/413/ICANN/30 (.medical), § 50.

[77] ICC, International Centre for Expertise, Independent Objector vs. Affilias Limited, 6 November 2013, EXP/409/ICANN/26 (.health), §§ 66-77; Independent Objector vs. Silver Glen LLC, 26 November 2013, EXP/411/ICANN/28 (.healthcare), §§ 47-55.

[78] ICC, International Centre for Expertise, Independent Objector vs. HEXAP SAS, 19 December 2013, EXP/410/ICANN/27 (.med), § 112; Independent Objector vs. Medistry LLC, 19 December 2013, EXP/414/ICANN/31 (.med), § 108; Independent Objector vs. Charleston Road Registry Inc., 19 December 2013, EXP/415/ICANN/32 (.med), § 103.

[79] Id., EXP/410/ICANN/27 (.med), § 113; EXP/414/ICANN/31 (.med), § 109; EXP/415/ICANN/32 (.med), § 104.

[80] Id., EXP/410/ICANN/27 (.med), § 120; EXP/414/ICANN/31 (.med), § 116; EXP/415/ICANN/32 (.med), § 111 (emphasis added).

[81] ICC, International Centre for Expertise, Independent Objector vs. Ruby Pike LLC, 11 December 2013, EXP/412/ICANN/29 (.hospital), Determination of the majority, § 88.

[82] Id., §§ 87-88.

[83] The panel referred to R. Dworkin, Taking rights seriously (1977).

[84] ICC, International Centre for Expertise, Independent Objector vs. Ruby Pike LLC, 11 December 2013, EXP/412/ICANN/29 (.hospital), Determination of the majority, § 89.

[85] Id.

[86] ICC, International Centre for Expertise, Independent Objector vs. Ruby Pike LLC, 11 December 2013, EXP/412/ICANN/29 (.hospital), Dissenting opinion, § 17.

[87] Id., § 29.

[88] The reconsideration process enables any person or entity materially affected by an action (or inaction) of ICANN to request review or reconsideration of that action by the BGC (ICANN, Bylaws, Article IV, Section 2).

[89] ICANN, BGC, Recommendation on Reconsideration request 13-5, 1 August 2013, .

[90] ICANN, BGC, Determination on Reconsideration request 13-23, 5 February 2014, .

[91] The Cooperative Engagement Process is a process voluntarily invoked by a complainant prior to the filing of an Independent Review Process (see supra note 42) for the purpose of resolving or narrowing the issues that are contemplated to be brought to the Independent Review Process (ICANN, Bylaws, Article IV, Section 3, §§ 14-17).

[92] The ICANN Board provided for a similar review mechanism to address a perceived inconsistency in two sets of expert determinations rendered on the ground of string confusion (ICANN, Meeting of the Board New gTLD Program Committee, Resolutions 2014.10.12.NG02 – 2014.10.12.NG03, 12 October 2014, ).

[93] ICANN, Regular Meeting of the Board, Resolutions 2016.02.03.12- 2016.02.03.13, 3 February 2016, .

[94] ICC, International Centre for ADR, Internet Corporation for Assigned Names and Numbers in relation to the matter EXP/412/ICANN/29 between Independent Objector vs. Ruby Pike LLC, 31 August 2016, §§ 64-69.

[95] Id., §§ 70-76.

[96] Id., §§ 77-79.

[97] AGB, § 3.2.1.

[98] AGB, §

[99] All the expert determinations rendered on objections filed against new gTLD applications are fully available from: .

[100] ICC, International Centre for Expertise, The International Union of Architects vs. Spring Frostbite LLC, 3 September 2013, EXP/384/ICANN/1 (.architect), § 129.

[101] ICC, International Centre for Expertise, Independent Objector vs. Steel Hill LLC, 21 November 2013, EXP/407/ICANN/24 (.medical), §§ 161-166.

[102] ICC, International Centre for Expertise, The Financial Services Roundtable vs. Auburn Park LLC, 14 January 2014, EXP/432/ICANN/49 (.insurance), §§ 175-178.

[103] ICC, International Centre for Expertise, Telecommunications Regulatory Authority of the United Arab Emirates vs. Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti., 24 October 2013, EXP/430/ICANN/47 (.islam), §§ 136-145 & EXP/427/ICANN/44 (.halal), §§ 143-152.

