gTLD	Full Legal Name	E-mail suffix	Detail
.nadex	IG Group Holdings PLC	ngtld.webcentral.com.au	View

A. RIGHTS PROTECTION MECHANISMS TO BE IMPLEMENTED BY IG Group


IG Group’s core purpose in operating the .nadex domain is to ensure better rights protection for IG Group, as well as for all Internet users. In particular, IG Group seeks to establish a trusted and reliable, branded platform for those who wish to interact or communicate with IG Group. Therefore, IG Group has extremely strong interest in ensuring that all of its aforementioned policies are implemented and continually enforced. IG Group’s proposed use of the .nadex gTLD should, of itself, preclude any abusive registrations from occurring, since all domain names may only be registered in the name of IG Group and its affiliates in the manner outlined in the response to Question 28. Notwithstanding the above, IG Group understands the importance of ensuring safeguards are implemented which protect against unqualified registrations. Therefore, IG Group has resolved to implement the following:

Firstly, IG Group will have absolute control over the registration and use of .nadex domain names. Only authorized personnel will be able to register a second level domain name for corporate use and only authorized personnel will be permitted to make Domain Name System (DNS) changes. IG Group will require multiple, unique points of contact to request and⁄ or approve, update, transfer and⁄ or deal with deletion requests, and will require notification of multiple unique points of contact when a domain name has been updated, transferred, or deleted. In other words, IG Group will have an identifiable and delineated process in place from pre-verification to eventual deletion of a domain name. This process will apply to IG Group and also to any subsidiaries or affiliates (as defined in the response to Question 28 above). Compliance with the policy will be ensured by the appointed Registrar(s). This, in conjunction with IG Group’s resolution to ensure that abusive use of .nadex domain names will not be permitted nor tolerated, means that the scope for abusive use will be very limited.

Secondly, where IG Group intends to permit certain entities who are affiliated with IG Group’s business to register second level domain names within the .nadex domain, IG Group will ensure that the registration is limited to legitimate uses of the allocated domain name (such use being consistent with the mission and purpose of the .nadex, and subject always to the registrant’s continuing compliance with all policies in place during that time and those mandated thereafter to ensure compliance with on-going ICANN requirements wherever reasonable. Any registrants must warrant they will not assign, licence or otherwise permit any other third party to use or link to the subdomain.

Third, IG Group will regularly monitor the .nadex zone, for viruses⁄ malware, illegitimate use and for inappropriate content. Abuses and complaints will be quickly addressed in the manner set forth in response to Question 28.

Fourthly, IG Group will participate in, and comply with, the required Rights Protection Mechanisms set forth in the gTLD Applicant Guidebook and Registry Agreement, including the Uniform Domain Name Dispute Resolution Policy (UDRP), the Uniform Rapid Suspension (URS) and the Trademark Claims and Sunrise processes. In the unlikely event that third parties perceive that their rights have been infringed, they will have a speedy right of recourse open to them. Given that IG Group has resolved to ensure that abusive use of .nadex domain names will not be permitted nor tolerated and the risk that such abuses inherently create negative publicity, loss of brand integrity and goodwill, IG Group is committed to ensuring that any abuse will be swiftly and effectively addressed, and that systems are in place to mitigate rights protection issues.

Fifth, IG Group will go beyond the required rights protection mechanisms defined in Specification 7 of the Registry Agreement by also participating in anti-phishing and abuse solutions to monitor potentially malicious conduct over the Internet as outlined below and in the answer to Question 28. This may occur via private contracts with a qualified anti-phishing solutions vendor who will both monitor the .nadex zone for abuse and take action to remedy the abuse, and⁄ or this may occur via participation in a broader program such as the Abusive Domain Name Resolution Suspension Process (ADNRS) in development by the Anti-Phishing Working Group. These measures will be available at time of registration and include:

- RAPID TAKEDOWN OR SUSPENSION BASED ON COURT ORDERS: IG Group or IG Group’s approved registrar(s) complies promptly with any order from a court of competent jurisdiction that directs it to take any action on a domain name that is within its technical capabilities as a gTLD registry. These orders may be issued when abusive content, such as child pornography, counterfeit goods, or illegal pharmaceuticals, is associated with the domain name;

- ANTI-ABUSE PROCESS: IG Group or IG Group’s approved registrar(s) implements an anti-abuse process that is executed based on the type of domain name takedown requested. The anti-abuse process is for malicious exploitation of the DNS infrastructure, such as phishing, botnets, and malware;

