The Association of National Advertisers (ANA) has certainly got its knickers in a knot over TLDs. After more than five years with barely a peep, apart from one instance when they submitted comments that they forgot about and had to be reminded by ICANN they had actually commented, they have again stamped their feed and complained to ICANN.
This time the ANA has called on ICANN to engage an independent third-party IT expert or experts to conduct a comprehensive investigation of its recent system vulnerability in a letter from ANA President and CEO Bob Liodice who outlined the need for immediate answers regarding this serious problem.
The letter is another attempt to undermine ICANN’s proposal to introduce new TLDs since they have failed in their other belated attempts to derail the process.
While it’s hard to take the ANA seriously given their lack of participation in developing the Applicant Guidebook, this time Liodice points out that this vulnerability “may have enabled some applicants to see other applicants’ file names and potentially serving to compromise competitive information, which might provide some parties an unfair competitive marketplace advantage.”
OK, the ANA is aiming this latest missive at ANA members, probably trying to justify some quite large membership fees, as well as politicians and government agencies, but two weeks after ICANN originally took down the TLD Applicant System (TAS) the ANA has shown they are behind the times. Still, this time they are not five years late in waking up.
For anyone interested, Liodice goes on to say “the marketing and Internet communities are highly concerned about ICANN’s system vulnerability which appeared shortly after ICANN opened its vast top-level domain expansion program. Allowing confidential application file names to become visible to the wrong TLD applicant could greatly compromise the integrity of the new TLD application selection process. It indicates that ICANN remains ill-equipped to manage a program the marketing community has consistently criticized as ill-conceived, overpriced and technologically suspect.”
“We are urgently requesting that the Department of Commerce and its National Telecommunications and Information Administration (NTIA) exercise their oversight of ICANN and encourage ICANN to engage an independent IT expert to fully investigate this serious and inadequately explained vulnerability.”
“Trust in the Internet’s integrity is paramount for marketers, who are building their businesses and consumer relationships on this vital communications and transactional platform.”
In the ANA letter to Beckstrom, Liodice identified these core questions that an independent investigator should address:
- What was the specific vulnerability that caused the leak of this information, and why did ICANN wait so long after reports of the vulnerability to shut down the application system?
- Which file names and applicant names were visible; what kind of information was leaked?
- What steps, if any, has ICANN taken to alert all parties affected by the vulnerability?
- A consistent complaint among stakeholders has been that there is little transparency in ICANN’s operations; why has ICANN released so little information about this situation to date?
- What corrective measures is ICANN taking or planning to ensure that system vulnerabilities or a similar incident will not occur in the future?
- Should the gTLD expansion program be curtailed in scope or suspended until ICANN employs a sufficiently experienced and/or large enough number of technical Internet security staff to oversee it?