The Centre for Internet and Society
https://cis-india.org
These are the search results for the query, showing results 1 to 15.
Where Does ICANN’s Money Come From? We Asked; They Don’t Know
https://cis-india.org/internet-governance/blog/where-does-icann2019s-money-come-from-we-asked-they-don2019t-know
<b>Just how transparent is ICANN? How responsive are they to requests for information? At CIS, we sent ICANN ten questions seeking information about, inter alia, their revenues, commitment to the NETmundial Principles, Globalisation Advisory Groups and organisational structure. Geetha Hariharan wonders at ICANN's reluctance to respond. </b>
<p> </p>
<h3>Why Is ICANN Here?</h3>
<p style="text-align: justify; ">The Internet Corporation for Assigned Names and Numbers (<a href="https://cis-india.org/internet-governance/blog/icann.org">ICANN</a>) is responsible for critical backbones of the Internet. It manages the root server system, the global allocation of IP addresses, protocol registries and the domain name system (management of gTLDs, ccTLDs, as well as the newly rolled-out “new gTLDs”).</p>
<p style="text-align: justify; ">ICANN was incorporated in California in 1998, and was intended as the technical coordination body for the backbone of the Internet. That is, it was to administer the Internet’s domain names and IP addresses, and also manage the Internet root servers.</p>
<p style="text-align: justify; ">As a result of <a href="http://www.ntia.doc.gov/page/iana-functions-purchase-order">an agreement</a> with the National Telecommunications and Information Administration (NTIA) in the US Department of Commerce, ICANN is the IANA functions operator. It carries out the <a href="https://www.icann.org/en/system/files/files/iana-factsheet-24mar14-en.pdf">IANA functions</a>, which include making changes to the <a href="http://en.wikipedia.org/wiki/DNS_root_zone">root zone file</a> (the backbone of the domain name system), allocation of IP address blocks to the five Regional Internet Registries (RIRs), and maintaining protocol parameter registries in collaboration with the Internet Engineering Task Force (IETF). The RIRs are responsible for allocating IP addresses (IPv4 and IPv6) to national and local Internet registries. The IETF develops Internet standards and protocols, such as those within <a href="http://en.wikipedia.org/wiki/Internet_protocol_suite">the TCP/IP suite</a>. To be clear, ICANN does not make policy for the IP address or Internet standards/protocols; those are the domains of RIRs and the IETF, respectively.</p>
<h3 style="text-align: justify; ">ICANN, Domain Names and All That Buried Treasure</h3>
<p style="text-align: justify; ">ICANN is the <i>de facto</i> policy-making body for domain names. Through ICANN’s community Supporting Organisations and Advisory Committees (SOACs) – largely a multi-stakeholder community – ICANN determines policies for dispute resolution (see, for instance, <a href="https://www.icann.org/resources/pages/help/dndr/udrp-en">the UDRP</a> for domain name disputes), maintaining the <a href="http://whois.icann.org/">WHOIS database</a>, etc. for domain names.</p>
<p style="text-align: justify; ">Under its contracts with Top Level Domain (TLD) Registries, ICANN receives payment for all registrations and/or renewals of domain names. For instance, under <a href="https://www.icann.org/sites/default/files/tlds/bharti/bharti-agmt-pdf-09jan14-en.pdf">the <strong>.bharti </strong>Registry Agreement</a>, ICANN receives a fixed annual registry free of US $6250. If there are more than 50,000 registrations or renewals of domain names under a TLD (say, <strong>.bharti</strong>) in a quarter, then ICANN also receives an amount equal to (No. of registrations or renewals <span>X</span> US $0.25). <a href="https://www.icann.org/resources/pages/registries/registries-en">TLD Registries</a> “own” TLDs like <strong>.com</strong>, and they maintain a list of all the domain names registered under that TLD. There are around <a href="https://www.icann.org/resources/pages/registries/registries-agreements-en">816 such Registry Agreements</a>, and in FY14, ICANN received over US $47 million in Registry fees [<i>see </i><a href="https://www.icann.org/en/system/files/files/financial-report-fye-30jun14-en.pdf">page 7</a>].</p>
<p style="text-align: justify; ">Similar agreements exist between ICANN and domain name Registrars accredited by it, too. Domain name Registrars are entities like <a href="https://in.godaddy.com/">Go Daddy</a> and <a href="http://www.bigrock.in/">Big Rock</a>, from whom people like you and me (or companies) can register domain names. Only Registrars accredited by ICANN can register domain names that will be included in the ICANN DNS, the most frequently used DNS on the Web. Each Registrar pays a <a href="https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en#raa">yearly accreditation fee</a> of US $4000 to ICANN (see <span>Clause 3.9</span>). Each Registrar also <a href="https://www.icann.org/resources/pages/financials-55-2012-02-25-en">pays to ICANN</a> fees for every domain name registration or renewal. There are <a href="https://www.icann.org/registrar-reports/accredited-list.html">over 500 ICANN-accredited Registrars</a>, and in FY14, ICANN received over US $34.5 million in Registrar fees [<i>see </i><a href="https://www.icann.org/en/system/files/files/financial-report-fye-30jun14-en.pdf">page 7</a>].</p>
<p style="text-align: justify; ">Now, apart from this, in its IANA operator role, ICANN is responsible for the global allocation of IP addresses (IPv4 and IPv6). From the global pool of IP addresses, ICANN allocates to the five Regional Internet Registries (RIRs), which then allocate to National Internet Registries like the National Internet Exchange of India (<a href="http://www.nixi.in/en/contact-us/103-irinn">NIXI as IRINN</a>), local Internet registries or ISPs. For this, ICANN receives a combined contribution of US $823,000 each year as revenue from RIRs [<i>see, ex.</i>:<i> </i><a href="https://www.icann.org/en/system/files/files/financial-report-fye-30jun09-en.pdf">FY09 Financial Statements, page 3</a>].</p>
<p style="text-align: justify; "><span>And this isn’t all of it! With its </span><a href="http://newgtlds.icann.org/en/">new gTLD program</a><span>, ICANN is sitting on a large treasure trove. Each gTLD application cost US $185,000, and there were 1930 applications in the first round (that’s US $357 million). Where there arose disagreements as to the same or similar strings, ICANN initiated an auction process. Some new gTLDs were auctioned for </span><a href="http://www.circleid.com/posts/20141129_icann_new_gtld_auction_proceeds_approaching_30_million/">as high as US $6 million</a><span>.</span></p>
<p style="text-align: justify; ">So ICANN is sitting on a great deal of treasure (US $355 million in revenues in FY14 and growing). It accumulates revenue from a variety of quarters; the sources identified above are by no means the only revenue-sources. But ICANN is unaware of, or unwilling to disclose, all its sources of revenue.</p>
<h3 style="text-align: justify; ">ICANN's Troubling Scope-creep and Does Transparency Matter?</h3>
<p style="text-align: justify; ">At CIS, we are concerned by ICANN’s unchecked influence and growing role in the Internet governance institutional space. For instance, under its CEO Fadi Chehade, ICANN was heavily involved backstage for NETmundial, and has set aside over US $200,000 for Mr. Chehade’s brainchild, the NETmundial Initiative. Coupled with its lack of transparency and vocal interests in furthering <i>status quo </i>(for instance, both the names and numbers communities’ proposals for IANA transition want ICANN to remain the IANA functions operator, without stringent safeguards), this makes for a dangerous combination.</p>
<p style="text-align: justify; ">The clearest indication lies in the money, one might say. <a href="http://cis-india.org/internet-governance/blog/icann-accountability-iana-transition-and-open-questions">As we have written before</a>, ICANN budgets for less than US $10 million for providing core Internet functions out of a US $160 million strong budget (<a href="https://www.icann.org/en/system/files/files/adopted-opplan-budget-fy15-01dec14-en.pdf">Budget FY15, page 17</a>). It has budgeted, in comparison, US $13 million for travel and meetings alone, and spent over US $18 million on travel in FY14 (<a href="https://www.icann.org/en/system/files/files/adopted-opplan-budget-fy15-01dec14-en.pdf">Budget FY15, page 11</a>).</p>
<p style="text-align: justify; ">To its credit, ICANN <a href="https://www.icann.org/resources/pages/governance/financials-en">makes public</a> its financial statements (current and historic), and community discussions are generally open. However, given the understandably complex contractual arrangements that give ICANN its revenues, even ploughing through the financials does not give one a clear picture of where ICANN’s money comes from.</p>
<p style="text-align: justify; ">So one is left with questions such as the following: Which entities (and how many of them) pay ICANN for domain names? What are the vendor payments received by ICANN and who pays? Who all have paid ICANN under the new gTLD program, and for what purposes? Apart from application fees and auctions, what other heads of payment exist? How much does each RIR pay ICANN and what for, if <a href="https://www.arin.net/policy/nrpm.html#six41">IP addresses are not property to be sold</a>? For how many persons (and whom all) does ICANN provide pay for, to travel to meetings and other events?<span> </span></p>