- AUTHENTICATION PROCEDURES: Verisign, IG Group’s selected backend registry services provider, uses two-factor authentication to augment security protocols for telephone, email, and chat communications;

- MALWARE CODE IDENTIFICATION: This safeguard reduces opportunities for abusive behaviors that use registered domain names in the gTLD. Registrants are often unknowing victims of malware exploits. As IG Group’s backend registry services provider, Verisign has developed proprietary code to help identify malware in the zones it manages, which in turn helps registrars by identifying malicious code hidden in the computer systems accessible through domain names;

- DNSSEC SIGNING SERVICE: Domain Name System Security Extensions (DNSSEC) helps mitigate pharming attacks that use cache poisoning to redirect unsuspecting users to fraudulent websites or addresses. It uses public key cryptography to digitally sign DNS data when it comes into the system and then validate it at its destination. The .nadex gTLD is DNSSEC-enabled as part of Verisign’s core backend registry services.


Lastly, IG Group will also ensure in all cases that its approved Registrar(s) will adopt appropriate anti-abuse mechanisms, respond to abuse processes and third party rights protection mechanisms and processes, in dealing with any domain name registrations, renewals and use, on behalf of IG Group. This will ensure that highly skilled, specialized and scalable resources are on hand to address any possible rights protection issues both during the startup phase of the TLD and continually during operations of the TLD. An example of the type of processes that Registrar(s) will be required to have in place for managing e.g. a UDRP claim is described at the end of the response to Question 29*** (see end of document). IG Group will ensure that Registrar(s) are contractually bound to provide high quality and responsive management of rights protection queries.


B. REGISTRY OPERATOR PROVIDED RIGHTS PROTECTION MECHANISMS


IG Group has engaged Verisign to provide certain registry operation services, amongst which, are the technical functions required to implement the mechanisms outlined below in respect of sunrise periods, trademark claims periods and the interaction with the Trademark Clearinghouse. The manner in which these elements will be addressed by the various parties is set out in this section. It should be noted that because ICANN, as of the time of this application submission, has not issued final guidance with respect to the Trademark Clearinghouse, IG Group cannot fully detail the specific implementation of the Trademark Clearinghouse within this application. IG Group will adhere to all processes and procedures to comply with ICANN guidance once this guidance is finalized.


SUNRISE SERVICES

IG Group acknowledges that, although the .nadex domain is intended to be limited exclusively to registrations by IG Group and its affiliates as defined in the response to Question 28, the gTLD Applicant Guidebook provides that all new gTLDs must provide a sunrise period before general registration of domain names.

IG Group confirms that it will implement a sunrise service pre-registration procedure for domain names for 30 days prior to the launch of the general registration of domain names. Prior to the Sunrise Period commencing, IG Group will establish and then notify its registry service provider of the sunrise eligibility requirements for the gTLD. IG Group may register domain names which meet the sunrise eligibility requirements. The registrant of any registrations of domain names during this period must agree to be subject to the Sunrise Dispute Resolution Policy (SDRP) consistent with Section 6 of the Trademark Clearinghouse Rules as set forth by ICANN. During this period, IG Group, and its approved registrars, will verify whether or not a particular domain name is eligible to be registered on an individual case by case basis before adding the necessary command to the Shared Registry Service (SRS) to register the applicable domain name.


TRADEMARK CLAIMS SERVICE

In respect of the .nadex domain, IG Group will provide a trademark claims service for a minimum of sixty (60) days after it has permitted general registration of domain names in the .nadex domain. During this period, IG Group (or its approved registrars on its behalf) shall validate each request for registration of a domain name against trademarks registered in the Trademark Clearinghouse and shall (where applicable) provide notice to each prospective Registrant of a domain name that it is an identical match (as defined in the gTLD Applicant Guidebook) to the mark holder validated in the Trademark Clearinghouse, in the form required by ICANN. The Approved Registrar(s) will then require each registrant to provide the warranties set out in the gTLD Applicant Guidebook before registration of the particular domain name. Those warranties will include receipt and understanding of the Trademark Claims Notice and confirmation that registration and use of said domain name will not infringe on the trademark rights of the mark holders listed. Without receipt of said warranties, IG Group or IG Group’s approved Registrar will not process the domain name registration.