[104] Id., EXP/430/ICANN/47 (.islam), § 142; EXP/427/ICANN/44 (.halal), § 149.

[105] Id., EXP/430/ICANN/47 (.islam), § 144; EXP/427/ICANN/44 (.halal), § 151.

[106] ICC, International Centre for Expertise, Independent Objector vs. Charleston Road Registry Inc., 30 December 2013, EXP/404/ICANN/21 (.med), § 81; International Banking Federation vs. Dotsecure Inc., 26 November 2013, EXP/389/ICANN/6 (.bank), §§ 163-166.

[107] ICC, International Centre for Expertise, Sportaccord vs. Dot Sport Limited, 23 October 2013, EXP/471/ICANN/88 (.sport), § 158; Sportaccord vs. Steel Edge LLC, 21 January 2014, EXP/486/ICANN/103 (.sports), § 43.4; Fédération Internationale de Ski vs. Wild Lake LLC, 21 January 2014, EXP/421/ICANN/38 (.ski), § 48.4; International Rugby Board vs. Dot Rugby Limited, 31 January 2014, EXP/517/ICANN/132 (.rugby), § 76; International Rugby Board vs. Atomic Cross LLC, 31 January 2014, EXP/519/ICANN/134 (.rugby), § 90.

[108] Dotgay would notably restrict registrations to only bona fide members of the community through the use of an authentication system relying on partners from all segments of the LGBTQ community, and work on a non-profit basis, devoting its revenues to fund gay organizations and other initiatives in the community (Application for .gay filed by Dotgay, 1-1713-23699, Response to questions 18(b) and 20(e), available from: ).

[109] Only one applicant (Top Level Domain Holdings Limited) indicated it would provide for a procedure to report inappropriate, harmful or damaging content.

[110] AGB, § 3.5.4.

[111] ICC, International Centre for Expertise, The International Lesbian Gay Bisexual Trans and Intersex Association (ILGA) vs. Top Level Design LLC, 16 November 2013, EXP/392/ICANN/9 (.gay), §§ 22-31; ILGA vs. Top Level Domain Holdings Limited, 16 November 2013, EXP/393/ICANN/10 (.gay), §§ 21-30; ILGA vs. United TLD Holdco Ltd., 16 November 2013, EXP/394/ICANN/11 (.gay), §§ 22-31.

[112] String contention (i.e. the scenario in which several applications for identical or confusingly similar strings remain after the initial evaluation performed by ICANN and potential objection proceedings) is dealt with in a subsequent procedure (AGB, Module 4).

[113] ICC, International Centre for Expertise, Independent Objector vs. Amazon EU S.à.r.l, 27 January 2014, Consolidated cases EXP/396/ICANN/13 (.amazon), EXP/397/ICANN/14 (.アマゾン) and EXP/398/ICANN/15 (.亚逊), §§ 99-105.

[114] Id., § 103.

[116] ICANN, Meeting of the Board New gTLD Program Committee, 14 May 2014, Resolution 2014.05.14.NG03, .

[117] AGB, § 3.1.

[118] The ICANN Board acknowledged that establishing a general review mechanism may be appropriate in future rounds of the New gTLDs Program, to promote the goals of predictability and fairness (ICANN, Regular Meeting of the Board, Rationale to Resolutions 2016.02.03.12- 2016.02.03.13, 3 February 2016, ).

[119] The Base Registry Agreement and all Registry Agreements are available from: .

[120] For a detailed account of the contractual network of the gTLD namespace, see E. Weitzenboeck, ‘Hybrid net: the regulatory framework of ICANN and the DNS’ (2014) 22(1) International Journal of Law and Information Technology, at pp. 54-59.

[121] GAC, Toronto Communiqué, 17 October 2012, IV.1, .

[122] ICANN, Base Registry Agreement, updated 9 January 2014, Specification 11 .

[123] Specification 11(2) of the Base Registry Agreement.

[124] Specification 11(3) of the Base Registry Agreement.

[125] Section 2.17 of the Base Registry Agreement states: “Registry Operator shall comply with the public interest commitments set forth in Specification 11 attached hereto”.

