Back

29 Rights Protection Mechanisms

gTLDFull Legal NameE-mail suffixDetail
.SCASVENSKA CELLULOSA AKTIEBOLAGET SCA (publ)valideus.comView
1 MECHANISMS DESIGNED TO PREVENT ABUSIVE REGISTRATIONS

Rights protection is a core objective of Svenska Cellulosa Aktiebolaget SCA (“SCA”). SCA will implement and adhere to any rights protection mechanisms (RPMs) that may be mandated from time to time by ICANN, including each mandatory RPM set forth in the Trademark Clearinghouse model contained in the Registry Agreement, specifically Specification 7. SCA acknowledges that, at a minimum, ICANN requires a Sunrise period, a Trademark Claims period, and interaction with the Trademark Clearinghouse with respect to the registration of domain names for the .SCA gTLD. It should be noted that because ICANN, as of the time of this application submission, has not issued final guidance with respect to the Trademark Clearinghouse, SCA cannot fully detail the specific implementation of the Trademark Clearinghouse within this application. SCA will adhere to all processes and procedures to comply with ICANN guidance once this guidance is finalized.

As described in this response, SCA will implement a Sunrise period and Trademark Claims service with respect to the registration of domain names within the .SCA gTLD. Certain aspects of the Sunrise period and⁄or Trademark Claims service may be administered on behalf of SCA by SCA -approved registrars or by subcontractors of SCA , such as its selected backend registry services provider, Verisign.

As this will be a private brand registry with domains registered solely to SCA, it is not anticipated that any third parties will be eligible for .SCA domains but, nonetheless, SCA will offer the full range of ICANN mandated RPM, as set out below.

Sunrise Period. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, the Sunrise service pre-registration procedure for domain names continues for at least 30 days prior to the launch of the general registration of domain names in the gTLD (unless SCA decides to offer a longer Sunrise period).

During the Sunrise period, holders of marks that have been previously validated by the Trademark Clearinghouse receive notice of domain names that are an identical match (as defined in the ICANN Applicant Guidebook) to their mark(s). Such notice is in accordance with ICANN’s requirements and is provided by SCA either directly or through SCA approved registrars.

SCA requires all registrants, through SCA -approved registrars, to i) affirm that said registrants meet the Sunrise Eligibility Requirements (SER) and ii) submit to the Sunrise Dispute Resolution Policy (SDRP) consistent with Section 6 of the Trademark Clearinghouse model. At a minimum SCA recognizes and honors all word marks for which a proof of use was submitted and validated by the Trademark Clearinghouse as well as any additional eligibility requirements as specified in Question 18, provided they meet the eligibility requirements and rules of registration.

During the Sunrise period, SCA’s approved registrar is responsible for determining whether each domain name is eligible to be registered (including in accordance with the SERs).

All domains in .SCA will be registered to SCA for its own exclusive use and possibly that of its affiliates and SCA will appear as the owner in all WHOIS records. SCA may grant affiliates a non-exclusive, non-transferable, worldwide limited license to registrants to use the domain names for a period of no less than one (1) year and no more than ten (10) years, commencing on the date on which the registration request submitted by the approved registrar. SCA will reserve the right to reject a registration request, or delete, revoke, suspend, cancel or transfer the licence to use.SCA domain name at any time without notice at its sole discretion.

According to the registration policy of .SCA, the domain names will have to be used in an acceptable manner and .SCA will undertake checks to ensure that the intended use of each domain conforms to the registration policy. According to the registration policy:
• Domains must be used solely for purposes that enhance the strategic or commercial interests of SCA.
• Domain names must not be used in a way that knowingly infringes any third party intellectual property rights.
• A domain name registration must be an acceptable term that will not give rise to any moral or public order questions or in any way damage the strategic interests or reputation of SCA.
• Domains may not be delegated or assigned to external organisations, institutions, or individuals.
• If the registrant ceases to be a member of SCA or its affiliates to which their domain name is associated, then the registrant must cancel registration of that domain name within 14 days of ceasing to be a member.

