Please note: we have discontinued our Safeguard Policies and Policy Engine services. See the official announcement for more information.
IFFOR has designed a set of specific policies to encompass the six safeguards that ICANN's Governmental Advisory Committee (GAC) has said should apply to all new gTLDs.
Many of these policies are familiar to IFFOR since they represent GAC thinking on Internet registry responsibilities first developed in response to ICM Registry (IFFOR acts as ICM Registry's independent policy body).
In response to government concerns, IFFOR created a set of high-level "baseline policies" that were accepted by both ICANN and the GAC as representative of the work that the registry would carry out in meeting those concerns.
We have revised and enhanced those policies to provide the same level of confidence for new gTLD safeguards and will license those policies for a low annual fee so that all registries may benefit from IFFOR's work, and the registry market as a whole can benefit from a single, broad set of policies.
We believe this approach solves a number of significant issues:
- It provides applicants with a simple, swift and low-cost answer to government concerns
- It answers government calls for new safeguards
- It builds on a contractual solution that has already been shown to work within the ICANN system
- It removes the need and cost for applicants to develop their own policies
- It keeps the new gTLD program on track
By aiming at a broad base, IFFOR is able to offer these policies, as well as supporting information and an ongoing policy information service, for a low annual fee.
What do these policies look like?
They are high-level policies that demonstrate a clear commitment to provide the safeguards that the GAC has requested.
They are not prescriptive: they do not tell registries how to implement the policies, in what way, through which provider or using which means. Different systems will work better for different registries.
The policies will come with supporting information from IFFOR based on our experience with existing baseline policies and ICM Registry, including the registry's launch and first-year renewal. That supporting information will provide insight and background as well as recommendations and caveats so that registries have a good foundation of knowledge from which to implement the policies.
As part of the annual license fee, IFFOR will also provide periodic updates on policy issues that may impact the Internet registry market, for example: legislative efforts regarding privacy, piracy, or verification; growing industry consensus on particular issues; new challenges; and so on.
Can the policies be subsequently changed?
They can, although we view that as unlikely given their broad nature in this case.
However if there was a broad consensus that a policy needed to be amended or expanded, IFFOR would run it through its formal policy development process which aligns relatively closely to ICANN's PDP and in which all licensees would have a voice.
How would a registry implement these policies?
That is entirely up to the registry. IFFOR does have some experience in implementing and auditing registry policies and we will be offering those services to applicants in their lead up to launch, but it would be up to an individual applicant whether they choose to go with IFFOR or another third-party, or use an internal team, for their implementation needs.
The supporting information provided with the safeguard policies license should enable registry operators to make informed, intelligent decisions about what steps they need to take in implementation.
What advantages does licensing IFFOR's policies provide me as an applicant/registry operator?
IFFOR already has the expertise and experience in producing and auditing registry policies. We are a well-developed team comprising 15 people and are focused solely on this market.
The cost for an applicant to develop safeguard policies will almost certainly be several times the cost of an IFFOR license. Not to mention the costs associated with periodically reviewing those policies. Keeping up to date with related issues both within the market and externally can cost anywhere from a few thousand to a few hundred thousand dollars a year. IFFOR can provide that entire service in one small annual fee.
Since IFFOR is an independent organization focused on this market, applicants will also benefit from having a trusted third party looking at these issues in depth.
How confident are you that your policies will meet GAC safeguard advice?
Very confident. We administer the policies that resolved a long and often difficult process between ICANN, the GAC, and ICM Registry.
The creation of an Internet registry solely for adult content related websites was controversial – certainly more controversial than the vast majority of the new gTLD applications. And yet more than two years after approval there have been no complaints from the GAC, and our policies have even been held up in the US Congress as a model from which new gTLDs could benefit.
What are the six safeguards that the GAC has requested apply to all new gTLDs?
- WHOIS verification and checks
- Mitigating abusive activity
- Security checks
- Making and Handling Complaints
How do you see the contractual oversight aspect of these policies working?
We feel that the model adopted by IFFOR, ICANN and ICM Registry presents an excellent model for balancing self-regulation with effective compliance.
No party wishes to be unduly burdened, no one party should have undue control over another but at the same time it is important for each party to be incentivized to act in the overall best interests of the Internet.
In broad, the set-up that IFFOR enjoys with ICANN and ICM Registry is the following:
- IFFOR devises and revises the policies that ICM Registry obligates all its registrants to follow
- IFFOR works closely with ICM Registry in auditing both its compliance efforts and its compliance systems for ensuring that those policies are followed by registrants
- IFFOR provides ICM Registry with periodic reports on its level of compliance and compliance efforts
- Key elements of those reports are passed on to ICANN by ICM Registry
This approach enables IFFOR to work with ICM Registry in improving its systems, while providing ICANN with periodic updates on progress. Only if there is a problem, reported first to ICM Registry by IFFOR, does ICANN need to become involved. It is then up to ICM Registry and ICANN to resolve the issue.
This pragmatic, low-cost and self-regulatory approach is in keeping with the Internet industry, and provides for light-touch contractual oversight.
How does IFFOR propose dealing with the "making and handling complaints" safeguard?
IFFOR has an Ombudsman and provides ombuds services to anyone that feels IFFOR policies have been broken.
We are confident that that service can scale to deal with other registries, although our supporting information should provide applicants with sufficient information to look for their own ombuds services on the open market.
What about pricing, the license terms, the other GAC safeguards…?
Please visit our Safeguard Policies FAQ for answers to these and other questions.