At the time Robert Elz was delegated control of the .au name space, it was a flat hierarchy empty of subdomains at the second or third level (such as .edu.au, or .murdoch.edu.au respectively). The second-level subdomains that Robert Elz created were broadly based on those existing underneath the root hierarchy, including .com, .org and .edu, along with some additions of his own including .csiro.au, ..asn.au and .id.au. Elz himself sub-delegated each of the second-level domain spaces that he had created to Australian applicants according to the policies that he had devised. For example, businesses were permitted to apply for the registration of domain names in the .com.au space, and in the case of .edu.au, educational institutions were permitted to do so.
Soon, Elz found that requests for delegation of third-level domain names within the second-level domain spaces were being made in such volume that he was unable to attend to all the requests personally in a timely manner. Accordingly he delegated control of most of the second-level domains to other parties, who took over the registration of domain names at the third level. For example, in October 1996 Melbourne University became the administrator (or "registrar") of the .com.au domain space, a responsibility which has since passed to Melbourne IT Ltd, a company spun off from the University.
At the date of the transfer of control of the .au domain from Mr Elz to auDA, Mr Elz remained as the registrar of two of the second level domains that he had created. These were .org.au, which is a space within which for most non-profit organisations to register domain names, and .id.au, under which individuals can register domain names for personal purposes.
On 22 October 2001, auDA opened tenders for the operation of a registry or registries to operate seven of the second-level domains originally created by Robert Elz. In doing so it sought the concurrence of each of the incumbent registrars. It obtained the agreement of all of the registrars bar one: Elz himself. Mr Elz has taken the view that, notwithstanding that auDA may possess authority over the .au domain as a whole, this does not also give it the right to redelegate or to otherwise administer the second-level domains such as .org.au and .id.au that had been created by its predecessor, without obtaining the consent of the incumbent delegate of those second-level domains.4
auDA advises that it has obtained legal advice to the contrary, the effect of which is that "the existing delegation held by the delegates will have no further force or effect after ICANN redelegates the .au ccTLD to auDA"5. This article briefly investigates the position taken by each party, and attempts to draw a conclusion by the application of relevant principles of domain name law.
Only one of the 13 root name servers is truly authoritative, and this name server, labelled "A", derives the content of its directory of root domains from the United States Department of Commerce. Despite its contract with ICANN to administer the domain name system, the United States Department of Commerce even now retains policy control over the root domain.6 Since the domain name system is structured as a hierarchy, every Internet domain name depends upon this authority that the Department of Commerce exercises over the root domain. For example, it the Department of Commerce decided to delete the .com domain from its root name server, all domain names ending in .com would cease to be visible within the ICANN-administered domain name hierarchy.
There is no technical reason why an alternative hierarchy of domains could not be used on the Internet. In fact, such alternative hierarchies have been set up.7 However those who utilise the root domain name system administered by ICANN, in preference to the alternative domain name hierarchies, do so for pragmatic reasons. A domain name that is registered in a particular hierarchy can only be accessed by Internet users who configure their computers (or whose Internet Service Providers configure their servers) to utilise that hierarchy. As the vast majority of Internet providers and users use the hierarchy administered by ICANN, registration of a domain in an alternative hierarchy leaves that domain stranded from the majority of the Internet.
The root of the domain name system contains a number of generic domain names such as ".com" and ".org", along with numerous "country code top level domains" (or ccTLDs), such as Australia's .au, the United Kingdom's .uk and so on. New top-level domains (whether these be generic or country code domains) may be created only with the sanction of the Department of Commerce,8 and will be administered in the first instance by its delegate, ICANN. ICANN, however, will sub-delegate the control of all top-level domains to an independent registry operator; in .au's case, Robert Elz and subsequently auDA.
For any transfer of the designated manager trusteeship from one organization to another, the higher-level domain manager (the IANA in the case of top-level domains) must receive communications from both the old organization and the new organization that assure the IANA that the transfer is mutually agreed, and that the new organization understands its responsibilities.9
An exception is made "in cases where the designated manager has substantially mis-behaved" or "[i]n cases when there are persistent problems with the proper operation of a domain, [whereupon] the delegation may be revoked, and possibly delegated to another designated manager".
