Like many of my friends, I was able to do almost all of my Christmas shopping online last year. But those who shop on the web need to remain careful so that we do not get ripped off with scams or fake or non-existent goods. There was a story in the Money section of The Times the other day, talking about the risks of shopping online. The piece was also rather critical of Google and it will be interesting to see how they will respond, particularly given their ‘do no evil’ mantra. 

Online shopping risks came up back in August 2009 and we wrote a blog post outlining Nominet’s processes and how consumers can protect themselves when buying goods online. Although there is loads of good advice around, people are still forgetting the basics, so it might be helpful to re-iterate the key points to consider when shopping on the web.  Get Safe Online and Consumer Direct provide some of the best advice out there and we have used some of their points, in conjunction with our own, to pull together top tips that ensure consumers are READY to shop online:

Research web sites 

• Look for a telephone number for the company. Ring it and check it works if you have any concerns
• Is the web site secure? Look for ‘https://’ and the padlock that should be present on the page you are using when you are giving any payment details (credit card), or personal information
• Do they have clear privacy and returns policies?
• If you’re not convinced, take a few minutes to search for the company on the Internet and check their reputation. Trust your common sense and if necessary buy elsewhere.

Educate others

• Share your knowledge with family and friends if you have spent time researching web sites, had a positive experience with buying from a site, or have spotted a dud (as well as reporting it). It is important to spread the word about how to be safe online.

Actively protect your money

• If you purchase goods online, make sure you use web sites that have a secure way of paying (known as an encryption facility) - these show a padlock at the bottom of the screen when you are filling in the payment details
• Have a dedicated credit card for shopping online. If you do fall victim to cybercrime and the value is over £100, it is easier to claim money back using a credit card than a debit card. It also makes it easier to keep track of your online purchases. 

Do not assume…

• An Internet company is based in the UK just because its web address has ‘uk’ in it. Visit the Nominet WHOIS site to check where the web site is registered. If the company is based outside the UK you might have to pay import tax on any goods you purchase
• That a web site is an official reseller of well known brand name goods. Before buying goods, you should visit a brand’s main web site to check that the web site you intend purchasing from is legitimate. For example, GHD, a company that manufacturers hair straighteners, has a dedicated section on its official web site outlining fake GHD web sites. Goods should not be purchased from any of the sites on that list. 

Yes, report it

• If you do fall victim to cybercrime, call your local trading standards office, report the incident and ask for their best advice on how to deal with the situation.

Remember, as always, if the offer looks to good to be true, it probably is.

Back in February I wrote about the ‘Perfect Storm’ developing in the area of international and national Internet Governance. Whilst weather prediction is a notoriously difficult and sometimes dangerous business, recent developments suggest there may be a calmer period with a few sunny intervals ahead.

What has provoked this unseasonal optimism, you may ask? It’s mainly due to the announcement that the Joint Project Agreement between the US Department of Commerce and ICANN has come to an end.  In its place are a series of commitments such as ensuring that decisions are made in the public interest, preserving the security and stability of the Domain Name System and promoting consumer trust and choice. A series of ongoing regular reviews will also be introduced with the aim of ensuring ICANN’s accountability to the wider Internet community, and Internet users in particular.

Nominet strongly supports the private-sector led, bottom-up model for the technical co-ordination of the domain name system, and we believe the end of the JPA confirms that this model is the right one for such a fast-moving, innovative sector.

There’s clearly an interesting parallel here with what’s happening in the UK Internet industry. The outcomes of Nominet’s Independent Governance Review and the Digital Britain Report, suggest that there is strong support for Nominet to commit to a ‘public purpose’ role. So, I guess my forecast that representation and protection of end-users would become a major Government focus appears to have been quite accurate (albeit that was rather easy to predict).

I’m clear that this is the right way forward, but this approach will certainly bring its own challenges. Working for a public purpose means balancing an even wider range of conflicting interests from the many different groups involved in the Internet and the Internet governance process. In particular, it will mean balancing commercial pressures and end user interests - always tricky on a national scale, even more so when these are on a global scale. However, responding responsibly to the dynamic and ever changing demands of Internet stakeholders is essential to both keep pace with developments and to make the Internet a trusted and safe place going forward.

The Internet governance landscape is changing and there are some bright patches appearing over the horizon, but the many challenges of engaging with and seeking to satisfy such a wide range of users suggests that there may be some cloudy patches on the way too!

