The following policies, which govern the top level domain .CEO (“TLD” or “Registry) are based on policies and best practices drawn from Internet Corporation for Assigned Names and Numbers (“ICANN”), World Intellectual Property Organisation (“WIPO”), and other relevant sources, and is written to be consistent with ICANN Consensus Policies.
Specifically, the Registry Policies include the following interrelated policies, terms, and conditions (together the “Registry Policies”):
The Registry policies form a cohesive framework and must be read in conjunction with one another, as well as with other applicable agreements, policies, laws, and regulations which, taken together, represent the entirety of the obligations and responsibilities with regard to any domain name registration.
The Registry Polices are designed to promote transparent and non-discriminatory rules for the registration of domain names within this TLD, including fair and competitive pricing and competition at the Registrar level; protection of Registrant data and privacy; adherence by Registrants to the AUP; protection of intellectual property rights; protection of certain terms; prevention of the registration of illegal terms; prevention of violations of the law or abuse of the Domain Name System (DNS), including criminal acts; and to align use of the TLD with the applicable self-regulatory environment.
These polices provide that the TLD may, when necessary, implement Registry-level “Registration suspensions” for AUP violations. The registration and use of a domain is subject at all times to the Registry Polices, which provide the means to address crime, prohibited content, intellectual property abuses and other issues of concern.
Abuse Point of Contact: an agent of the Registry appointed to review complaints for compliance with these Policies.
Acceptable Use Policy (or AUP): a policy that describes the types of acceptable uses for domain name registrations.
Blocked Names: a list of domain names, appearing on a list of blocked names, which list is subject to additions and modifications from time to time, which are indefinitely unavailable for registration.
Complaint Resolution Service (or CRS): which provides for the Registry, in cooperation with the Registrar, a mechanism for Registrants and complainants to settle disputes concerning domain name registrations and/or uses; the CRS is a formal mediation-based dispute resolution process that provides a low-cost, efficient, neutral mechanism for fair adjudication of complaints including those from the public concerning alleged intellectual property abuses, illegal content, abusive or disruptive use of a domain name (e.g., phishing, spam or child pornography) or other inappropriate conduct in the TLD; the CRS is complementary to the ICANN-mandated URS and UDRP.
Complainant: a party who files a complaint using the CRS.
Complaint: the complaint filed by a Complainant using the CRS.
Critical Issue Suspension (or CIS): a modification of the DNS records temporarily disabling a domain name from resolving; it may be undertaken, in Registry’s sole discretion, when specifically requested by a Complainant in a CRS complaint, and when such Complaint alleges disruptive use of a domain name (e.g., phishing, spam, or child pornography) or other inappropriate conduct.
Data Escrow: the process of keeping a copy of critical data, including Whois data, with an independent third party.
Domain Name: an identification string that represents an Internet Protocol resource, usually a server computer hosting a web site. Is to the left of the dot in a URL; in “internic.net”, the domain name is “internic”.
Domain Name System (or DNS): the system that helps people find their way around the Internet. Every computer on the Internet has a unique address, which is a string of numbers, called an “IP address” (IP stands for “Internet Protocol”). Because IP addresses are hard to remember, the DNS makes using the Internet easier to navigate by allowing a familiar string of letters (the domain name) to be used instead of the IP address; so instead of typing 220.127.116.11, Internet users can type www.internic.net.
Domain Lock: a status code that can be set on a domain name in order to prevent unauthorized, unwanted or accidental changes to the domain name’s ownership or technical information. When set, the following actions are prohibited: (i) modification of the domain name, including transferring the domain name; (ii) deletion of the domain name; and (iii) modification of the domain name contact details. Where a Domain Lock is applied, renewal of the domain name is still possible.
EPP (Extensible Provisioning Protocol): an industry standard for how Registrars communicate with Registries.
Escrow Agent: a third party contracted to perform data escrow services for the Registry.
ICANN (the Internet Corporation of Assigned Names and Numbers): the organization that creates the rules for, and ensures the technical stability of, the Internet.
ICANN Consensus Policies: domain name–related policies created through ICANN’s multi– stakeholder consensus–based consultation process to govern certain actions related to domain names, Whois, and other ICANN-related functions; the current list of ICANN consensus polices can be found here.
