I have come across a member of a social media group asking the question “Is it true that NIXI is planning to introduce KYC norms for new .IN domain registrations?”.
At this point in time, there is no official announcement on .IN registry website & none of the registrars have shared this information to the registrants too. So this article is purely based on the unconfirmed information, purely based on the above question from a member.
This could be a speculative question too and at the same time, couple of social media users have confirmed they have also heard similar information and the registry is exploring the opportunity to introduce KYC for new registrations and it’s only in the conceptual phase and a robust wireframe is to be worked on.
This article only covers the pros and cons of such implementation purely based on my personal experience of dealing with .IN domain names over the last 12+ years.
Although the question is straight forward, indeed its a loaded question too. Also raising a number of connecting questions such as
- What is the exact problem statement registry is trying to solve with the introduction of KYC?
- Are the registrars accountable for performing such KYC validation for each registrant or registry manages this centrally?
- Are the registrants comfortable to share the personal information with a registrar, especially to small registrars?
- Is this KYC process going to cause a hindrance to the growth of .IN extension?
- How .IN extension can compete with other extensions without KYC requirements such as .Com , .Net, .Org , .Info , .Co, .IO..etc ?
- Is it the registry also expects the existing registrants to prove their KYC to hold their domain names?
- If the registry mandates the KYC from existing registrants too, Is there any legal recourse for such registrants not adhering to KYC norms?
- Is it going to open another Pandora Box similar to Net4.in issue and Mitsu.in registrar suspension issues?
- What is the registrant is going to gain from this change?
- Are Non-Indians allowed to register new names? If “Yes”, What kind of documents are required to demonstrate the KYC compliance?
- Who has suggested this idea in the first place & for what purpose?
- Is the registry requests the public discussion on this one before making a decision like any other major decision made by Indian government organizations?
- Looking like the personal data protection (PDP) bill is very stringent than GDPR, Isn’t it an extra burden for IN registry to comply with that?
- Is the registry focusing on the low priority item rather than focusing on promotion and growth? … A lot more questions are getting raised ………..
What bringing several associated questions is the lack of information in public space. Hope the registry will share that information into public consumption in the coming weeks and invite some feedback from the public.
- Ownership issues can be easily resolved, especially if in case a domain name is stolen. It increases the security of a domain name.
- To some extent, spammers can be stopped using the .IN extension for SPAM
- To some extent, fraudsters can be stopped using the .IN extension for any financial frauds or other illegal activities as their identity can be tracked easily by the registry
- Overall extension security likely to be improved
- It increases the difficulty for an average registrant on the ground to register a new domain name. Those who don’t like that extra effort may go for alternative extensions leading to .IN loosing in competition
- Certainly, impact the growth of extension some extent
- If registrars to manage this KYC process then smaller registrars likely to lose the business to big registrars, it will have a knock-on impact on the growth of the extension
- It adds an additional burden to the registrar/registry to protect the documents securely and any breach of the personal information could lead to lawsuits
- .IN has registrants over 200+ countries and territories together. Solving the existing registrations KYC is going to be a key challenge. Especially data protection and privacy laws of those respective countries may bring some unexpected challenges
- Spammers/fraudsters are tricky individuals, they will always find a workaround. Per example, with strong KYC norms in the financial services industry, banks could only reduce the intensity of the frauds but couldn’t stop them in total
- Also could give an opportunity for the speculators to speculate on the integrity of the registry, especially for slowing down the growth of the extension
What could be the right KYC?
.IN registry certainly has the right to do KYC and they should suspend a domain name if a registrant is not ready to provide KYC when specially asked for it however they shouldn’t make it compulsory to register a name or ask all existing registrants to prove the same upfront. That mammoth effort clearly not worth comparing to the benefits it’s going to bring.
Several challenges .IN registry likely to experience as a result of introducing a mandatory KYC norm. .IN registry/registrars to monitor the activity of the registrations and the usage with the state of the art technology and when they see suspicious activities they can request a KYC for a specific domain name or for a set of domain names ownership.
What could be the right focus of .IN registry at current times?
It may be more appropriate for the registry to focus on the lost growth. Specially.IN registration numbers remain around 2 million for the last 3 to 4 years. It’s high time for .IN registry promoting the extension actively by running huge Print and TV advertisement commercials to attract the attention of India.
A small country like the Netherlands is having more than 5 million .NL registrations and .IN is much more meaningful than extensions like .CO.UK which has over 10+ million registrations. Focus to be clearly on increasing the domain per capita of India and especially.IN per capita of India.
If promoted nicely, It would be easily possible to increase the .IN registrations to reach 5 to 10 million. Also, the timing is really great for running such a promotion. If the .IN extension registration count increase to 5 million and.IN registry also earn an extra 100 crore INR ( Circa 15 million USD) revenue per year. The same amount can be re-invested for bringing the state of the art technology to increase the extension security.
I have just shared my opinion based on the limited information I have with me. What is your opinion on this proposed mandatory KYC norm? Please comment on this blog post without a miss.
Disclaimer: The opinions expressed within this article are the personal opinions of the editor. The facts and opinions appearing in the article do not necessarily reflect the views of Our.in and Our.in does not assume any responsibility or liability for the same.