There have been a couple of stories in the media over recent weeks from Trading Standards Officers in the UK and the US Federal Trade Commission about consumers being tricked into buying fake goods on the Internet by companies pretending to be based in the UK. As online shopping becomes increasingly prevalent in the UK, and with 72% of UK consumers preferring to search for a .co.uk web site than a .com, it is more important than ever that consumers take sufficient care when shopping on the Internet. Whilst it’s great to see more and more people buying and banking online and consumer confidence reaching new heights, it does not remove the need for vigilance and care. When Nominet took over the operation of .uk in 1996, a decision was taken to operate .co.uk and .org.uk as “open” second level domains, meaning that any type of organisation based anywhere in the world could register these domain names on a first come, first served basis. This early decision means that whilst the vast majority of registrations are from the UK, a small proportion of registrants are from non-UK businesses and consumers. Many will be perfectly legitimate, for example by trading businesses or organisations wanting to protect their trademarks overseas.

Domain names in .co.uk are allocated on a first come, first served basis and there are currently 140,000 new registrations every month. Whilst we don’t police applicant locations, it does not automatically follow that consumers in countries with stricter registration policies or application vetting are necessarily any better protected. In practice the physical address used to register a domain name does not of itself provide any guarantee of legitimate supply of goods. Nor does dealing with a business based in the UK. As ever, it is imperative that internet shoppers are careful, especially when dealing with a new site for the first time or in response to unsolicited email.

As an organisation we are keen to find ways to create a safe on-line environment for UK consumers and business. Given the technology involved, there are not many quick or easy fixes. However, an example of a simple safeguard is for people to carry out a Nominet WHOIS check if they have any concerns or want to do a quick check - sites who trade online are not able to opt out of having their information displayed in the Nominet WHOIS. Where these details are out of date or inaccurate, we reserve the right to cancel the domain name and regularly do if the details are not updated/corrected promptly. We also work closely with the Police where issues arise and Nominet’s Policy Advisory Body are already engaged and working with the UK Payments Administration Ltd (formerly APACS) to look at how we can better work together against on-line fraud.

So, if you’re shopping online and you have any doubt about the web site you are using then you can reduce the risks by performing a WHOIS search or other simple checks. There is good advice on how to reduce the risks when purchasing goods online readily available, for example, see Get Safe Online. As they say: if the offer seems too good to be true, it probably is.

I participated in a public hearing in Brussels last week on the Future of Internet Governance. The hearing brought together representatives from Internet players such as ISOC, ICANN, IGF, CENTR etc. with business and civil society representatives to gather inputs on key questions posed by The Commission. These will inform its ‘official’ position on Internet Governance, which should be announced shortly.

Viviane Reding, EU-Commissioner for Information Society and Media, released her personal thoughts on the subject via a video message and press release earlier in the week. She called for a new governance model for the Internet that would include a fully privatised ICANN, as well as a “G12 for Internet Governance.” This confused people somewhat as they believed Viviane’s views and the EU Commission’s views were one and the same. This is clearly not the case and the timing of the statement in advance of the hearing was rather unfortunate (!).

Having said that, many agreed with Reding’s view that ICANN should be independent of the US Government, provided that ICANN accountability can be fully established. However, the notion of ICANN being answerable to an “Internet G12” was not popular. It just would not be suitable for a small group of only twelve selected Governments to set global Internet policies.

At the hearing itself, there was strong support for the continuation of the IGF and numerous interventions about ICANN, particularly in view of the status of the Joint Project Agreement. There were some suggestions that there should be a new Internet Governance model for a new era of the Internet, with some pushing for  an over-arching inter-governmental role. I cannot yet understand why new would necessarily be better.  Surely it would be easier to identify what the issues are and how they can be better addressed, rather than seek new structures.

It is widely recognised that the Internet is now fundamantal to global economies and therefore governments have a strong interest and a role to play going forward. But it is important to also recognise that the usual timescales for government and inter-government actions, the difficulty of developing effective legislation and the international nature of many of the issues, just do not fit easily with the nature of the Internet.

Therefore, no single universal regulatory or purely inter-governmental global oversight can ever align itself successfully with the diversity and sheer pace of change in this sector. The only model of global  Internet Governance that will achieve this is one that allows all concerned to work together, through multi-stakeholder participation and partnerships.

Participation is really key and more Governments and stakeholders need to be much more involved so that Internet Governance is truly representative of our worldwide and multi-stakeholder Internet community. If the people who attended the hearing are an indication, there are certainly lots of issues for all participants to talk about.

I’m celebrating ten years working at Nominet today. As is traditional on such occasions, we’ve celebrated with cakes! I’ve also been thinking back to the early days and how much has changed…..