Identical Match: means that a domain name consists of the complete and identical textual elements of a Trademark Clearinghouse–validated trademark. In this regard: (a) spaces contained within a mark that are either replaced by hyphens (and vice versa, as the context allows) or omitted; (b) only certain special characters contained within a trademark are spelled out with appropriate words describing it (“@” and “&”); (c) punctuation or special characters contained within a mark that are unable to be used in a second level domain name may either be (i) omitted or (ii) replaced by spaces, hyphens or underscores and still be considered Identical matches; and (d) no plural and no “marks contained” (i.e., “brandx” in “brandxproducts”) qualify for inclusion.
Identifier: a number assigned by the Registry to a Registrant to uniquely identify the Registrant for the purposes of the Registry’s operations and to preserve the Registrant's privacy; an individual's name is not used as an Identifier.
IP (Internet Protocol): the technical protocol that allows computers to find and communicate with each other on the Internet.
IP Address: a numerical address for a computer connected to the Internet.
Naming Policy: the policy that describes reserved and blocked (prohibited) domain names.
Name Server: the server that maps the domain name to an IP address.
Ombudsperson: an independent third party appointed by the Registry to identify and provide a neutral assessment of the interests of participants in the Complaint Resolution Service. In appropriate situations, may act as a mediator.
Personal Information: means information about an individual person, including any Registrant, whose identity can reasonably be ascertained from such information, but does not include indexes or aggregations of Personal Information relating to more than one person, such as logfiles, DNS Zone Files, databases or backups. This information may include the name, address, telephone number, and email address of the Registrant. This may include the home address and personal email of the Registrant, if the Registrant uses those as their primary contact information for the domain name.
Primary Purpose: the reasons for the Registry's collection of Personal Information, which is the storage and maintenance of such information in the Whois database (a copy of which ICANN requires is provided to the Escrow Agent) as required by ICANN, which is searchable and publicly available.
Privacy & Whois Policy: a policy document that describes how a Registrant’s Personal Information may be used by the Registry and in some cases, third parties.
Prohibited Use: a use of the domain name that is illegal or expressly prohibited by the Policies, especially the Acceptable Use Policy.
Registered Domain Name: A Second Level Domain that has already being purchased by a third party.
Registrant: a person, whether an individual or business entity, in whose name a domain name is registered.
Registrant Agreement: the terms which Registrants must acknowledge and agree to in order to register a domain name; the Registrant Agreement binds Registrants, at the time of initial registration, domain renewal, or domain transfer, to the Registry Policies (which also includes by reference, ICANN-mandated rights protection mechanisms such as the Uniform Rapid Suspension service (“URS”), Uniform Domain Name Dispute Resolution Policy (“UDRP”), and other ICANN Consensus Policies);
Registrar: an entity, accredited by ICANN and under contract with the Registry, through which a business entity or individual may register a domain name.
Registrar Registration Fee: payment by the Registrar to the Registry for registration of a domain name.
Registration Fee: payment by the Registrant to the Registrar for registration of a domain name.
Registry: a database of all domain names and the associated registrant information in the top level domain; the entity that operates the TLD Registry database.
Registry Policies: the policy framework governing domain name registrations in the TLD, which includes the Naming Policy, Acceptable Use Policy, Registrant Agreement, Privacy & Whois Policy, Complaint Resolution Service, Registry–Registrar Agreement, ICANN consensus polices, and applicable laws, as amended from time to time.
Registry Related Parties: any natural or juristic person who is or is related to the Registry or the Registrar, including the officers, directors, shareholders, owners, managers, employees, agents, representatives, contractors, affiliates, successors, assigns, and attorneys of either the Registry or a Registrar.
Registry-Registrar Agreement (or RRA): the agreement between the Registry and each ICANNaccredited Registrar which is authorized to sell domain names within the TLD.
Reserved Names: domain names currently unavailable for registration but which may be released in the future.
Respondent: the party against whom a CRS Complaint is filed; usually a Registrant.
Response: the reply by the Respondent in a CRS to the Complaint.
Root Servers: the authoritative name servers that serve the DNS root zone; a network of hundreds of servers in many countries around the world.
Sunrise: the exclusive period in which trademark owners may register the Identical Match of their trademark as a domain name prior to general domain name availability in the TLD.
Term: the period of registration of a domain name. The initial Term may be between one (1) and ten (10) years, but registration renewals may extend the Term.