The manner in which RFC 1591 is currently administered by ICANN is documented in a policy issued by it in May 1999 titled ICP-110, which provides in part:
For transfer of TLD management from one organization to another, the higher-level domain manager (the IANA in the case of TLDs), must receive communications from both the old organization and the new organization that assure the IANA that the transfer is mutually agreed, and that the proposed new manager understands its responsibilities. ... On a few occasions, the parties involved in proposed delegations or transfers have not been able to reach an agreement and the IANA has been required to resolve the matter. This is usually a long drawn out process, leaving at least one party unhappy, so it is far better when the parties can reach an agreement among themselves. It is appropriate for interested parties to have a voice in the selection of the designated manager.
It goes without saying that neither RFC 1591nor ICP-1 possess any force of law. They are merely policy documents which describe the manner in which ICANN exercises the delegated authority of the Department of Commerce over the root domain, in the processes of delegation, redelegation and revocation of top level domain names.
Two further provisions of RFC 1591 and ICP-1 are of relevance to the positions taken by auDA and Robert Elz the subject of this article. These are, from RFC 1591, the statement that:
Most of these same concerns are relevant when a sub-domain is delegated and in general the principles described here apply recursively to all delegations of the Internet DNS name space.
The commentary of ICP-1 on this issue is as follows:
There are no requirements for management of subdomains of TLDs, including subdelegations, beyond the requirements for TLDs stated in this document and RFC 1591. In particular, all subdomains shall be allowed to operate their own domain nameservers, providing in them whatever information the subdomain manager sees fit, as long as it is true and correct.
From these documents it appears that the policy of the root domain administrator as applied by ICANN is that the delegation, redelegation and revocation of domain names at the second and lower levels should be conducted pursuant to the same policies that govern those activities at the top level; in other words, that redelegations should only be undertaken with the agreement of both parties, except in the case of malfeasance or incompetence.
In fact far from the transfer being "mutually agreed" as RFC 1591 specifies, Robert Elz has stated that the .org.au domain is "not going to be any part of auDA's [near] future", and described auDA's conduct in seeking to redelegate the domain as "inappropriate".12 No allegation has been raised by auDA that Elz has exercised his control of the .org.au or .id.au domains in an improper or incompetent manner. Despite these facts, auDA has reconfirmed its intention to redelegate the domains in question in the face of Robert Elz's objections.
If it is taken that auDA has failed to comply with RFC 1591 in its purported redelegation of the .org.au and .id.au subdomains by reason that it has not obtained Mr Elz's agreement, the question arises whether any legal consequences flow from this fact. It has already been noted that RFC 1591 possesses no legal force in the United States or in Australia. It might therefore be assumed that the only remedy for a breach of RFC 1591 lies at the prerogative of ICANN against auDA in terminating its delegation of authority, or of the United States Department of Justice in exercising the same right against ICANN.13
Before reaching this conclusion, it is worth considering Mr Elz's assertions more closely.14 Elz has explained his position as follows:
A delegated domain is more akin to a flat in a high rise building that is leased or sold to its occupants (which it is more similar to depends upon the way the sub-domains are handed out) - or even donated.
Someone still owns the building shell (and any unsold flats), and can sell that to someone else - but they can't sell the flats that have been sold, and any sale of the building is subject to existing leases.
That's always been the way the DNS has worked - once a domain name is allocated it is yours (or yours as long as you keep paying the renewal fee in some cases).15
This position is to be distinguished from the argument, previously made by the author,16 that the custodianship of a domain name is a sub-licence of the authority of the Department of Commerce over the root domain, the terms of which licence incorporate the provisions of RFC 1591. Were that the case, such a licence would be terminable by the licensor or sub-licensor (that is, the Department of Commerce, ICANN or auDA) in the case of a transgression of RFC 1591, but in the absence of such a remedy being exercised the delegation would remain in force and would be unassailable by third parties. Elz in fact specifically refutes this analysis:
The DNS wasn't created by lawyers, and the use of "delegated" in the DNS (for which there are actually two quite different meanings) isn't at all related to the use in legal circles. This may have been more just a misunderstanding as to what the term actually means (legally), or because it relates more to the technical parts of the way DNS queries are made, but there's no question really that any of the operators of any sub-domain is doing so as an agent of the operator of the parent.17
Whether Elz's or auDA's analysis is correct depends on analysis of the terms upon which a delegation of authority over a ccTLD is made, and in particular an interpretation of the original delegation of the .au ccTLD by IANA to Elz in 1986. To determine this question, we again come back to RFC 1591. That document states:
The country code domains (for example, FR, NL, KR, US) are each organized by an administrator for that country. These administrators may further delegate the management of portions of the naming tree. These administrators are performing a public service on behalf of the Internet community.
