ANA Calls for Independent Investigation of ICANN System Vulnerability

NEW YORK (April 25, 2012) – The Association of National Advertisers (ANA) today called on ICANN (Internet Corporation for Assigned Names and Numbers) to engage an independent third-party IT expert or experts to conduct a comprehensive investigation of its recent system vulnerability. In a letter to Rod Beckstrom, President and Chief Executive Officer of ICANN, ANA President and CEO Bob Liodice outlined the need for immediate answers regarding this serious problem.

Liodice pointed out that this vulnerability – which has shut down the generic top-level domain (gTLD) application system since April 12, 2012 – may have enabled some applicants to see other applicants’ file names and potentially serving to compromise competitive information, which might provide some parties an unfair competitive marketplace advantage. To date, ICANN has failed to fully explain the cause or the scope of the system vulnerability, or announce corrective steps.

In additional comments, Liodice underscored the severity of the problem, stating: “The marketing and internet communities are highly concerned about ICANN’s system vulnerability which appeared shortly after ICANN opened its vast top-level domain expansion program. Allowing confidential application file names to become visible to the wrong TLD applicant could greatly compromise the integrity of the new TLD application selection process. It indicates that ICANN remains ill-equipped to manage a program the marketing community has consistently criticized as ill-conceived, overpriced and technologically suspect.”

Liodice further noted, “We are urgently requesting that the Department of Commerce and its National Telecommunications and Information Administration (NTIA) exercise their oversight of ICANN and encourage ICANN to engage an independent IT expert to fully investigate this serious and inadequately explained vulnerability.”

Liodice concluded, “Trust in the internet’s integrity is paramount for marketers, who are building their businesses and consumer relationships on this vital communications and transactional platform.”

In the ANA letter to Beckstrom, Liodice identified these core questions that an independent investigator should address:

  • What was the specific vulnerability that caused the leak of this information, and why did ICANN wait so long after reports of the vulnerability to shut down the application system?
  • Which file names and applicant names were visible; what kind of information was leaked?
  • What steps, if any, has ICANN taken to alert all parties affected by the vulnerability?
  • A consistent complaint among stakeholders has been that there is little transparency in ICANN’s operations; why has ICANN released so little information about this situation to date?
  • What corrective measures is ICANN taking or planning to ensure that system vulnerabilities or a similar incident will not occur in the future?
  • Should the gTLD expansion program be curtailed in scope or suspended until ICANN employs a sufficiently experienced and/or large enough number of technical internet security staff to oversee it?

###

 

About the ANA

The Association of National Advertisers (ANA) is the definitive voice of the marketing industry. Since 1910, we have set and advanced the agenda for marketing transformation, connecting over 1,600 member companies to an influential global network, insights and resources that drive growth. Our members represent 20,000 brands and $400 billion in annual marketing investment. Through industry-leading research, the CMO Growth Council, and our proprietary Growth Agenda and Practices, the ANA empowers marketers to shape the future of marketing and create lasting impact for their organizations and the industry.

Press Contact

Luna Newton, CooperKatz & Company for the ANA
[email protected] or 917.595.3061

Marcus Hardy, CooperKatz & Company for ANA
[email protected] or 917.595.3043