Trademark Claims Service. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, all new gTLDs will have to provide a Trademark Claims service for a minimum of 60 days after the launch of the general registration of domain names in the gTLD (Trademark Claims period).
During the Trademark Claims period, in accordance with ICANN’s requirements, SCA or the SCA -approved registrar will send a Trademark Claims Notice to any prospective registrant of a domain name that is an identical match (as defined in the ICANN Applicant Guidebook) to any mark that is validated in the Trademark Clearinghouse. The Trademark Claims Notice will include links to the Trademark Claims as listed in the Trademark Clearinghouse and will be provided at no cost.

Prior to registration of said domain name, SCA or the SCA -approved registrar will require each prospective registrant to provide the warranties dictated in the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook. Those warranties will include receipt and understanding of the Trademark Claims Notice and confirmation that registration and use of said domain name will not infringe on the trademark rights of the mark holders listed. Without receipt of said warranties, the SCA or the SCA -approved registrar will not process the domain name registration.
Following the registration of a domain name, the SCA -approved registrar will provide a notice of domain name registration to the holders of marks that have been previously validated by the Trademark Clearinghouse and are an identical match. This notice will be as dictated by ICANN. At a minimum SCA will recognize and honor all word marks validated by the Trademark Clearinghouse.

2 MECHANISMS DESIGNED TO IDENTIFY AND ADDRESS THE ABUSIVE USE OF REGISTERED NAMES ON AN ONGOING BASIS

In addition to the Sunrise and Trademark Claims services described in Section 1 of this response, SCA implements and adheres to RPMs post-launch as mandated by ICANN, and confirms that registrars accredited for the .SCA gTLD are in compliance with these mechanisms. Certain aspects of these post-launch RPMs may be administered on behalf of SCA by SCA -approved registrars or by subcontractors of SCA, such as its selected backend registry services provider, Verisign.

These post-launch RPMs include the established Uniform Domain-Name Dispute-Resolution Policy (UDRP), as well as the newer Uniform Rapid Suspension System (URS) and Trademark Post-Delegation Dispute Resolution Procedure (PDDRP). Where applicable, SCA will implement all determinations and decisions issued under the corresponding RPM.

After a domain name is registered, trademark holders can object to the registration through the UDRP or URS. Objections to the operation of the gTLD can be made through the PDDRP.

The following descriptions provide implementation details of each post-launch RPM for the .SCA gTLD:

• UDRP: The UDRP provides a mechanism for complainants to object to domain name registrations. The complainant files its objection with a UDRP provider and the domain name registrant has an opportunity to respond. The UDRP provider makes a decision based on the papers filed. If the complainant is successful, the only remedy is cancellation as the only permitted registrant will be SCA or its affiliates. If the complainant is not successful, ownership of the domain name remains with the domain name registrant. SCA, and entities operating on its behalf, adhere to all decisions rendered by UDRP providers.

In order to achieve this SCA will closely monitor UDRP complaints involving .SCA and ensure that its registrar appropriately implements the decisions.

• URS: As provided in the Applicant Guidebook, all registries are required to implement the URS. Similar to the UDRP, a complainant files its objection with a URS provider. The URS provider conducts an administrative review for compliance with filing requirements. If the complaint passes review, the URS provider notifies the registry operator and locks the domain. A lock means that the registry restricts all changes to the registration data, but the name will continue to resolve. After the domain is locked, the complaint is served to the domain name registrant, who has an opportunity to respond. If the complainant is successful, the registry operator is informed and the domain name is suspended for the balance of the registration period; the domain name will not resolve to the original website, but to an informational web page provided by the URS provider. If the complainant is not successful, the URS is terminated and full control of the domain name registration is returned to the domain name registrant. Similar to the existing UDRP, SCA,and entities operating on its behalf, adhere to decisions rendered by the URS providers.

