The .ORG Divide: Associations and the Future of How We Use the Internet

“I think nonprofits need to understand regardless of whether you have a policy or advocacy mission or not, you are the gatekeeper of your community. And that means you need to be part of this.” – Amy Sample Ward

We’ve talked about the fight for control over .ORG before, but now the folks in Davos are talking about .ORG, regulators are asking more questions, and NPR covered the issue with an interview asking many of these same questions. A protest at ICANN headquarters over the issue is scheduled for Friday, January 24. What happens next? And what do association leaders still need to understand about the future of the internet and .ORG for associations?

On this episode of Association Chat, we break it all down for you!

https://youtu.be/hxlKq9zMpnE

• What is the concern all about?
• What is the CCOR trying to do?
• What can be done to try to block the sale?
• Can everything just go back to the way it was?
• How do data privacy and GDPR compliance play into all of this?
• What is ICANN’s role?

More about the guests:

Jacob Malthouse (@jacobmalthouse). Jacob is a SaveDotOrg advisor, dot-eco domain founder, Former UNEP & ICANN. Jacob Malthouse is co-founder of the .ECO domain. In 2007, he conceived of .ECO as an Internet domain run by the global environmental community for the greater good. 

Jacob then fundraised seven figures in capital from impact investors to support an eight year effort to create .ECO. .ECO now has over 4,000 members in more than 120 countries around the world. Flagship members include Tesla, Google and Patagonia. 

Uniquely, the rights to .ECO are shared with a coalition of environmental groups including WWF, Greenpeace, IUCN and the United Nations. 

.ECO is the only domain that requires commitment and reporting to the sustainable development goals from all registered users. 

Amy Sample Ward (@amyrsward). Amy is NTEN’s CEO and former membership director. Her prior experience in direct service, policy, philanthropy, and capacity-building organizations has also fueled her aspirations to create meaningful, inclusive, and compassionate community engagement and educational opportunities for all organizations. 

Amy is a frequent conference presenter and keynote speaker, guest on podcasts such as Nonprofit Radio, and contributing author for Stanford Social Innovation Review, Fast Company and other publications.

Her co-authored book, Social Change Anytime Everywhere, was a Terry McAdam Book Award finalist in 2013.

Bill Woodcock (@woodyatpch). Bill is the executive director of Packet Clearing House and part of a group of Internet pioneers and philanthropists who filed incorporation papers for the Cooperative Corporation of .ORG Registrants (also called CCOR) in California as a non-profit under cooperative corporation law. This The Cooperative explicitly pledges support for the open Internet community. This is one alternative being offered rather than Ethos Capital’s bid.

Packet Clearing House is the international non-governmental organization that builds and supports critical Internet infrastructure, including Internet exchange points and the core of the domain name system. Since entering the Internet industry in 1985, Bill has helped establish more than two hundred Internet exchange points. 

In 1989, Bill developed the anycast routing technique that now protects the domain name system. In 1998 he was one of the principal drivers of California 17538.4, the world’s first anti-spam legislation. Bill was principal author of the Multicast DNS and Operator Requirements of Infrastructure Management Methods IETF drafts. 

In 2002 he co-founded INOC-DBA, the security-coordination hotline system that interconnects the network operations centers of more than three thousand ISPs around the world. And in 2007, Bill was one of the two international liaisons deployed by NSP-Sec to the Estonian CERT during the Russian cyber-attack. In 2011, Bill authored the first survey of Internet interconnection agreements, as input to the OECD’s analysis of the Internet economy. 

Now, Bill’s work focuses principally on the security and economic stability of critical Internet infrastructure.

---

Transcript [posted 2020.01.27]