Top Level Domain (or TLD): anything to the right of the final dot in a domain name; e.g., “.com”,
Trademark Claims Service: the service which gives notice to a prospective domain name registrant at the time of registration that the desired domain name may infringe a trademark; also provides electronic notice to a trademark rights holder that a domain name is an Identical Match to their trademark or to a previously-adjudicated infringing string has been registered. The prospective Registrant must warrant that: (i) they have received notification that the mark is registered in the Trademark Clearinghouse; (ii) they have received and understood the notice; and (iii) to the best of their knowledge, the registration and use of the requested domain name will not infringe on the rights that are the subject of the notice. If the domain name is registered subsequent to the notice being issued and the registrant attesting to its non–infringement, the registrar (through an interface with the Clearinghouse) will notify the mark holder(s) of the registration.
Trademark Clearinghouse (TMCH): the central storage repository of validated (authenticated) trademark rights–related data and information for dissemination with respect to trademark rights protection mechanisms and other registry-related services; more information can be found at their website.
Unassigned Domain Name: A Second Level Domain, reserved name or blocked name that has not yet been sold to a third-party, and which is retained by the Registry until sold.
UDRP (Uniform Domain Name Dispute Resolution Policy): an ICANN Consensus Policy that provides for independent adjudication of trademark-related domain name disputes concerning alleged trademark abuse.
URS (Uniform Rapid Suspension): similar to the UDRP, a complimentary rights protection mechanism that offers a lower-cost, faster path to relief for rights holders experiencing the most clear-cut cases of infringement.
Shared Registry System (SRS): the system that allows multiple Registrars to register domain names in a Registry.
Whois: an ICANN-mandated tool that displays the Registrant, Name Server, expiration date, and contact information for a domain name. Whois information is public and searchable, and may include Personal Information, including but not limited to:
WIPO: the World Intellectual Property Organization, an international body responsible for the promotion of the protection of intellectual property throughout the world and historic partner with ICANN for UDRP proceedings.
Zone File: the file on a Root Server that contains the domain name registration information necessary to resolve the domain names to their relevant IP addresses.
This Naming Policy sets forth the rules and guidelines concerning the availability of any domain name registered in this TLD. Here are the most current version of this Naming Policy and related material, including lists of Reserved Names, Blocked Names, and names that are blocked by ICANN. Certain other reserved and blocked names are provided exclusively to accredited Registrars.
This Naming Policy is part of the Registry Policies, which form a cohesive framework and must be read in conjunction with one another, as well as with other applicable agreements, policies, laws, and regulations which, taken together, represent the entirety the obligations and responsibilities with regard to any domain name registration.
Actual or attempted registration of a domain name in contravention of this Naming Policy may result in a Registrant being forbidden from registering domain names and/or the suspension or revocation of such Registrant’s right to continue to be recognized as the Registrant of the non-compliant domain name or any other domain name. Suspension or revocation may, as determined in the Registry’s sole discretion, with the cooperation of the sponsoring Registrar, apply to one or more of the Registrant's domain names.
The Registry reserves the right to modify or update this Naming Policy at any time and from time to time, and any such modifications or updates shall be posted on the Registry website. Once posted, such modified or updated Naming Policy shall apply to all Registrants.
The registrant of a letter/letter two-character ASCII label must take steps to ensure against misrepresenting or falsely implying that the registrant or its business is affiliated with a government or country-code manager if such affiliation, sponsorship or endorsement does not exist.
DomainNames DomainRegistrati on Home
This Acceptable Use Policy (AUP) sets forth the terms and conditions for the use by a Registrant of any domain name registered in the top-level domain (TLD).
This Acceptable Use Policy (AUP) is part of the Registry Policies, which form a cohesive framework and must be read in conjunction with one another, as well as with other applicable agreements, policies, laws, and regulations which, taken together, represent the entirety the obligations and responsibilities with regard to any domain name registration.
The current version of the AUP will made available on the Registry website. It applies to any domain name registered in the TLD, no matter when or how registered, renewed, or transferred. Where a Registrant licenses or leases the domain name or any sub-domain names obtained under these Registry Policies, the Registry and the sponsoring Registrar shall hold the Registrant solely liable for activity in the domain name and in any sub-domain, if applicable.
The Registry supports the free flow of information and ideas over the Internet. The Registry does not and cannot exercise editorial control over the content of any message or web site made accessible by domain name resolution services in the TLD.
