EBERO Emergency Back End Registry Operator Legacy TLD vs New gTLD Cases
- by Staff
The Emergency Back-End Registry Operator program, or EBERO, is a critical safety mechanism established by ICANN to ensure the continued operation of a top-level domain in the event that its registry operator fails to maintain essential registry functions. This safeguard is particularly relevant in the context of new gTLDs, which operate under a more diverse and fragmented registry landscape compared to legacy TLDs. While legacy TLDs have well-established operators with decades of experience, financial stability, and robust technical infrastructure, new gTLDs often operate under different business models, some of which introduce financial and operational risks that increase the likelihood of registry failure. The role of EBERO differs between these two categories, reflecting the distinct challenges each type of TLD faces when continuity of service is at risk.
Legacy TLDs such as .com, .net, and .org have long been managed by highly stable organizations with the technical and financial resources necessary to ensure uninterrupted operations. Verisign, for example, has operated the .com and .net registries for decades with a focus on stability, security, and redundancy. These TLDs are mission-critical to the internet’s infrastructure, requiring an extensive network of redundant data centers, multiple layers of failover protection, and real-time monitoring to prevent outages. Given their scale and importance, ICANN’s contractual agreements with legacy TLD operators mandate rigorous financial stability measures, making it highly unlikely that one of these registries would require EBERO intervention. Their registry operators maintain dedicated business continuity plans, disaster recovery mechanisms, and escrowed registry data that ensure the continued operation of domains even in extreme failure scenarios. As a result, EBERO has not been deployed for a legacy TLD, largely because these operators have maintained compliance with ICANN’s registry service obligations without significant disruptions.
In contrast, new gTLDs operate under a different set of challenges that make EBERO intervention a more realistic possibility. Since the introduction of ICANN’s new gTLD program in 2012, hundreds of new TLDs have been delegated, managed by a wide range of registry operators, from large-scale backend providers to niche organizations focused on industry-specific or community-based domains. Unlike legacy TLDs, many new gTLDs operate with smaller user bases, lower revenue streams, and varying levels of infrastructure investment. Some registry operators entered the market with aggressive growth strategies, only to face financial difficulties when domain registrations failed to meet expectations. This has led to cases where registry operators were unable to maintain the required service levels, prompting ICANN to step in with EBERO to ensure continued domain resolution and protect registrants from losing access to their domains.
The EBERO program is designed to activate when a registry operator fails to maintain critical functions such as DNS resolution, EPP-based domain transactions, WHOIS/RDAP services, or escrow data compliance. Unlike legacy TLDs, where operators have extensive internal failover mechanisms, some new gTLDs rely on third-party backend providers to manage these functions. If a registry operator experiences financial insolvency, technical failure, or contractual non-compliance, EBERO is deployed to temporarily assume control and maintain operations until a permanent solution is identified. ICANN has pre-selected several EBERO providers, including Nominet, Neustar (now part of GoDaddy Registry), and the Internet Systems Consortium (ISC), which are tasked with taking over failing registries and maintaining service continuity.
A notable example of EBERO intervention occurred with the .wed gTLD, which was designed as a niche domain targeting the wedding industry but faced significant adoption challenges. Due to its restrictive business model, low registration volume, and lack of commercial viability, the .wed registry operator was unable to sustain operations, ultimately leading to EBERO activation. This case highlighted the risks associated with some new gTLDs, particularly those managed by smaller entities without the financial resources to support long-term registry operations. The .wed failure demonstrated the importance of ICANN’s safeguards, ensuring that domain registrants were not left stranded without access to their domains when the registry operator was no longer able to function.
Other new gTLD cases have also raised concerns about the viability of certain registry operators, particularly those that underestimated the costs associated with maintaining a stable and secure registry. Some new gTLDs have been acquired by larger registry service providers before reaching the point of EBERO intervention, as financially struggling operators sought to offload their assets to more capable entities. In many instances, consolidations and acquisitions have allowed for a smooth transition of registry functions, but in cases where no buyer emerges, EBERO serves as a last-resort mechanism to prevent domain resolution failures.
One of the biggest differences between legacy TLDs and new gTLDs in relation to EBERO is the scale of operations and the underlying infrastructure stability. Legacy TLD operators have spent decades refining their registry platforms, ensuring that multiple levels of redundancy exist to handle any form of technical or business disruption. Their financial models are sustainable, largely because of high renewal rates and strong demand for widely recognized domains. In contrast, some new gTLD operators launched with speculative business models, assuming rapid adoption that did not always materialize. This led to financial strain, making some registries vulnerable to collapse, requiring ICANN to step in through EBERO when operators failed to meet their obligations.
Security considerations also play a role in how EBERO functions in different TLD environments. Legacy TLD operators implement extensive security measures to protect against domain hijacking, DNS attacks, and data integrity issues, making catastrophic failures unlikely. New gTLDs, particularly those relying on shared infrastructure from registry service providers, may have less direct control over security policies, increasing the risk of incidents that could trigger an EBERO event. In cases where a new gTLD operator fails to maintain compliance with ICANN-mandated security protocols, EBERO providers must be prepared to enforce DNSSEC policies, restore domain resolution integrity, and protect registrants from potential data loss or abuse.
Ultimately, the EBERO program highlights the differences in operational risk between legacy TLDs and new gTLDs. While legacy TLDs maintain stability through well-established financial models, redundant infrastructure, and extensive contingency planning, new gTLDs operate in a more fragmented landscape where failures are more likely. ICANN’s EBERO mechanism provides a crucial safety net for new gTLDs, ensuring that domain holders are not affected by registry instability. As the domain industry continues to evolve, the role of EBERO will remain essential in protecting the integrity of the domain name system, particularly as new gTLDs navigate the challenges of long-term sustainability and operational viability.
The Emergency Back-End Registry Operator program, or EBERO, is a critical safety mechanism established by ICANN to ensure the continued operation of a top-level domain in the event that its registry operator fails to maintain essential registry functions. This safeguard is particularly relevant in the context of new gTLDs, which operate under a more diverse…