---

• All right, and we’re recording. So okay, welcome to Association Chat, an ongoing online discussion for the association community that’s been happening for over 10 years. We’re working on 11 years now! Association Chat is where we warm ourselves by the virtual fire with the topics of the day, welcoming thought leaders and trailblazers alike to join up in this online home for the community. I’m the host for Associate Chat, KiKi L’Italien. And if you have been paying attention to what’s happening with the Association community’s domain of choice lately, .org, then you know that there are some questions about the sale of .org, or really the control over .org, by a young private equity firm called Ethos Capital.
• Currently the domain is owned by Internet Society, a Virginia based nonprofit that was established by, or that established, excuse me, the Public Interest Registry, or PIR, that manages the .org domain. Oh my gosh, you guys, this proposed acquisition by Ethos Capital for more than $1 billion was announced in late November. And let me tell you, there has been dissent and more dissent and more dissent. And some voices of dissent have risen up with concerns over price raising, surveillance, online censorship, many other things. Oh, goodness. Today, as these concerns have grown, the petitions and movement have been born. And in fact, a letter was released Wednesday in Davos, where world and business leaders gathered for the annual World Economic Forum conference. And a few of those louder voices who are working on addressing this concern are here with me today. And so I wanted to go ahead and do an introduction.
• So, Amy Sample Ward is NTEN CEO. NTEN is one of those organizations leading the charge with SaveDotOrg. Amy has overseen some of the earliest public conversations between the Internet Society, PIR and Ethos Capital so that the rest of the nonprofit community might learn more about this deal and be able to ask questions.
• Bill Woodcock, Bill is the executive director of Packet Clearing House and part of the group of internet pioneers and philanthropists who filed incorporation papers and officially formed the Cooperative Corporation of .org Registrants, CCOR, much easier to say, as a nonprofit pledging support for the open internet community. And this is one of the alternatives being offered rather than Ethos Capital’s bid, I can say it.
• Okay, and then we have Jacob Malthouse. Jacob is a SaveDotOrg advisor. He’s a .ECO domain founder. He’s played big roles as a representative for the Internet Corporation for Assigned Names and Numbers, ICANN, you’ll hear their name thrown into this quite a bit. And he’s been reporting on this story from the very beginning. In fact, I have to say thank you Jacob, for some of your posts, which I personally was able to read a lot and learn a lot from. I’m finding out more about the domain and registry industry than I ever thought I would know. But that definitely informed me. So thank you all for joining me today.
• Yeah.
• All right, so let me go ahead and get started. Jacob, I’m so glad that you’re here because I want to actually start off with you, because you’ve been documenting this from the beginning.
• Sure.
• And so when people ask you to explain why this [the future of the .ORG] is such an important issue, what do you say?
• Yeah, it’s a great question. I mean, there are many analogies. I’ve compared it to the Queen selling Buckingham Palace to Airbnb. I’ve compared it to the loss of national parks like Yosemite. But I think the underlying premise behind those analogies is that people really view .org as a special place on the internet, sort of a signature architecture. And so to lose that architecture to an uncertain future feels to me like a step backwards. And especially at this time when there are many critical issues around governance, around democracy, around human rights all around the world, it feels like we need to be going in the opposite direction. And it also feels like it somehow rolls back on the values upon which the internet itself was originally created. And that for me, I think is challenging when we’re looking forward towards the internet that needs to be more resilient in the future.
• Yeah, it’s definitely concerning, because one of the arguments in the very beginning from Ethos Capital was that it was, it was coming in, it was going to sort of save .org, right? It was going to save it, not like SaveDotOrg like the campaign right now but that somehow .org was in decline, and that it couldn’t be kept up, and since then I’ve been reading a lot about how that actually isn’t the case. And so did someone want to speak to that a little bit?
• I can just take a quick pass at that. In the most literal sense, there are fewer registrants in .org this year than the year before and that year then the year before that. It’s been in very mild tapering off since 2016. But that’s not a problem, right? If you’re a .org registrant, you really don’t care how many other .org registrants there are. And if you’re a new nonprofit getting started, the fewer other registrants there are, the easier it is for you to find a domain name that suits you in .org. So a good successful domain name, TLD, doesn’t have to, sorry, top-level domain doesn’t have to be chock full of organizations. It needs to serve its population well. So in decline is failure by the terms of ISOC and its failure by the terms of Ethos, but it’s not failure in the terms of the nonprofit community.
• Thank you for clarifying that a little bit, because I know that it gets very technical very quickly when we’re having this discussion. And I think a lot of people sort of shut down as the conversation goes along. But when you get into real terms of what these things mean, and what the outcome can be, from something like this acquisition–
• KiKi, can I just build on what Bill was sharing? So just I assume we’re gonna have a conversation and it won’t be too formal anyway. So one piece that I think is getting pulled into all of this is that, yes, there may be these claims that it’s not successful because it’s not just teeming with new and new registrants all of the time, which to Bill’s point isn’t necessarily from the users’ perspective, right? That’s not a success metric that nonprofits are looking for. But now that it would potentially be owned by a private equity firm with a billion-dollar purchase they need to recoup, to do that may be to create a world where it is teeming with new registrants. And the way to do that wouldn’t be to preserve two ISOC and PIR success of the last 18 years what has been clearly deemed for nonprofits, right? They have successfully made it so that people all over the world, whether you work in a nonprofit or not associate .org websites as a do-good space, whether they’re a C3 or whatever else. That’s to their credit. And in order to get all of those new registrants, they would have to destroy that own perception. And that would really water down the registry and make it that much harder for nonprofits to rely on that validation that came with. They could be a totally unknown nonprofit, but people could find them when, say there’s a crisis at the border and all of a sudden, they’re the organization selected that people want to rally behind. Even though they’ve never heard of them before, they have a .org website, they can see the information there, they automatically trust them. And now we’d be entering a world where they’re intentionally destroying that brand.