The Registry, with the cooperation of the sponsoring Registrar, may suspend, revoke, transfer, or modify the information or services provided in relation to any domain name (for example, through modification of a Registry Zone File) to address alleged violations of this AUP (described further below). The Registry shall have the authority to determine, in its sole discretion, whether use of a domain name is a prima facie violation of this AUP. The Registry or affected third parties may also utilize ICANN-sanctioned procedures, such as the Uniform Domain Name Dispute Resolution Policy (UDRP) or the Uniform Rapid Suspension (URS) system and/or applicable courts including those in the jurisdiction and venue specified in the Registrant Agreement.
Registrants are obliged and required to ensure that their use of a domain name is at all times lawful and in accordance with the requirements of the Registry Polices and applicable laws and regulations, including those of the Registrant’s country of residence and ICANN Consensus Policies, including but not limited to those that relate to privacy, data collection, consumer protection (including in relation to misleading and deceptive conduct), fair lending, debt collection, disclosure of data, and financial disclosures. Registrants who collect and maintain sensitive health and financial data must implement reasonable and appropriate security measures commensurate with the offering of those services, as defined by applicable law. Where applicable, Registrants represent that they possesses any necessary authorisations, charters, licenses and/or other related credentials for participation in the sector associated with the TLD; material changes to the validity of such credentials must be reported to the Registry.
The Registry reserves the right to modify or amend this AUP at any time and from time to time and any such updates shall be posted on the Registry’s website from time to time. The Registry will notify Registrars in the event of updates. The AUP as posted on the Registry’s website is the agreement in affect at any time.
A Prohibited Use of a domain name is a use which is either illegal or expressly prohibited by provisions of this AUP and/or Registry Policies. A non-exhaustive list of such restrictions pertaining to registration or use of a domain name (in relation to various purposes and activities) is further described below in this AUP.
The registration and use of a domain name in the TLD must be for lawful purposes. The creation, transmission, distribution, storage of, or automatic forwarding to or framing of any material in violation of applicable laws, regulations, or this AUP is prohibited. This may include, but is not limited to, the following:
The Registry expressly prohibits Registrants from engaging in the following activities:
A Registrant may not use a domain name for the purpose of:
The registrant of a letter/letter two-character ASCII label must take steps to ensure against misrepresenting or falsely implying that the registrant or its business is affiliated with a government or country-code manager if such affiliation, sponsorship or endorsement does not exist.
This AUP is intended to provide guidance as to acceptable use of the Registry’s network and domain names. However, the AUP is neither exhaustive nor exclusive.
The Registry may, in its sole discretion, with the cooperation of the sponsoring Registrar, suspend, transfer, or terminate a Registrant’s service, including a domain name registration, for violation of any of the terms and conditions of the AUP on receipt of a complaint if the Registry, in its sole discretion, believes:
Except in extreme situations, the Registry may work with Registrars to effect the appropriate action. Notwithstanding the above, this AUP does not create any obligation on the part of the Registry to suspend, transfer, or terminate a Registrant’s service for violations of this AUP, and Registry shall not be liable to any party for not enforcing the terms of this AUP.
THE REGISTRANT ACKNOWLEDGES AND AGREES THAT, TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE REGISTRY AND THE REGISTRY RELATED PARTIES SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOSS OF PROFITS, BUSINESS INTERRUPTION, LOSS OF PROGRAMS OR OTHER DATA, OR OTHERWISE RELATING TO THE USE, SUSPENSION, TERMINATION OR THE INABILITY TO USE THE DOMAIN NAME OR IN ANY OTHER WAY RELATED TO THE DOMAIN NAME, REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING IN THE CASE OF NEGLIGENCE BY THE REGISTRY AND/OR REGISTRY RELATED PARTIES), OR OTHERWISE. THE REGISTRY’S LIABILITY FOR ANY BREACH OF A CONDITION OR WARRANTY IMPLIED BY ANY OF THE REGISTRY POLICIES, INCLUDING THE NAMING POLICY, ACCEPTABLE USE POLICY, REGISTRANT AGREEMENT,
PRIVACY & WHOIS POLICY, COMPLAINT RESOLUTION SERVICE, AND/OR THE REGISTRY– REGISTRAR AGREEMENT SHALL BE LIMITED TO THE MAXIMUM EXTENT POSSIBLE TO ONE OF THE FOLLOWING (AS THE REGISTRY MAY DETERMINE IN ITS SOLE DISCRETION:
ADDITIONALLY, TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE REGISTRY AND THE REGISTRY RELATED PARTIES SHALL NOT BE LIABLE FOR ANY LOSSES OR DAMAGES THAT THE REGISTRANT MAY INCUR AS A RESULT OF UNAUTHORIZED USE OF THE DOMAIN ARISING FROM “HACKING,” DENIAL OF SERVICE ATTACK, VIRUS, WORM, OR OTHERWISE, OR FOR LACK OF FITNESS FOR A PARTICULAR PURPOSE OF THE DOMAIN NAME OR SERVICES RELATED TO THE DOMAIN NAME.