I joined Nominet in 1999. This was the year that: Nominet turnover was £1.6m (it’s now almost £20m), there were 883 Nominet members (there are now 2,825), there were 28 staff (there are now 120) and there were 236,000 registrations (there are now 7,500,000).

I remember being asked by Dr Willie Black and Keith Mitchell, two of the Nominet Founders, in my job interview whether I was up for a challenge and whether I was used to change. I believe I answered “Yes” to both questions. 1999 was certainly a challenging time to start. My first few months saw a group of members advocating the privatisation of Nominet, moving the company to new offices (I recall someone moving the nameservers in the back of his car) and my challenge of developing forecasting almost from scratch, to predict domain name growth, scaling costs and financials. This became known as ‘the spreadsheet from hell’ and we calculated that if the register grew in line with forecasts we would need an extra 140 staff just to process reply forms! There was also my very first ICANN meeting of many and the first ever meeting of the Nominet Policy Advisory Body.

The challenges have continued (mostly unabated) since then. Some of the more difficult ones have been the attack on our WHOIS in 2003 which resulted in the Australian Court Case and the more recent attempts to change the Nominet constitution.

However, the good times have far outweighed the difficult times in the last 10 years. There have been lots of awards, such as Best Companies to work for, Best in-house legal team and the award for our customer support, to name but a few. We’ve also made huge changes and improvements to our systems and services,  created the Nominet Trust, the Best Practice Challenge awards and have been able to play more of an active and leading role in Internet governance and development.

People sometimes ask what my/our motivations are for doing all this. Apart from loving the Internet and what we do, our motivations are set out in the Nominet vision and mission statements. The Nominet vision is of a world where the Internet is a trusted place, which everyone can be part of and has a positive impact on people’s lives and our mission is to make a positive difference to UK Internet users and to shape the development of the Internet. These two statements show the way ahead for the next 10 years. The one thing that is certain is that we’re in uncertain times. However, I’m sure that the next 10 years will be just as challenging and as full of change as the last 10 years.

There has been a bit of an awards theme to my diary the last couple of weeks……

Firstly, I was delighted to hear that Nominet has retained both our Investors in People accreditation and our Best Companies to work for star, which means that we keep our entry in the guide to great places to work in the UK. Both awards recognise the professionalism of our managers and people and the time and investment that we make to ensure that we are able to recruit, train and retain great people - so that we can continue to deliver great services. Whilst it’s nice to have some more trophies for the cabinet, the real reward is knowing that we benchmark very well against other organisations. These awards also raise our profile, make it easier for us to attract good staff, ensure that our training investment is aligned with our strategic plans and also that communication with our people remains a priority – all things that are particularly important in these challenging times.

Last week, we launched our third annual Best Practice Challenge.  We’re hoping to recognise those in the UK who have embraced the challenge of making the Internet a more secure, open, accessible or diverse experience for us all. The award winners will be showcased at this year’s Internet Governance Forum and have the chance to share their work to a wide audience, both within the UK and internationally, as well as receiving great recognition and a real sense of pride.

This week, I went to the Institute of Credit Management awards dinner. I’ve been an ICM member for many years, so I was delighted to be asked to judge their awards this year. Little did I realise how difficult a job that would be, but the reward was seeing the actual winners, who were so obviously thrilled to be recognised. I particularly liked the Unsung Hero award, which was a very popular and hard-fought category. It strikes me that many more industries have unsung heroes who could do with a little bit more recognition.

Finally, a plug for the First Women Awards, which were also launched last week. These seek to recognise UK women who have broken new ground in business life – genuine trailblazers and pioneers/glass ceiling breakers. As a previous winner, I’m honoured to be judging the awards this year and we’re looking for nominees in the following categories: manufacturing, tourism & leisure, finance, science & technology, media, retail & consumer, property, public sector, business services. These awards celebrate all that is good about the roles women have in business and the positive attributes they bring. I’d recommend entering - with the reward of a real opportunity to make a lasting and positive difference to other women in business, another thing that is so important in these challenging times.

I’m always cynical when a management blog is silent on the current challenges facing a company, particularly when they are covered in the media.

We’ve had snow storms this week in the UK, so there is much talk about storms. It strikes me that some might view the current issues at Nominet as a storm in a teacup – a small event that has been exaggerated out of all proportion. Not unsurprisingly, I don’t agree. I think that the storm has already had a significant effect on Nominet and it could well have far reaching implications for both Nominet and our Registrars. I do hope (but I’m not sure) that all involved would agree that our current governance model and all that it entails needs to change in some way in order to reflect the role that we have and the environment that we operate in. The independent governance review is due soon, so we’re waiting to see how much change is recommended.

