VeriSign, a network infrastructure company, was selected by EPCglobal to run the Object Naming Service, the root directory of the EPC Network. The company is uniquely qualified– VeriSign runs the Internet’s global Domain Name System (DNS) for the ‘.com’ and ‘.net’ top level domains and operates two of the Internet’s root servers. But since its 1995 founding as a spin-off of RSA Data Security, VeriSign has been beset by criticism regarding controversial business practices. Like the EPC Network itself, VeriSign’s role is hard to predict but will certainly be a key to the ultimate success or failure of the EPC.
ICANN: A Troubled Regulatory Group
VeriSign was granted its position as manager of the Internet’s DNS by the Internet regulatory group, Internet Corporation for Assigned Names and Numbers (ICANN). ICANN, a non-profit corporation responsible for managing IP addresses and domain names, was selected in 1998 by the US Department of Commerce to shift control of DNS from the U.S. government to the international community. ICANN contracted VeriSign to run portions of the DNS, and oversees VeriSign’s activities.
While characterizing itself as a public-private partnership, ICANN itself has been criticized for less-than-open decision making. The group often meets in distant countries with sparse Internet use (e.g Tunisia, Romania, Ghana) in a method rumored to be a means for reducing public involvement. Further, its board voted in Ghana’s 2002 meeting to reduce direct public participation in its decision making process. Most recently, ICANN’s proposed budget for 2004-2005 was flatly rejected by the Council of European National Top Level Domain Registries (CENTR), representative of 39 national top level domains, for a 91% budget increase and ICANN’s “unrealistic political and operational targets.”
The tenuous (and litigious) relationship between VeriSign and ICANN is therefore somewhat expected— large networks and their operators are vulnerable to criticism.
Similarities and Differences
ICANN and EPCglobal are similar– they are both non-profit organizations acting for a larger interest, created to standardize and manage an emerging network. Yet the two are not totally analogous– ICANN was “sole sourced,” that is, created exclusively for the U.S. government to act on the behalf of an international public, while EPCglobal is an industry consortium. It is thus important to consider the relationships between VeriSign and the two regulatory bodies individually. And while the problems VeriSign has faced are not necessarily indicators of future performance, the company has a brief but storied history of practices widely criticized as anti-competitive.
Network Solutions, founded as the Internet’s first domain registrar in 1993, was acquired by VeriSign in a $20.75 billion stock deal in March of 2000. The brand served as VeriSign’s domain registration service, and has been accused of bungling domain ownership complaints. The company helped to shield itself from litigation by forcing users to waive the right to sue as part of the domain registration process. (In October of 2003, VeriSign divested itself from Network Solutions, maintaining control of the .com and .net domains.)
FTC Probes Unfair Marketing Practices
Periodic allegations of corporate malfeasance are hardly unique, and certainly a cost of doing business in an emerging market. But Verisign found itself under investigation by the U.S. Federal Trade Commission (FTC) for unfair marketing practices. In a technique known as ‘slamming,’ VeriSign sent mail to rival’s customers, headed “Domain Name Renewal Form” and asked customers to pay VeriSign $29 for “Renewal and Transfer” of their domains. The mailings, which looked like invoices, targeted consumers who may have not been aware they were switching registrars. The FTC probe was resolved in September 2003 in a settlement that barred VeriSign “from misrepresenting that a consumer’s domain name is about to expire or that the transfer of a domain name is actually a renewal” and ordered the company to pay out a consumer class action lawsuit.
VeriSign’s Widely Unpopular SiteFinder
VeriSign’s troubles have continued into 2004. As the FTC’s probe concluded, VeriSign added a wildcard to the ‘.com’ and ‘.net’ top level domains. This had the effect of redirecting mistyped domain names, for instance, typing “RIFDNEWS.org” into a browser instead of “RFIDNEWS.org” would no longer show a cryptic error page, rather a VeriSign document. VeriSign was in a unique position to implement this function given its natural monopoly on the .com and .net top level domains. While there are some positive aspects of this technology, namely less browser misdirection and increased marketing opportunities for VeriSign, the negative impact to the Internet at large was incalculable. By changing the function of the global DNS service, VeriSign had effectively rerouted the Internet, destroying systems that relied on the ability to discern between active and inactive domains. Many spam filters, network analysis software and aspects of search engines could not function due to the “broken” DNS.
ICANN and Community React
The response was immediate. Network administrators began to route requests around VeriSign’s servers. ICANN gave VeriSign two weeks to halt the service, citing “widespread expressions of concern about the impact of these changes on the security and stability of the Internet.” Claiming VeriSign’s actions were “not consistent with its contractual obligations under the .com and .net registry agreements,” ICANN threatened to “enforce VeriSign’s contractual obligations,” presumably through a court order or by ending the company’s control of the Internet’s root servers. VeriSign complied with the order several hours before its deadline.
VeriSign Sues ICANN
In February of 2004, VeriSign sued ICANN, the company that had chosen it to manage the Internet’s infrastructure. It charged that ICANN had unfairly prevented it from developing new services, and that ICANN had “overstepped its authority by trying to become the regulator of the Internet.” The main claim in the suit, that ICANN had violated anti-trust laws by restricting the services VeriSign could offer, was dismissed by a federal judge in May of 2004. On June 17th, 2004 VeriSign filed an amended complaint, which the judge is now considering.
Rivals Sue VeriSign
In February of 2004, VeriSign and ICANN came to an agreement that VeriSign could offer a domain-registration wait listing service. The service would give consumers an opportunity to pay to join a queue through which they would gain control of a domain name upon its expiration. The agreement, reached after two and a half years of negotiation between the two organizations, was met with a lawsuit by eight other registrars, claiming the service would harm consumers and threaten competition. The plaintiffs, despite offering similar services, claim ICANN and VeriSign threaten competition and violate consumer protection laws. Their fear is that ICANN, by siding with VeriSign, has granted the company a special market.
VeriSign, Troubled Past, Bright Future?
The EPC Network is positioned to become a standard data synchronization tool in much the same manner that the DNS has served the Internet. Verisign, despite its propensity to engage ICANN and its rivals, was an obvious choice to helm the network. It can be argued that no other company has real-world experience with implementation of a system of this type. What remains to be seen, however, is if the company will make similar aggressive moves towards its competitors or EPCglobal in the EPC Network marketplace. The lessons from the past will, hopefully, not go unlearned—by both Verisign and EPCglobal as the EPC Network is born.