Re: [ga] Investigation of Possible Contract Breach in .eu Landrush

["Richard Henderson" <richardhenderson@xxxxxxxxxxxx>]

Chris, Bob, members of the GNSO, and Eurid staff,

My primary concern is that, under the terms of EUROPEAN COMMISSION REGULATION NO 733/2002 of 22 April 2002, Article 4e, and also EUROPEAN COMMISSION REGULATION NO 874/2004 of 28 April 2004, "Accreditation of registrars should be carried out by the Registry following a procedure that ensures fair and open competition between Registrars."

I put it to Eurid, and will also put it to the Communications Committee established by Article 22 (1) of Directive 2002/21/EC set up to oversee Eurid's performance and report to the Commission, that "fair" competition was not ensured, because Eurid's arrangements disadvantaged a large number of registrars by allowing "multiple outlets" to afford certain "parent" companies extra places in the first-come-first-served queues... in some cases, 100's of extra places, whereby they were able to acquire popular domain names which would otherwise have been available to individual registrars who did not attempt to "game" the system and only had one place in the queue. Moreover, I believe Eurid made it possible for some people to gain "unfair" advantage by drafting accreditation procedures which enabled 100's of temporary registrars to be set up and reclaim their accreditation fee of 10000 Euros once they had served their purpose and terminated their contracts with Eurid. Although money would be deducted from this accreditation fee for registrations, any such money would of course be recouped (with profit) from registrants, so - in effect - it cost nothing to become a registrar for the sole purpose of obtaining extra places in the .eu queues. Therefore I believe that Eurid were in breach of Article 4e. They failed to "ensure" that there was "fair" competition between registrars. Many registrars were disadvantaged.

I specifically warned Eurid that this could happen, back in July 2005.

With regard to companies that created "shell" registrars, I am asking Eurid to consider that many of their registrations may have been in contract of EC regulations and Eurid's own rules.

Under the terms of EUROPEAN COMMISSION REGULATION NO 874/2004: 

4. "Registrars should only accept applications for the registration of domain names filed after their accreditation." - As many of these accredited registrars (for example those created for a Canadian company) were only accredited at the last moment, I find it highly unlikely that the applications from Registrants took place in accordance with European Commission regulations. Indeed, the parent company were taking applications months before its "additional" registrars were accredited.

Article 5: "A registrar who receives more than one registration request for the same name shall forward those requests to the Registry in the chronological order in which they were received." - it is well-publicised that parent companies have been selling .eu domains in auctions to the highest bidder from a group of applicants *after* the domain was registered. This would appear to be in breach of the EC regulation that the domain must go to the person who applied first.



Turning to EURID's own "Domain Name Registration Terms and Conditions" which are binding on registrants and registrars (and published on the EURID website), a valid "Application" is defined as "a complete, technically correct request for a domain name registration submitted to the Registry, which complies with all the requirements provided for in the Registration Guidelines." This must include, as stated in Section 4, that "all information provided to the Registry during the domain name registration process is true, complete and accurate."



According to EURID's "Registration Policy" Section 5 (ii): "through a Registrar, the Registrant must provide the Registry with... an address and country within the community" Furthermore, the application for a registration should include the Registrant's name. I am fairly clear, even from the simple logic that many domain names were not initially distributed but kept back for "auction", that a significant number of domains were *NOT* registered with the required details, and indeed could not be, since the Registrants were not to be those who legally should have been "first to apply" but unknown entities who would later bid the highest. Therefore I believe that these "shell registrar" multiple outlets not only resulted in "unfair" distribution of names to the loss of other registrants, but may also have been in breach of EURID's own rules requiring a "technically correct request for a domain name registration" complying "with all the requirements provided".



I believe EURID's accreditation and launch policies resulted in abuse of their own rules and of the European Commission regulations.



Turning to the EURID "Registrar Agreement", each accredited registrar was obliged to have an active website to be in compliance with Article 15:6 of this agreement. And according to Article 2.4 each accredited registrar was also required to make terms and conditions available - "if the registrar fails to provide such services in one or more of the indicated languages. such failure will constitute a material breach of this Agreement."



I am of the view that in scores if not hundreds of cases, there were no complying websites - and besides, any such websites with required services would have been irrelevant to the applicants who had applied for .eu names through the 'parent' company months before these 100's of registrars had ever been accredited.