<p style="text-align: justify; ">You may well ask why these questions matter, and whether we need greater transparency. <span>To put it baldly: ICANN’s transparency is crucial. ICANN is today something of a monopoly; it manages the IANA functions, makes policy for domain names and is increasingly active in Internet governance. It is without greater (effective) accountability than a mere review by the NTIA, and some teething internal mechanisms like the </span><a href="https://www.icann.org/resources/pages/didp-2012-02-25-en">Documentary Information Disclosure Policy</a><span> (DIDP), </span><a href="https://www.icann.org/resources/pages/accountability/ombudsman-en">Ombudsman</a><span>, </span><a href="https://www.icann.org/resources/pages/reconsideration-and-independent-review-icann-bylaws-article-iv-accountability-and-review">Reconsideration and Independent Review</a><span> and the </span><a href="https://www.icann.org/en/system/files/files/final-recommendations-31dec13-en.pdf">Accountability and Transparency Review</a><span> (ATRT). I could elaborate on why these mechanisms are inadequate, but this post is already too long. Suffice it to say that by carefully defining these mechanisms and setting out their scope, ICANN has stifled their effectiveness. For instance, a Reconsideration Request can be filed if one is aggrieved by an action of ICANN’s Board or staff. Under ICANN’s By-laws (</span><a href="https://www.icann.org/resources/pages/governance/bylaws-en#IV">Article IV, Section 2</a><span>), it is the Board Governance Committee, comprising ICANN Board members, that adjudicates Reconsideration Requests. This simply violates the principles of natural justice, wherein one may not be a judge in one’s own cause (</span><i>nemo debet esse judex in propria causa</i><span>).</span></p>
<p style="text-align: justify; ">Moreover, ICANN serves corporate interests, for it exists on account of contractual arrangements with Registries, Registrars, the NTIA and other sundry entities. ICANN has also troublingly reached into Internet governance domains to which it was previously closed, such as the NETmundial Initiative, the NETmundial, the IGF and its Support Association. It is unclear that ICANN was ever intended to overreach so, a point admitted by Mr. Chehade himself at the <a href="https://www.youtube.com/watch?v=Cio31nsqK_A">ICANN Open Forum</a> in Istanbul (IGF 2014).</p>
<p style="text-align: justify; ">Finally, despite its professed adherence to multi-stakeholderism, there is evidence that ICANN’s policy-making and functioning revolve around small, cohesive groups with multiple professional inter-linkages with other I-Star organisations. For instance, a <a href="http://cis-india.org/internet-governance/blog/ianas-revolving-door">revolving door study</a> by CIS of the IANA Coordination Group (ICG) found that 20 out of 30 ICG members had close and longterm ties with I-Star organisations. This surely creates concern as to the impartiality and fairness of the ICG’s decision-making. It may, for instance, make a pro-ICANN outcome inevitable – and that is definitely a serious worry.</p>
<p style="text-align: justify; ">But ICANN is <i>intended </i>to serve the public interest, to ensure smooth, stable and resilient running of the Internet. Transparency is crucial to this, and especially so during the IANA transition phase. <a href="http://singapore52.icann.org/en/schedule/sun-iana-stewardship-accountability">As advisor Jan Scholte asked at ICANN52</a>, what accountability will ICANN exercise after the transition, and to whom will it be accountable? What, indeed, does accountability mean? The CCWG-Accountability is <a href="https://twitter.com/arunmsukumar/status/564269949237985280">still asking that question</a>. But meanwhile, one among our cohorts at CIS <a href="http://openup2014.org/privacy-vs-transparency-attempt-resolving-dichotomy/">has advocated</a> transparency as a check-and-balance for power.<span> </span></p>
<p style="text-align: justify; ">The DIDP process at ICANN may prove useful in the long run, but does it suffice as a transparency mechanism?</p>
<h3 style="text-align: justify; ">ICANN's Responses to CIS' DIDP Requests</h3>
<p style="text-align: justify; ">Over December ’14 and January ’15, CIS sent 10 DIDP requests to ICANN. Our aim was to test and encourage transparency from ICANN, a process crucial given the CCWG-Accountability’s deliberations on ways to enhance ICANN’s accountability. We have received responses for 9 of our requests. <b>We summarise ICANN’s responses in a table: <a href="https://cis-india.org/internet-governance/blog/table-of-cis-didp-requests/at_download/file">please go here</a></b>.</p>
<p style="text-align: justify; ">A glance at the table above will show that ICANN’s responses are largely negative. In 7 requests out of 9, ICANN provides very little new information. Though the responses are detailed, the majority of information they provide is already identified in CIS’ requests. For instance, in the response to the <b><a href="https://www.icann.org/resources/pages/20141228-1-netmundial-2015-01-28-en">NETmundial Request</a></b>, ICANN links us to blogposts written by CEO Fadi Chehade, where he notes the importance of translating the NETmundial Principles into action. They also link us to the Final Report of the Panel on Global Internet Cooperation and Governance Mechanism, and ICANN’s involvement in the NETmundial Initiative.<span> </span></p>
<p style="text-align: justify; ">However, to the query on ICANN’s own measures of implementing the NETmundial Principles – principles that it has lauded and upheld for the entire Internet governance community – ICANN’s response is surprisingly evasive. Defending lack of action, they note that “ICANN is not the home for implementation of the NETmundial Principles”. But ICANN also responds that they <i>already implement</i> the NETmundial Principles: “Many of the NETmundial Principles are high-level statements that <i>permeate through the work of any entity </i>– particularly a multistakeholder entity like ICANN – that is interested in the upholding of the inclusive, multistakeholder process within the Internet governance framework” (emphasis provided). One wonders, then, at the insistence on creating documents involving such high-level principles; why create them if they’re already implemented?<span> </span></p>
<p style="text-align: justify; ">Responses to other requests indicate that the DIDP is, in its current form, unable to provide the transparency necessary for ICANN’s functioning. For instance, in the response to the <b><a href="https://www.icann.org/resources/pages/20141228-1-ombudsman-2015-01-28-en">Ombudsman Request</a></b>, ICANN cites confidentiality as a reason to decline providing information. Making Ombudsman Requests public would violate ICANN Bylaws, and topple the independence and integrity of the Ombudsman.</p>
<p style="text-align: justify; ">These are, perhaps, valid reasons to decline a DIDP request. But it is also important to investigate these reasons. ICANN’s Ombudsman is appointed by the ICANN Board for 2 year terms, under <a href="https://www.icann.org/resources/pages/governance/bylaws-en#V">Clause V of ICANN’s Bylaws</a>. The Ombudsman’s principal function is to “provide an independent internal evaluation of complaints by members of the ICANN community who believe that the ICANN staff, Board or an ICANN constituent body has treated them unfairly”. The Ombudsman reports only to the ICANN Board, and all matters before it are kept confidential, including the names of parties and the nature of complaints. The Ombudsman reports on the categories of complaints he receives, and statistics regarding decisions in his <a href="https://www.icann.org/resources/pages/reports-96-2012-02-25-en">Annual Reports</a>; no details are forthcoming for stated reasons of confidentiality and privacy.<span> </span></p>
<p style="text-align: justify; ">This creates a closed circle in which the Ombudsman operates. The ICANN Board appoints the Ombudsman. He/she listens to complaints about unfair treatment by the ICANN Board, Staff or constituency. He/she reports to the ICANN Board alone. However, neither the names of parties, the nature of complaints, nor the decisions of the Ombudsman are publicly available. Such a lack of transparency throws doubt on the functioning of the Ombudsman himself – and on his independence, neutrality and the extent of ICANN’s influence on him/her. An amendment of ICANN’s Bylaws would then be imperative to rectify this problem; this matter is squarely within the CCWG-Accountability’s mandate and should be addressed.</p>
<p style="text-align: justify; ">As is clear from the above examples, ICANN’s DIDP is an inadequate tool to ensure transparency functioning. The Policy was crafted without community input, and requires substantial amendments to make it a sufficient transparency mechanism. CIS’ suggestions in this regard shall be available in our next post.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; "><i>CIS' Annual Reports are <a href="http://cis-india.org/about/reports">here</a>. Our audit is ongoing, and the Annual Report for 2013-14 will be up shortly. <i>Pranav Bidare (<i style="text-align: justify; ">3rd year)</i> of the National Law School, Bangalore assisted with research for this post, and created the table of CIS' DIDP requests and responses.</i></i></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/where-does-icann2019s-money-come-from-we-asked-they-don2019t-know'>https://cis-india.org/internet-governance/blog/where-does-icann2019s-money-come-from-we-asked-they-don2019t-know</a>
</p>
No publishergeethaAccountabilityICANNIANA TransitionTransparencyDIDP2015-03-05T07:43:45ZBlog EntryICANN’s Documentary Information Disclosure Policy – I: DIDP Basics
https://cis-india.org/internet-governance/blog/icann2019s-documentary-information-disclosure-policy-2013-i-didp-basics
<b>In a series of blogposts, Vinayak Mithal analyses ICANN's reactive transparency mechanism, comparing it with freedom of information best practices. In this post, he describes the DIDP and its relevance for the Internet community.</b>
