When Did CIRA Become the Commercial Internet Registration Authority?

Nearly ten years ago, the Government of Canada wrote a letter to the chair of the Canadian Internet Registration Authority (CIRA) that set out the framework for the management of the dot-ca domain.  The government articulated a vision of the dot-ca domain as a "key public resource" and called on CIRA to act in an open and transparent manner.  CIRA has long sought to live up to those standards, but in recent months the organization has shown an unmistakable shift toward prioritizing commercial gain over the public interest along with a troubling move toward secret decision making.

The first sign of this shift came from the decision to effectively terminate plans to create an external, public interest body to address "excess" funds.  Unlike most not-for-profits, CIRA (along with many country-code domain name registries) is a cash machine with millions flowing from the annual renewals of domain name registrations.  Recognizing that CIRA would eventually generate too much money, the board set in motion the prospect of creating a body that could give back some of that money to the Canadian public by supporting Internet-related activities (similar initiatives have been launched by other ccTLDs).  The process included a public consultation, changes to CIRA's by-laws, and board approvals.  Yet two years later, that approach is now seemingly dead – delayed last year due to other fiscal priorities and now (according to board minutes) replaced by "CIRA Labs" of which little is unknown other than it won't surface for at least another year.


Equally troubling is the apparent decision to expand CIRA's registry services to new generic top-level domains.  With ICANN slated to begin a process for new gTLDs, CIRA's staff is "strongly committed to go down this path" and has asked the board to allocate $150,000 toward developing a business case that would open the door to CIRA applying for new domains to sell.  All of this is puzzling – no public consultation, a huge change in approach, and significant expenditures for the development of new business models for an organization that already makes more money than it needs to meet its mandate.  In fact, staff is so committed to aggressive new business models that the board was forced to overrule staff plans to change CIRA's investment policies that are designed to reduce current marketplace risk.

Most recently, the board killed a planned submission to the CRTC's net neutrality hearings.  While the minutes indicate that board members raised concerns around the lack of notice and discussion with the members (funny that net neutrality requires membership consultation but moving into other domain names do not), the board ultimately decided to go in camera to make its decision.  In other words, the board killed the submission but individual members will not be accountable for their decision.

The board minutes reveal an organization with board members that are paid thousands of dollars for their time that has become singularly focused on commercial metrics – domain name growth, market position compared to the dot-com domain, new commercial possibilities – with the public interest side of the domain that sits at the core of the dot-ca now a mere afterthought.  A decade after the government set the expectations for CIRA, the time has come to revisit whether the dot-ca steward has veered badly off course.


  1. George Smiley says:

    CIRA stakeholders should be shocked, shocked at what’s happening now. Some people have made a lot of money out of CIRA for a long,long time.

  2. .ca registrant
    so where are the alternate candidates for the CIRA board? can’t we change the governance of our registry so that it reflects the vision of .ca as a public resource?

  3. I said it before…
    and I’ll say it again: CIRA is absolutely horrible to deal with and I’m in no way surprised they’re run by sheisters.

  4. jeff white says:

    brightwhite design
    Every interaction with CIRA is painful, overly bureaucratic and frustrating. CIRA needs to be taken behind the barn and eliminated.

  5. Byron Holland says:

    CEO, Canadian Internet Registration Authority
    Interesting post, Michael, and you raise some worthy issues.

    I am struck, though, by the fact that you posted this on a day when CIRA happened to exceptionally and very visibly preoccupied with promoting its public-interest mandate. The dot-ca domain is essential to social and economic development within Canada, and we take our mandate of effective stewardship of this key public resource very seriously. I spent a lot of time today explaining to media how we were taking a lead role in combating the Conficker C worm domestically and internationally, a clear expression of our public interest.

    But I have to contradict you on your key point. We have not abandoned plans to actively pursue other public-interest elements of our mandate. You will know from your time on the board at CIRA, and from your continued reading of our minutes, that we are required to have 12 months of operating expenses on hand to ensure a viable and sustainable internet infrastructure which CIRA is responsible for managing. We have been been steadily building this reserve but we’re not quite there yet. So the assertion that CIRA is a “cash machine” and has “excess funds” is simply false.

    Our operating expenses continue to be used to deliver on two mandates; our primary mandate, which is an operational one (managing the dot-ca domain and the domain name server infrastructure – the DNS) and a social mandate (activities beneficial to the Canadian internet). It is the revenue that flows from the registration of dot-ca domain names that funds our ability to manage this important public resource for all Canadians. It is true that CIRA is pursuing additional sources of revenue from other potential registry services to ensure that we have the funds necessary to live up to our stated operational obligations and increased activity in the public interest side of the Canadian domain space. It is this prudent strategy that will allow us to diversify and secure our revenue stream.

    We are absolutely committed to developing a comprehensive strategy over the next year to more fully support our social mandate.

  6. Dear CEO,

    This is an interesting debate. Do you think that it would be worthwhile to review how the CIRA interacts with the people registering .ca domains? Perhaps finding a way to make it less painful and bureaucratic would be a good use of resources?

  7. You know I agree with Jesse, but amusingly Jesse doesn’t seem to agree with Geist. If what you really want CIRA to do is pour resources into running the best registry possible (best means a variety of things, but certainly includes customer-friendliness) then you are at odds with Geist, who would prefer to see resources and attention diverted elsewhere. To worthy causes, no doubt, but still.

    CIRA makes a good target, but I wonder if there’s much agreement on what Geist is actually saying here. Most of the “yes!” comments only go back to difficulties in registration.

  8. You are absolutely right Frank. The first thing I was wondering upon reading that the CIRA was coming into more money than expected was, “Why don’t they just lower the registration fee?” Ultimately, do they need to be taxing the companies that want .ca domains? Is it the job of those few companies to fund programs for the rest of us? Do these companies get tax deductions, or are they essentially paying taxes twice? This feels like a side pot to regular taxes.

    My above comment is only fueled by my general hatred of dealing with government bureaucracy. I have no actual experience dealing with this agency. But some agencies are given a mandate and they carry it out in the rudest way possible because the people they serve have no alternative, or if there are alternatives it doesn’t matter because they receive government funds regardless of quality of service.

  9. biometric01 says:

    Identity Theft and Stolen Passwords
    Much has been discussed about Identity Theft, user ID’s and Passwords stolen or hacked, credit cards being used without the owners knowledge and so on. Now there is a safe way of protecting your passwords and identity online from being copied, stolen and hacked by keyboard trojans, using your biometric fingerprint and face recognition, and even voice, to log on to web sites. By simply scanning your finger or face or voice you can log on to a web site, log on to your computer, and even encrypt files and folders. No more worrying about who might hack into your online accounts or even your email. No more remembering passwords or using the same passwords on many sites. This is an exciting new innovation from myBiodentity and they have about fourteen products that are enabled with biometrics including email encryption, password manager, virtual disk, and many more. You can read more at

  10. Use .com
    I guess I will just have to register a .com domain. .ca domains are incredibly expensive in comparison.