.SCA will deal with and handle URS complaints. Its designated team will receive official Notice of Complaint through an internal system and upon receiving a Notice of Complaint, the team will implement a lock within 24 hours and an automatic Notice of Lock will be generated and sent to the URS provider via email. The team will also enforce URS decisions, which may include unlocking the domain name or suspension of domain name and ensuring that the domain: i) remains suspended for the duration of registration period; ii) is non-resolving; iii) is redirected to an informational page provided by the URS provider; and iv) that the WHOIS maintains all original registrant details except for the redirection of name servers, and contains a message to the effect that the domain name will not be able to be transferred, deleted or modified for the life of the registration.

• PDDRP: As provided in the Applicant Guidebook, all registries are required to implement the PDDRP. The PDDRP provides a mechanism for a complainant to object to the registry operator’s manner of operation or use of the gTLD. The complainant files its objection with a PDDRP provider, who performs a threshold review. The registry operator has the opportunity to respond and the provider issues its determination based on the papers filed, although there may be opportunity for further discovery and a hearing. SCA participates in the PDDRP process as specified in the Applicant Guidebook.

• .SCA will deal with and handle PDDRP complaints. Its designated team will file responses to complaints, negotiate and seek to settle the dispute without incurring in unnecessary costs for both parties, and enforce the decisions made by the PDDRP provider.

Additional Measures Specific to Rights Protection. .SCA will be a closed registry which will solely be owned and controlled by SCA for its own commercial and strategic interests. Therefore, it is highly unlikely that third parties will find the opportunity to engage in abusive activities such as phishing, pharming or other types of behaviour, which violate the rights of others. However, in the unlikely event that the .SCA domains are attacked by third parties, SCA provides additional measures against potentially abusive registrations. These measures help mitigate phishing, pharming, and other Internet security threats. The measures exceed the minimum requirements for RPMs defined by Specification 7 of the Registry Agreement and are available at the time of registration. These measures include:

• Abuse Point of Contact: SCA will establish and publish a unique abuse point of contact. This contact will be a role e-mail address such as contact@abuseprevention.sca. This role address will allow the designated staff to regularly monitor abuse and⁄or malicious activities in .SCA. The registry’s designated staff will then evaluate complaints and produce abuse reports when necessary. Following the evaluation, they must decide whether the abuse report is a serious matter of concern and take a decision whether to dismiss the report or proceed to the next step. Since any decision regarding abuse reports implies serious consequences, abuse prevention staff and experts will accurately and responsibly deal with the abuse report. After the adequate evaluation procedure by the registry operator, SCA can determine whether or not to take any action against such alleged abusive or malicious activity. In particular circumstances, SCA can allow Verisign to suspend or cancel a domain name on its behalf. SCA will also take steps to investigate and respond to any reports from law enforcement, governmental and quasi-governmental agencies of illegal conduct in connection with the use of the TLD.

• Rapid Takedown or Suspension Based on Court Orders: SCA complies promptly with any order from a court of competent jurisdiction that directs it to take any action on a domain name that is within its technical capabilities as a TLD registry. These orders may be issued when abusive content, such as child pornography, counterfeit goods, or illegal pharmaceuticals, is associated with the domain name.
• Anti-Abuse Process: SCA implements an anti-abuse process that is executed based on the type of domain name takedown requested. The anti-abuse process is for malicious exploitation of the DNS infrastructure, such as phishing, botnets, and malware.
• Authentication Procedures: Verisign, SCA’s selected backend registry services provider, uses two-factor authentication to augment security protocols for telephone, email, and chat communications.
• Registry Lock: Verisign allows registrants to lock a domain name at the registry level to protect against both unintended and malicious changes, deletions, and transfers. Only Verisign, as SCA’s backend registry services provider, can release the lock; thus all other entities that normally are permitted to update Shared Registration System (SRS) records are prevented from doing so. This lock is released only after the registrar makes the request to unlock. SCA may implement Registry Lock.
• Malware Code Identification: This safeguard reduces opportunities for abusive behaviors that use registered domain names in the gTLD. Registrants are often unknowing victims of malware exploits. As SCA’s backend registry services provider, Verisign has developed proprietary code to help identify malware in the zones it manages, which in turn helps registrars by identifying malicious code hidden in their domain names.
• DNSSEC Signing Service: Domain Name System Security Extensions (DNSSEC) helps mitigate pharming attacks that use cache poisoning to redirect unsuspecting users to fraudulent websites or addresses. It uses public key cryptography to digitally sign DNS data when it comes into the system and then validate it at its destination. The .SCA gTLD is DNSSEC-enabled as part of Verisign’s core backend registry services.

