Yes, Domain Tasting Will End

After years of complaints ICANN has finally done something about domain tasting, but some are confused over exactly what they have done.

The reports of domain tasting's impending demise were met with skepticism in some quarters. The argument was that the new fees were insufficient, and that tasting would continue to be profitable.

Domain Tasting, to recap, is a practice by domain speculators in which they register a domain and then drop the registration within 5 days. Previous ICANN rules allowed registrants to game the system by dropping domains in this way and recouping all fees. Tasters could, in the meantime collect revenue from the domain and, if it got enough traffic, retain the domain and incur all the costs. Some go a step further and serially re-register and drop the domains. This is known as Domain Kiting.

It's a fairly low-risk investment. Over the last couple of years a huge percentage of domain registrations, perhaps over 50%, have been for tasting purposes. A fairly small number of registrants, either in concert with registrars or acting themselves as registrars, have been responsible for a huge percentage of the registrations.

The news of the policy change all came out second-hand, based on a policy change that ICANN e-mailed to registrars. But there was confusion in the coverage of the announcement, probably because ICANN didn't make a formal announcement with all the facts. Much of the reporting and analysis has been based on the assumption, which I shared until recently, was that the policy affected only the ICANN fee of 20 cents per domain per year. This analysis from CADNA, the Coalition Against Domain Name Abuse, is a good example. Starting with a report that the average fee paid for a web advertising click in the first quarter of 2007 was $1.46 and that PPC ads on speculative web sites typically get half of this, they conclude that tasters will likely be able to eat the $0.20 fee per domain and still make money.

"Since each click is worth 73 cents on average to a "traffic-squatter," each domain name would need to receive just an additional 3.8 clicks in year one in order to make up the difference from the "inconvenient" ICANN fee."
I'm not so sure about that 73 cent figure, but maybe charging the 20 cent fee is not the slam dunk I thought it was.

But now I've got the facts, and I've published the contents of the e-mail sent out to registrars in my eWEEK blog, Cheap Hack.

The new rules do, as an ICANN budgetary matter, make the change described in the CADNA release. But they go further. A second change, in the form of an ICANN Board resolution not yet in effect will prohibit registrars from providing any refunds for domains deleted above a threshold which will be similar, if not identical, than that for the ICANN fee. This is a huge difference, in that it adds a minimum of several dollars per taste per year, over 6 dollars for .COM. In effect, this literally ends tasting because there's no point in doing a delete anymore. The ICANN message to registrars says: "...The implementation timing of this change has not been set, but should be expected to take place over a period of some months. ICANN staff will solicit public comments and post a registrar advisory prior to implementation of this aspect of the GNSO recommendation."

In the short term it's possible that tasters will continue to game the system, but that won't fly for much longer. In fact, perhaps they'll ramp up to taste whatever they can before the second round of changes, so things might get worse before they get better. But these companies must already be looking for new jobs for next year.

I'm no longer surprised at the glacial pace of ICANN change; that's just the bureaucratic nature of the beast. But domain tasting is one of those things that nobody will openly defend, so at least they did the right thing. I have to say I was expecting the half-measure that CADNA reported, and instead they went much further. Hats off to ICANN.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

For insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzer's blog Cheap Hack