<p style="text-align: justify; ">The Internet Corporation for Assigned Names and Numbers (“ICANN”) is a non-profit corporation incorporated in the state of California and vested with the responsibility of managing the DNS root, generic and country-code Top Level Domain name system, allocation of IP addresses and assignment of protocol identifiers. As an internationally organized corporation with its own multi-stakeholder community of Advisory Groups and Supporting Organisations, ICANN is a large and intricately woven governance structure. Necessarily, ICANN undertakes through its Bye-laws that “<i>in performing its functions ICANN shall remain accountable to the Internet community through mechanisms that enhance ICANN’s effectiveness</i>”. While many of its documents, such as its Annual Reports, financial statements and minutes of Board meetings, are public, ICANN has instituted the Documentary Information Disclosure Policy (“DIDP”), which like the RTI in India, is a mechanism through which public is granted access to documents with ICANN which are not otherwise available publicly. It is this policy – the DIDP – that I propose to study.</p>
<p style="text-align: justify; ">In a series of blogposts, I propose to introduce the DIDP to unfamiliar ears, and to analyse it against certain freedom of information best practices. Further, I will analyse ICANN’s responsiveness to DIDP requests to test the effectiveness of the policy. However, before I undertake such analysis, it is first good to know what the DIDP is, and how it is crucial to ICANN’s present and future accountability.</p>
<h3><strong>What is the DIDP?</strong></h3>
<p style="text-align: justify; ">One of the core values of the organization as enshrined under Article I Section 4.10 of the Bye-laws note that “in performing its functions ICANN shall remain accountable to the Internet community through mechanisms that enhance ICANN’s effectiveness”. Further, Article III of the ICANN Bye-laws, which sets out the transparency standard required to be maintained by the organization in the preliminary, states - “ICANN and its constituent bodies shall operate to the maximum extent feasible in an open and transparent manner and consistent with procedures designed to ensure fairness”.</p>
<p style="text-align: justify; ">Accordingly, ICANN is under an obligation to maintain a publicly accessible website with information relating to its Board meetings, pending policy matters, agendas, budget, annual audit report and other related matters. It is also required to maintain on its website, information about the availability of accountability mechanisms, including reconsideration, independent review, and Ombudsman activities, as well as information about the outcome of specific requests and complaints invoking these mechanisms.</p>
<p style="text-align: justify; ">Pursuant to Article III of the ICANN Bye-laws for Transparency, ICANN also adopted the DIDP for disclosure of publicly unavailable documents and publish them over the Internet. This becomes essential in order to safeguard the effectiveness of its international multi-stakeholder operating model and its accountability towards the Internet community. Thereby, upon request made by members of the public, ICANN undertakes to furnish documents that are in possession, custody or control of ICANN and which are not otherwise publicly available, provided it does not fall under any of the defined conditions for non-disclosure. Such information can be requested via an email to <a href="mailto:didp@icann.org">didp@icann.org</a>.</p>
<h3><strong>Procedure</strong></h3>
<ul style="text-align: justify; ">
<li>Upon the receipt of a DIDP request, it is reviewed by the ICANN staff.</li>
<li>Relevant documents are identified and interview of the appropriate staff members is conducted.</li>
<li>The documents so identified are then assessed whether they come under the ambit of the conditions for non-disclosure.
<ul>
<li>Yes - A review is conducted as to whether, under the particular circumstances, the public interest in disclosing the documentary information outweighs the harm that may be caused by such disclosure. </li>
<li>Documents which are considered as responsive and appropriate for public disclosure are posted on the ICANN website.</li>
<li>In case of request of documents whose publication is appropriate but premature at the time of response then the same is indicated in the response and upon publication thereafter, is notified to the requester.</li>
</ul>
</li>
</ul>
<h3><strong>Time Period and Publication </strong></h3>
<p style="text-align: justify; ">The response to the DIDP request is prepared by the staff and is made available to the requestor within a period of 30 days of receipt of request via email. The Request and the Response is also posted on the DIDP page <a href="http://www.icann.org/en/about/transparency">http://www.icann.org/en/about/transparency</a> in accordance with the posting guidelines set forth at <a href="http://www.icann.org/en/about/transparency/didp">http://www.icann.org/en/about/transparency/didp</a>.</p>
<h3><strong>Conditions for Non-Disclosure</strong></h3>
<p style="text-align: justify; ">There are certain circumstances under which ICANN may refuse to provide the documents requested by the public. The conditions so identified by ICANN have been categorized under 12 heads and includes internal information, third-party contracts, non-disclosure agreements, drafts of all reports, documents, etc., confidential business information, trade secrets, information protected under attorney-client privilege or any other such privilege, information which relates to the security and stability of the internet, etc.</p>
<p style="text-align: justify; ">Moreover, ICANN may refuse to provide information which is not designated under the specified conditions for non-disclosure if in its opinion the harm in disclosing the information outweighs the public interest in disclosing the information. Further, requests for information already available publicly and to create or compile summaries of any documented information may be declined by ICANN.</p>
<h3><strong>Grievance Redressal Mechanism </strong></h3>
<p style="text-align: justify; ">In certain circumstances the requestor might be aggrieved by the response received and so he has a right to appeal any decision of denial of information by ICANN through the Reconsideration Request procedure or the Independent Review procedure established under Section 2 and 3 of Article IV of the ICANN Bye-laws respectively. The application for review is made to the Board which has designated a Board Governance Committee for such reconsideration. The Independent Review is done by an independent third-party of Board actions, which are allegedly inconsistent with the Articles of Incorporation or Bye-laws of ICANN.</p>
<h3><strong>Why does the DIDP matter?</strong></h3>
<p style="text-align: justify; ">The breadth of ICANN’s work and its intimate relationship to the continued functioning of the Internet must be appreciated before our analysis of the DIDP can be of help. ICANN manages registration and operations of generic and country-code Top Level Domains (TLD) in the world. This is a TLD:</p>
<p style="text-align: justify; "><img src="https://cis-india.org/internet-governance/blog/TLD.jpg/@@images/1bb21859-d1aa-41c6-b5e0-4041ae099f54.jpeg" alt="TLD" class="image-inline" title="TLD" /></p>
<p style="text-align: justify; ">(<i>Source</i>: <a class="external-link" href="http://geovoices.geonetric.com/wp-content/uploads/2013/11/parts_of_a_domain_name.jpg">here</a>)</p>
<p style="text-align: justify; ">Operation of many gTLDs, such as .com, .biz or .info, is under contract with ICANN and an entity to which such operation is delegated. For instance, Verisign operates the .com Registry. Any organization that wishes to allow others to register new domain names under a gTLD (sub-domains such as ‘benefithealth’ in the above example) must apply to ICANN to be an ICANN-accredited Registrar. GoDaddy, for instance, is one such ICANN-accredited Registrar. Someone like you or me, who wants to get our own website – say, vinayak.com – buys from GoDaddy, which has a contract with ICANN under which it pays periodic sums for registration and renewal of individual domain names. When I buy from an ICANN-accredited Registrar, the Registrar informs the Registry Operator (say, Verisign), who then adds the new domain name (vinayak.com) to its registry list, and then it can be accessed on the Internet.</p>
<p style="text-align: justify; ">ICANN’s reach doesn’t stop here, technically. To add a new gTLD, an entity has to apply to ICANN, after which the gTLD has to be added to the root file of the Internet. The root file, which has the list of all TLDs (or all ‘legitimate’ TLDs, some would say), is amended by Verisign under its tripartite contract with the US Government and ICANN, after which Verisign updates the file in its ‘A’ <a href="http://root-servers.org/">root server</a>. The other 12 root servers use the same root file as the Verisign root server. Effectively, this means that <i>only </i>ICANN-approved TLDs (and all sub-domains such as ‘benefithealth’ or ‘vinayak’) are available across the Internet, on a global scale. Or at least, ICANN-approved TLDs have the most and widest reach. ICANN similarly manages country-code TLDs, such as .in for India, .pk for Pakistan or .uk for the United Kingdom.</p>
<p style="text-align: justify; ">All of this leads us to wonder whether the extent of ICANN’s voluntary and reactive transparency is sufficient for an organization of such scale and impact on the Internet, perhaps as much impact as the governments do. In the next post, I will analyse the DIDP’s conditions for non-disclosure of information with certain freedom of information best practices.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; "><i>Vinayak Mithal is a final year student at the Rajiv Gandhi National University of Law, Punjab. His interests lie in Internet governance and other aspects of tech law, which he hopes to explore during his internship at CIS and beyond. He may be reached at vinayakmithal@gmail.com.</i></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/icann2019s-documentary-information-disclosure-policy-2013-i-didp-basics'>https://cis-india.org/internet-governance/blog/icann2019s-documentary-information-disclosure-policy-2013-i-didp-basics</a>
</p>
No publisherVinayak MithalInternet GovernanceAccountabilityICANNDIDPTransparency2014-07-01T13:01:34ZBlog EntryDIDP Request #28 - ICANN renews Verisign’s RZM Contract?