However, I believe that this is just a part of the bigger picture of the national and international Internet Governance debate, which is set to come to a head this year. If anything, Nominet represents one minor development in this area, which, I believe, is heading towards a perfect storm – a (far from perfect) combination of events, which will ultimately change the Internet landscape.

Let me attempt to explain…..as briefly as I can:

Firstly, I see the need for change being signalled in the regulatory climate in the UK. It is well known that the UK Government has been very supportive of self-regulation in our industry. However, I do hear statements about the representation of end-user interests and the protection of end-users much more frequently than ever before. As an industry, we often respond to these statements by saying “better user education and information is the answer”. Whilst that may well help, we are going to have to accept this may not be the only answer, or one that will fully deliver. So, its currently up to the UK internet industry to figure-out how we are going to ensure that end-users are at the heart of our self-regulatory regime, otherwise regulation or legislation is inevitable. For example, the recent Digital Britain report signals possible legislation compelling ISPs to notify infringers of third party rights, and keep anonymised data, which seems to indicate a view that self-regulation has failed on this point. If self-regulation is perceived to falter in the UK, which has championed an industry lead, we can expect that more interventionist governments (both within and outside the European Union) will capitalise on this, and may use it as an excuse for heavy regulation.

Secondly, I see change being signalled at the European level, with the EU review of the regulatory framework potentially giving member states the power to regulate the Internet, particularly around quality of service to end-users.

Thirdly, I see change being signalled by the US Government in its approach to Internet governance, particularly with the recent change in administration. There is also an end-user needs theme here and in the context of the new generic Top Level Domain (gTLD)  process, the US Department of Commerce recommends that ICANN should give greater consideration to consumer interests before creating new gTLDs and renewing registry agreements. I do have a lot of empathy with ICANN - like in Nominet, it must feel as though you just can’t please anyone at times. But with so many concerns being raised about the new gTLD process, I’d be surprised if the US is able to agree to the transition of ICANN to the private sector when the Joint Project Agreement expires later this year. Although there remains much support for removing the ‘oversight’ of ICANN from one single government, there is little consensus on what oversight should replace that of the US. I predict that some governments will therefore push even more strongly for inter-governmental oversight of ICANN.

Finally, we are coming to a crucial stage in the life of the Internet Governance Forum (IGF). The review of the forum has already begun and is due to report in early 2010. We view this five-year experiment in global multi-stakeholder dialogue as being very successful. The UK IGF and the Nominet Best Practice challenge have helped to ensure that the UK has great involvement in the IGF and that there are real life contributions to inform the policy debate. Whilst some would have liked the IGF to be a negotiating and decision making process, it has worked well as a space for the development of policy dialogue and the sharing of best practices. What seems to have escaped many is that this form of engagement is an innovative experiment for the UN, in that it seeks to engage all regions and all participants in policy dialogue. If that experiment is not seen to be working, there will be suggestions for alternative replacements.

I do think that there is an urgent need for greater awareness of the international issues facing the industry if we’re to avoid the storms, together with a more widespread commitment to developing both understanding and innovative solutions.

Where can we start? Well, we will all need to accept greater responsibility for finding solutions going forwards. This will require much better participation and engagement from all involved. There also remains a huge need for better dialogue, better participation, better understanding and better solutions in the interests of end-users. All too often I hear people talking to each other, but not actually listening. I also see vested interest battle-lines being drawn, without the acknowledgement that real progress will need real compromise and new ways of moving forward. This would be a good basis on which to start preventing new storms, whether they are small or large, from developing.

We were delighted to welcome one of the ‘fathers of the internet’, Vint Cerf, to the Nominet offices in Oxford earlier today. As many will be aware, Vint was the co-designer of TCP/IP and basic infrastructure of the internet. After discussions about international developments and domain name developments in the UK, he very kindly offered to meet Nominet staff for a Q&A session. Questions posed to Vint included: IPv6 adoption, which he feels should be a matter of urgency, new top level domains - where the possibility of thousands of new suffixes raises concerns for brand holders, current internet risks - botnets, IPv4 exhaustion etc, etc, the future of the domain name system, Google’s position re search in the Chinese market and the new Google browser - which is open source. As always, Vint provided all the answers as well as some entertaining and interesting insights.