3. RESOURCING PLANS

Resource Planning
o Implementation and administration of SCA’s program to provide RPMs will be executed by SCA’s outsourced registrar which has an extensive in-house experience in domain name management. The technical operation of the registry is also fully outsourced. Therefore, no integration is required between SCA’s own systems and those of the Registry Service Provider, Verisign. Nevertheless, minimal technical labour expense has been designated for the creation and maintenance of a registry website at which SCA’s policies, contact details, whois abuse point of contact and other technical support for domain management such as directing customers will be made available. Additionally, SCA currently has an experienced workforce of IT employees, who can be called upon at any time to manage and ensure the success of the registry website.


Resource Planning Specific to Backend Registry Activities
Verisign, SCA’s selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLD’s initial implementation and ongoing maintenance. Verisign’s pricing for the backend registry services it provides to SCA fully accounts for cost related to this infrastructure, which is provided as Line IIb.G, Total Critical Registry Function Cash Outflows, within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisign’s quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisign’s ability to align personnel resource growth to the scale increases of Verisign’s TLD service offerings.

Verisign projects will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the implementation of RPMs:
• Customer Affairs Organization: 9
• Customer Support Personnel: 36
• Information Security Engineers: 11

To implement and manage the .SCA gTLD as described in this application, Verisign, SCA’s selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisign’s internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internet’s largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.
gTLDFull Legal NameE-mail suffixDetail
.foodnetworkLifestyle Domain Holdings, Inc.wolfe-sbmc.comView
1 MECHANISMS DESIGNED TO PREVENT ABUSIVE REGISTRATIONS

Rights protection is a core objective of the Applicant. The Applicant will implement and adhere to any rights protection mechanisms (RPMs) that may be mandated from time to time by ICANN, including each mandatory RPM set forth in the Trademark Clearinghouse model contained in the Registry Agreement, specifically Specification 7. The Applicant acknowledges that, at a minimum, ICANN requires a Sunrise period, a Trademark Claims service, and interaction with the Trademark Clearinghouse with respect to the registration of domain names for this TLD. It should be noted that because ICANN, as of the time of this application submission, has not issued final guidance with respect to the Trademark Clearinghouse, the Applicant cannot fully detail the specific implementation of the Trademark Clearinghouse within this application. The Applicant will adhere to all processes and procedures to comply with ICANN guidance once this guidance is finalized.

As described in this response, the Applicant will implement a Sunrise period and Trademark Claims service with respect to the registration of domain names within the gTLD. Certain aspects of the Sunrise period and⁄or Trademark Claims service may be administered on behalf of the Applicant by Applicant-approved registrars or by subcontractors of the Applicant, such as its selected backend registry services provider, Verisign.

Applicant is committed to implementing all the rights protections mechanisms developed and approved by ICANN in addition to any other mechanisms or protections that may be necessary to effectively protect trademark holders’ (and other rightsholders’) rights. Indeed, one of Applicant’s core objectives is the protection of the rights of both the Applicant and of third parties. To that effect, the Applicant’s TLD has policies and practices which minimize abusive registration activities and other activities that affect the legal rights of others, and which further provide safeguards against unauthorized, unqualified and inappropriate registrations and ensure compliance with ICANN policies.