https://cis-india.org/internet-governance/blog/didp-request-28-icann-renews-verisign2019s-rzm-contract
<b>Our request to ICANN was related to our (mistaken) assumption that Verisign and ICANN had signed an agreement for Root Zone Maintenance and had recently renewed it. In that context we had asked for information such as documents reflecting the decision making process, copy of the current RZM agreement, public comments and an audit report of Verisign’s RZM functions.</b>
<p><span id="docs-internal-guid-dc70c719-3ad7-83a2-c0d1-26fed23ada1a">The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-20160502-1-cis-request-02may16-en.pdf"><span>here</span></a><span>.</span></p>
<h3><span>What ICANN said</span></h3>
<p style="text-align: justify; "><span>ICANN clarified that it has never been party to the RZM agreement which was made between NTIA and Verisign. According to an ICANN-Verisign joint document, the Root Zone Management Systems allows “ICANN as the IANA Functions Operator (IFO), Verisign, as the Root Zone Maintainer (RZM), and the National Telecommunications and Information Administration (NTIA) at the U.S. Department of Commerce (DoC), as the <a class="external-link" href="https://www.ntia.doc.gov/files/ntia/publications/root_zone_administrator_proposal-relatedtoiana_functionsste-final.pdf">Root Zone Administrator</a> (RZA).” The only agreement related to this is the one of cooperation between Verisign and the NTIA.</span></p>
<p style="text-align: justify; "><span>Accordingly, as the role of NTIA is transitioned to the multi-stakeholder community, Verisign and ICANN are working out terms and conditions of their own agreement to facilitate this transition together. In response to NTIA’s request for a proposal for this transition, Verisign and ICANN submitted this document. Besides these, ICANN states that it does not have any documents responsive to our requests.</span></p>
<p style="text-align: justify; "><span><span id="docs-internal-guid-dc70c719-3ad9-a0d0-e404-48de850f938b">ICANN's response to our DIDP request may be found </span><a href="https://www.icann.org/en/system/files/files/didp-20160502-1-cis-response-01jun16-en.pdf"><span>here</span></a><span>.</span></span></p>
<p style="text-align: justify; "><span><br /></span></p>
<p style="text-align: justify; "><span><br /></span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-28-icann-renews-verisign2019s-rzm-contract'>https://cis-india.org/internet-governance/blog/didp-request-28-icann-renews-verisign2019s-rzm-contract</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-30T08:10:17ZBlog EntryDIDP Request #27 - On ICANN’s support to new gTLD Applicants
https://cis-india.org/internet-governance/blog/didp-request-27-on-icann2019s-support-to-new-gtld-applicants
<b>In order to promote access to the New gTLD Program in developing regions, ICANN set up the New gTLD Applicant Support Program (Program) which seeks to facilitate cooperation between gTLD applicants from developing countries and those willing and able to support them financially (and in kind).</b>
<p><a class="external-link" href="https://newgtlds.icann.org/en/applicants/candidate-support/non-financial-support">Click for Applicant Support Directory</a></p>
<hr />
<p>We requested ICANN for information about this program. Specifically, we asked them for information on:</p>
<ul>
<li>The number of applicants to the program and the amount received by them;</li>
<li>The basis on which these applicants were selected;</li>
<li>The amount that has been utilized thus far for this program;</li>
<li>Contributions by donors;</li>
<li>What “in kind” support means and includes.</li>
</ul>
<p><span id="docs-internal-guid-d0a4e7de-3ad0-b071-d564-c2b005d37412">The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-20160426-1-cis-request-26apr16-en.pdf"><span>here</span></a><span>.</span></p>
<h3><span>What ICANN said</span></h3>
<p style="text-align: justify; "><span>ICANN answered all our questions in a satisfactory manner. There were three applicants to the program. Two of these: Nameshop, and Ummah Digital Ltd, did not meet the eligibility criteria listed in the handbook and therefore only one other applicant, DotKids, received the financial support. Of the USD 2,000,000 set aside, USD 135,000 was awarded to them.</span></p>
<p style="text-align: justify; "><span>The eligibility criteria is listed in the New <a class="external-link" href="https://newgtlds.icann.org/en/applicants/candidate-support/financial-assistance-handbook-11jan12-en.pdf">gTLD Financial Assistance Handbook</a> and candidates are evaluated by the Support Applicant Review Panel (SARP), “which was comprised of five volunteer members from the community with experience in the domain name industry, in managing small businesses, awarding grants, and assisting others on financial matters in developing countries.”</span></p>
<p style="text-align: justify; "><span>The USD 2,000,000 allotted to this program was set aside by ICANN’s board and as it is not exhausted, no external contributions were sought by ICANN (in cash or in kind). However, ICANN failed to explain what “in kind” contributions would be.</span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-27-on-icann2019s-support-to-new-gtld-applicants'>https://cis-india.org/internet-governance/blog/didp-request-27-on-icann2019s-support-to-new-gtld-applicants</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-30T08:03:18ZBlog EntryDIDP Request #25 - Curbing Sexual Harassment at ICANN
https://cis-india.org/internet-governance/blog/didp-request-25-curbing-sexual-harassment-at-icann
<b>Markus Kummer at Public Forum 2 mentioned that ICANN has standards of behavior regarding sexual harassment that are applicable for its staff.</b>
<p style="text-align: justify; "><a class="external-link" href="https://meetings.icann.org/en/marrakech55/schedule/thu-public-forum/transcript-public-forum-10mar16-en.pdf">Marrakech Public Forum 2</a></p>
<p style="text-align: justify; ">In light of that statement, CIS requested ICANN to publish the following information:</p>
<ul style="text-align: justify; ">
<li>Information about the individual or organization conducting ICANN’s sexual harassment training</li>
<li>Materials used during this training</li>
<li>ICANN’s internal sexual harassment policy</li>
</ul>
<p dir="ltr" id="docs-internal-guid-fe41cc04-3a6e-cf9f-49f8-133f17ad6466" style="text-align: justify; "><span>The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-20160423-4-cis-request-23apr16-en.pdf"><span>here</span></a><span>. </span></p>
<h3 style="text-align: justify; "><span>What ICANN said</span></h3>
<p style="text-align: justify; "><span>ICANN’s response answered our questions adequately. The organization conducting their sexual harassment training is <a class="external-link" href="http://www.navexglobal.com/en-us">NAVEX Global</a>. It is an interactive online training and as such, all materials are within that platform. Besides, ICANN could not publish these materials as it would be an infringement of NAVEX Global’s intellectual property right. ICANN also attached with the response, their internal sexual harassment policy.</span></p>
<p dir="ltr" id="docs-internal-guid-fe41cc04-3a6f-624f-fe3b-ddb4b40c7729" style="text-align: justify; "><span>ICANN's response to our DIDP request (and the attached policy document) may be found </span><a href="https://www.icann.org/en/system/files/files/didp-20160423-4-cis-response-21may16-en.pdf"><span>here</span></a><span>. </span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-25-curbing-sexual-harassment-at-icann'>https://cis-india.org/internet-governance/blog/didp-request-25-curbing-sexual-harassment-at-icann</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-30T06:14:29ZBlog EntryDIDP Request #23 - ICANN does not Know how Diverse its Comment Section Is
https://cis-india.org/internet-governance/blog/didp-request-23-icann-does-not-know-how-diverse-its-comment-section-is