• Yeah, actually, in my biggest dream, I would have SEOs as part of this discussion too to explain on their side, the kind of impact that this can have too because I mean this goes all across the board. It’s not, I think a lot of times people think that it’s just about when they go to renew their domain that maybe the price increases but it’s not even just that, right? It’s also the brand, protecting the brand of .org, of the trust that’s connected to it. And also to everyone who has a domain already, what are you going to do to protect that?
• I’ve always said that a domain name ending is a product that is marketing. The brand is absolutely critical and leveraging it by destroying it, as Amy said is really disappointing.
• So one of the things that has a lot of people outraged, but I’m not sure makes a huge difference one way or the other in the long term is that the way this was all set up was as a sort of revolving door thing by sort of the last set of executives at ICANN who put several things in motion, and then went out the revolving door, set up this new corporation, and started capitalizing on the policy changes they’ve made. And one of the changes that hasn’t gotten a lot of attention, there’s basically at least three changes that I know of. One was they took the three-year renewal period for the .org delegation, they upped it to 10 years. So this delegation wouldn’t be reexamined by ICANN for 10 years, which is a very, very long time in internet years. The second thing they did was they removed the price caps so that any price was fair game. And the third thing they did, and this is one that doesn’t get the attention is they removed the language that says that .org is for nonprofits, right? They sort of redefined or very quietly in as just another generic domain that anybody can register in. The question of whether they were enforcing whether anybody was enforcing that policy is a separate issue, right? But removing the language that even says that is obviously sort of a sign of where they’re intending to go.
• This news, so that was some of the biggest news that hit for me, this formation of the CCOR. I was like, wow, it’s kind of like that point in this story where there’s this unexpected twist. And it’s like, ooh, someone new in the game that is like–
• M. Night Shyamalan came along, there’s a co-op.
• And I’m like, wait, wait, what’s gonna happen now? So I was curious if you could clarify for folks listening more about what CCOR is proposing and why it would be different from oversight by Ethos Capital or even PIR.
• So basically this is an effort of nonprofits coming together to create an alternative that sets a bar of minimum adult behavior, right? So we’re not saying that we need to win this and become a TLD registry. What we’re saying is, look, we can throw together a solution in a few weeks that meets sort of minimum standards of reasonable behavior. And if we can do that, that means pretty much anybody else who is well-intentioned could do so as well. And if this flushes other proposals out of the woodwork, the last time .org was redelegated in 2002, there were 11 different consortia that came forward with proposals. And the one that received the most points in the evaluation was. We took a lot of legal advice about the corporate form that should be used, and obviously, a nonprofit but a regular corporation, a regular nonprofit corporation is what PIR was. It wasn’t maybe meeting all the IRS tests of multiple sources of support and so forth, but the point basically is that just being a nonprofit doesn’t guarantee good behavior, right? Whereas we have 400 years of common law that established the rules around cooperatives and the protections that a cooperative offers to its membership are far, far stronger than the protections that shareholders have in a corporation, right? You can’t proxy a vote, you can’t deprive someone of their vote. Everyone gets an equal vote. There’s no way to create different membership classes that have different voting weights or anything like that. You can’t deprive someone of their proprietary interest, like if somebody were to deregister their .org domain halfway through the year, they’d still be owed $2 back not four, right? But the important thing is none of this is subjective, none of this is at the discretion of the board of directors or the staff or anything. This is all hard and fast in law. So the single most important protection that a cooperative gives is the board of directors cannot change the articles, only the membership can change the articles by majority vote. With 10 and a half million members, CCOR is never gonna change its articles. So, the point of that is that if we write a purpose into the articles, if we write protection into the articles, as we have, we have an article that says and nothing else, right? The organization may not do anything, not explicitly listed here as a purpose. That’s just not gonna change. And this is a binding legal protection for every .org registrant. By comparison Ethos, and hypothetically other private equity bidders behind them, they haven’t proposed any binding legal commitment. So everything they’ve said is just talk. Everything they’ve said is argument by strong assertion. There is no proposed mechanism behind any of it. It’s just, hey, we’re rich, obviously, we can solve problems by throwing money at them which we–
• And we mean good, what does that mean? We’re going to make things better, what does that mean? And looking for the specifics, you don’t really see that. We do have a question here from David who says, what can be done to block the sale?
• So if you can think of it David, we’re trying.
• Amy, actually why don’t you, this would be a great transition into talking, a little bit segue into talking a little bit about what’s happening tomorrow.
• Sure, so David, if you haven’t already, I encourage you to go to savedotorg.org and add either your organization or your personal name onto the petition. There’s now over 700 organizations on board and over 22,000 signers. So tomorrow we’ll be moving the internet to the offline world and having a real-world protest outside of ICANN’s offices in LA. It should be a great time, I encourage everyone to come. Bill’s made T-shirts for the first 20 people that arrive and we’ve got signs, we’ve got some catchy chants. But ultimately, what we’re hoping to do tomorrow is make it really clear that even though, these issues may feel far away because so much is unknown and I think a lot of folks on the other side of the argument are trying to use the like, just trust us line, which doesn’t do a lot for me. But we’re trying to move this into the real world and make clear to ICANN, especially the ICANN board and staff leadership that it is not going away, that people do feel strongly about this, and that they have a responsibility to take action here. Because their own mission is to preserve these things and to ensure multistakeholder processes, to ensure that everyone is a part of this and none of that has happened. That’s their kind of sole responsibility here and is a very clear ask of them. I’m interested to see which staff or board or others will join us tomorrow. We have some early indication that there will be some conversations I will say between the two groups tomorrow. So I’m glad that media will be on hand to make that public record as it happens.
