The TRA is currently seeking public comments on its proposed amendments to the Omani Domain Name Regulation. This proposed amendment intends to open up categories of domain names under the .om country-code top-level domain (ccTLD) that are currently restricted from registration. It also intends to open up the registration of .om domain names to natural and legal persons from around the world without requiring them to have any connection with the country. If the TRA goes ahead with its plan, the options for domain name registration available to Omani businesses will significantly reduce while putting the safety of internet users around the world at significant risk.
Reconsidering the Blacklist
The existing Omani Domain Name Regulation provides for a blacklist system where certain categories of domain names are prohibited from registration such as geographical locations, official titles, tribe names, and names contrary to public order. I have written a lengthy piece on this in 2017, where at that time I found out that Oman was the only GCC country that restricts the registration of “generic words” as a category. For example, it is currently not allowed to register domain names such as book.om, car.om, and hotel.om. In my previous post, I wrote how this “generic words” category is pervasive due to the substantial restriction it imposes on .om domain names available for registration, and how bizarre it is because it only applies to English words and not Arabic words. For example, book.om is prohibited, but kitab.om is not.
One of the key changes proposed by the draft amendment of the regulation is to split what used to be considered as blacklist categories into two categories: (1) a narrower “blacklist” that covers names that the TRA determines are not allowed to be registered on legal, moral, cultural, technical, or other grounds, and (2) a “special names list” that covers generic words and other special names that the TRA will offer for sale outside the standard domain name registration system.
The end result of what will remain publicly available for registration using the standard system is not clear. Currently, tribe names are not allowed to be registered, will they be considered special names that are offered to the highest paying bidder? Similarly, geographical locations are also currently not allowed to be registered, will cities such as Dubai have to pay the TRA a special fee to register Dubai.om?
As a principle, making available domain names that used to be locked up is always a good thing. However, the definition of the “Special Names List” appears to suggest that the TRA can deem any name special, which can in theory mean that names currently offered at the standard rate might suddenly become premium. What is also worrying about the changes to the blacklist system is the removal of article 6 in the current regulation which allows members of the public to ask the TRA to delist a name so that it becomes registrable. It is not clear if the removal of article 6 is intentional, but one can see it becoming more complicated to use, especially when the contents of the blacklist and the special names list are not public, and a user might not know if the TRA is blocking the name because of a problem with the name or because the TRA wants to sell it at a premium.
Removing Nationality Requirement for Companies and Individuals
A more significant change that the TRA is proposing is the removal of the requirement for a .om registrant to be a Omani national or a legal entity legally operating in Oman. The TRA has traditionally been conservative in opening up the registration of domain names that originally were only available to legal entities and not Omani individuals, and I personally advocated for years for opening up the registration to Omani individuals, but I believe that opening up the registration of .om domain names to non-Omani natural or legal persons is seriously problematic and not in the interest of Omani society or internet users around the world.
As it is, Omani domain names are expensive and complicated to obtain. The only real reason why anyone would seek to register a .om domain name is the abundance of choice and the possibility of registering a short and catchy domain name that would not be available as a .com or any other gTLD.
The benefits of this are obvious to small and medium Omani businesses such as Change, Dice, or City Cinema where it would be impossible for them to register domain names such as change.com, dice.com, or citycinema.com as they would have obviously been registered decades ago by companies in developed countries. Instead, these companies can in theory easily register change.om, dice.om, and citycinema.om at an affordable price because they are reserved to companies in Oman and Omani nationals. This is not something limited to small and medium companies, but also the biggest names in the Omani industry rely on the choices offered by the .om such as PDO and NBO, who do not own pdo.com or nbo.com, and instead reasonably use pdo.co.om and nbo.om.
If .om domain names are made available to anyone in the world without the requirement of having a connection to Oman, all .om domain names will suddenly be registered by cybersquatters, domain name merchants, and big companies defensively registering all variations of their domain names without any intention of using them, depriving Omani businesses of the choices offered by .om domain names and pushing them to go to the way cheaper and more recognizable .com alternative.
The Risk to the Safety of Users Globally
Another extremely serious problem with removing the controls over the registration of .om domain names relates to the unique nature of the .om ccTLD being confusingly similar to .com, which makes it an attractive option for phishing and typosquatting criminals who can target users from all over the world using this confusing similarity. For example, imagine a user who accidentally types the name of their bank followed by .om instead of .com to find an identical website to that of their bank used to steal their banking credentials. Even though .om domain names are currently extremely tightly regulated, a study from 2016 found 295 .om domains that were illegally registered and are used in a malicious manner including bankofamerica.om, netflix.om, facebookc.om, linkedin.om, and gmail.om.
As the custodian of the .om ccTLD, the government of Oman has a unique responsibility towards the global community of internet users to make sure that Omani domain names are not used in a harmful way. Not only would we be potentially harming thousands of users from all around the world by removing the restrictions on Omani domain names, but the reputation of the .om domain name might get tarnished if it becomes associated with phishing websites, which can consequently be damaging to the performance of Omani websites on search engines if, for examples, Google decides to rank .om websites lower due to their common usage by phishing websites.
TRA Needs to Reconsider
It is obvious that the objective of the amendment of the regulation is to create new sources of revenue for the TRA, but opening up the registration of .om domain names to users from all over the world without any restrictions can potentially limit the options available to Omani businesses while putting internet users around the world at serious risk. The current restrictions on .om domain name registration are not unusual and are used by countries such as Canada and Ireland to control the use of their ccTLDs. The TRA should carefully reconsider its decision and the importance of controlling .om domain names.
The TRA public consultation on the amendment of the Omani Domain Name Regulation ends tomorrow. You can share your views with them by email using the details found on this page.
UPDATE: The TRA extended the deadline for public comment to 3 July.