In the case of top-level domains that are country codes ... [there must be] a manager that supervises the domain names and operates the domain name system in that country.
No mention is made here of what a country code administrator may or may not not do with subdomains that have already been delegated by a previous appointee. The agreement between ICANN and auDA is little more instructive. Clause 4.1 of that agreement18 states:
The Sponsoring Organization [auDA] shall cause the authoritative primary and secondary nameservers for the Delegated ccTLD to be operated and maintained in a stable and secure manner, adequate to resolve names within the Delegated ccTLD, and any sub-domains over which the Sponsoring Organization retains administrative authority, for users throughout the Internet.
Clause 4.5 of the agreement requires in effect that auDA "abide by all ICANN policies ... that concern ... the operational capabilities and performance of the ccTLD operator", which of course includes RFC 1591.19 The final provision that is of relevance is clause 6.3 which sets out the consequences of a termination of the agreement by ICANN. It relevantly states:
In particular, the Sponsoring Organization shall ensure the transfer of all relevant DNS and registry data to the specified successor, subject only to the successor's commitment to use the data in a manner consistent with the Sponsoring Organization's prior written commitments made to data subjects regarding the use of their personal data.
This suggests that upon the transfer of the ccTLD from one registry operator to another, the newcomer is obliged to receive and maintain all data from the previous incumbent (subject only to appropriate privacy undertakings being made). Clause 4.1 further indicates that there might be expected to be some subdomains within the ccTLD over which the operator does not retain administrative authority.
Whilst these provisions offer some threads of support for Elz's position, it is fair to say that the terms of the delegations of control over the .au ccTLD to Elz and auDA are in themselves inconclusive. Perhaps greater assistance in assessing the correctness of Elz's model of domain delegation - that is, that subdomain delegations are not subsumed within the delegation of a higher-level domain - may be obtained by reviewing prevalent industry norms. Elz claims:
No-one seriously believes that [a change of control of a higher-level registry will effect an automatic revocation of domains registered at a lower level] - if they did it would mean that all the agreements that auDA is currently making with the other 2nd level domains very suspect - after all, ICANN could next year, or something, simply take the AU domain from auDA and hand it to someone else (that part is certainly true I think) and by so doing, render all of the domains currently existing in AU void. Note the question isn't whether they would, or whether they could find ways to avoid that, but whether they could if they wanted to.
If they can, then any assignment of a sub-domain (anywhere down the chain) would be close to meaningless - and in particular, the 2 year licences that auDA is proposing to apply to all sub-domains of AU would be folly, as there's no way they can actually guarantee being able to support them for that long - even if they (now) have a 2 year (or longer) agreement with ICANN, eventually there will be less than 2 years to run on that, yet they'd still be registering domains and promising they'd exist for 2 years.20
This logic persuasively suggests that the authority granted to a ccTLD delegate does not incorporate the authority to cancel or redelegate pre-existing subdomains, or at least not except in accordance with the provisions of RFC 1591; in other words not unless those subdomains are surrendered, or lapse due to misconduct or incompetence or because the conditions of their delegation (for example, as to payment of registration fees, if applicable) are not satisifed.
If the authority of the .au domain delegate (in the present case, auDA) does not incorporate rights over the existing delegated subdomains such as .org.au and .id.au, from what does the continuing force of those delegations derive? On auDA's argument, it cannot be derived from the authority of the previous .au domain delegate, Mr Elz. Elz did not have power to delegate the control of .org.au and ..id.au indefinitely, he only had the power to delegate them for so long as his own .au delegation subsisted. Elz therefore could not delegate control of subdomains that would survive the expiry of his own authority; nemo dat quod non habet.
This, however, overlooks the fact that since Elz's pre-existing delegations do not form part of the grant of authority to auDA for reasons stated above, there is no inconsistency in those delegations remaining in force beyond Elz's tenure as .au domain administrator. The delegations made by Elz enjoy a separate legal force to the delegation of the balance of the .au ccTLD from ICANN, such that the former can survive the termination of E's authority over the latter, just as the authority of a .com.au domain registrant over its third-level domain will survive the transfer of authority over the parent second-level domain from Melbourne IT to its successor.