• Yeah, speaking of media, I listened to an interview, NPR interview the other day, it was very interesting where some of the questions that have been raised to Ethos Capital were raised again. Most of them I thought remained unanswered. But can any of you really sort of bring out why this concern, why, because I’ve been hearing a lot of pushback from some of the people that I’ve spoken to, and maybe this is because there wasn’t as much information in the very beginning. But some of the people I’ve spoken to have said who cares about domain anyway? What’s the concern? And these issues when we talk about security and when we talk about censorship, and these are the things that a lot of and especially internationally, people are really concerned. Could any of you actually speak to why people really need to be concerned about this, especially association executives?
• Jacob, do you wanna go? You haven’t had a chance.
• Yeah, sure. Well, I think there are two overarching points and then I’ll let the others come in. I think one of the big overarching points is that the world’s nonprofits have just bought a ticket on a roller coaster, and they have no idea what the roller coaster is, right? Private equity of all the various mechanisms for ownership is extremely risky. Ethos is on an unknown adventure to nobody knows where. And this is core nonprofit architecture, it’s used for emails, for websites, for fundraising. I mean, it’s as important to nonprofits as water is to fish, right? So we need to really think about whether everyone’s ready to go on that ride, whether it’s even necessary to take people on that ride. And I think one of the concerns that people have is that part of that ride involves giving up data. Everyone’s talking about data being the new oil. If Ethos is looking for their 10X, my humble view is that something in there has to do with the data of 10 million organizations and individuals that are on .org, and how that’s going to be leveraged in some way that is totally tangential, if not contrary to the mission of many of the nonprofits that are giving up that data. So I’ll turn it over to my colleagues as well.
• Excuse me. There’s sort of three legs to this stool. They’re starting $1.1 billion in the hole. And their cost of that money is $193 million a year, right? The interest that they have to pay on that. And so right now, there’s about 100 million a year in total revenue. But I saw PIR are spending 70 million of that on sales. So you’d think that that would mean 70 million could go towards the 193 million debt service. But actually, it’s only about 50 because there’s been a $28 million subsidy going from the nonprofit community to keep .org stable, as ISOC has taken a higher and higher percentage of profit out of it. And that nonprofit money can’t follow, ISOC is still notionally nonprofit, whereas Ethos is not. So we can’t take donor funds and use them to subsidize Ethos, which is a for-profit. So really all they’re left with is about 50 million towards this 193. That’s a big gap that they have to make up. $140 million a year in revenue that doesn’t exist right now from a shrinking pool of customers. So there are three things they can do. Number one is they can cost cut. Right now, there’s roughly $32 million a year going into operations. They have been floating sort of requests for proposals saying that their target price is 300,000. So that’s a 99% decrease in operational spending. If you look at the uptime of the .org domain, it’s the same as common net, it’s had zero downtime in the last 16 years. That’s a difficult thing to achieve. The way you achieve that is with big stacks of servers in 200 locations around the world. Those stacks of servers range anywhere from a couple of hundred thousand dollars to well, millions of dollars per location. You amortize that out over about five years replacement cycle and that’s where you get $32 million in operational expense. 16 years ago, it was about $11 million. So the growth over time in operational expense has not been ridiculous. By comparison, $300,000 is not enough to answer the phone 24/7, right? $300,000 does not hire you four shifts of people to answer the phone, much less operate anything. So how are they gonna do this? We don’t know. The only experience any of the people associated with Ethos have with domains is with these very small, what are called NGTLDs, hundred to a few thousand registrants in them and don’t get a lot of use, right? How many times have you seen a .plumbing domain or a .flowers domain, right? They exist, but it doesn’t take a massive infrastructure effort to support them. You can sort of do them on your machine at home if you don’t really care that much about downtime. And that’s the level of experience they’ve had. So that’s the cost-cutting. The second leg of the stool is increased prices. So one of the things they did in setting all this up was take the price caps off. The wholesale price of a .org domain has gone up from $6 to $9.93 cents over a period of some years. And now that cap is removed completely. The real issue here is not what will the price be? It’s whether they will figure out the workaround to do differential pricing, right? So, some little nonprofit or church or kids’ soccer club or whatever, their domain, the amount of money that can be extracted from them may not be that high, right? It might go from $10 to $40, or $60 has been surface advocating. But it’s not gonna go to thousands. But if you’re the UN, un.org, that could go into the tens of millions if they can figure out a way to do differential pricing. Right now, the contract with ICANN forbids the registry from doing differential pricing, but doesn’t forbid the registry from vertically integrating with a reseller that does differential pricing. That wouldn’t get them the renewals, but it would get them on any new domain. So it’s hard to know how the price increasing would go on. I don’t think the price increase is the big danger here. I think having, we’re estimating about three days a year of downtime for communications is a big deal. If you’re the World Bank, having your website and email offline three days a year is not great. If you’re the IATA, doing international air traffic control coordination, not so great to be offline three days. But the third leg of the stool is data collection. And that’s the really dangerous one, because the very role of nonprofits is serving society and serving often the people in society who are most at risk. Having all of that data about who is talking to each nonprofit, suddenly being a feed for sale is, this… In a sort of first do no harm way, we’ve got a problem if nonprofits can’t communicate with their constituencies without exposing those constituencies to identification and scrutiny and sale.
• Yeah, what kind of impact–
• Go ahead.