He then went on to give an excellent presentation at the Oxford Internet Institute on the future of the internet, noting that there are now 1,464 million internet users, which represents just 21% global penetration. He warned that IPv4 addresses will run out in the summer of 2010, which means that there needs to be a real push on IPv6 before it becomes a matter of dire urgency. He forsees geo-location based services growing rapidly as the number of mobile users increases and users will want local information directly relevant to their location. He also predicted the growth of the ‘internet of things’, where devices will increasingly link to the internet to deliver added value to users. I can see my family using the digital photo frame which automatically downloads and shares your latest snaps with friends and relatives, but probably not the electronic scales that link to your fridge in order to recommend heathier menus!

Vint also touched on the idea of an ‘interplanetary internet’, which I had previously thought of as an internet for the star ships and planets of the future. However, the penny dropped today when I understood that the protocols and tools being tested that facilitate connectivity over vast distances and frequent disruptions are of course the very things that could allow the global internet to be much more mobile and versatile in the future.

I’ve been surprised at the lack of comments about the US National Telecommunications and Information Administration (NTIA) mid-term review of their Joint Project Agreement (JPA) with ICANN. With the political uncertainty of an election year in the US, the NTIA response to its consultation was always going to be cautious. However, it is disappointing that it does’nt really say much at all and gives little guidance on the way forward - but the challenge is there for ICANN: “you’ve heard the comments and concerns, now work out how to address them.”

A lot of the responses to the Notice of Inquiry were about the lack of adequate safeguards, in particular for those who are not well represented in ICANN. This must be addressed. As BITS/Financial Round Table said in its contribution, it is necessary to “ensure the views of organizations that rely on the Internet … are fully considered”. It will be important for ICANN to show how wider business, economic, social and political interests will be safeguarded.

I now believe that it is up to ICANN to respond by defining what the organisation should look like post transition and how effective accountability can be provided.

ICANN has a new Chairman and this provides an excellent opportunity for him to inject new thinking. In my humble opinion (IMHO), Peter Dengate-Thrush needs to respond to this challenge and lead the process. Time is short and we need to start working on clear proposals for what ICANN could look like post transition.

I’m still recovering from the recent ICANN meeting in New Delhi. As well as a hand injury from a fall at the airport (which started off the week well), I managed to catch a nasty cough while I was there that I’m still suffering from and I therefore did’nt really get out of the hotel (for those still under the false impression that international meetings are a complete jolly). I do know we were in India though, as there were some great curries on offer!

There was a very full ICANN agenda, but here is a brief summary of some of the key discussions we were involved in:

Internationalised Domain Names (IDNs)

The introduction of IDNs (domain names in non-Latin scripts) will be one of the biggest changes to the Internet since its inception, so it is not surprising that policy making about IDNs could take a long time. The discussions in Delhi were another step forward on that journey and IDNs were on the agenda for a number of constituency meetings.

The Governmental Advisory Committee (GAC) and country code Names Supporting Organisation (ccNSO) representatives met to discuss the issues regarding IDN two letter country code Top Level Domains and this discussion will continue at the next meeting. As part of its communiqué to ICANN, the GAC advised that the public policy principles it previously developed for ccTLDs are relevant also to IDN ccTLDs.

The discussion about a ‘fast-track’ process for introducing IDN ccTLDs in the near-term was also discussed in several meetings. As some will know, I’m not convinced how fast a ‘fast track’ will be able to act, particularly as the key policy decisions will need to be made via the formal (lengthier) policy development process. However, next steps were agreed and the working group will submit its final report to the ICANN board in June 2008.

New generic top level domains (gTLDs)

The process for introducing new generic top level domains (gTLDs) was discussed and there is some pressure from potential applicants who naturally want to know when they can submit bids and how much they will need to pay. There is also some pressure from potential accredited registries who want to become accredited so that they can partner with applicants, but don’t yet know the criteria they will need to meet as these are being developed. Work has been progressing on an implementation plan based on the policy development work done by the Generic Names Supporting Organisation (GNSO) and ICANN apparently hopes to start accepting bids for new gTLDs by the end of 2008 at the earliest. I expect that date may need to slip, as there is much work to be done by ICANN and the various consultants before everything will be ready.

Joint Project Agreement
In the open session on the JPA review, the ICANN Chairman helpfully ‘clarified’ that the ICANN submission to the review was not seeking an immediate end to the JPA, but dialogue about what will happen when it ends in 18 months time. Many present seemed to agree that we should use the time to discuss what accountabilty and oversight will be needed for an independent ICANN. I suspect there will not be so much agreement about what form this should take. As I pointed out, this is actually quite a tight timescale for an international multi-stakeholder discussion and dialogue will need to develop rapidly if an acceptable solution is to be found.