IN THE EVENT THAT THE REGISTRY OR A REGISTRY RELATED PARTY TAKES ACTION WITH RESPECT TO A REGISTRY DOMAIN NAME PURSUANT TO THE REGISTRY POLICIES, WHICH ACTION IS REVERSED, MODIFIED, OR ACKNOWLEDGED TO HAVE BEEN INCORRECT BY THE REGISTRY AND/OR A REGISTRY RELATED PARTY, BY OR THROUGH THE REGISTRY COMPLAINT RESOLUTION SERVICE, OR BY A COURT, THEN REGISTRANT AGREES THAT, TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE REGISTRY AND/OR REGISTRY RELATED PARTIES SHALL NOT BE LIABLE FOR ANY DAMAGES THAT THE REGISTRANT MAY SUFFER THEREBY, EVEN IF THE REGISTRY AND/OR REGISTRY RELATED PARTIES HAVE BEEN ADVISED OF THE POTENTIAL FOR SUCH DAMAGES, AND EVEN IF THE REGISTRY AND/OR REGISTRY RELATED PARTIES MAY FORESEE SUCH POSSIBLE DAMAGES. THE REGISTRANT’S SOLE REMEDY UNDER SUCH CIRCUMSTANCES SHALL BE THE RESUPPLY OF THE DOMAIN NAME OR, AT THE SOLE DISCRETION OF THE REGISTRY, A REFUND OF THE REGISTRATION FEE, RENEWAL FEE (IF THE CIRCUMSTANCE OCCURRED DURING A RENEWAL TERM) OR REDEMPTION FEE, WHICH REMEDY THE REGISTRANT AGREES CONSTITUTES THE ONLY POSSIBLE DIRECT DAMAGES FLOWING FROM THIS AGREEMENT.
IN ADDITION, THE REGISTRY AND/OR REGISTRY RELATED PARTIES ARE, TO THE MAXIMUM EXTENT PERMITTED BY LAW, NOT LIABLE FOR ANY DAMAGES THAT THE REGISTRANT MAY SUFFER BECAUSE OF SERVICE OR SYSTEM FAILURE, INCLUDING DOMAIN NAME SYSTEM FAILURE, ROOT SERVER FAILURE, TELECOMMUNICATION FAILURE, INTERNET PROTOCOL ADDRESS FAILURE, ACCESS DELAYS OR INTERRUPTIONS, DATA NON-DELIVERY OR MIS-DELIVERY, ACTS OF GOD, UNAUTHORISED USE OF PASSWORDS, ERRORS, OMISSIONS OR MIS-STATEMENTS IN ANY INFORMATION OR OTHER SERVICES PROVIDED UNDER THIS AGREEMENT, DELAYS OR INTERRUPTIONS IN DEVELOPMENT OF WEB SITES, RE-DELEGATION OF THE REGISTRY TOP-LEVEL DOMAIN NAME, OR BREACH OF SECURITY, EVEN IF THE REGISTRY AND/OR REGISTRY RELATED PARTIES HAVE BEEN ADVISED OF THE POTENTIAL FOR SUCH DAMAGES, AND EVEN IF THE REGISTRY OR REGISTRY RELATED PARTIES MAY FORESEE SUCH POSSIBLE DAMAGES. THE REGISTRANT’S SOLE REMEDY FOR THE REGISTRY OR REGISTRY RELATED PARTIES’ BREACH OF THIS AGREEMENT OR NEGLIGENCE OF ANY TIME SHALL BE, AT THE SOLE DISCRETION OF THE REGISTRY OR THE REGISTRY RELATED PARTIES, THE RESUPPLY OF THE DOMAIN NAME OR A REFUND OF THE REGISTRATION FEE, REDEMPTION FEE OR RENEWAL FEE (IF THE BREACH OCCURS DURING A RENEWAL TERM), WHICH REMEDY THE REGISTRANT AGREES CONSTITUTES THE ONLY POSSIBLE DIRECT DAMAGES FLOWING FROM THIS AGREEMENT. THE REGISTRANT’S SOLE REMEDY FOR AN ACTION NOT FLOWING FROM THIS AGREEMENT (IN TORT OR OTHERWISE) SHALL BE LIMITED TO THE AMOUNT OF MONEY PAID TO THE REGISTRY OR REGISTRY RELATED PARTIES BY THE REGISTRANT.