• How does GDPR figure into this? Because I know associations, we’ve all been worried about GDPR and then the data privacy laws that are coming from California and New York. How does that figure into what’s going on here?
• So we’re not speculating about what Ethos is doing, we’re observing what they’re doing. And they’re saying they’re not collecting data. That’s true, they’re not collecting data yet, because they haven’t got their hands on .org yet. But what they have bought are four other companies that exclusively exist to broker data. So they’ve built this pipeline for selling data. And now they’re trying to get .org to fill that pipeline so that they’ll have data to sell. Now, the activity that those four companies do is simply illegal in Europe, right? That is a crime. This is not speculation on our part, right? They say, oh no, we would never do that. Well, then why are you buying companies that do that, right? What does that even mean you wouldn’t do that if you are literally doing that? So GPDR says that you have a responsibility to know how the personal information that you handle is managed. You have to be able to give the user control over, excuse me, over that data. And, if every .org registrant and everyone they’re communicating with is suddenly the subject of the data collection and sale project, the .orgs then know that that data is outside their control. And they don’t have any contractual handle on it, and that puts them outside GDPR compliance.
• So potentially associations could be out of compliance by having their .org, right?
• Right, do they would have to move into a different domain. They would have to rebrand and do all the IT work to move out of .org in order to remain GDPR compliant.
• I just want to pause here while everyone takes a deep breath who just heard this, because for me, I’m telling you like the people I talk to, that’s huge. That’s a really big thing if you think about–
• I mean it’s thousands and thousands of dollars.
• At least, right?
• Right, all of your marketing, all of your collateral, all of the brand risk.
• Right, so Lauren Doctor, I see that you have a question. Todd, I’m going to get to your question too. For all, Lauren asked, for all the existing .org domains, what happens technically if this change occurs, would the company still be whatever .org? Answer is yes, but you may not as a nonprofit who–
• I mean I think that’s what’s so challenging, right? Is that there’s been no part of this process to inform the 10 and a half million .org registrants already, that this is potentially happening. There’s been no attempt to engage them, not even just to inform them, but actually engage them in what they would want to see happen. And because of that, there are many, many people all around the world who this could go through and they will literally never know anything about it until they get a notice that says they’re out of compliance or that they now owe more money or that their website has been shut down because there was a bogus claim that Disney had a copyright on something on their website, right?
• Right, I think this is so important because I guess the second week after this story broke about the .org acquisition, I posted a link to something. I’ll blame Jacob one of his posts or something. I probably posted it to something he wrote. But I posted a link to something and somebody, somebody wrote, we should pay more attention to what really counts for associations in response to what I posted. And I thought, I mean, I don’t know what, I don’t know what else to pay attention to more than this. This is important for people to pay attention to.
• Right, there’s no way your association is successful today, without having a website or online presence. You’re emailing your constituents, you’re sending letting them pay their membership dues through your website. All of those things are tied into this.
• Yeah, Todd asks, is it an acceptable outcome for things to just go back as they were? PIR, and I don’t know is it PIR or PIR? I can’t remember.
• They say PIR.
• Yeah, okay. So, PIR running .org with its relationship with ISOC, assuming that the capability to do a sale is removed. So could the genie go back in the bottle? Now that now that this has happened, is it possible that it could just go back to being the way that it was?
• I have a basic answer to that just quickly. I think one of the reasons we got into this mess is that if you actually look at the Internet Society bylaws, .org is not mentioned once. And a board of director, trustee of .org actually said on the mailing list, our sole obligation is to consider the best interests of Internet Society. And so effectively, despite running .org for almost 20 years and owning it, it never occurred to them that they had any duty to the people and organizations who are on .org. And to me, this is a not just a breach of trust in terms of just selling .org out of the blue, but in all of the years that they ran it, that it never occurred to them that they were responsible, and had a duty of trust and disclosure and transparency to these people. They just took the money and used it for whatever they wanted. There’s not a single nonprofit, major nonprofit on the Internet Society board. I can bet if there had been that this never would have happened. And so for me, there are severe breaches of governance at multiple levels that resulted in this issue. And I would find it very difficult, absent a very deep, long period of soul searching on Internet Society’s part for them to continue in this stewardship role. I do think, however, that they could at any point, say we’re out, we’re gonna stop the sale, we’re gonna hold a public consultation, do a Mia culpa and start to rebuild that trust. In fact, I think it would be a tremendous outcome for all the parties involved to say we’re listening, let’s take a step back, let’s talk about what the options are here. Just my perspective, I’ll turn it over to my colleague.
• I actually don’t agree that that’s possible. And here’s why. ISOC doesn’t have any concepts other than the .org domain. They’ve taken $700 million in revenue out of the domain while they’ve had it, and they haven’t saved any of it. They haven’t put that into an endowment or anything. They’ve just spent all–
• Wow, 700 million, I didn’t, so much money.
• It’s hard to imagine that much money.
• So the problem here is if they get sued, that’s the only asset that can be taken. And they have signed a contract with Ethos, saying that they and Ethos will make a good faith effort to conclude this contract. And if they back out, then Ethos will sue them. Ethos will spend–
• Maybe it’s not Ethos, maybe they’re there for the greater good, right? I don’t know. That’s what they say.
• Yes, but they also say trust us about every single thing.
• So the problem is right, if Ethos sues PIR, they will take the domain name, and they won’t pay for it. And ISOC gets no nest egg or whatever it is that they’re shooting for. So this is not really–
• They’re handcuffed. An outcome that . ‘Cause I think if they go that path, we just wind up with Ethos.
