Mar 5, 2025 - by Lauren Tracey
As the domain industry continues to evolve, ICANN82 offers a unique opportunity to dive deep into the issues shaping the future of internet governance. ICANN (The Internet Corporation for Assigned Names and Numbers) is a non-profit organization that plays the crucial role of maintaining the stability and security of the internet, and their public meetings are an opportunity to learn about what’s happening throughout the domain industry; ICANN82 in Seattle WA begins March 8th, 2025.
In this post, we explore four key topics—the New gTLD Program, NIS2 Implementation, DNS Abuse and Contractual Compliance Updates, and RDAP Implementation—and share highlights of what you can expect from the sessions in Seattle.
Can’t join us in Seattle? Join our recap webinar on March 26, 2025 at 12PM EDT.
The new gTLD program is making significant strides. Updates include:
Application Guidebook Updates: The final set of topics in the Application Guidebook (AGB) are out for public comment, with the goal being to have the full document to the board for review by the end of 2025. The public comment window on the draft AGB is slated to close by the end of May.
Focus on Application Processing: As the program gears up for the next phase, attention is shifting toward the technical testing phase. The Registry Service Provider (RSP) application process is underway, and we expect to hear updates on the testing process at ICANN82.
Applicant Support Program (ASP): The ASP was developed to make applying for a new gTLD or managing a registry in the next round more accessible to applicants who may otherwise be unable to do so due to limited resources. The program remains open to applicants until November 19, 2025, welcoming submissions from various regions. We can expect to hear updates on the application program.
At ICANN82: Expect sessions that dive into real-time updates on the application process development, detailed discussions on the registry agreement, and insights into RSP requirements and system developments. If you are interested in learning more about applying for a .BRAND in the next round GCD’s Colin Costello did a deep dive on how to start preparing now.
Want to follow this issue at ICANN? Consider attending these sessions:
Subpro IRT (subsequent procedures implementation review team) Work Sessions 1 through 5: These sessions will be focused on developing the applicant guidebook.
GAC (government advisory committee) discussion on new gTLD program next round: This session will be a discussion between government representatives on several topics pertaining to the next round of new gTLDs
GNSO (generic names supporting organization) RYSG (Registry stakeholder group) BRG (brand registry group) membership working-session: This session will be an opportunity to hear from current .BRAND owners. They will discuss the steps needed for a company to start getting ready for applying for their .brand in the next round.
NIS2 Directive Implementation
The NIS2 Directive represents a comprehensive update to the European Union’s cybersecurity framework, aiming to strengthen network and information systems' resilience across member states. In practice, the implementation of NIS2 has presented challenges:
Regulatory Compliance: As member states navigate the implementation of the directive, deviations are emerging—especially concerning Article 28, which deals with domain name registration data. Different approaches are evident, with countries like Belgium taking a prescriptive stance while Italy and Lithuania offer more flexible interpretations.
Operational Timelines: Response timeframes for handling cybersecurity requests vary, with some jurisdictions mandating 24 hours for urgent requests and others allowing up to 72 hours.
At ICANN82: Expect discussions on the practical challenges of implementing the necessary mechanisms to meet the needs of NIS2, including monitoring deviations and harmonizing response times. These discussions should offer insights into how regulatory frameworks influence cybersecurity practices within the industry.
Want to follow this issue at ICANN? Consider attending this session:
DNS Abuse and Contractual Compliance updates
In April 2024, ICANN introduced significant updates to its contractual framework designed to address escalating cyber threats, particularly those related to phishing and DNS abuse. These contract updates strengthened the obligations of registries and registrars by setting clear enforcement timelines—registrars now have 21 days and registries 30 days to remedy breaches—and enhancing procedures for informal resolution before formal breach notices are issued.
DNS Abuse Investigation Outcomes: Between April and December 2024, a total of 249 investigations were initiated, primarily targeting phishing activities. While most cases were resolved informally, formal breach notices were issued in select cases.
Impact of Enforcement: Informal resolutions have already led to the suspension of over 2,900 abusive domain names and the disabling of 365 phishing websites. Future initiatives include a comprehensive one-year enforcement report, ongoing registry audits, and the development of enhanced guidelines for complainants.
At ICANN82: Look forward to sessions that unpack these investigations and outline proactive enforcement strategies. Discussions will focus on registry audit results and how these measures set a new benchmark for compliance and security in the domain industry.
Want to follow these issues at ICANN? Consider attending these related sessions:
Naralo (North American Regional At-Large Organization) roundtable on AI and DNS abuse: This roundtable session aims to better understand the emerging capabilities of AI in pattern analysis and machine learning to either prevent or promote DNS abuse.
Joint Session GNSO CPH (contracted parties house) and NCSG (non-commercial stakeholders group) memberships work session: This meeting between the CPH and the NCSG will focus on key topics including DNS abuse and data accuracy
SSAC (Security and Stability Advisory Committee) lightning talk: In this session SSAC members will give a series of 15-20 minute presentations some of which will focus on different aspects of DNS abuse.
RDAP Implementation
The transition from WHOIS to the Registration Data Access Protocol (RDAP) is transforming how domain registration data is accessed and managed:
At ICANN82: Attendees will get updates on migration strategies and learn about ongoing outreach efforts designed to help users transition smoothly to RDAP. Sessions will also track deployment progress and share best practices for leveraging the benefits of RDAP.
Want to follow this issue at ICANN? Consider attending this related session:
Recent posts from Lauren Tracey