Applicant intends to request from ICANN an exemption from Specification 9 of the Registry Operatory Registry Agreement. As such, Applicant intents to function in such a way that all domain name registrations in the TLD shall be registered to and maintained by Applicant and Applicant will not sell, distribute or transfer control of domain name registrations to any party that is not an Affiliate of Applicant as defined in the ICANN-Registry Operator Registry Agreement. All domain name registrations intended to be used within Applicant’s registry will be registered to and controlled and maintained by Applicant and for the benefit of Applicant and its users, parents, sisters and Affiliates. This will prevent fraudulent entities from obtaining a registration. As the Applicant will be the only registrant approved, there will be no risk of registration of a name by an entity which does not have such a legal name or is not commonly known by such a name. This will minimize cybersquatters and⁄or domain prospectors and will eliminate the possibility of abusive overreaching applications (i.e., requesting domains which do not reflect the name of the entity (legal or commonly known)).

In the event that Applicant is not granted an exemption from Specification 9, Applicant will partner with a corporate registrar with expertise in running a registry to support such efforts. Applicant intends to partner with its current corporate registrar or one of similar technical capability and expertise and allocate the appropriate funds and human resources to ensure that both itself, as the registry operator, and its selected registrar are at all times in compliance with ICANN guidelines.


At the appropriate time, between post-submission of this application and prior to the Applicant’s TLD launch, Applicant will identify, determine and engage the proper service provider (e.g., Applicant-approved registrar and⁄or selected backend registry services provider, Verisign) to support its provision of the Sunrise period and Trademark Claims service. Any engagement for the implementation and provision of such services shall be in compliance with all ICANN-mandated regulations, agreements, guidance and policies, as it is of paramount importance of the Applicant to protect the rights of all rightsholders.

Sunrise Period. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, the Sunrise service pre-registration procedure for domain names continues for at least 30 days prior to the launch of the general registration of domain names in the gTLD (unless the Applicant decides to offer a longer Sunrise period).

During the Sunrise period, holders of marks that have been previously validated by the Trademark Clearinghouse receive notice of domain names that are an identical match (as defined in the ICANN Applicant Guidebook) to their mark(s). Such notice is in accordance with ICANN’s requirements and is provided by the Applicant either directly or through approved registrars.

The Applicant requires all registrants, either directly or through Applicant-approved registrars, to: i) affirm that said registrants meet the Sunrise Eligibility Requirements (SER), and ii) submit to the Sunrise Dispute Resolution Policy (SDRP) consistent with Section 6 of the Trademark Clearinghouse model. At a minimum, the Applicant recognizes and honors all word marks for which a proof of use was submitted and validated by the Trademark Clearinghouse as well as any additional eligibility requirements as specified in Question 18.

During the Sunrise period, the Applicant and⁄or Applicant-approved registrars, as applicable, are responsible for determining whether each domain name is eligible to be registered (including in accordance with the SERs).

Trademark Claims Service. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, all new gTLDs will have to provide a Trademark Claims service for a minimum of 60 days after the launch of the general registration of domain names in the gTLD (Trademark Claims period).

During the Trademark Claims period, in accordance with ICANN’s requirements, the Applicant or the approved registrar will send a Trademark Claims Notice to any prospective registrant of a domain name that is an identical match (as defined in the ICANN Applicant Guidebook) to any mark that is validated in the Trademark Clearinghouse. The Trademark Claims Notice will include links to the Trademark Claims as listed in the Trademark Clearinghouse and will be provided at no cost.

Prior to registration of said domain name, the Applicant or the approved registrar will require each prospective registrant to provide the warranties dictated in the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook. Those warranties will include receipt and understanding of the Trademark Claims Notice and confirmation that registration and use of said domain name will not infringe on the trademark rights of the mark holders listed. Without receipt of said warranties, the Applicant or the Applicant-approved registrar will not process the domain name registration.

Following the registration of a domain name, the Applicant-approved registrar will provide a notice of domain name registration to the holders of marks that have been previously validated by the Trademark Clearinghouse and are an identical match. This notice will be as dictated by ICANN. At a minimum, the Applicant will recognize and honor all word marks validated by the Trademark Clearinghouse.

