The Governmental Advisory Committee (GAC) of the Internet Corporation for Assigned Names and Numbers (ICANN) met in Beijing during the week of 4 April 2013.
Sixty-one (61) GAC Members participated in the meetings and (8) Observers.
The GAC has reached consensus on GAC Objection Advice according to Module 3.1 part I of the Applicant Guidebook on the following applications:
The application for .africa (Application number 1-1165-42560)
The application for .gcc (application number: 1-1936-2101)
The GAC recognizes that Religious terms are sensitive issues.
Some GAC members have raised sensitivities on the applications that relate to Islamic terms, specifically .islam and .halal.
The GAC members concerned have noted that the applications for .islam and .halal lack community involvement and support. It is the view of these GAC members that these applications should not proceed.
Safeguard Advice for New gTLDs
To reinforce existing processes for raising and addressing concerns the GAC is providing safeguard advice to apply to broad categories of strings:
Consumer Protection, Sensitive Strings, and Regulated Markets:
The GAC Advises the ICANN Board:
Strings that are linked to regulated or professional sectors should operate in a way that is consistent with applicable laws.
These strings are likely to invoke a level of implied trust from consumers, and carry higher levels of risk associated with consumer harm.
The following safeguards should apply to strings that are related to these sectors:
Registry operators will include in its acceptable use policy that registrants comply with all applicable laws, including those that relate to privacy, data collection, consumer protection (including in relation to misleading and deceptive conduct), fair lending, debt collection, organic farming, disclosure of data, and financial disclosures.
Registry operators will require registrars at the time of registration to notify registrants of this requirement.
Registry operators will require that registrants who collect and maintain sensitive health and financial data implement reasonable and appropriate security measures commensurate with the offering of those services, as defined by applicable law and recognized industry standards.
Establish a working relationship with the relevant regulatory, or industry self-regulatory, bodies, including developing a strategy to mitigate as much as possible the risks of fraudulent, and other illegal, activities.
Registrants must be required by the registry operators to notify to them a single point of contact which must be kept up-to-date, for the notification of complaints or reports of registration abuse, as well as the contact details of the relevant regulatory, or industry self-regulatory, bodies in their main place of business.
In the current round the GAC has identified the following non-exhaustive list of strings that the above safeguards should apply to:
.kid, .kids, .kinder, .game, .games, .juegos, .play, .school, .schule, .toys
.earth, .eco, .green, .bio, .organic
Health and Fitness:
.care, .diet, .fit, .fitness, .health, .healthcare, .heart, .hiv, .hospital,, .med, .medical
.organic, .pharmacy, .rehab, .surgery, .clinic, .healthy (IDN Chinese equivalent), .dental
.dentist .doctor, .dds, .physio
.capital, . cash, .cashbackbonus, .broker, .brokers, .claims, .exchange, .finance, .financial, .fianancialaid, .forex, .fund, .investments, .lease, .loan, .loans, .market, . markets, .money, .pay, .payu, .retirement, .save, .trading, .autoinsurance, .bank, .banque, .carinsurance, .credit, .creditcard, .creditunion,.insurance, .insure, ira, .lifeinsurance, .mortgage, .mutualfunds, .mutuelle, .netbank, .reit, .tax, .travelersinsurance, .vermogensberater, .vermogensberatung and .vesicherung.
.bet, .bingo, .lotto, .poker, and .spreadbetting, .casino
.care, .gives, .giving, .charity (and IDN Chinese equivalent)
.degree, .mba, .university
.audio, .book (and IDN equivalent), .broadway, .film, .game, .games, .juegos, .movie, .music, .software, .song, .tunes, .fashion (and IDN equivalent), .video, .app, .art, .author, .band, .beats, .cloud (and IDN equivalent), .data, .design, .digital, .download, .entertainment, .fan, .fans, .free, .gratis, .discount, .sale, .hiphop, .media, .news, .online, .pictures, .radio, .rip, .show, .theater, .theatre, .tour, .tours, .tvs, .video, .zip
.abogado, .accountant, .accountants, .architect, .associates, .attorney, .broker, .brokers, .cpa, .doctor, .dentist, .dds, .engineer, .lawyer, .legal, .realtor, .realty, .vet
.corp, .gmbh, .inc, .limited, .llc, .llp, .ltda, .ltd, .sarl, .srl, .sal
Generic Geographic Terms:
.town, .city, .capital .reise, .reisen .weather .engineering .law
Inherently Governmental Functions
.army, .navy, .airforce
In addition, applicants for the following strings should develop clear policies and processes to minimize the risk of cyber bullying/harassment:
.fail, .gripe, .sucks, .wtf
The GAC further advises the Board:
In addition, some of the above strings may require further targeted safeguards, to address specific risks, and to bring registry policies in line with arrangements in place offline.
In particular, a limited subset of the above strings are associated with market sectors which have clear and/or regulated entry requirements (such as: financial, gambling, professional services, environmental, health and fitness, corporate identifiers, and charity) in multiple jurisdictions, and the additional safeguards below should apply to some of the strings in those sectors:
At the time of registration, the registry operator must verify and validate the registrants’ authorizations, charters, licenses and/or other related credentials for participation in that sector.
In case of doubt with regard to the authenticity of licenses or credentials, Registry Operators should consult with relevant national supervisory authorities, or their equivalents.
The registry operator must conduct periodic post-registration checks to ensure registrants’ validity and compliance with the above requirements in order to ensure they continue to conform to appropriate regulations and licensing requirements and generally conduct their activities in the interests of the consumers they serve.