<b>While researching ICANN and the IANA Stewardship Transition Coordination Group (ICG), we came across a diversity analysis report of a public comment section.</b>
<p>See ICG <a class="external-link" href="https://www.ianacg.org/icg-files/documents/Public-Comment-Summary-final.pdf">report here</a>.</p>
<hr />
<p dir="ltr" id="docs-internal-guid-98241daf-39f3-a4ed-02bf-96954e3e93bc">We requested ICANN for similar reports on the ICANN public comment section. <span>The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-20160423-2-cis-request-23apr16-en.pdf"><span>here</span></a><span>. </span></p>
<h3><span>What ICANN said</span></h3>
<p><span>ICANN stated that they do not conduct diversity analysis on their comment sections. This is a shame, given that the one from ICG was so informative, clear and concise. Instead they provided us with links to reports and analyses of the different topics that were up for comments and an annual report on public comments. </span></p>
<p><span>ICANN’s public comments section is one of the important ways in which different stakeholders and community members get involved with the organization. A diversity analysis of this section for different topics could help in informing the public about which parts of the world actually get involved in ICANN through this mechanism We suggest that ICANN make it a regular part of their report. </span></p>
<p dir="ltr" id="docs-internal-guid-98241daf-3a5b-f097-254d-8f533cb585a7"><span>ICANN's response to our DIDP request may be found </span><a href="https://www.icann.org/en/system/files/files/didp-20160423-2-cis-response-14may16-en.pdf"><span>here</span></a><span>. </span></p>
<p dir="ltr" id="docs-internal-guid-98241daf-3a5c-2285-f58e-b435bb4e9419"><span>https://www.ianacg.org/icg-files/documents/Public-Comment-Summary-final.pdf <br /></span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-23-icann-does-not-know-how-diverse-its-comment-section-is'>https://cis-india.org/internet-governance/blog/didp-request-23-icann-does-not-know-how-diverse-its-comment-section-is</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-30T05:55:15ZBlog EntryDIDP Request #22 - Reconsideration Requests from Parties affected by ICANN Action
https://cis-india.org/internet-governance/blog/didp-request-22-reconsideration-requests-from-parties-affected-by-icann-action
<b>According to ICANN by-laws, ICANN has the responsibility to answer to reconsideration requests filed by those directly affected by its actions.</b>
<p>See ICANN <a class="external-link" href="https://www.icann.org/resources/pages/governance/bylaws-en#IV">bye-laws here</a></p>
<hr />
<p>The board governance committee must submit an annual report to the board containing the following information (paraphrased):</p>
<ul>
<li>Number and nature of Reconsideration Requests received including an identification of whether they were dismissed, acted upon or are pending.</li>
<li>If pending, the length of time and explanation if they have been pending for more than 90 days.</li>
<li>Explanation of other mechanisms ICANN has made available to ensure its accountability to those <a class="external-link" href="https://www.icann.org/resources/pages/accountability/reconsideration-en">directly affected by its actions</a>.</li>
</ul>
<p dir="ltr" id="docs-internal-guid-4e14eb60-39ec-c7bd-ff52-31efac77cf04">CIS requested copies of documents containing all this information. <span>The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-20160423-1-cis-request-23apr16-en.pdf"><span>here</span></a><span>. </span></p>
<h3><span>What ICANN said</span></h3>
<p dir="ltr" id="docs-internal-guid-4e14eb60-39ed-055a-ce62-cc9e39003f22"><span>ICANN surmised that all the information we sought can be found in their annual reports. ICANN linked us to those:</span><a href="https://www.icann.org/resources/pages/annual-reports-2012-02-25-en"><span> </span><span>https://www.icann.org/resources/pages/annual-reports-2012-02-25-en</span></a></p>
<p dir="ltr" id="docs-internal-guid-4e14eb60-39ed-3cfa-7ea6-5a3df710332c"><span>ICANN's response to our DIDP request may be found </span><a href="https://www.icann.org/en/system/files/files/didp-20160423-1-cis-response-14may16-en.pdf"><span>here</span></a><span>. </span></p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-22-reconsideration-requests-from-parties-affected-by-icann-action'>https://cis-india.org/internet-governance/blog/didp-request-22-reconsideration-requests-from-parties-affected-by-icann-action</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-30T03:52:01ZBlog EntryDIDP Request #21 - ICANN’s Relationship with the RIRs
https://cis-india.org/internet-governance/blog/didp-request-21-icann2019s-relationship-with-the-rirs
<b>At CIS, we wanted a clearer understanding of ICANN’s relationship with the 5 internet registries. The large amount contributed by the RIRs to ICANN’s funding lead us to question the nature of this relationship as well as the payment. We wrote to ICANN asking them for these details.</b>
<p dir="ltr" id="docs-internal-guid-9a337482-39e1-3bf5-987c-39a7275c7fd3" style="text-align: justify; "><span>The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-20151130-3-cis-request-30nov15-en.pdf"><span>here</span></a><span>. </span></p>
<h3 style="text-align: justify; "><span>What ICANN said</span></h3>
<p style="text-align: justify; "><span>ICANN’s response linked us to the Memorandum of Understanding signed by ICANN and the Number Resource Organization (NRO) which represents the 5 RIRs. The MoU replaces the ones signed by ICANN and <a class="external-link" href="http://archive.icann.org/en/aso/aso-mou-29oct04.htm">the individual RIRs</a>. The response also links us to a series of letters written by the NRO to ICANN reaffirming their commitment to the MoU. Interestingly, the MoU does not mention anything about payments or monetary contributions.</span></p>
<p style="text-align: justify; "><span>In response to the second part of our request focusing on their financial relationship, ICANN gave us the same information as they did earlier. However, as pointed out in this post, that information is either incomplete or inaccurate. Further, they reject the idea that providing anything more than the audited financial reports is necessary for public benefit. According to them, “the burden of compiling the requested documentary information from 2000 to the present would require ICANN to expend a tremendous amount of time and resources.” Therefore, they classified our request as falling under this condition for non-disclosure:<br /></span></p>
<p style="text-align: justify; "><span>“Information requests: (i) which are not reasonable; (ii) which are excessive or overly burdensome; (iii) complying with which is not feasible; or (iv) are made with an abusive or vexatious purpose or by a vexatious or <a class="external-link" href="https://www.icann.org/resources/pages/didp-2012-02-25-en">querulous individual</a>.”</span></p>
<p style="text-align: justify; "><span>We fail to see how an organization like ICANN does not already have its receipts and documentation in order. If they do, it would not be burdensome to publish them and if they don’t, well, that’s worrying for a lot of different reasons.</span></p>
<p style="text-align: justify; "><span><span id="docs-internal-guid-9a337482-39e4-88ef-f261-ef3d9fad1164">ICANN's response to our DIDP request may be found </span><a href="https://www.icann.org/en/system/files/files/didp-20151130-3-cis-response-30dec15-en.pdf"><span>here</span></a><span>.</span></span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-21-icann2019s-relationship-with-the-rirs'>https://cis-india.org/internet-governance/blog/didp-request-21-icann2019s-relationship-with-the-rirs</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-30T03:42:36ZBlog EntryDIDP Request #20 - Is Presumptive Renewal of Verisign’s Contracts a Good Thing?