• Which is why, to loop it back to what we’re saying before, there is so much pressure on but also like, all of the responsibility and ability to take action here on ICANN. It is their purpose to step in here, not only to say this sale isn’t going forward, but it is clear that you are not a capable holder of this domain, and we are opening up a true multistakeholder process to establish who should be the new owner of this, right? To me, that’s really the only option that can play out here. If any of these groups as they say they do all the way down to their bylaws, at all different levels, have whatever community they serve actually centered in the process, right? How could this happen any other way if any of these folks have ever meant anything they said?
• Oh, go ahead, please.
• Oh, I just wanted to pick up on the Because that’s a keyword that is not used too much outside of internet governance. The internet is international in character. So, up until sometime in the 90s, it was mostly US. So it was basically US law that governed everything. All the institutions were incorporated in the US, so forth. But as it’s become international, there’s needed to become a governance mechanism for the internet that was transnational, that was not government-specific, right? The United Nations keeps trying to sort of, or the ITU, International Telecommunications Union would love to take over the internet. But this is not an outcome we’re looking for. So instead what we have is multistakeholder governance. And the principle of multistakeholder governance is that affected parties are notified of anything that affects them, and they’re given a role in the process, a decisive role in the process for deciding how the thing that affects them is going to play out. So neither of those things has happened here, right? .org registrants have not been notified that this is happening and they have not been given the decision making power over what will happen. So this is not multistakeholder governance. Multistakeholder governance is how the internet is governed. ICANN is supposed to be a multistakeholder organization, it is supposed to use multistakeholder governance for everything under its control. And this just hasn’t been happening. The issue here is that ICANN is kind of like the dog that always gets kicked, right? It’s a regulator, but it’s a non-governmental regulator, which means that it is subject to being sued. And so everyone who doesn’t like an outcome from an ICANN process sues ICANN over and over and over. And so over time what’s happened is ICANN’s legal department has stuck around and seen many changes of administration and board and so forth. But the legal department is there for the long haul, and their sole goal is to avoid getting sued. And that means that they completely abandon their regulatory responsibility, they completely abandon their public interest responsibility and they completely abandon multi stakeholders and just rely on contracts that they write that are as bland as possible, and make things as comfortable as possible for the people who are paying money to be in the process.
• It does seem like they’re really good at sort of like sliding by and saying what they need to to sort of get out of the way. And one of the first things, I dove into some subreddits to read all kinds of, digging for information–
• There’s a lot of rabbit holes you can go down–
• Oh man, if you guys, I mean anyone listening to this, if you want some conspiracy theories and stuff by I mean, I haven’t found aliens yet but I’m sure if I look hard enough, I will. But the “ICANN/I CAN’T” joke was like right there at the top as I started to go down. And one of the questions I think a lot of people would have is why can’t ICANN come in? I know that that’s what people are saying, step up and take ownership of basically dealing with this and making a decision here.
• Which is why I’m so focused on that because there, I mean, ICANN I can’t yes, but I think there’s also a lot of like hot potato between the board and the staff and the staff and the board and all the other committees, because then it’s someone else’s job. But at the end of the day, it is their job. The board has the power, has the responsibility. If you don’t want that responsibility, you shouldn’t have been on the board, but you have this responsibility and you need to maintain that these are the processes that have been established and committed to.
• Yeah.
• At the end of the day, ICANN is gonna get sued again, we know that. ICANN always gets sued, right? If they don’t live up to their responsibility of facilitating multistakeholder governance of the domain name system, there’s no more purpose for ICANN either, right? There’s no reason for us to be spending what, under $100, $80 million a year or whatever it costs us to keep ICANN going. There’s no reason to be spending all that money if they aren’t actually going to do the governance function that they’re there for, right?
• Right.
• They have this process, right? We know what the process looks like because the last time .org was redelegated, we went through this process, and it worked pretty well. It got us at least six or eight years of good stable governance of .org. And running that process again is what we expect. Allowing somebody to buy their way out of that process means that they’re buying their way out of the discipline of competition, they’re buying their way out of multistakeholder governance, they’re buying their way out of transparency. And it shouldn’t be possible for somebody to just throw money at it and have all the rules waived.
• Right, it does seem like this danger of, there’s so many dangers that are present, there’s so much risk that’s involved with moving forward with this that’s hard to comprehend, that so far, I mean, things just keep trucking toward this conclusion and it’s like, wait a second. And I think that the thing that is so interesting is the genie really has been let out of the bottle, that as nonprofits, non-governmental organizations around the world, that match between technology and trust and what is it that, how this governance of our technology need to happen in a different way for sure than it does with other things, how is it protected? How is it something where people can actually trust in what we’re presenting them? Now, one of the things I learned through this, I’d never considered why I trust .org more than other domains before. I just knew that in the association world, you have a .org and sometimes occasionally, what would come up is somebody would say, oh, this consultant who works with associations has a .org and, I wonder if that’s okay, I guess it is, anyone can get a .org and just that was the conversation. That’s as much thought as was really given to it. And then when this came out, a developer friend of mine said, who cares? Because domains don’t matter anyway, they’re interchangeable, anyone could get a .org, it doesn’t matter. And I thought, wow, wow, okay. People can get a .org but oh, my God, that seems so dangerous. And we do have people’s trust in that domain .org does, this study came out but–