IG Group and⁄or its approved Registrar(s) (as applicable) will be responsible for determining whether a domain name is eligible to be registered and will do so for each domain name before submitting an add command to the gTLD Shared Registry Service to register the applicable domain name.

Following the registration of a domain name, the holders of trademarks that have been previously validated by the Trademark Clearinghouse as an identical match, will receive a notice of the domain name registration by IG Group or IG Group’s approved Registrar (as applicable), in the form required by ICANN.


GENERAL REGISTRATION PERIOD

Following the expiry of the trademark claims service, IG Group (through its appointed registrar(s) may nevertheless continue to require potential domain names in the .nadex domain to be validated against trademarks registered in the Trademark Clearinghouse as part of its internal approval process prior to the registration being approved. This will be subject to the final rules for the Trademark Clearinghouse, and reasonable commercial terms for the on-going use of the Trademark Clearinghouse for this purpose.

IG Group will implement processes to enable Internet users or third parties to lodge complaints about any domain names in the .nadex which the complainant claims is infringing a third party’s intellectual property rights in some way. These processes will include mechanisms for rapid suspension of an infringing domain name (including but not limited to via ICANN’s URS system). The abuse point of contact resources described in the response to Question 28 above will also be tasked with responding to complaints in relation to rights protection.


C. DISPUTE RESOLUTION


IG Group will comply with the dispute resolution mechanisms required by ICANN including the Trademark Post-Delegation Dispute Resolution Procedure (PDDRP), the Registration Restriction Dispute Resolution Procedure (RRDRP), the URS, and the UDRP. All registrations of domain names will be subject to compliance with the above procedures and policies, should any relevant disputes occur. IG Group will act as the primary contact for handling inquiries relating to malicious conduct in the gTLD. The primary contact will investigate and respond to all complaints and incidents within a reasonable time and be empowered to take effective action within well-defined written criteria to guide those actions. Action will be taken in line with what is set out in the answers to Question 28 and 29 and the registration policy for the .nadex.


D. RESOURCE PLANNING


RESOURCE PLANNING SPECIFIC TO BACKEND REGISTRY ACTIVITIES

Verisign, IG Group’s selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLD’s initial implementation and ongoing maintenance. Verisign’s pricing for the backend registry services it provides to IG Group fully accounts for cost related to this infrastructure, which is included in the registry services provider costs in Section I.K “Outsourcing Operating Costs”, within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisign’s quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisign’s ability to align personnel resource growth to the scale increases of Verisign’s TLD service offerings.

Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the implementation of RPMs:

- Customer Affairs Organization: 9

- Customer Support Personnel: 36

- Information Security Engineers: 11


To implement and manage the .nadex gTLD as described in this application, Verisign, IG Group’s selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisign’s internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internet’s largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.


RESOURCE PLANNING SPECIFIC TO ENGAGING THIRD PARTY REGISTRARS

IG Group has effectively mitigated the risk of abuse in the gTLD and foresees dedicating a member of staff to act as the primary points of contact for handling inquiries relating to malicious or abusive conduct in the TLD. IG Group is committed to ensuring that sufficient resources are made available at all times. IG Group may engage its third party registrar(s) and its selected back end registry services provider, Verisign to perform some or all of the tasks associated with abuse issues. This will ensure that highly skilled, specialized and scalable resources are on hand to address any possible abuse issues both during the startup phase of the TLD and continually during operations of the TLD.


E. CONCLUSION


The approach outlined in this answer clearly shows that the risk of abuse in the .nadex TLD has been extensively mitigated and as a direct result is very low. IG Group is committed to ensuring that abuse will not be tolerated. The proposed policies and methods for addressing any abuse exceed the standard outlined in the gTLD Applicant Guidebook and is more than commensurate with the risks identified, IG Group is, therefore, entitled to a score of two points for its response to Question 29.





*** EXAMPLE OF A DRAFT PROCESS FOR A REGISTRAR’S HANDLING OF UDRP CLAIMS


REQUEST FOR REGISTRAR VERIFICATION


‘Request for Registrar Verification’ emails are received from the provider of UDRP, and are the official “beginning” of the UDRP case. These emails normally ask the Registrar to verify the domain name and the corresponding registrant details. The Registrar can ONLY ever lock a domain name following receipt of one of these emails. The receipt of a copy of a complaint does not indicate the beginning of a dispute.