As Applicant will be the single and only registrant under Applicant’s TLD, Applicant will be the only party to whom compliance with the Trademark Clearinghouse will apply. Applicant will at all times use the Trademark Clearinghouse as a resource to determine whether its registrations are in conflict with the existing rights of third parties and, in the event of any conflict, will act in accordance with all relevant rights protection mechanisms, including, without limitation those described in Specification 7 of the ICANN-Registry Operator Registry Agreement.
2 MECHANISMS DESIGNED TO IDENTIFY AND ADDRESS THE ABUSIVE USE OF REGISTERED NAMES ON AN ONGOING BASIS
In addition to the Sunrise and Trademark Claims services described in Section 1 of this response, the Applicant implements and adheres to RPMs post-launch as mandated by ICANN, and confirms that registrars accredited for this TLD are in compliance with these mechanisms. Certain aspects of these post-launch RPMs may be administered on behalf of the Applicant by approved registrars or by subcontractors of the Applicant, such as its selected backend registry services provider, Verisign.

Applicant will implement and execute all post-launch services listed in this section, all of which shall be administered on behalf of Applicant by Applicant-approved registrars or by subcontractors of Applicant, such as its selected backend registry services provider, Verisign. At the appropriate time, between post-submission of this application and prior to the Applicant’s TLD launch, Applicant will identify, determine and engage the proper service provider (e.g., Applicant-approved registrar and⁄or selected backend registry services provider, Verisign) to support its provision of the Sunrise period and Trademark Claims service. Any engagement for the implementation and provision of such services shall be in compliance with all ICANN-mandated regulations, agreements, guidance and policies, as it is of paramount importance of the Applicant to protect the rights of all rightsholders.

These post-launch RPMs include the established Uniform Domain-Name Dispute-Resolution Policy (UDRP), as well as the newer Uniform Rapid Suspension System (URS) and Trademark Post-Delegation Dispute Resolution Procedure (PDDRP). Where applicable, the Applicant will implement all determinations and decisions issued under the corresponding RPM.

After a domain name is registered, trademark holders can object to the registration through the UDRP or URS. Objections to the operation of the gTLD can be made through the PDDRP.

The following descriptions provide implementation details of each post-launch RPM for this TLD:

• UDRP: The UDRP provides a mechanism for complainants to object to domain name registrations. The complainant files its objection with a UDRP provider and the domain name registrant has an opportunity to respond. The UDRP provider makes a decision based on the papers filed. If the complainant is successful, ownership of the domain name registration is transferred to the complainant. If the complainant is not successful, ownership of the domain name remains with the domain name registrant. The Applicant and entities operating on its behalf adhere to all decisions rendered by UDRP providers.
• URS: As provided in the Applicant Guidebook, all registries are required to implement the URS. Similar to the UDRP, a complainant files its objection with a URS provider. The URS provider conducts an administrative review for compliance with filing requirements. If the complaint passes review, the URS provider notifies the registry operator and locks the domain. A lock means that the registry restricts all changes to the registration data, but the name will continue to resolve. After the domain is locked, the complaint is served to the domain name registrant, who has an opportunity to respond. If the complainant is successful, the registry operator is informed and the domain name is suspended for the balance of the registration period; the domain name will not resolve to the original website, but to an informational web page provided by the URS provider. If the complainant is not successful, the URS is terminated and full control of the domain name registration is returned to the domain name registrant. Similar to the existing UDRP, Applicant and entities operating on its behalf adhere to decisions rendered by the URS providers.
• PDDRP: As provided in the Applicant Guidebook, all registries are required to implement the PDDRP. The PDDRP provides a mechanism for a complainant to object to the registry operator’s manner of operation or use of the gTLD. The complainant files its objection with a PDDRP provider, who performs a threshold review. The registry operator has the opportunity to respond and the provider issues its determination based on the papers filed, although there may be opportunity for further discovery and a hearing. The Applicant participates in the PDDRP process as specified in the Applicant Guidebook.