• But I think, I mean you also see like companies even like Change.org, who is not actually a nonprofit. They have been called out for years about continuing to use that domain as both their name and their domain, their brand, because they are not a nonprofit. But they rely on that to be associated with that. So I think some people yes, understand that technically anyone could go online and register for that domain. But the community has some self-accountability where folks that are not actually nonprofits or grassroots groups of whatever kind that are using that get called out. But I think that goes back to the idea that nonprofits do rely on that community knowing that a .org symbolizes something. I mean there are nonprofits, real nonprofits, not like the Change.org example, but there are nonprofits whose actual organization name includes .org, right? Because of this.
• Yes, yes, absolutely. I mean I know a couple. So it’s wild, because what happens if it changes? I’ll imagine all of your branding changing, what would you be then? Would you be another .com? Is that what you want? Where do you think–
• It’s global climate community rallying behind 350.com.
• Well, I mean, and internationally I found it fascinating to see that there’s a lot more coverage happening about this internationally than what I saw, it took a while to really start having things pick up within the United States. Why do you think that is?
• We’re used to capitalist overlords here.
• Well, I think also you see country code domains filling in the gap a bit. So in the United States, nonprofits register in .org. In Geneva, the big IGOs register in .org because they’re international, but also the rest of the world, small nonprofits, national or smaller scope are registering again org.country code, org.uk, org.za, org.ca, right? And I think if this goes through or a deal like it goes through and somebody winds up with a billion dollars of debt to pay, the decamp from .org by nonprofits is gonna have to go somewhere and as you’re saying, .com could be it but that doesn’t really convey the idea. And so I think most of that will wind up going into country codes. But then you’ve got the problem of sort of organizations stepping on each other by having the same name in different countries, the end-user has to guess what country to go looking in, which may not be obvious, particularly for international nonprofits. So it’s not a great solution. And obviously, it’s a harm, it is a huge externality. And there’s just no reason that externality should be foisted on nonprofits just so somebody can make another few hundred million dollars.
• Ooh, good question, you guys. Oh my gosh, I’m so sorry. Catherine, she says “few things ever truly happen in isolation. So I have to wonder what’s next. What sort of precedent does this sale set and what dominoes maybe next to fall?” Oh, such a good question, Catherine.
• Yeah, I can jump in on that. I think right the day after the sale was announced publicly, the CEO of Public Interest Registry, John Nevitt, did an interview saying that he was going shopping. And that his goal was to buy lots of new top-level domains. So these small little new domain name endings that Bill had talked about. So I do think that if the sale goes through, that a lot of the .org’s focus will be on hoovering up lots of these little domain name endings to try and get some economies of scale. There is also within the next one to two years likely to be an application round for new domain endings. So another new domain ending application round. And if I was a private equity person, I don’t think I could think of a better battleship to go into the war with than having .org there to go and finance and support a bunch of new applications for domain name endings. So I do think that that is a big risk that you will see that dynamic change. Again, it gets back to this notion of all the existing .org registrants and members being taken on a ride that they don’t really know what’s involved.
• Yeah, the other big risk I see touches on a bit of what Bill was explaining earlier about data. The internet has been around long enough and folks have been familiar enough with using a browser that they knew in their organization they needed to have a website and that you register that website and you get a domain, right? The level of collective knowledge about data in the nonprofit sector, not just in the US, but in the whole world is very low because it hasn’t needed to be higher, right? Like people didn’t need to know more about that data and where they do have knowledge is in the data that they are intentionally like creating a profile and putting fields in there and collecting that data. But I think what we’re getting a little like crack in the door and looking into this scary hidden shiny room is that a lot of organizations and the supporters and donors of those organizations are going to enter a world where their data is not theirs anymore, and it’s for sale all over the place and being tracked all over the place. And I think one could argue that that’s the reality for everyone about everything. Like you’re typing that into Target.com or something and like everyone is selling everything, right? And that’s true and sad and horrible and we can fight for that too, but I think especially needs to be of concern to nonprofits, because so many nonprofits are working at the intersection of issues that the government they work under does not want to support, right? Or they are serving people that the government would love to find. And I think nonprofits need to understand regardless of whether you have a policy or advocacy mission or not, you are the gatekeeper of your community. And that means you need to be part of this.
• I think that that’s why I in particular, had a poor reaction. Nora, and I can’t think of her last name, she is from Ethos Capital, and was interviewed on that NPR segment the other day. And afterwards, she posted sort of a rebuttal, the things that she felt like she didn’t get chance to say. And one of the things was that they’re being very open and more transparent than anyone else about this stuff but still refuses by the way to go all the way down to who the investors are all the way down, not naming the names. And this is particularly troubling to me because, and I imagine everyone else because .org is different. These are nongovernmental organizations, these are charities, these are different types of organizations that, if those names tie back to people with a political reason to–
• Or even not their name, their IP address, their location, anything.
• Then what does that say? What does that mean? Is that a direction we feel comfortable going in in a post-Cambridge Analytica world where our data is truly [vulnerable], people can do a lot of dangerous things, not just to us but about us–
• This isn’t about retargeted ads, right? So that you see Zappos shoes every website, this is about surveillance.
• Right, right. And I think that the danger there, and I don’t want to say, I don’t want to actually put that in the cues and say that anyone would do it. But the danger is that it could be done, that this is setting a precedent, this going through for something like .org even if the people in question now didn’t do it, people in the future could.
• Right, I mean–
• I think that’s the slippery slope is that as Amy is saying, the degradation of the norm, that registries are not supposed to be collecting user data and selling it, that is not a business model of registries, that norm going away is the real large long term danger here. Right now, these kinds of data collection and selling practices occur in the DNS space, but not in big mainstream TLDs at all. And if .org, a big mainstream TLD goes that way and people look at it and say, well, they only had $50 million revenue, but now they have $200 million a year of revenue because they’re selling data, then the .org registrants aren’t the customers anymore, they’re the product.