The two most commonly used providers are the National Arbitration Forum (NAF) and the World Intellectual Property Organisation (WIPO). NAF requests will generally have the subject “Domain Name Dispute Verification Request”. WIPO requests will generally have the subject “Request for Registrar Verification”



WHEN SUCH A REQUEST IS RECEIVED, THE FOLLOWING STEPS NEED TO BE TAKEN:

1. Update the UDRP Spreadsheet with the complaint details

2. Create a response to UDRP Provider

3. Send a confirmation to the complainant of receipt of complaint and inform of registrar lock and the circumstances under which the lock will expire

4. Change domain name Registry Key

5. Assign domain name to the ‘ABCDisputes’ account

6. Lock domain name

7. Advise Registrant of UDRP ⁄ create New Case

8. Spreadsheet finalization




WHEN A COPY OF THE UDRP COMPLAINT IS RECEIVED:

- Make a note in the spreadsheet of where to access the complaint.




WHEN A NOTICE OF “COMMENCEMENT OF UDRP” RECEIVED:

- Save the domain name in the case and resolve.

- If a copy of the complaint has been attached, follow process in above.



WHEN A NOTICE OF “SUSPENSION” OR “STAY” OF PROCEEDINGS IS RECEIVED:

Sometimes, the parties to the UDRP may reach an agreement to settle the matter outside of the UDRP. If the parties contact the registrar directly and indicate that they (the respondent) wish to transfer the domain name to the complainant, the registrar must direct them to the UDRP provider where they must have the proceedings “stayed” (sometimes called “suspended”). The registrar may only transfer a domain name once official notice from the provider has been received.


If a notice is receive from the UDRP provider PRIOR to the registrar being contacted by the parties:

- Respond to everyone who has been emailed a copy of the notice, with the template “UDRP – Notice of stay of proceedings. This includes instruction that the registrar require written authorization from the respondent before releasing the domain name from registrar lock.


Once the registrar has received BOTH authorization from the current registrant, and official notice of suspension from the provider, the domain name may be transferred to the complainant.

Note, the registrar is only able to transfer the domain name to the complainant. The Registrar is not able to transfer the domain name to any other party.




WHEN A UDRP DECISION IS RECEIVED:

When WIPO sends a notice of decision, the subject will be “Notification of Decision”. When NAF sends a notice of decision, the subject will be “DECISION – Complainant v Respondent”




TO VIEW THE DECISION:

1. Locate the decision

2. Scroll to the end of the decision document and note whether the decision is for the complainant or the respondent:

- A decision for the complainant will be described as “the domain name is ordered to be transferred from the respondent to the complainant (follow process (a), below)

- A decision for the respondent will be described as “the complaint is denied” (follow process (b), below)




RESPONDING TO THE EMAIL REGARDING THE DECISION:

1. If decision is for the complainant:

Schedule the transfer for 10 working days’ time:

- Add end date to calendar

- Open the UDRP spreadsheet and make a note that the decision is for the complainant and note the date the name is scheduled to be transferred.




2. If decision is for the respondent:

Open the UDRP spreadsheet and locate the name of the reseller account (if any) which this domain name was on prior to the UDRP, then:

- Move the domain name from the ABCDISPUTES account

- Unlock the domain name

- Send the registrant the new registry key



IMPLEMENTATION OF THE DECISION FOR COMPLAINANT – TRANSFER OF DOMAIN NAME:

1. Copy of Complaint received? - check UDRP Spreadsheet to make sure

2. Assigning domain name to new Channel Partner (CP) & Update domain name

3. Unlock the domain name

4. Change Contact Details for domain name

5. Password Recovery

6. CRM case creation ⁄ Notice of Transfer of Licence

7. Update UDRP Spreadsheet – indicate that the case is closed

gTLD	Full Legal Name	E-mail suffix	Detail
.art	UK Creative Ideas Limited	whitecase.com	View

A. RIGHTS PROTECTION MECHANISMS TO BE IMPLEMENTED BY CREATIVE IDEAS

The core purpose of UK Creative Ideas Limited (“Creative Ideas”) in operating the .art gTLD domain is to ensure a secure online space for responsible Internet users. In particular, Creative Ideas seeks to establish a trusted and reliable platform for Internet users who wish find information on products and services related to .art gTLD. 〈Insert commentary on mission and purpose of the new string and reference back to Question 18 〉 Therefore, Creative Ideas has an extremely strong interest in ensuring that all of its policies are implemented and continually enforced. Creative Ideas will implement and adhere to any rights protection mechanisms (RPMs) that may be mandated from time to time by ICANN in line with Specification 7 of the Registry agreement.

