On Dec. 16, the FTC sent a letter to ICANN claiming that expanding the number of generic top-level domains (gTLDs) would open users up to additional risks online. With the letter, the FTC joined a number of other organizations raising concerns about the plan, and warned that increasing the amount of gTLDs could make it easier for scam artists to avoid being detected by law enforcement.
“A rapid, exponential expansion of gTLDs has the potential to magnify both the abuse of the domain name system and the corresponding challenges we encounter in tracking down Internet fraudsters,” the letter states. “In particular, the proliferation of existing scams, such as phishing, is likely to become a serious challenge given the infinite opportunities that scam artists will now have at their fingertips. Fraudsters will be able to register misspellings of businesses, including financial institutions, in each of the new gTLDs, create copycat websites, and obtain sensitive consumer data with relative ease before shutting down the site and launching a new one.”
“In short, the potential for consumer harm is great, and ICANN has the responsibility both to assess and mitigate these risks,” the agency added.
ICANN approved a plan to increase the number of gTLDs back in June with the stated goal of offering “organizations around the world the opportunity to market their brand” in new ways by enabling Internet address names to end with almost any word in any language. The move has drawn criticism for security reasons, though some have said the criticisms are exaggerated. There have also been concerns raised that organizations may have to pay a hefty amount to avoid being improperly associated with a gTLD such as .xxx, the newly-created porn domain, for example.
According to the FTC, ICANN should take a number of steps to protect consumers, including implementing the new program as a pilot program and reducing the number of generic top-level domains that are introduced as a result of the first application round. In addition, the FTC recommended ICANN strengthen its contractual compliance program – in particular by hiring additional compliance staff – and improve the accuracy of Whois data, which is used to identify the owner of a particular domain. Other recommendations include assessing each proposed gTLD for risk as part of the approval process and developing a new program to monitor consumer issues that arise during the first round of implementing the new gTLD program.
ICANN is slated to begin accepting applications for new domains starting Jan. 12, 2012.
“We strongly believe that ICANN should address these issues before it approves any new gTLD applications,” the FTC advised.