At least, this is so unless domain names can be characterised as a property right. If they can, then although auDA may purport to redelegate a subdomain such as .org.au, and although ICANN may raise no quarrel with auDA doing so,21 a cause of action may lie against auDA in conversion22 at the suit of the party previously in possession of that domain, whose chain of title passes through Robert Elz to IANA to the United States Department of Commerce. Likewise, if domain names are proprietary in nature and a superior right of possession were claimed by an original delegate against a new registry operator, that registry operator might have a cause of action against auDA in breach of contract on the ground that auDA had purported to deal in property that it did not own.
There is mixed authority - none of it Australian - on whether domain names are a form of property or not. Those courts which have decided that domain names are not a form of property have typically made reference to the provisions of the registrar's agreement with the registrant, which are drafted in the nature of a contract for service and in some cases restrict the exercise of what would otherwise be the normal incidents of proprietary rights in a domain name such as the ability to freely assign that name.23
An example of such a case is Zurakov v Register.com24 in which the court found on a summary judgment application that:
The question of whether a domain name is a "property right" has not been considered by the courts of this state. Accordingly, this court looks to courts in other jurisdictions that have opined on this issue. In Network Solutions, Inc v Umbro International Inc, 529 S E 2d 80 (2000) the Supreme Court of Virginia stated that, "a domain name registrant acquires the contractual right to use a unique domain name for a specified period of time." The Network Court relied on Dorer v Arel, 60 F Supp 2d 558, 561 (ED Va 1999). In that case, the court stated that "[A] domain name that is not a trademark arguably entails only contract, not property rights. Thus, a domain name registration is the product of a contract for services between the registrar and registrant."25
The case of Lockheed Martin Corp v Network Solutions, Inc26 is to similar effect.
On the other hand, authority to the contrary also exists. In Kremen v Stephen Michael Cohen27 it was determined that a domain name (in that case, sex.com), whilst not tangible property under United States law and therefore not capable of supporting an action for conversion, was a form of intangible property. The decision of Network Solutions, Inc. v. Umbro Int'l, Inc28 is to similar effect. The former case is subject to appeal.29
In both Clue Computing v Hasbro, Inc and NSI 30 and Porsche Cars North America, Inc v Porsch.net,31 a claim in rem - that is, a claim against property - was brought against a domain name. The Anticybersquatting Consumer Protection Act has since expressly provided for such actions in rem to be instituted.32 As this does not sit squarely with the decisions that a domain name is not tangible property, it does seem to indicate an intent of Congress to affirm that domain names are indeed property at least for procedural and execution purposes. The constitutionality of this legislation has been upheld.33
All of the above authorities are concerned with second-level domains in the generic TLDs, rather than with first or second-level domains in a ccTLD, and perhaps this is a relevant ground of distinction between them and the case of present concern. RFC 1591 tells us that:
The designated manager is the trustee of the top-level domain for both the nation, in the case of a country code, and the global Internet community.
Concerns about "rights" and "ownership" of domains are inappropriate. It is appropriate to be concerned about "responsibilities" and "service" to the community.
The kind of obligations described here in RFC 1591 do not apply to the holder of a second-level domain in a generic TLD, such as microsoft.com. Yet at the same time, there is no technical distinction between microsoft.com and .org.au, and it seems difficult to argue that the one should be property and the other not, simply because of the further obligations to the community that the custodian of the latter undertakes.
Further support for the argument that root domains such as ccTLDs are a form of property comes from the United States government itself, which raised the issue in a letter from the United States General Accounting Office querying whether the transfer of control of the root domains to ICANN would "involve a transfer of government property to a private entity. If so, the transfer would have to be consistent with federal property laws".34
Whilst the status of domain names as property is undeniably speculative, particularly in Australia where no relevant authority exists, the least that can be said is that auDA should be very certain of its entitlement to vest those rights in third parties before proceeding to do so by tender. If an unbroken chain of title does not exist and auDA never came into possession of the property with which it is purporting to deal, its liability both to the old and new delegates could come as an unsettling surprise to the fledgling organisation.
The implications of auDA's actions flow much further than the concerns
expressed by Robert Elz in relation to the administration of ..org.au and
.id.au, since all domain name holders in the .au ccTLD are in theory liable
to exactly the same treatment from the domain name managers above them.
It is timely the rights of such registrants to their domain names be resolved
in order that the administration of the .au domain space may remain a solid
foundation for the development of electronic commerce and communication