Creative Ideas will participate in, and comply with, the required Rights Protection Mechanisms set forth in the gTLD Applicant Guidebook and Registry Agreement, including Sunrise processes, the Trademark Clearinghouse and Trademark Claims processes, the Uniform Domain Name Dispute Resolution Policy (UDRP), the Uniform Rapid Suspension (URS) and WHOIS processes. The eligibility criteria for the .art gTLD require that each registrant belong to a certain user group within the art industry including the following criteria, as amended by the Registry from time to time:

- Creators of works of art;
- Commercial organizations in the art industry;
- Non-profit organizations in the art industry;
- Supporting businesses to the art industry;
- Information resources and the media for the art industry; and
- Owners and consumers of art.

Prospective registrants must provide all required supporting documentation as requested by the Registry from time to time. Because of these eligibility criteria, Creative Ideas does not anticipate that third parties and⁄or trademark owners unrelated to the art industry will incur costs in relation to the .art gTLD.

In the event that third parties perceive that their rights have been infringed, they will have a speedy right of recourse open to them. Given that Creative Ideas has resolved to ensure that abusive use of .art gTLD domain names will not be permitted nor tolerated and that the risk that such abuses inherently create negative publicity and loss of goodwill, Creative Ideas is committed to ensuring that any abuse will be swiftly and effectively addressed, and that systems are in place to mitigate rights protection issues.

Creative Ideas will regularly monitor the .art gTLD zone, for viruses⁄malware, illegitimate use and for inappropriate content. Abuses and complaints will be quickly addressed in the manner set forth in the response to Question 28.

Creative Ideas will go beyond the required rights protection mechanisms defined in Specification 7 of the Registry Agreement by also participating in solutions to monitor potentially malicious conduct over the Internet as outlined below and in the answer to Question 28. This may occur via private contracts with a qualified anti-phishing solutions vendor who will both monitor the .art gTLD zone for abuse and take action to remedy the abuse, and⁄or this may occur via participation in a broader program such as the Abusive Domain Name Resolution Suspension Process (ADNRS) in development by the Anti-Phishing Working Group. Additionally, the measures below will be available at the time of opening up of the registry and will be enforced through contractual means:

- Acceptable use policy: Creative Ideas publicizes its Acceptable use policy which will define abuse, abuse handling processes and the consequences of abuse;
- Rapid Takedown or Suspension Based on Court Orders: Creative Ideas or its approved registrar(s) complies promptly with any order from a court of competent jurisdiction that directs it to take any action on a domain name that is within its technical capabilities as a gTLD registry. These orders may be issued when abusive content, such as child pornography, counterfeit goods, or illegal pharmaceuticals, is associated with the domain name;
- Anti-Abuse Process: Creative Ideas implements an anti-abuse process that is executed based on the type of domain name takedown requested. The anti-abuse process is for malicious exploitation of the DNS infrastructure, such as phishing, botnets, and malware;
- Authentication Procedures: VeriSign, Creative Ideas’ selected backend registry services provider, uses two-factor authentication to augment security protocols for telephone, email, and chat communications;
- Malware Code Identification: This safeguard reduces opportunities for abusive behaviors that use registered domain names in the gTLD. Registrants are often unknowing victims of malware exploits. As Creative Ideas’ backend registry services provider, VeriSign has developed proprietary code to help identify malware in the zones it manages, which in turn helps registrars by identifying malicious code hidden in the computer systems accessible through domain names;
- DNSSEC Signing Service: Domain Name System Security Extensions (DNSSEC) helps mitigate pharming attacks that use cache poisoning to redirect unsuspecting users to fraudulent websites or addresses. It uses public key cryptography to digitally sign DNS data when it comes into the system and then validate it at its destination. The .art gTLD is DNSSEC-enabled as part of VeriSign’s core backend registry services

Creative Ideas will also ensure in all cases that its approved Registrar(s) will adopt appropriate anti-abuse mechanisms, respond to abuse processes and third party rights protection mechanisms and processes, in dealing with any domain name registrations, renewals and use. This will ensure that highly skilled, specialized and scalable resources are on hand to address any possible rights protection issues both during the startup phase of the TLD and continually during operations of the TLD. An example of the type of processes that Registrar(s) will be required to have in place for managing e.g. a UDRP claim is described at the end of the response to Question 29*** (see end of document). Creative Ideas will ensure that Registrar(s) are contractually bound to provide high quality and responsive management of rights protection queries.