The Registry is committed to an open Internet and to freedom of expression. However, in the course of its duties to comply with ICANN consensus policies, UDRP, URS, or CRS decisions, court or other governmental orders, or other duly-qualified law enforcement requests, or to protect the integrity and functioning of its networks, the Registry, in its sole discretion, reserves the right to:
This Privacy & Whois Policy is part of the Registry Policies, which form a cohesive framework and must be read in conjunction with one another, as well as with other applicable agreements, policies, laws, and regulations which, taken together, represent the entirety the obligations and responsibilities with regard to any domain name registration.
The objectives of this Privacy & Whois Policy are:
In order to provide Registry services in any TLD, the Registry is required by ICANN to collect and publish data pertaining to the identity of the Registrant of any domain name.
In addition to definitions found in the Registry Policies “Policy Overview and Definitions” document, the following terms are used in this Privacy & Whois Policy as defined below.
The Registry will maintain a publicly accessible information service known as the Registry’s “Whois” service, which service provides the following information pertaining to a domain name, pursuant to ICANN’s Consensus Policies, which may be amended at any time and from time to time:
It is not possible to entirely block third party access to Registrant Personal Information; it may however, be possible for Registrants to use the services of a third party to display “private” or “proxy” information in the publicly-available Whois.
The Registry reserves the right to review or revise this Privacy & Whois Policy at its sole discretion within one hundred eighty (180) days prior written notice, including to maintain compliance with ICANN Consensus Policy or other applicable law or regulation; Registrants who have provided their Personal Information to the Registry are deemed to acknowledge and be bound by this Privacy & Whois Policy and any changes made to it.
The current version of the Privacy & Whois Policy will made available on the Registry website. It applies to any domain name registered in the TLD, no matter when or how registered, renewed, or transferred. Where a Registrant licenses or leases the domain name or any sub-domain names obtained under these Registry Policies, the Registry and the sponsoring Registrar shall hold the Registrant solely liable for activity in the domain name and in any sub-domain, if applicable.
This Complaint Resolution Service (CRS) is part of the Registry Policies, which form a cohesive framework and must be read in conjunction with one another, as well as with other applicable agreements, policies, laws, and regulations which, taken together, represent the entirety the obligations and responsibilities with regard to any domain name registration.
Ordinarily, the Registry is unable to simply suspend a domain name where another member of the public complains or takes issue with the use to which a domain name is being put and a concerned member of the public always has the right to reach out to the domain name Registrant directly to bring any concerns to their attention.
If such direct contact is not possible or advisible (it may be a sensitive concern after all), or if after doing so, there is still a concern that the registration or use of a domain name in the TLD is illegal, abusive, infringes the rights of others, is otherwise in violation of the Registry Policies, or is allegedly otherwise in violation of the law, we provide the CRS, through which anyone may register a complaint.
The CRS provides a transparent, efficient, and cost effective way for the public, including law enforcement, regulatory bodies, and intellectual property owners to (a) submit complaints or report concerns regarding the registration or use of a domain name in the TLD, and (b) where appropriate, to seek to have such concerns addressed through confidential and non–binding mediation.
Managed through the Abuse Point of Contact and a corresponding webform, the CRS provides a procedure for reporting and, where appropriate, addressing alleged illegal or prohibited conduct effected through a domain name in the TLD; prohibited conduct includes, but is not limited to: inaccurate Registrant Whois information; that a domain name registration is being used to facilitate or promote malware, operation of botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting, or activity otherwise contrary to applicable law. The CRS framework employs two levels of review: (1) immediate action to protect the public interest, or (2) the optional appointment of an independent Ombudsperson to facilitate, where possible, confidential and non-binding complaint resolution between the parties.
The CRS is not intended to replace courts or ICANN-mandatory dispute resolution systems such as the UDRP (Uniform Domain Name Dispute Resolution Procedure) or URS (Uniform Rapid Suspension system).
To submit a complaint or report a concern regarding the registration or use of a domain name in the TLD, please use the CRS Complaint form.
Complaints and reports of concern will be reviewed as follows.
