Expanding Internet Domains
Come January, the Internet Corporation for Assigned Names and Numbers plans to allow businesses, nonprofits and others to apply for their own “top-level domain” with their own online suffix, like the familiar .com and .org suffixes that now rule the Internet.
ICANN, the nonprofit that manages the Internet’s address system, says increasing the number of top-level domains will ease crowding and create opportunities for businesses to connect with consumers. For instance, Canon plans to buy .canon to put its Web sites in one spot and the American Bankers Association is reportedly considering .bank, where banks could offer secure online banking.
But a plethora of new suffixes is just as likely to cause confusion for consumers and enable malefactors to use the new arenas for deception. ICANN expects 500 to 1,000 applications in next year’s 90-day application window. Before it approves any of them, it needs to slow down and put in place better safeguards against consumer fraud.
The expansion of top domains could be costly for businesses, which might have to buy new domains (ICANN is charging $185,000 per application) to protect their brands from fraudsters making money by squatting on brands. The Web is full of sites that masquerade as legitimate companies to sell pirated goods or steal consumers’ financial information. Fraudsters avoid detection by registering their sites using proxy services and false identities. The administrators of the online address system — ICANN, the registries that operate suffixes like VeriSign, and agents like GoDaddy that sell Internet addresses to the public — are doing a terrible job curbing fraud. A recent Icann report acknowledged that the system to identify Web site owners “is broken and needs to be repaired.”
Icann says it will increase security in the new domains, including thorough background checks of all applicants. There will be a clearinghouse for owners of trademarks, who would get first dibs on domains connected to their brand. If anybody but the Coca-Cola Company applied for .coke, he or she would have to prove a legitimate, non-infringing reason to run it. And there would be a “rapid takedown” procedure to close infringing domains.
But companies will still have to spend a lot on defense, registering domains to avoid squatting on their brands and keeping an eye out for potentially infringing Web sites across hundreds of new suffixes. And Icann’s current inability to deal with abusive domain name registrations undermines confidence in its ability to address the risks of this vast expansion.
The Federal Trade Commission is rightly urging ICANN to require that registries and registrars be able to verify the identity of owners of all domains that have a commercial purpose, and to impose meaningful penalties for those who break the rules. There is no pressing need to create hundreds of new suffixes next year. It would be far better for ICANN to start with a pilot program to work out problems before expanding the system.