• Yeah, in that case, we probably shouldn’t be jumping up for joy if they say they’re not raising prices, because where are they getting the money then? And so any .org, from Planned Parenthood to the National Rifle Association should be concerned about who is doing what with their data. Okay, so Todd has a question. And he says, since we all know now that there has been 700 million in profits from .org over the last 20 years, what will CCOR do with this revenue and profit if it were to develop a successful bid for the .org registry?
• Yeah, so, first to be really clear, we don’t want to be one of two competitors for this. We want there to be a full open call. And like last time there were 11 different proposals, right? We would love that, because that would mean that the market was really working and there were good proposals and alternatives and so forth, and the multistakeholder process could find a good outcome out of 11 proposals, right? Now that said, the nonprofit community is trying to put together a good proposal, whether that winds up getting used or whether that winds up serving as a model either way is fine. But the thing about a cooperative is a cooperative has no profits, cooperatives have savings, which are the property of the members. And cooperatives are not allowed to carry those savings over. So out of the, if you think of it as being basically $10 in revenue per domain name. $3 of that goes to operational costs. What we’re saying is that $2.50 would go to supporting internet infrastructure and governance, which was supposed to be the point of giving .org to ISOC in the first place. They were supposed to use that money to support the IETF. But out of 100 million in revenue, they’re only giving three and a half, I think, to the IETF at this point, and taking 70 for themselves. So that didn’t really work out. But if we write that into our articles, that’s legally binding, right? So $2.50 cents out of the 10 goes to those purposes. And there’d probably be about another 50 cents going to administrative stuff, going to ICANN and so forth, which leaves four as the remainder. So every .org registrant would get a credit of $4 back. Now the transaction processing cost of sending $4 internationally, probably not gonna work. But discounting their renewal by $4 does, because that’s not an additional transaction. So, again, the protections that co-ops offer are incredibly strong, there is literally no way for the co-op to not rebate that money to its members at the end of each year.
• And what I think is really a clear juxtaposition of the way that this is being thought about is anytime you hear Internet Society talk about this deal, the one good thing they talk about is that this will give them so much money that they will just have money forever, right? That centers very few people. The co-op idea is saying regardless of any other benefit or bylaw structure, the people who have been centered in how we’ve designed this model are the users themselves, the nonprofit organizations that have those domains. And if you want just a quick glance at which one’s gonna be more appropriate for that global community, you would think it’s the one that centers global community, right?
• That’s a great point. Yeah, I think the positive nature of this conversation is so critical. Instead of having a conversation about whether or not private equity is good, or bad, or should own .org, we could be having a conversation about, if you had $100 million a year, how would you make the internet a better world for civil society and nonprofits? If you had a revenue stream worth a billion dollars, how could we change the world for the better? What an amazing question that is to ask, right? And I just hope that ICANN has the courage to ask it.
• Yeah, I am very thankful that you all took the time. You all have so much you’re doing. I know, because I’m following it online and seeing what’s happening. But it’s just incredible the amount of work that you’ve put into all of this, the amount of work you’re continuing to. So I wanna thank you so much for answering these questions being here today and I’m hoping that everyone who’s watching this will share this when I post it so that everyone in the association space can see and know what’s going on, and understand things a little bit better. Hopefully, you’ve got a lot of questions answered yourselves. Are there any final words that you have to say before we close out from this really great conversation today?
• If people wanna make–
• It’s not too late– Go ahead, Amy.
• I was just gonna say it’s not too late to add your name. Decisions haven’t been made. So put your name on the petition, add your organization. We really will be supportive when you do that and we are gonna take tomorrow to the protest even, we are gonna take all of these signatures, 22,000 plus and give them to the board.
• So you can go to SaveDotOrg?
• Yeah, savedotorg.org.
• Org. Yeah, add your name for sure.
• What I was gonna say is that if you take a look at the ICANN correspondence webpage, ICANN, its roots are in transparent multistakeholder governance. And part of that is that its correspondence is supposed to be transparent. That hasn’t really been happening with Ethos, but with a lot of other folks, it has. So there’s this webpage you can go to on the ICANN website that has all the letters that are written to and from ICANN unless they are bound by secrecy. So a lot of us have been trying to inform the debate by writing letters there. We wrote one back in December about, the operational cost-cutting and we wrote another one just yesterday about the surveillance issues which should be up there in another day or two. So if you see the letters that are up there, there’s an excellent one for the United Nations Special Rapporteur for Human Rights. And it’s like six pages long, a very fine print calling on ICANN to do its job.
• Printed it out–
• Exactly, and folks and so forth, right? So anybody can write one of those letters. If you feel strongly about it, just look on there, send the email to the correspondence of ICANN.org with instructions that you want to publish on the website, and it will be there for anybody to see.
• All right, thank you. And Jacob, did you have any final words to share?
• No, my co-conspirators have said great things. KiKi, thank you so much for this. I really appreciate it. These conversations are really helpful for me and I think hopefully for others to just really understand all the dynamics that are happening here. Yeah, thank you very much.
• Thanks, KiKi.
• Thanks to all of you and until next time, everyone – keep asking questions to learn every day. As Joseph Campbell once said, “the cave you fear to enter holds the treasure you seek.” Have a great rest of the week, everybody. Good luck tomorrow.
• Thank you.
• Thank you.

---

Join the Discussion about the Sale of .ORG, Trust, and What We Should All Be Asking About the .ORG(Opens in a new browser tab)