The Abuse Point of Contact will initially review all complaints and reports of concerns regarding alleged criminal or otherwise illegal or prohibited conduct for compliance with the Registry Policies.
Upon receipt of any Complaint, the Abuse Point of Contact will “lock” the domain name and associated records until the Complaint is determined frivolous, resolved, withdrawn, or dismissed, or pursuant to a court order or reasonable request from law enforcement. A Complaint shall not exceed 1,000 words or three (3) pages, whichever is less. Abuse Point of Contact will notify Registrar in the event a domain name has been locked.
Review Tier 1: immediate action to protect the public interest: In the event of a report of alleged criminal or otherwise illegal or prohibited conduct requiring immediate action to protect the public interest, the Abuse Point of Contact will initiate an “Immediate Review of Request for Suspension in the Public Interest” (see Step Two below).
Review Tier 2: optional appointment of an independent Ombudsperson: In the event of a Complaint alleging non-compliance with the Registry Policies that does not require immediate action to protect the public interest, the Abuse Point of Contact will contact the parties to explore their interest in confidential and non-binding mediation aimed at facilitating an amicable resolution between the parties (see Steps Three through Seven below).
If the Abuse Point of Contact considers that the Complaint does not address a matter covered by the Registry Policies, is deficient, or is frivolous, the filing/complaining party (Complainant) will be promptly notified of the deficiencies identified. The Complainant has five (5) business days from the receipt of notification to correct the deficiencies and return the Complaint, failing which, the Abuse Point of Contact will deem the Complaint to be withdrawn and the domain lock will be removed. This will not prevent the Complainant from submitting a different Complaint in the future.
On receipt of a Complaint or report of alleged criminal or otherwise illegal or prohibited conduct requiring immediate action to protect the public interest, the Abuse Point of Contact will initiate an “Immediate Review of Request for Suspension in the Public Interest” to determine, whether or not specifically requested by the Complainant, if a Critical Issue Suspension (CIS) is warranted.
A request for a CIS may be granted in cases where there is a compelling and demonstrable threat to the stability of the Internet, critical infrastructure, or public safety. A CIS does not terminate the Registrant’s rights or their domain name registration; it simply modifies the Name Server records in the zone, temporarily disabling resolution. Suspensions under the CRS, including a CIS, may be appealed to the Ombudsperson’s office for resolution.
Absent compelling circumstances including, but not limited to, a court order or reasonable request from law enforcement, where the Abuse Point of Contact has activated a CIS, a suspension notice will be sent to the Registrant’s administrative contact with a copy to the Registrar, usually within 48 hours.
Any Complaint alleging non-compliance with the Registry Policies must be submitted to the Abuse Point of Contact using the webform provided on the Regsitry’s website; all required fields must be complete, the Complaint must be signed electronically, and any fee required by the webform must be paid in advance of the Abuse Point of Contact attending to the complaint. The types of conduct that may be raised as the basis for a Complaint alleging non-compliance with the Acceptable Use Policy can be found on the Registry's website.
In the event that a Complaint alleging non-compliance with the Registry Policies is submitted to the Abuse Point of Contact, typically within 5 business days of receipt of the Complaint, the Abuse Point of Contact will send a “Formal Notification of Complaint” including a copy of the Complaint, by email to the Respondent using the administrative contact details provided in the Whois for the domain name as well as to any other Registrant email addresses provided by the Complainant.
Either Party may provide an additional email address by notifying the Abuse Point of Contact; the Registrant may not, however, change the Registrant information for the domain name without mutual agreement of the parties or unless a settlement is reached.
Communications must be in English and any email attachments should be in a standard format, such as Microsoft Word or PDF, and should not exceed 10MB individually or 50MB together.
Any communication between the Parties shall copy the other Party, the Abuse Point of Contact, and the Ombudsperson, if appointed.
Except as otherwise decided by the Abuse Point of Contact in its sole discretion, all communications under the CRS shall be deemed received at the date and time on which the email or communication was sent as determined by the time zone of the Abuse Point of Contact; in case of doubt, however, it shall be the responsibility of the sending party to provide proof of transmission.
At the same time as the notification to the Parties (by email) of the commencement of a CRS proceeding, the Abuse Point of Contact will contact the parties to explain the confidential and nonbinding nature of the CRS, and to gauge their interest in Registry-facilitated mediation aimed at allowing the Parties to reach an amicable solution.
