Studies indicate malicious actors are disproportionately using cheap new gTLDs, though overall registrations have fallen 20% over the last year.
Since ICANN began the delegations of the first new generic Top-Level Domains (gTLDs) in October 2013, the web has become somewhat more messy, as the number of TLDs has increased to more than 1,200. While the first new gTLDs to be delegated ostensibly do add value—many of them are internationalized TLDs, such as شبكة, which means "web" or "network" in Arabic, or みんな, which is Japanese for "everyone"—the gTLD program has drawn criticism for creating consumer confusion, and being a burden on trademark owners to defensively register domain names to protect their brands across various new TLDs.
There is definitely blame to go around. It is easy to blame ICANN for their stewardship of the program, as they have approved confusingly similar gTLDs such as .review and .reviews, which could easily cause confusion. ICANN's management of practically anything raises criticism—the group is facing scrutiny for being very late in developing a plan for GDPR compliance. That said, a significant portion of the criticism of this industry squarely belongs to the registries themselves.
I first covered this topic in March 2016, to the ire of new gTLD registry Donuts, which attempted to silence criticism of this industry by stating, in part, that "The debate about whether new gTLDs are valuable is over." While the original article serves as an introduction to problems with new gTLDs, including ICANN founding chairman Esther Dyson's argument against gTLDs, the existence of nearly identical gTLDs, and ridiculous things such as rebecca.blackfriday, some developments have occurred since then.
Last year, a group of researchers at the Delft University of Technology and SIDN Labs in The Netherlands found (PDF link) that there are "higher concentrations of compromised domains in legacy gTLDs" but that "miscreants frequently choose to maliciously register domain names using one of the new gTLDs." The number of spam domains per 10,000 for new gTLDs was nearly 10 times that of standard gTLDs like .com. However, not all new gTLDs are a problem, as approximately one-third of new gTLDs had zero reported incidents of spam. But, according to the researchers, "Spamhaus blacklisted at least 10% of all 24 registered domains in as many as 15 new gTLDs at the end of 2016."
Similarly, in March 2018, Symantec published their annual list of the "Top 20 Shady TLDs," which calculates the ratio of "domains and subdomains ending in this TLD which are rated in our database with a 'shady' category, divided by the total number of database entries ending in this TLD." Symantec's findings indicate that .country is the most shady gTLD, at 99.94%, with .stream, .download, .xin, and .gdn rounding out the top five.
New gTLDs are becoming less popular, as registrations have fallen precipitously over the last year. Verisign's recently released Q1 2018 Domain Name Industry Brief indicates that new gTLDs represent only 6%, or 20.2 million, of the total of registered TLDs. The report indicates that active registrations of new gTLDs "decreased by approximately 5.3 million domain name registrations, or 20.7 percent, year over year." Of the top 10 most used new gTLDs, four were listed in Symantec's Top 20 list. Meanwhile, registrations overall increased by 3.2 million, year over year.
SEE: Intellectual property: A new challenge in the cloud (Tech Pro Research)
For those who would take issue with Verisign—the registry operating .com and .net—as a source for information about new (and ostensibly competing) gTLDs, it is important to remember that their report cites the Centralized Zone Data Service and Zooknic. The claims made are also supported by nTLDStats, which reports 29,213,890 new gTLDs registered as of April 1, 2017, and 23,219,360 one year later, indicating a 20.5% decrease, year over year. The decrease in registrations appears to be continuing, as the active registrations as of June 14, 2018 totaled 22,688,470.
Similarly, according to nTLDStats, it is interesting to note that 37.57% of new gTLD registrations are in China. Despite the overall downward trend in new gTLD use, from January 1, 2017, the number of new gTLD registrations originating in China has increased by 7 million.
.sucks, and the problem of defensive registration
Perhaps no other new gTLD has created as much controversy as .sucks, which generated a lot of press when the name was delegated by ICANN. In 2015, ICANN asked for investigations by the FTC and Canada's Office of Consumer Affairs, in which they noted a concern that the business model of Vox Populi, the Cayman Islands based registry behind the new gTLD, was "predatory, exploitative and coercive."
Part of the reason for that is Vox Populi's business model charges a premium for brands. While arbitrary registrations are $199, the Wall Street Journal noted in 2015 that brand owners are being charged $2499, though that rate has now fallen to $2000.
Michael Adams, co-leader of Global Brand Management & Internet at Mayer Brown, noted that "This differentiated pricing based on the value of a brand is viewed as out right extortion by brand holders. While many did proceed with an initial registration, the number of brand participants was much lower than traditional defensive registrations and the renewals of such registrations are declining."
Adams does make a compelling point. Despite the press that .sucks generated when registrations opened, the registry appears to have peaked last July with just over 10,000 domains. As of June 15th, the number of .sucks domains had shrunk to 8,083, with a further 429 (5.30%) of domains in the PendingDelete or RedemptionPeriod status.
Adams also indicated that had Vox Populi "proceeded in a less egregious manner by charging $200 for every registration, defensive or otherwise, I believe they would have ultimately made more money through a higher number of defensive registrations at the outset as well as far more renewals. I suspect future registries offering such services may prove to be a little more restrained in their pricing and the optics it can create."
Christina Beavis, the COO of Vox Populi, gave a very different impression in an interview with TechRepublic. Beavis indicated that "I think brands are beginning to really understand the value of owning .sucks, and actually using the .sucks domains, I think that sentiment has changed."
The example she provided (which is the same as the featured example on the registrar page of .sucks) is of Apple:
"I think the best example of that is Apple. Apple forwards their apple.sucks domain, to their product feedback page. So, they're saying to you, if you think that we suck, we want you to tell us what we can do to fix it. ...That's really our goal, that's what we are here for, we're not here to make brands buy their name and protect it, we're here to bring value to the brand, and help them own their shit by giving them a platform where they can address consumer feedback."
Beavis also indicated that .sucks does not—as part of their agreement with ICANN—allow bullying, pornography, or parked pages to be used on .sucks. Of note, nTLDStats indicates that 6,217 domains—just over three quarters of all .sucks domains—are parked. It's unclear what methodology that website uses, though Beavis defined parking as registering websites for pay-per-click advertising. It seems likely that Apple's use of .sucks, as a redirect, is being counted as a parked domain in this case.
According to Beavis, defensive registrations by companies trying to control the narrative are not essential. In the interview, she said that ultimately "If someone has something to say, they're going to say it."
That said, in a wider view of the new gTLD market, defensive registrations may be somewhat depressed by alternative protection services. Donuts offers a mass brand protection program, which allows trademark holders to block one exact match plus three misspells, across Donuts' portfolio of 239 domain names, for 10 years. While Donuts' website does not specify the price, Com Laude indicates the price as $9,999.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
- Registrations of new gTLDs fell by 20% year over year in Q1 2018, while registrations of all TLDs increased by 3.2 million.
- Researchers found that the number of spam domains per 10,000 for new gTLDs was nearly 10 times that of standard gTLDs like .com.
- Digital transformation: An IT pro's guide (free PDF) (TechRepublic)
- DNS is about to get into a world of trouble with GDPR (ZDNet)
- GDPR: A cheat sheet (TechRepublic)
- Federal Court slaps Domain Name company with AU$1.95m scamming fine (ZDNet)
- Google's .app domains offer built-in security for developers and tech pros (TechRepublic)
- Say hello to .google and other branded internet addresses (CNET)