In the context of these very late accreditations (and many missing websites), Article 4 of the Registrar Agreement with Eurid is particularly interesting: "The Registrar must guarantee that the Holder has accepted the registration agreement applicable when the application is made." Now if the "parent" company argues that it provided the terms of the registration agreement *before* its "shell" registrar was accredited, then it's in breach of the rules, because the application and agreement was not allowed to take place until *after* accreditation... and if it claims that somehow, mysteriously, amazingly, the customer did indeed apply in the last moments through these never-seen-before registrars, then where are the websites, and where is the interface, and why were these 100's of registrars serving a parent company which had the actual interface?



I believe, in reality, these 100's of "shell" registrars are in breach of Article 4 (and other rules) because not only did the Registrants fail to accept agreements through their websites... they didn't even apply through these registrars at all.



And indeed, not only that, but in various cases, the Registrant was not even known at the time of registration *because the auction for the name hadn't yet taken place*!



Article 4 also states: "During the Registration process, the Registrar will always submit (including but not limited to any submission in the WHOIS database) the data of the end user who made the initial request for the registration of the domain name(s) concerned and not its own data."



In many cases - and specifically in the case of names auctioned later to multiple applicants - this clearly did not happen.



I call on EURID to respond to me, and to the wider Internet community, and EURID's response will form part of my correspondence to the European Commission's Communications Committee.



I also invite correspondence from any registrars who feel that they have been disadvantaged by these processes.



Yours sincerely,



Richard Henderson

www.atlarge.org



  ----- Original Message ----- 
  From: kidsearch 
  To: Richard Henderson ; EURid 
  Cc: General Assembly of the DNSO 
  Sent: Monday, April 17, 2006 2:34 PM
  Subject: Re: [ga] Investigation of Possible Contract Breach in .eu Landrush


  Their reply has been that they are not responsible for anything that happened and as long as the lately accredited registrars were legal, then they don't intend to do anything.

  Hopefully, your thoughtful letter will get them to look at it once again, but I get the idea they don't really care who got the domain names as long as profit was made.

  Chris McElroy AKA NameCritic (Who doesn't want any dot EU domains)
  http://wwww.blogs.pn

    ----- Original Message ----- 
    From: Richard Henderson 
    To: EURid 
    Cc: General Assembly of the DNSO 
    Sent: Monday, April 17, 2006 4:25 AM
    Subject: [ga] Investigation of Possible Contract Breach in .eu Landrush


    Dear Sir, Madam,

    I am writing to ask what action (if any) Eurid intends to take about Landrush registrations in breach of Eurid's contractual terms?

    I am referring to the use of several hundred registrars who were accredited at the last moment, seemingly set up to gain "extra" submissions to your 'round-robin' queue in the Landrush, but also apparently operated by a 'parent' company in charge of many registrars.

    I flagged up this problem at the ICANN meeting back in 2004 (see the last 3 lines of my article and the main article itself here: http://www.icann.org/meetings/capetown/icann-domainnames-workshop-doc1-01dec04.htm ).

    I also received this assurance from Eurid in July 2005: 

    "The accredited register must forward to EURid only those applications he received after accreditation, and he must do so on a first-come-first-served basis. Auctioning with the domain name is definitely not allowed. Not complying with the regulation and as well as the agreement is a breach of contract."

    "On a similar note, we don't allow reselling."

    "The end consumer should at at any time know who is responsible for what and who would be the accredited registrar. This should be made clear at all times and should be explicitly mentioned in the agreement with the end consumer."

    If any of these shell registrars were set up for Pool or eNom or similar 'parent' company and accredited at the last moment, it is worth noting that the majority of applications would have been received *before* accreditation (because Pool for example was inviting applications months ago).

    I also note that "auctioning is not allowed" and I note that Pool is using an "auction" model. What is Eurid's position on this?

    Finally, I don't see how the end consumer can know in advance which "shell registrar" will be their "registrar" if they apply through a 'parent' registrar. Therefore, Eurid's statement that the end consumer should know who the registrar is seems problematical.

    I am a long-term member of ICANN At Large and regularly participate on worldwide ICANN meetings. I was previously instrumental in bringing the .info launch fiasco to light, resulting in the re-run of the launch in Landrush 2.

    I would appreciate a response and an indication of Eurid's intentions with regard to any breaches of contract over "auctioning" of .eu domains, pre-registration of names prior to accreditation, and use of parent companies for applications which are then 'passed on' to whichever subsidiary registrar managed to pick up the name in the Landrush. After I have received fair clarification from Eurid, I intend to raise these issues with the European Commission.

    I thank you for your assistance in this enquiry.

    Yours,

    Richard Henderson
    www.atlarge.org