[126] Public Interest Commitment Dispute Resolution Procedure (PICDRP), 19 December 2013, .

[127] Specification 11(3) of the Base Registry Agreement.

[128] ICANN, Posting of Public Interest Commitments (PIC) Specifications Completed, 6 March 2013, .

[129] GAC, Beijing Communiqué, 11 April 2013, .

[130] GAC Beijing Communiqué, Safeguard 2, p. 7 (emphasis added).

[131] Id., Safeguard 5, p. 8.

[132] Id., Safeguard 6, p. 8 (emphasis added).

[133] ICANN, Meeting of the Board New gTLD Program Committee, Resolutions 2013.06.25.NG02 and 2013.06.25.NG03, 25 June 2013, .

[134] Specification 11.3(a) of the Base Registry Agreement (emphasis added).

[135] Specification 11(1) of the Base Registry Agreement.

[136] ICANN, 2013 Registrar Accreditation Agreement, , § 3.18 (emphasis added).

[137] L. DeNardis (2012), supra note 1, p.728.

[138] Prioritizing Resources and Organization for Intellectual Property (PRO-IP) Act of 2008, Section 206(a), Pub. L. No. 110-403, 122 Stat. 4256 (codified at 18 U.S. Code § 2323).

[139] A. Bridy, ‘Carpe Omnia: Civil Forfeiture in the War on Drugs and the War on Piracy’ (2012) 46 Arizona State Law Journal, spec. pp. 688-694.

[140] K. Kopel, ‘Operation Seizing Our Sites: How the Federal Government is Taking Domain Names Without Prior Notice’ (2013) 28 Berkeley Technology Law Journal pp. 859-900.

[141] J. Mellyn, ‘Reach Out and Touch Someone: The Growing Use of Domain Name seizure as a Vehicle for the Extraterritorial Enforcement of U.S. Law’ (2011) 42 Georgetown Journal of International Law pp. 1241-1264.

[142] Following legal actions that involved seizures and transfers of domain names to dismantle criminal networks, ICANN staff published a “thought paper” to offer guidance for preparing orders that seek to seize or take down domain names (ICANN, “Guidance for Preparing Domain Name Orders, Seizures & Takedowns”, 7 March 2012, ).

[143] Section 2.8 of the Base Registry Agreement; Section 3.18 of 2013 Registrar Accreditation.

[144] A. Grogan, ‘ICANN is not the Internet Content Police’, 12 June 2015, .

[145] ICANN, 54th General Meeting in Dublin, Welcome Ceremony & President's Opening Session, 19 October 2015, transcript available from , , pp. 29 and seq.

[146] D.G. Post, ‘Internet Infrastructure and IP Censorship’ (2015) IP Justice Journal, .

[147] Electronic Frontier Foundation, ‘Voluntary Practices and Rights Protection Mechanisms: Whitewashing Censorship at ICANN’ (21 October 2015), .

[148] The current version of the .com RA was initially set to expire on 30 November 2018. In October 2016, the term of the contract was extended to 30 November 2024 to coincide with the term of the Root Zone Maintainer Services Agreement concluded in September 2016 between ICANN and Verisign to transition the NTIA’s administrative role regarding root zone management (First Amendment to .com Registry Agreement, 20 October 2016, ). The amendment was a simple extension of the term of the .com RA and did not include the new standard clauses of the New gTLDs RA. Several commenters criticized the absence of the new safeguards and protection mechanisms. Taking note of these comments, the ICANN Board indicated that the amendment includes a provision that commits the parties to cooperate and negotiate in good faith to amend the .com RA by the second anniversary date of the amendment in order to preserve and enhance the security of the Internet or the TLD. According to the Board, this language was negotiated to provide an opportunity for longer term discussions and additional community input that may be needed to discuss potential changes to the .com RA, such as moving to the form of the New gTLDs RA (ICANN, Regular Meeting of the Board, Resolution 2016.09.15.09, 15 September 2016, ).



Any party may pass on this Work by electronic means and make it available for download under the terms and conditions of the Digital Peer Publishing License. The text of the license may be accessed and retrieved at

JIPITEC – Journal of Intellectual Property, Information Technology and E-Commerce Law
Article search
Extended article search
Subscribe to our newsletter
Follow Us