B. REGISTRY OPERATOR PROVIDED RIGHTS PROTECTION MECHANISMS

Creative Ideas acknowledges that it must provide (a) a sunrise registration service for at least 30 days during the pre-launch phase giving eligible trademark owners an early opportunity to register second-level domains in new gTLDs; and (b) a trademark claims service for at least the first 60 days that second-level registrations are open.

Creative Ideas has engaged VeriSign to provide certain registry operation services, amongst which are the technical functions required to implement the mechanisms outlined below in respect of sunrise periods, trademark claims periods and the interaction with the Trademark Clearinghouse. The manner in which these elements will be addressed by the various parties is set out in this section. It should be noted that because ICANN, as of the time of this application submission, has not issued final guidance with respect to the Trademark Clearinghouse, Creative Ideas cannot fully detail the specific implementation of the Trademark Clearinghouse within this application. Creative Ideas will adhere to all processes and procedures to comply with the ICANN guidance once this guidance is finalized.

Sunrise Services
Creative Ideas acknowledges that all new gTLDs must provide a sunrise registration service for at least 30 days before general registration of domain names.

Creative Ideas confirms that it will implement a sunrise service pre-registration procedure for domain names for 30 days prior to the launch of the general registration of domain names. Prior to the Sunrise Period commencing, Creative Ideas will establish and then notify its registry service provider of the sunrise eligibility requirements for the gTLD. Registrants may register domain names which meet the sunrise eligibility requirements and are registered in the Trademark clearinghouse. The registrant of any registrations of domain names during this period must agree to be subject to the Sunrise Dispute Resolution Policy (SDRP) consistent with Section 6 of the Trademark Clearinghouse Rules as set forth by ICANN. During this period, Creative Ideas, and its approved registrar(s), will verify whether or not a particular domain name is eligible to be registered on an individual case by case basis before adding the necessary command to the Shared Registry Service (SRS) to register the applicable domain name. In addition to trademark holders registered with the Trademark Clearinghouse, the sunrise service will be available to well-known art institutions as determined by Creative Ideas in the sunrise eligibility criteria. If there are multiple sunrise applications for an identical domain name, the domain name will be allocated through an auction mechanism.

Trademark Claims Service – Land-rush service
In respect of the .art gTLD, Creative Ideas will provide a trademark claims service for a minimum of sixty (60) days. During this period, Creative Ideas (or its approved registrars on its behalf) shall validate each request for registration of a domain name against trademarks registered in the Trademark Clearinghouse and shall (where applicable) provide notice to each prospective Registrant of a domain name that it is an identical match (as defined in the gTLD Applicant Guidebook) to the mark holder validated in the Trademark Clearinghouse, in the form required by ICANN. The Approved Registrar(s) will then require each registrant to provide the warranties set out in the gTLD Applicant Guidebook before registration of the particular domain name. Those warranties will include receipt and understanding of the Trademark Claims Notice and confirmation that registration and use of said domain name will not infringe on the trademark rights of the mark holders listed. Without receipt of said warranties, Creative Ideas or its approved Registrar(s) will not process the domain name registration.

Creative Ideas and⁄or its approved Registrar(s) (as applicable) will be responsible for determining whether a domain name is eligible to be registered and will do so for each domain name before submitting an add command to the gTLD Shared Registry Service to register the applicable domain name.

Following the registration of a domain name, the holders of trademarks that have been previously validated by the Trademark Clearinghouse as an identical match will receive a notice of the domain name registration by Creative Ideas or its approved Registrar (as applicable), in the form required by ICANN.

If there are competing applications for an identical domain name, the domain name will be allocated through an auction to be held after the conclusion of the trademark claims⁄land-rush period.

General registration period
Following the expiry of the trademark claims⁄land-rush service, Creative Ideas will provide registrations of domain names from eligible registrants on a first come, first served basis in accordance with the registration policy set out in the answer to Question 28.