https://cis-india.org/internet-governance/blog/didp-request-20-is-presumptive-renewal-of-verisign2019s-contracts-a-good-thing
<b>ICANN’s contract agreements with different registries contain a presumptive renewal clause. Unless they voluntarily give up their rights or there is a material breach by the registry operator, their contract with ICANN will be automatically renewed.</b>
<p style="text-align: justify; ">See the base registry agreement <a class="external-link" href="https://newgtlds.icann.org/sites/default/files/agreements/agreement-approved-09jan14-en.htm">here</a>.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; "><span id="docs-internal-guid-eb2fe452-396a-8d7f-0f0f-7f5c6e36a96a">In light of this, we filed a request asking ICANN for documents that discuss the rationale behind including the presumptive renewal clause. We also asked them for documents specific to the renewal of Verisign (.com and .net domains) and PIR (.org) contracts. <span id="docs-internal-guid-eb2fe452-396a-c7c2-28df-9d7efc6a7e37">The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-20151130-2-cis-request-30nov15-en.pdf"><span>here</span></a><span>.</span></span></p>
<h3 style="text-align: justify; "><span><span>What ICANN said</span></span></h3>
<p style="text-align: justify; "><span><span>ICANN provided a surprisingly comprehensive response to our request. They provided documents in response to our request and stated the rationale that has been given for including a presumptive renewal clause. According to the response, </span></span></p>
<p dir="ltr" id="docs-internal-guid-eb2fe452-396b-5b12-4075-067c0188cd47" style="text-align: justify; "><i><span>“Absent countervailing reasons, there is little public benefit, and some significant potential for disruption, in regular changes of a registry operator. In addition, a significant chance of losing the right to operate the registry after a short period creates adverse incentives to favor short term gain over long term investment.” </span></i></p>
<p dir="ltr" style="text-align: justify; "><span>ICANN explains that the contracts have been drawn such that they balance the concerns above with the ability to replace a registry that doesn’t serve the community as it is obliged to do. The response also offers links to various documents substantiating this rationale. </span></p>
<p dir="ltr" style="text-align: justify; "><span>We were provided an effective answer to our second question as well. ICANN’s response links us to various documents for the 2001, 2006 and 2012 renewals of Verisign’s contract for the .com domain. This includes a summary of the 2012 renewal, public comments for all three renewals and the proposed agreements. <br /></span></p>
<p dir="ltr" style="text-align: justify; "><span>For the .net domain, a presumptive renewal clause was not included in the 2001 Verisign contract which opened up the process to select an operator in 2005. ICANN chose to continue its relationship with Verisign and included the clause. The documents relevant to the 2011 renewal of the contracts have been provided. <br /></span></p>
<p dir="ltr" style="text-align: justify; "><span>After Verisign relinquished its rights over the .org domain in 2001, ICANN chose the Public Internet Society (PIR) to operate the domain. While there was no presumptive renewal clause in 2002, documents relevant to the 2006 and 2013 renewals have been provided. <br /></span></p>
<p dir="ltr" style="text-align: justify; "><span><span id="docs-internal-guid-eb2fe452-396c-6d45-90fa-277d2dbd8c48">ICANN's response to our DIDP request may be found </span><a href="https://www.icann.org/en/system/files/files/didp-20151130-2-cis-response-30dec15-en.pdf"><span>here</span></a><span>.</span></span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-20-is-presumptive-renewal-of-verisign2019s-contracts-a-good-thing'>https://cis-india.org/internet-governance/blog/didp-request-20-is-presumptive-renewal-of-verisign2019s-contracts-a-good-thing</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-30T02:01:59ZBlog EntryDIDP Request #19 - ICANN’s role in the Postponement of the IANA Transition
https://cis-india.org/internet-governance/blog/didp-request-19-icann2019s-role-in-the-postponement-of-the-iana-transition
<b>In March 2014, the National Telecommunications and Information Agency (NTIA) of the United States government announced plans to shift the Internet Assigned Names and Numbers (IANA) functions from ICANN to the global multistakeholder community. The initial deadline set for this was September 2015.</b>
<p style="text-align: justify; "><a class="external-link" href="https://www.ntia.doc.gov/press-release/2014/ntia-announces-intent-transition-key-internet-domain-name-functions">See NTIA announcement here</a>.</p>
<hr />
<p style="text-align: justify; ">In August 2015, NTIA announced that it would not be technically possible to meet this deadline and extended it by a year. NTIA stated,</p>
<p style="text-align: justify; "><span id="docs-internal-guid-816516c5-3775-475c-1f2f-cfde97e46a00">“<i>Accordingly, in May we asked the groups developing the transition documents how long it would take to finish and implement their proposals. After factoring in time for public comment, U.S. Government evaluation and implementation of the proposals, the community estimated it could take until at least September 2016 to <a class="external-link" href="https://www.ntia.doc.gov/blog/2015/update-iana-transition">complete this process</a></i>.”</span></p>
<p dir="ltr" id="docs-internal-guid-816516c5-3780-2a3c-fb9f-381a3585fb5b" style="text-align: justify; "><span><span id="docs-internal-guid-816516c5-377f-e490-8578-5857613384b7">In our DIDP request, we asked ICANN for all documents that it had submitted to NTIA that were relevant to the IANA transition and its postponement from the date of the initial announcement— March 14, 2015 to the date of the announcement of extension — August 17, 2015. We specifically requested the documents requested by NTIA in May 2015 as referenced by </span><a href="https://www.ntia.doc.gov/blog/2015/update-iana-transition"><span>this</span></a><span> blogpost. </span></span></p>
<p dir="ltr" style="text-align: justify; "><span>The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-20151130-1-cis-request-30nov15-en.pdf"><span>here</span></a><span>. </span></p>
<h3 style="text-align: justify; "><span>What ICANN said</span></h3>
<p style="text-align: justify; "><span>ICANN’s response terms our request as “broadly worded” and assumes that our request is only related to documents about the extension of the deadline. It was not. <br /></span></p>
<p style="text-align: justify; "><span>After NTIA’s announcement in 2014, ICANN launched a multi-stakeholder process and discussion at ICANN 49 in Singapore to facilitate the transition. The organizational structure of this process has been mapped out according to the different IANA functions that are being transitioned. Accordingly, we have the:</span></p>
<ul style="text-align: justify; ">
<li><span>IANA Stewardship Transition Coordination Group (ICG)</span></li>
<li>Cross Community Working Group (CWG-Stewardship)</li>
<li>Consolidated RIR IANA Stewardship Proposal Team (CRISP TEAM)</li>
<li>IANAPLAN Working Group (IANAPLAN WG)</li>
<li>Cross-Community Working</li>
<li>Group (CCWG-Accountability) </li>
</ul>
<p style="text-align: justify; ">In addressing our request, ICANN references this multi-stakeholder community overseeing the transition. According to the response document, the ICG, CWG-Stewardship, CRISP Team, IANAPLAN WG and the CCWG-Accountability submitted responses directly to the NTIA leaving the ICANN with no documents responsive to our request.</p>
<p dir="ltr" id="docs-internal-guid-816516c5-3782-ddb4-6000-3aee1459369a" style="text-align: justify; "><span>ICANN's response to our DIDP request may be found </span><a href="https://www.icann.org/en/system/files/files/didp-20151130-1-cis-response-30dec15-en.pdf"><span>here</span></a><span>. </span></p>
<p style="text-align: justify; "> </p>
<p style="text-align: justify; "><span><br /></span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-19-icann2019s-role-in-the-postponement-of-the-iana-transition'>https://cis-india.org/internet-governance/blog/didp-request-19-icann2019s-role-in-the-postponement-of-the-iana-transition</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-29T16:37:04ZBlog EntryDIDP Request #18 - ICANN’s Internal Website will Stay Internal
https://cis-india.org/internet-governance/blog/didp-request-18-icann2019s-internal-website-will-stay-internal
<b>ICANN maintains an internal website accessible to staff and employees. We requested ICANN to provide us with a document with the contents of that website in the interest of transparency and accountability.</b>
