ICANN oversees the creation of many contracts. Its highest paid contractor has historically been the law firm of Jones Day, and of course ICANN has many lawyers on staff. In the past I've identified loopholes in proposed contracts, and those were corrected before they were exploited.
However, are there other loopholes sitting in existing contracts waiting to be exploited, or ambiguities with major financial consequences depending on their interpretation?
While doing some background research for some comments on a story by Mike Berkens of TheDomains.com concerning IFFOR, the non-profit that receives $10 per .XXX domain name, I looked at the Sponsoring Organization Agreement which ICANN had posted in August 2010. Paragraph 1 states that ICM agrees to:
Pay to IFFOR the sum of US$10 per resolving registration in the .xxx sTLD per year (or, in the event of a price change of the regular wholesale price to registrars from US$60 per resolving registration, a sum of no less than 15% of the regular wholesale price) for IFFOR to develop policies in furtherance of the Policy Goals, to administer the Grants Program, and to provide ombudsman, labeling, and monitoring services in accordance with and as detailed in this Agreement
This section seems straightforward, but is it? Consider the following:
1. If ICM Registry dropped the wholesale price from $60/domain per year to $59.99 (or raised it to $60.01), it would allow them to reduce the payment to IFFOR from $10/domain per year, to $9/domain per year. By lowering the price to registrars by a penny, they'd get back a dollar in savings on payouts to IFFOR. On 100,000+ domain names, that's a significant annual savings for ICM Registry. Over 10 years, that's a 7-figure cumulative savings, that goes straight to their bottom line. This "loophole" existed because the $10 was 16.67% of $60 price, not 15%, and thus there's an elegant arbitrage opportunity that could be immediately exploited by ICM, simply by making a minor adjustment to the wholesale price. If one wanted to be aggressive, one could conceivably try to make that change retroactively (i.e. going back to the launch date of the registry).
2. What is a "resolving registration"? ICM has boasted about having more than 250,000 .xxx domains under management, however a large number of those were paid defensive blocking registrations (in the sunrise period, names like verizon.xxx). There are also a large number of domain names that the registry reserved without payment, for example names of politicians, celebrities, or ICANN staff (e.g. BarackObama.xxx, DonaldTrump.xxx and RodBeckstrom.xxx). Here's where things get interesting — unlike other registries where reserved domains don't resolve (e.g. g.com doesn't resolve, and is reserved because it's a 1-character domain in the .com TLD), ICM has created a parked page for all their reserved domains (paid sunrise defensive blocking registrations, and unpaid reserved names), and has been doing so since they launched). All parked domains resolve in the DNS, and one might argue are resolving registrations. These reserved domains each have a WHOIS record and are thus arguably "registrations", and definitely resolve. Since there might be roughly 100,000 or more of these kinds of names, ICM might be on the hook for a 7-figure annual payout to IFFOR, if they owed $10 for each of those domain names per year. Since IFFOR has yet to make public their financial statements, it's unclear what ICM has actually paid them. Obviously if ICM had to pay out that amount (and wasn't already paying IFFOR for these resolving reserved domains), they'd immediately stop those names from resolving. But, critics of ICM and ICANN (e.g. Manwin) could definitely have a field day over whether a 7-figure payout was due for past reserved registrations that ICM had allowed to resolve, and whether ICM had met its obligations to IFFOR.
Strictly speaking, the above is a contract between ICM and IFFOR, but ICANN had some oversight when it was created, and should have spotted these issues before they took effect.
In conclusion, ICANN needs to do a much better job in examining contracts for loopholes and ambiguous language, especially given the huge financial consequences of errors. If each new gTLD operator is allowed to create custom contracts with ICANN, the opportunities for even more loopholes to slip through the cracks will multiply.
By George Kirikos, President, Leap of Faith Financial Services Inc.
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Neustar DNS Services
Minds + Machines
Neustar DDoS Protection