C. Dispute Resolution

Creative Ideas will comply with the dispute resolution mechanisms required by ICANN including the Trademark Post-Delegation Dispute Resolution Procedure (PDDRP), the Registration Restriction Dispute Resolution Procedure (RRDRP), the URS, and the UDRP. Creative Ideas will implement all determinations and decisions under these mechanisms.

After a domain name is registered, trademark holders can object to the registration through the UDRP or URS. Objections to the operation of the gTLD can be made through the PDDRP. The following descriptions provide implementation details of each post-launch RPM for the .art gTLD:

- UDRP: The UDRP provides a mechanism for complainants to object to domain name registrations. The complainant files its objection with a UDRP provider and the domain name registrant has an opportunity to respond. The UDRP provider makes a decision based on the papers filed. If the complainant is successful, ownership of the domain name registration is transferred to the complainant. If the complainant is not successful, ownership of the domain name remains with the domain name registrant. Creative Ideas and entities operating on its behalf adhere to all decisions rendered by UDRP providers.

- URS: As provided in the Applicant Guidebook and the Registry agreement, all registries are required to implement the URS. Similar to the UDRP, a complainant files its objection with a URS provider. The URS provider conducts an administrative review for compliance with filing requirements. If the complaint passes review, the URS provider notifies the registry operator and locks the domain. A lock means that the registry restricts all changes to the registration data, but the name will continue to resolve. After the domain is locked, the complaint is served to the domain name registrant, who has an opportunity to respond. If the complainant is successful, the registry operator is informed and the domain name is suspended for the balance of the registration period; the domain name will not resolve to the original website, but to an informational web page provided by the URS provider. If the complainant is not successful, the URS is terminated and full control of the domain name registration is returned to the domain name registrant. Similar to the existing UDRP, Creative Ideas and entities operating on its behalf adhere to decisions rendered by the URS providers. The contact details of the .art gTLD abuse point of contact will be provided to all URS providers.

- PDDRP: As provided in the Applicant Guidebook, all registries are required to implement the PDDRP. The PDDRP provides a mechanism for a complainant to object to the registry operator’s manner of operation or use of the gTLD. The complainant files its objection with a PDDRP provider, who performs a threshold review. The registry operator has the opportunity to respond and the provider issues its determination based on the papers filed, although there may be opportunity for further discovery and a hearing. Creative Ideas participates in the PDDRP process as specified in the Applicant Guidebook.

All registrations of domain names will be subject to compliance through contractual means with the above procedures and policies, should disputes occur. Creative Ideas will act as the primary contact for handling inquiries relating to malicious conduct in the gTLD. The abuse point of contact described in the response to Question 28 above will be tasked with also responding to complaints in relation to rights protection.

The primary abuse point of contact will investigate and respond to all complaints and incidents within a reasonable time and be empowered to take effective action within well-defined written criteria to guide those actions. Action will be taken in line with what is set out in the answers to Question 28 and 29 and the registration policy for the .art gTLD.

D. WHOIS

Creative Ideas will comply with the requirements set out in specification 4 of the registry agreement to ensure readily available information on registrants. Creative Ideas’ mechanisms for ensuring complete and accurate WHOIS data are described in the response to Question 28.

E. Resource planning

Resource planning specific to backend Registry activities
VeriSign, Creative Ideas’ selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. VeriSign routinely adjusts these staffing models to account for new tools and process innovations. These models enable VeriSign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, VeriSign derived the necessary personnel levels required for this gTLD’s initial implementation and ongoing maintenance. VeriSign’s pricing for the backend registry services it provides to Creative Ideas fully accounts for cost related to this infrastructure, which is included in the registry services provider costs in Section I.K “Outsourcing Operating Costs” within the Question 46 financial projections response.

VeriSign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in VeriSign’s quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, VeriSign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving VeriSign’s ability to align personnel resource growth to the scale increases of VeriSign’s TLD service offerings.

VeriSign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the implementation of RPMs:

- Customer Affairs Organization: 9
- Customer Support Personnel: 36
- Information Security Engineers: 11

To implement and manage the .art gTLD as described in this application, VeriSign, Creative Ideas’ selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, VeriSign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, VeriSign’s internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, VeriSign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as VeriSign holds all contributing staff members accountable to the same procedures that guide its execution of the Internet’s largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, VeriSign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.