<p style="text-align: justify; "><span id="docs-internal-guid-6ae20cf4-3723-9313-1ca4-571610febfac">The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-request-20150901-6-01sep15-en.pdf"><span>here</span></a><span>. To no one’s surprise, not only did ICANN not have this document in “ICANN's possession, custody, or control,” even if it did it would be subject to <a class="external-link" href="https://www.icann.org/resources/pages/didp-2012-02-25-en">DIDP conditions for non-disclosure</a>.</span></p>
<p style="text-align: justify; "><span><span id="docs-internal-guid-6ae20cf4-3724-8d54-05ca-866fe5bc62b5">ICANN's response to our DIDP request may be found </span><a href="https://www.icann.org/en/system/files/files/didp-response-20150901-6-cis-wiki-01oct15-en.pdf"><span>here</span></a><span>.</span></span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-18-icann2019s-internal-website-will-stay-internal'>https://cis-india.org/internet-governance/blog/didp-request-18-icann2019s-internal-website-will-stay-internal</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-29T14:53:50ZBlog EntryDIDP Request #17 - How ICANN Chooses their Contractual Compliance Auditors
https://cis-india.org/internet-governance/blog/didp-request-17-how-icann-chooses-their-contractual-compliance-auditors
<b>At a congressional hearing on internet governance and progress, then President of ICANN Fadi Chehadi indicated that the number of people working on compliance audits grew substantially—from 6 to 24 (we misquoted it as 25)— in the span of a few years.</b>
<p style="text-align: justify; "><span id="docs-internal-guid-88ef1d6f-3472-3cd6-bf11-e5bb7d2ea6a9">It is clear to us at CIS that the people in charge of these compliance audits perform an important function at ICANN. To that effect, we requested information on the 24 individuals mentioned by Mr Chehadi as well as the third party auditors who perform this powerful watchdog function. More specifically, we requested documents calling for appointments of the auditors and copies of their contracts with ICANN.</span></p>
<p style="text-align: justify; "><span><span id="docs-internal-guid-88ef1d6f-3472-5ef2-432a-dbb3e446057d">The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-request-20150901-5-01sep15-en.pdf"><span>here</span></a><span>.</span></span></p>
<h3 style="text-align: justify; "><span><span>What ICANN said</span></span></h3>
<p dir="ltr" id="docs-internal-guid-88ef1d6f-3472-81e4-8a58-7815de9e725d" style="text-align: justify; "><span>In their response to the first part of our question, ICANN linked us to a webpage containing the names and titles of all employees working on contractual compliance. This page contains 26 names including the Contractual Compliance Risk and Audit Manager: </span><a href="https://www.icann.org/resources/pages/about-2014-10-10-en"><span>https://www.icann.org/resources/pages/about-2014-10-10-en</span></a></p>
<p dir="ltr" id="docs-internal-guid-88ef1d6f-3472-cda1-dd73-6b12b9aa1fc5" style="text-align: justify; "><span>ICANN also described the process of selecting KPMG as their third party auditor in detail. A pre-selection process shortlists 5 companies that fit the following criteria: knowledge of ICANN, global presence, size, expertise and reputation. Then, ICANN issues a targeted Request For Proposal (RFP) to these companies asking them for their audit proposals. After a question and answer session, a proposal analysis and rating the scorecards, a “cross-functional steering committee” decided to go with KPMG. While the process has been discussed transparently, our questions remain unanswered.</span></p>
<p dir="ltr" id="docs-internal-guid-88ef1d6f-3473-0cee-aa58-9889a6de22eb" style="text-align: justify; "><span>The RFP would qualify as the document requested by us in the second part of the question (i.e.) a “document that calls for appointments to the post of the contractual compliance auditor.” Unfortunately, ICANN has not published the RFP citing the DIDP Conditions for Non-disclosure. However, the timeline for the RFP and other details have been posted </span><a href="https://www.icann.org/resources/pages/governance/rfps-en"><span>here</span></a><span> after our DIDP request. In addition, the contract between KPMG and ICANN has also not been published. </span></p>
<p dir="ltr" id="docs-internal-guid-88ef1d6f-3473-2c8e-1679-7191963f7ad9" style="text-align: justify; "><span>ICANN's response to our DIDP request may be found </span><a href="https://www.icann.org/en/system/files/files/didp-response-20150901-5-cis-auditor-appt-01oct15-en.pdf"><span>here</span></a><span>. </span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-17-how-icann-chooses-their-contractual-compliance-auditors'>https://cis-india.org/internet-governance/blog/didp-request-17-how-icann-chooses-their-contractual-compliance-auditors</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-29T02:20:59ZBlog EntryDIDP Request #16 - ICANN has no Documentation on Registrars’ “Abuse Contacts”
https://cis-india.org/internet-governance/blog/didp-request-16-icann-has-no-documentation-on-registrars2019-201cabuse-contacts201d
<b>Registrars on contract with ICANN are required to maintain an “abuse contact” - a 24/7 dedicated phone line and e-mail address to receive reports of abuse regarding the registered names sponsored by the registrar.</b>
<p style="text-align: justify; ">We wrote to ICANN requesting information on these abuse complaints received by registrars over the last year. We specifically wanted reports of illegal activity on the internet submitted to these abuse contacts as well as details on actions taken by registrars in response to these complaints.</p>
<p style="text-align: justify; "><span id="docs-internal-guid-9b05b54d-3465-1c5e-3830-7af0d8e37b19">The request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-request-20150901-4-01sep15-en.pdf"><span>here</span></a><span>.</span></p>
<h3 style="text-align: justify; "><span>What ICANN said</span></h3>
<p style="text-align: justify; "><span>Our request to ICANN very specifically dealt with reported illegal activities. However, in their response, ICANN first broadened it to abuse complaints and then failed to give a narrowed down list of even those complaints.</span></p>
<p style="text-align: justify; "><span>In their response, ICANN indicated that they do not store records of complaints made to the abuse contact. This is stored by the registrars and is available to ICANN only upon request. However, since ICANN is only obliged to publish documents it already has in its possession, we did not receive an answer to our first question. </span></p>
<p style="text-align: justify; "><span><span id="docs-internal-guid-9b05b54d-3467-44df-1aed-bbe876d6dc71">As for the second item, ICANN gave a familiarly vague answer, linking us to the</span><a href="https://www.icann.org/compliance/notices"><span> Contractual Compliance Complaints</span></a><span> page with a list of all the breach notices that have been issued by ICANN to registrars. A breach notice is relevant to our request only if it is in response to an abuse complaint, and the abuse complaint specifically deals with illegal activity. Even discounting that, this is not a comprehensive list when you take into account that a breach notice is published only “if a </span><span>formal contractual compliance enforcement process has been initiated </span><span>relating to an abuse complaint and resulted in a breach.”<a href="#ftn1">[1] </a>What about the rest of the complaints received by the registrar?</span></span></p>
<p style="text-align: justify; "><span><span>In addition, ICANN refused to publish any communication or documentation of ICANN requesting reports of illegal activity under the DIDP non-disclosure conditions. <br /></span></span></p>
<p style="text-align: justify; "><span><span><span id="docs-internal-guid-9b05b54d-3469-bdb4-1603-805eb7dc6a97">ICANN's response to our DIDP request may be found </span><a href="https://www.icann.org/en/system/files/files/didp-response-20150901-4-cis-abuse-complaints-01oct15-en.pdf"><span>here</span></a><span>.</span></span></span></p>
<hr />
<p dir="ltr" id="docs-internal-guid-9b05b54d-346a-e343-097c-9bedf6f32f17"><a name="ftn1">[1] </a><span>See ICANN response here (Pg 4): https://www.icann.org/en/system/files/files/didp-response-20150901-4-cis-abuse-complaints-01oct15-en.pdf</span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-16-icann-has-no-documentation-on-registrars2019-201cabuse-contacts201d'>https://cis-india.org/internet-governance/blog/didp-request-16-icann-has-no-documentation-on-registrars2019-201cabuse-contacts201d</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-29T02:11:52ZBlog EntryDIDP Request #15: What is going on between Verisign and ICANN?