Additional Measures Specific to Rights Protection. Applicant provides additional measures against potentially abusive registrations, including those articulated in Applicant response to Question 28 and included in its attached Abuse Prevention and Mitigation Implementation Plan. These measures help mitigate phishing, pharming, and other Internet security threats. The measures exceed the minimum requirements for RPMs defined by Specification 7 of the Registry Agreement and are available at the time of registration. All measures articulated below will be implemented to the extent and consistent with Applicant response to Question 28 and included in its attached Abuse Prevention and Mitigation Implementation Plan, and include:

• Rapid Takedown or Suspension Based on Court Orders: The Applicant complies promptly with any order from a court of competent jurisdiction that directs it to take any action on a domain name that is within its technical capabilities as a TLD registry. These orders may be issued when abusive content, such as child pornography, counterfeit goods, or illegal pharmaceuticals, is associated with the domain name.
• Anti-Abuse Process: The Applicant implements an anti-abuse process that is executed based on the type of domain name takedown requested. The anti-abuse process is for malicious exploitation of the DNS infrastructure, such as phishing, botnets, and malware.
• Authentication Procedures: Verisign, the Applicant’s selected backend registry services provider, uses two-factor authentication to augment security protocols for telephone, email, and chat communications.
• Malware Code Identification: This safeguard reduces opportunities for abusive behaviors that use registered domain names in the gTLD. Registrants are often unknowing victims of malware exploits. As the Applicant’s backend registry services provider, Verisign has developed proprietary code to help identify malware in the zones it manages, which in turn helps registrars by identifying malicious code hidden in their domain names.
• DNSSEC Signing Service: Domain Name System Security Extensions (DNSSEC) helps mitigate pharming attacks that use cache poisoning to redirect unsuspecting users to fraudulent websites or addresses. It uses public key cryptography to digitally sign DNS data when it comes into the system and then validate it at its destination. The TLD is DNSSEC-enabled as part of Verisign’s core backend registry services.
3 RESOURCING PLANS
Resource Planning
Applicant projects it will use the following personnel roles to support the implementation of RPMs:
o 1 senior level executive
o 1 marketing⁄business manager
o 1 technical manager
o 1 administrative professional

To implement and manage the Applicant’s TLD as described in this application, Applicant can scale as needed, and utilize resources provided by our parent company, as defined above. In particular, personnel currently involved in the operation of Applicant’s existing .com business can assist with the needs of this new TLD and may be transitioned over to supporting the TLD as the .com businesses wind down in favor of the new TLD. In addition to these individuals, our parent company will support our implementation of RPMs through the provision of their resources as well as additional outside resources on an as-needed basis. Support from our parent company will include access to a law department, finance department, information systems, technical support, human resources and such other administrative support that may be required. In particular, we anticipate using outside advisors and lawyers to assist in managing any disputes which must be resolved. Once the top level domain has been awarded, we do not anticipate disputes beyond what is frequently encountered in operating the .com. However, given the expanded opportunities associated with operating the top level domain, we have increased the likelihood of disputes, take down notices or such other matters and increased the .com dispute resolution budget. We will utilize outside advisors to provide the additional talent and resources and specialized knowledge that we cannot cost effectively maintain internally. Projected costs associated with these resources are further discussed in the response to Question 47 below.
Resource Planning Specific to Backend Registry Activities
Verisign, the Applicant’s selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLD’s initial implementation and ongoing maintenance. Verisign’s pricing for the backend registry services it provides to the Applicant fully accounts for cost related to this infrastructure, which is provided as Line IIb.G, Total Critical Registry Function Cash Outflows, within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisign’s quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisign’s ability to align personnel resource growth to the scale increases of Verisign’s TLD service offerings.
Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the implementation of RPMs:
• Customer Affairs Organization: 9
• Customer Support Personnel: 36
• Information Security Engineers: 11

To implement and manage the TLD as described in this application, Verisign, the Applicant’s selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisign’s internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internet’s largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.