Resource planning specific to other Registry activities and third party registrars
Creative Ideas has effectively mitigated the risk of abuse in the gTLD and foresees dedicating a member of staff to act as the primary point of contact for handling inquiries relating to malicious or abusive conduct in the TLD. Creative Ideas is committed to ensuring that sufficient resources are made available at all times. Creative Ideas may engage its third party registrar(s) and its selected backend registry services provider, VeriSign to perform some or all of the tasks associated with rights protection issues. This will ensure that highly skilled, specialized and scalable resources are on hand to address any possible abuse issues both during the startup phase of the TLD and continually during operations of the TLD.

.




***
Example of a draft process for a Registrar’s handling of UDRP claims

Request for Registrar Verification
‘Request for Registrar Verification’ emails are received from the provider of UDRP, and are the official “beginning” of the UDRP case. These emails normally ask the Registrar to verify the domain name and the corresponding registrant details. The Registrar can ONLY ever lock a domain name following receipt of one of these emails. The receipt of a copy of a complaint does not indicate the beginning of a dispute.

The two most commonly used providers are the National Arbitration Forum (NAF) and the World Intellectual Property Organisation (WIPO). NAF requests will generally have the subject “Domain Name Dispute Verification Request”. WIPO requests will generally have the subject “Request for Registrar Verification”.

When such a request is received, the following steps need to be taken:
1. Update the UDRP Spreadsheet with the complaint details
2. Create a response to UDRP Provider
3. Send a confirmation to the complainant of receipt of complaint and inform of registrar lock and the circumstances under which the lock will expire
4. Change domain name Registry Key
5. Assign domain name to the ‘ABCDisputes’ account
6. Lock domain name
7. Advise Registrant of UDRP ⁄ create New Case
8. Spreadsheet finalization

When a copy of the UDRP complaint is received:
- Make a note in the spreadsheet of where to access the complaint.

When a notice of “commencement of UDRP” received:
- Save the domain name in the case and resolve.
- If a copy of the complaint has been attached, follow process in above.

When a notice of “Suspension” or “Stay” of proceedings is received:
Sometimes, the parties to the UDRP may reach an agreement to settle the matter outside of the UDRP. If the parties contact the registrar directly and indicate that they (the respondent) wish to transfer the domain name to the complainant, the registrar must direct them to the UDRP provider where they must have the proceedings “stayed” (sometimes called “suspended”). The registrar may only transfer a domain name once official notice from the provider has been received.

If a notice is receive from the UDRP provider PRIOR to the registrar being contacted by the parties:
- Respond to everyone who has been emailed a copy of the notice, with the template “UDRP – Notice of stay of proceedings”. This includes an instruction that the registrar requires written authorization from the respondent before releasing the domain name from registrar lock.

Once the registrar has received BOTH authorization from the current registrant, and official notice of suspension from the provider, the domain name may be transferred to the complainant.

Note that the registrar is only able to transfer the domain name to the complainant. The Registrar is not able to transfer the domain name to any other party.

When a UDRP decision is received:
When WIPO sends a notice of decision, the subject will be “Notification of Decision”. When NAF sends a notice of decision, the subject will be “DECISION – Complainant v Respondent”.

To view the decision:
1. Locate the decision
2. Scroll to the end of the decision document and note whether the decision is for the complainant or the respondent:
- A decision for the complainant will be described as “the domain name is ordered to be transferred from the respondent to the complainant” (follow process (a), below)
- A decision for the respondent will be described as “the complaint is denied” (follow process (b), below)

Responding to the email regarding the decision:
1. If decision is for the complainant:
Schedule the transfer for 10 working days time:
- Add end date to calendar
- Open the UDRP spreadsheet and make a note that the decision is for the complainant and note the date the name is scheduled to be transferred.

2. If decision is for the respondent:
Open the UDRP spreadsheet and locate the name of the reseller account (if any) on which this domain name was located prior to the UDRP, then:
- Move the domain name from the ABCDISPUTES account
- Unlock the domain name
- Send the registrant the new registry key

Implementation of the decision for complainant – transfer of domain name:
1. Copy of Complaint received? - check UDRP Spreadsheet to make sure
2. Assigning domain name to new Channel Partner (CP) & Update domain name
3. Unlock the domain name
4. Change Contact Details for domain name
5. Password Recovery
6. CRM case creation ⁄ Notice of Transfer of Licence
7. Update UDRP Spreadsheet – indicate that the case is closed