https://cis-india.org/internet-governance/blog/didp-request-15-what-is-going-on-between-verisign-and-icann
<b>During a hearing of the House Committee on Energy and Commerce on “Internet Governance Progress After ICANN 53,” President and CEO of ICANN - Mr Fadi Chehade indicated that ICANN follows up with registries and registrars on receipt of any complaint against them about violations of their contract with ICANN.</b>
<p style="text-align: justify; ">At CIS, we believe that any exchange of dialogue or any outcome from ICANN acting on these complaints needs to be in the public domain. Thus, our 15th DIDP request to ICANN were for documents pertinent to Verisign’s contractual compliance and actions taken by ICANN stemming from any discrepancies of Verisign’s compliance with its ICANN contract.</p>
<p style="text-align: justify; "><span id="docs-internal-guid-f679a3d5-345d-67c5-6d95-690f07d56d1f">The DIDP request filed by Padmini Baruah can be found </span><a href="https://www.icann.org/en/system/files/files/didp-request-20150901-3-01sep15-en.pdf"><span>here</span></a><span>.</span></p>
<h3 style="text-align: justify; "><span>What ICANN said</span></h3>
<p style="text-align: justify; "><span>After sorting through a response designed to obfuscate information, it was clear that ICANN was not going to provide any of the details we requested. As mentioned in their previous responses, individual audit reports and the names of the registries associated with discrepancies are confidential under the DIDP Defined Conditions of Nondisclosure. Nevertheless, some details from the response are worth mentioning.</span></p>
<p style="text-align: justify; "><span>According to the response, “As identified in Appendix B of the 2012 Contractual Compliance Year One Audit Program Report, the following TLDs were selected for auditing: DotAsia Organisation Limited (.ASIA), Telnic Limited (.TEL), Public Interest Registry (.ORG), Verisign (.NET), Afilias (.INFO), and Employ Media LLC (.JOBS).” The response goes on to state that out of these 6 registries that were selected, only 5 chose to participate in the audit, the identies of which are once again confidential. </span></p>
<p style="text-align: justify; "><span>However, on further examination, it can be seen that Verisign (.NET) was chosen to participate in the audit the year after as well. Therefore, it’s clear that 2013 was the year Verisign was audited. Unfortunately, that was pretty much all that was relevant to our request in ICANN’s response.</span></p>
<p style="text-align: justify; "><span>Once again, ICANN was able to use the DIDP Defined Conditions of Nondisclosure, especially the following conditions to allow itself the ability not to answer the public: <br /></span></p>
<ul style="text-align: justify; ">
<li><span>Information exchanged, prepared for, or derived from the deliberative and decision-making process between ICANN, its constituents, and/or other entities with which ICANN cooperates that, if disclosed, would or would be likely to compromise the integrity of the deliberative and decision-making process between and among ICANN, its constituents, and/or other entities with which ICANN cooperates by inhibiting the candid exchange of ideas and communications.</span><span> </span></li>
<li><span>Information provided to ICANN by a party that, if disclosed, would or would be likely to materially prejudice the commercial interests, financial interests, and/or competitive position of such party or was provided to ICANN pursuant to a nondisclosure agreement or nondisclosure provision within an agreement.</span><span> </span></li>
<li><span>Confidential business information and/or internal policies and procedures.<a href="#ftn1">[1]</a></span><span> <br /></span></li>
</ul>
<p style="text-align: justify; "><span id="docs-internal-guid-f679a3d5-345f-fcdf-ba09-26b6f74477d8">ICANN’s response to our request can be found </span><a href="https://www.icann.org/en/system/files/files/didp-response-20150901-3-cis-contractual-violations-verisign-01oct15-en.pdf"><span>here</span></a><span>.</span></p>
<hr style="text-align: justify; " />
<p style="text-align: justify; "><a name="ftn1">[1] </a><span id="docs-internal-guid-f679a3d5-3461-1364-7277-525329280407">See DIDP https://www.icann.org/resources/pages/didp-2012-02-25-en</span></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-15-what-is-going-on-between-verisign-and-icann'>https://cis-india.org/internet-governance/blog/didp-request-15-what-is-going-on-between-verisign-and-icann</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-29T02:01:06ZBlog EntryDIDP Request #14: Keeping track of ICANN’s contracted parties: Registrars
https://cis-india.org/internet-governance/blog/didp-request-14-keeping-track-of-icann2019s-contracted-parties-registrars
<b>In September 2016, we filed two separate DIDP requests regarding ICANN’s Contractual Compliance Goals.</b>
<p><span id="docs-internal-guid-bf51bf89-322e-256d-7606-417c64dfd392">The first one which we have written about here,</span><a href="#ftn1">[1] </a>was regarding ICANN contracts with registries while the second one about registrars is briefed below. In our second request, we specifically asked for the following information:</p>
<ol>
<li>Copies of the registrar contractual compliance audit reports for all the audits carried out as well as external audit reports from the last year (2014-2015).</li>
<li>A generic template of the notice served by ICANN before conducting such an audit.</li>
<li>A list of the registrars to whom such notices were served in the last year.</li>
<li>An account of the expenditure incurred by ICANN in carrying out the audit process.</li>
<li>A list of the registrars that did not respond to the notice within a reasonable period of time.</li>
<li>Reports of the site visits conducted by ICANN to ascertain compliance.</li>
<li>Documents which identify the registrars who had committed material discrepancies in the terms of the contract.</li>
<li>Documents pertaining to the actions taken in the event that there was found to be some form of contractual non-compliance.</li>
<li>A copy of the registrar self-assessment form which is to be submitted to ICANN. </li>
</ol>
<p>The DIDP request filed by Padmini Baruah can be viewed here.</p>
<h3>What ICANN said</h3>
<p><span id="docs-internal-guid-bf51bf89-3234-6693-c084-c898ecb92ff6">Information pertinent to item 1 and 3 can be found in the 2014 Contractual Compliance Annual Report here:https://</span><a href="http://www.icann.org/en/system/files/files/annual-2014-13feb15-en.pdf"><span>www.icann.org/en/system/files/files/annual-2014-13feb15-en.pdf</span></a><span>. While this report contains detailed information regarding the audit, individual audit reports are subject to the DIDP Defined Conditions for Nondisclosure.</span></p>
<p style="text-align: justify; "><span><span id="docs-internal-guid-bf51bf89-3234-d617-f932-ee71027bdaf6">ICANN provided a link to all the communication templates used during the audit process, including the notice served by ICANN prior to conducting audits. (Item 2) It can be found here:</span><a href="https://www.icann.org/en/system/files/files/audit-communication-template-04dec15-en.pdf"><span> </span><span>https://www.icann.org/en/system/files/files/audit-communication-template-04dec15-en.pdf</span></a><span>. As mentioned in an earlier blog post, ICANN set aside USD 0.6 million for the Three Year Audit plan.<a href="#ftn2">[2] </a>(item 4)</span></span></p>
<p style="text-align: justify; "><span><span>According to the Audit FAQ on ICANN website,<a href="#ftn3">[3]</a> <span id="docs-internal-guid-bf51bf89-323a-156a-af6f-d315baa30ccd">“If a contracted party reaches the enforcement phase per process, ICANN will issue a notice of breach in which the outstanding issues are noted. The response links us to the ICANN webpage where these breach notices are listed:</span><a href="https://www.icann.org/compliance/notices#notices-2014"><span> </span><span>https://www.icann.org/compliance/notices#notices-2014</span></a><span>. (Item 5) According to the link, 61 registrars received breach notices in 2014; a full explanation has been provided for each notice. (Item 7 and 8) Since no site visits were conducted, ICANN does not possess any document regarding this.</span></span></span></p>
<p style="text-align: justify; "><span><span><span><span>According to the ICANN website, “The 2013 Registrar Accreditation Agreement (RAA) requires ICANN-accredited registrars to complete an annual self-assessment and provide ICANN with a compliance certification by 20 January.”<a href="#ftn4">[4] </a><span id="docs-internal-guid-bf51bf89-3244-56d6-a94a-37347d37616b">The form for the same can be found here: </span><a href="https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en#compliance"><span>https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en#compliance</span></a></span></span></span></span></p>
<p style="text-align: justify; "><span><span><span><span><span><span id="docs-internal-guid-bf51bf89-3244-91f8-830f-b40c5a82d02a">ICANN’s response to our request can be found </span><a href="https://www.icann.org/en/system/files/files/didp-response-20150901-1-response-20150901-2-cis-ry-rr-audits-01oct15-en.pdf"><span>here</span></a><span>.</span></span></span></span></span></span></p>
<hr />
<p><a name="ftn1">[1] </a><span id="docs-internal-guid-bf51bf89-3258-80b4-c7aa-aea9801aceac">To be linked to the first post</span></p>
<p><a name="ftn2">[2] </a><span id="docs-internal-guid-bf51bf89-3258-28cd-a693-d1605b22ce9e">See FY15 budget (pg72): </span><a href="https://www.icann.org/en/system/files/files/adopted-opplan-budget-fy15-01dec14-en.pdf"><span>https://www.icann.org/en/system/files/files/adopted-opplan-budget-fy15-01dec14-en.pdf</span></a></p>
<p><a name="ftn3">[3] </a><span id="docs-internal-guid-bf51bf89-3257-ded2-6793-607c741261a7">See Audit FAQ: https://www.icann.org/resources/pages/faqs-2012-10-31-en</span></p>
<p><a name="ftn4">[4] </a>See CEO certification: https://www.icann.org/resources/pages/ceo-certification-2014-01-29-en</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/didp-request-14-keeping-track-of-icann2019s-contracted-parties-registrars'>https://cis-india.org/internet-governance/blog/didp-request-14-keeping-track-of-icann2019s-contracted-parties-registrars</a>
</p>
No publisherasvathaICANNDIDPInternet Governance2016-07-28T16:34:27ZBlog Entry