Restricted Registration Policies The GAC advises the ICANN Board:
As an exception to the general rule that the gTLD domain name space is operated in an open manner registration may be restricted, in particular for strings mentioned under category 1 above.
In these cases, the registration restrictions should be appropriate for the types of risks associated with the TLD. The registry operator should administer access in these kinds of registries in a transparent way that does not give an undue preference to any registrars or registrants, including itself, and shall not subject registrars or registrants to an undue disadvantage.
For strings representing generic terms, exclusive registry access should serve a public interest goal.
In the current round, the GAC has identified the following non-exhaustive list of strings that it considers to be generic terms, where the applicant is currently proposing to provide exclusive registry access
.antivirus, .app, .autoinsurance, .baby, .beauty, .blog, .book, .broker, .carinsurance, .cars, .cloud, .courses, .cpa, .cruise, .data, .dvr, .financialaid, .flowers, .food, .game, .grocery, .hair, .hotel, .hotels .insurance, .jewelry, .mail, .makeup, .map, .mobile, .motorcycles, .movie, .music, .news, .phone, .salon, .search, .shop, .show, .skin, .song, .store, .tennis, .theater, .theatre, .tires, .tunes, .video, .watches, .weather, .yachts,
.クラウド <[cloud], .ストア [store], .[sale], ファッション [fashion], .家電 [consumer electronics], .<手表 [watches], .書籍 [book], .珠宝 [jewelry], .通販 [online shopping], .食品 <[food]
Strings for Further GAC Consideration
In addition to this safeguard advice, that GAC has identified certain gTLD strings where further GAC consideration may be warranted, including at the GAC meetings to be held in Durban.
Consequently, the GAC advises the ICANN Board to: not proceed beyond Initial Evaluation with the following strings :
.shenzhen (IDN in Chinese), .persiangulf, .guangzhou (IDN in Chinese), .amazon (and IDNs in Japanese and Chinese), .patagonia, .date, .spa, . yun, .thai, .zulu, .wine, .vin
Singular and plural versions of the same string as a TLD
The GAC believes that singular and plural versions of the string as a TLD could lead to potential consumer confusion.
Therefore the GAC advises the ICANN Board to:
Reconsider its decision to allow singular and plural versions of the same strings.
Protections for Intergovernmental Organizations, The GAC stresses that the IGOs perform an important global public mission with public funds, they are the creations of government under international law, and their names and acronyms warrant special protection in an expanded DNS. Such protection, which the GAC has previously advised, should be a priority.
This recognizes that IGOs are in an objectively different category to other rights holders, warranting special protection by ICANN in the DNS, while also preserving sufficient flexibility for workable implementation.
The GAC is mindful of outstanding implementation issues and commits to actively working with IGOs, the Board, and ICANN Staff to find a workable and timely way forward.
Pending the resolution of these implementation issues, the GAC reiterates its advice to the ICANN Board that:
]appropriate preventative initial protection for the IGO names and acronyms on the provided list be in place before any new gTLDs would launch.
Registrar Accreditation Agreement (RAA)
The GAC appreciates the improvements to the RAA that incorporate the 2009 GAC-Law Enforcement Recommendations.
The GAC is also pleased with the progress on providing verification and improving accuracy of registrant data and supports continuing efforts to identify preventative mechanisms that help deter criminal or other illegal activity. Furthermore the GAC urges all stakeholders to accelerate the implementation of accreditation programs for privacy and proxy services for WHOIS.
Safeguards on New gTLDs
The GAC considers that Safeguards should apply to broad categories of strings. For clarity, this means any application for a relevant string in the current or future rounds, in all languages applied for.
The GAC advises the Board that all safeguards highlighted in this document as well as any other safeguard requested by the ICANN Board and/or implemented by the new gTLD registry and registrars should be implemented in a manner that is fully respectful of human rights and fundamental freedoms as enshrined in international and, as appropriate, regional declarations, conventions, treaties and other legal instruments – including, but not limited to, the UN Universal Declaration of Human Rights, respect all substantive and procedural laws under the applicable jurisdictions and be operated in an open manner consistent with general principles of openness and non-discrimination.
Safeguards Applicable to all New gTLDs
The GAC Advises that the following six safeguards should apply to all new gTLDs and be subject to contractual oversight.
Registry operators will conduct checks on a statistically significant basis to identify registrations in its gTLD with deliberately false, inaccurate or incomplete WHOIS data at least twice a year. Registry operators will weight the sample towards registrars with the highest percentages of deliberately false, inaccurate or incomplete records in the previous checks. Registry operators will notify the relevant registrar of any inaccurate or incomplete records identified during the checks, triggering the registrar’s obligation to solicit accurate and complete information from the registrant.
While respecting privacy and confidentiality, Registry operators will periodically conduct a technical analysis to assess whether domains in its gTLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. If Registry operator identifies security risks that pose an actual risk of harm, Registry operator will notify the relevant registrar and, if the registrar does not take immediate action, suspend the domain name until the matter is resolved. <
Registry operators will maintain statistical reports that provide the number of inaccurate WHOIS records or security threats identified and actions taken as a result of its periodic WHOIS and security checks. Registry operators will maintain these reports for the agreed contracted period and provide them to ICANN upon request in connection with contractual obligations.
Making and Handling Complaints
Registry operators will ensure that there is a mechanism for making complaints to the registry operator that the WHOIS information is inaccurate or that the domain name registration is being used to facilitate or promote malware, operation of botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law.
Consistent with applicable law and any related procedures, registry operators shall ensure that there are real and immediate consequences for the demonstrated provision of false WHOIS information and violations of the requirement that the domain name should not be used in breach of applicable law; these consequences should include suspension of the domain name.