For the avoidance of doubt, even if the Parties do not decide to engage in CRS-based mediation, the Registry may, in its sole discretion (including based on reports made to the Registry by third parties), suspend, transfer, or terminate a Registrant's service, including a domain name registration, for violation of any of the requirements or provisions of the Registry Policies on receipt of a complaint if the Registry believes (a) a violation has or may have occurred; and/or (b) suspension and/or termination may be in the public interest. Also, for the avoidance of any doubt, the Respondent may submit a Response even if it decides not to participate in mediation, e.g., to provide information to the Registry as to any alleged non-compliance.
Within fifteen (15) business days of the date of commencement of a CRS proceeding, the Respondent (i.e., the domain name Registrant) may submit a Response.
The Response must be submitted to the Abuse Point of Contact using the webform provided on the Registry’s website; all required fields must be completed, and the Response must be signed electronically.
Using the Registry’s webform, the Response shall:
Once submitted, a copy of the Response will be forwarded to the Complainant and to the Respondent as soon as practicable. In the event there is no Response, the Complaint shall be deemed closed; the Parties may however submit a new Complaint in future, or a UDRP or URS or court claim.
Within five (5) business days of receiving the Respondent’s Response, the Complainant may submit a Reply to the Respondent’s Response, which shall not exceed 1,000 words or three (3) pages, whichever is less (annexes may only be included with the permission of the Abuse Point of Contact). The Reply should be confined to answering any new points raised in the Response that could not have reasonably been foreseen when the Complaint was submitted.
If the Parties have agreed to mediation, within ten (10) business days of the receipt of the Complainant’s Reply (or the expiry of the deadline to do so), the Abuse Point of Contact will arrange with the Ombudsperson’s office for mediation to be conducted. Mediation will be conducted in a manner that the Ombudsperson, at their sole discretion, considers appropriate.
Mediation conducted between the Parties during mediation (including any information obtained from or in connection to negotiations) shall be strictly confidential as between the Parties and the Ombudsperson. Neither the Ombudsperson nor any Party may use or reveal details of such negotiations to any third parties (including a UDRP or URS provider) unless ordered to do so by a court of competent jurisdiction.
If the Parties reach settlement during the mediation, then the existence, nature, and terms of the settlement shall be confidential as between the Parties unless the Parties specifically agree otherwise, a court competent jurisdiction orders otherwise, or applicable laws or regulations require it.
Any settlement reached by the Parties must be in writing to be enforceable and should include instructions for the Registry (and if applicable, Registrar) concerning the disposition of domain name and timing; the Ombudsperson will provide a (non-mandatory) template for such purposes.
If the Parties did not achieve an acceptable resolution through mediation within twenty (20) business days of the appointment of an Ombudsperson, the Ombudsperson will send notice to the Parties and Abuse Point of Contact that it does not appear that the Complaint can be resolved through the CRS. In such case, the Complainant shall have the option of availing itself of the courts or other processes such as the UDRP or URS. The Registry shall unlock the domain name within fifteen (15) business days of such notice from the Ombudsperson.
Effect of Court Proceedings
If, before or during the course of proceedings under the CRS, the Ombudsperson or Abuse Point of Contact is made aware that legal proceedings have begun in or before a court or other body of competent jurisdiction, including but not limited to a URS or UDRP proceeding, and that such legal proceeding specifically relates to a domain name and conduct which is the subject of a Complaint, the CRS will be terminated.
A Party must promptly notify the Ombudsperson if it initiates or becomes aware of legal proceedings before a court or panel of competent jurisdiction, including but not limited to a URS or UDRP proceeding, relating to a domain name which is the subject of a Complaint during the course of proceedings under the CRS.
The applicable fees with respect to the referral of proceedings under the CRS to the Ombudsperson are (in AUD) $100 plus applicable taxes for Complaints involving 1-5 domain names and only one Complainant. For Complaints involving 6 or more domain names, the Ombudsperson and/or Abuse Point of Contact will set a fee in consultation with the Abuse Point of Contact. Fees are calculated on a cost-recovery basis; the Registry does not intend profit from its mediation or administration services of the Complaint Resolution Service.
Exclusion of Liability
Neither the Registry employees, directors, officers, representatives, delegees, shareholders, agents, successors, and/or assigns or those of its affiliates; nor any employee or agent of the Ombudsperson shall be liable to a Party for anything done or omitted, whether (to the extent permitted by applicable law) negligently or otherwise, in connection with any proceedings under the CRS unless the act or omission is shown to have been intentionally done in bad faith.