ICANN is set to kill off its unpopular 60-day transfer lock policy, following a vote at ICANN 82 in Seattle this week.
The GNSO Council yesterday voted to accept the final report of its Transfer Policy working group, a mammoth 163-page document that contains 47 recommendations affecting all areas of domain transfers.
The removal of the transfer lock is perhaps the biggest change to the 20-year-old policy for domain registrants.
Under the current policy, when you buy a domain name from another registrant or change your name, organization or email address, you trigger a lock that prevents you transferring your domain to another registrar for 60 days.
It was designed as an anti-fraud measure, stopping domain thieves bouncing their stolen names to sleazy registrars to avoid them being recovered by their victims.
But is has proved unpopular over the years with registrants that want to consolidate their portfolios under their preferred registrar and the new policy would remove the lock entirely.
It would also remove the requirement for both gaining and losing registrants (ie buyer and seller) to be notified when a change of registrant occurs, on the basis that notifications don’t provide much protection when the losing registrant’s email has already been compromised.
The whole process governing changes to registrant data is going to be spun out into a separate Change of Registrant Data Policy, because maybe it didn’t belong in the Transfer Policy in the first place.
The newly approved changes will also introduce two new locks that registrars currently may, but are not required to, impose — there’s going to be mandatory 720-hour (30-day) locks on domains that have just been created or just transferred in.
Any registrars that currently impose a longer lock will have to reduce it to 720 hours and any registrar that does not have such a lock will be required to implement one.
The GNSO says these month-long locks will help reduce credit card fraud and help comply with trademark complaints such as UDRP.
There are dozens of other changes coming that do not relate to locks.
For example, the list of reasons a registrar may deny a transfer has been updated to include a reference to DNS abuse, as currently defined in the ICANN registry and registrar contracts.
There are numerous changes of terminology, required notifications, and instructions for handling Transfer Authorization Codes, all of which registrars and registrars will have to implement if they want to stay compliant with their ICANN contracts.
There are also changes to bulk portfolio transfers, limiting registries to a charge of $50,000 for portfolios over 50,000 domains.
The changes would also incorporate an updated Bulk Transfer After Partial Portfolio Acquisition (BTAPPA) directly into the Transfer Policy, meaning registries no longer have to request it from ICANN via the Registry Services Evaluation Process.
The recommendations, unanimously approved by the GNSO Council yesterday, will now go to ICANN’s board of directors for final approval. The final updated Transfer Policy will then be written by an ICANN/GNSO team.
Registries and registrars will then presumably be given time to implement the policy before it becomes law and Compliance comes sniffing around for infractions. We’re talking about at least 18 months before the changes go live, I reckon.
If you have a high tolerance for boredom, the full list of recommendations can be read in this PDF.
If you find this post or this blog useful or interestjng, please support Domain Incite, the independent source of news, analysis and opinion for the domain name industry and ICANN community.