The 2013 Registrar Accreditation Agreement (RAA) – What You Need to Know

Last summer, ICANN announced the 2013 RAA, which was created to foster transparency and accountability in the domain name industry. The RAA is the contract registrars sign with ICANN that outlines the rules they agree to abide by while doing business. The new RAA represents significant improvements over the 2009 agreement and was developed based on input and recommendations from the multiple stakeholders comprising the Internet community. New provisions seek to protect registrants while simultaneously improving the reputation of the domain name industry as a whole.

Until now more than 200 registrars have signed the 2013 RAA. Registrars that want to offer new gTLD domain name registrations are required to sign the 2013 RAA. is the only top 10 registrar that has not yet signed the 2013 RAA.

What follows is a list of some of the key requirements present in the new RAA, along with an explanation of their importance and expected outcomes.

Registrants’ Benefits and Responsibilities

This section of the 2013 RAA clearly defines the type of information registrants should expect to receive from registrars. It also advises registrants that they need to provide accurate contact information and outlines the requirements for maintaining domain name registrations.

  • Why it MattersThese new rules are meant to ensure all registrants receive vital information about domain registration, including the terms and conditions, fees and registrar customer service processes. Additionally, this measure has the potential to increase the transparency of the Internet by requiring that registrant contact information be real and current. IMPORTANT: Inaccurate contact data may result in the suspension or termination of a domain registration.
  • Tips for RegistrarsICANN urges registrars to proactively educate registrants on the importance of keeping their contact information up to date, as well as the potential consequences for not doing so.
  • Tips for RegistrantsThe most important takeaway is that registrants will now be required to verify their contact information when requested to do so by their registrar. The email address or phone number on file with the registrar will be used in verification. If you fail to verify your information within 15 days of a request, your registrar can suspend or terminate your domain. ICANN recommends that you research your registrar’s policies regarding verification notification, and designate your registrar’s email address as a “safe sender.”

Registrar Duty to Investigate Abuse

Registrars must establish a dedicated email address to receive reports of illegal activity. All reports of abuse must be investigated by the registrar and responded to promptly, and information regarding receipt, handling and tracking of abuse reports must be published on a registrar’s website.  Additional registrar requirements apply to abuse complaints made by law enforcement officers.

  • Why it MattersThese requirements were created to expedite the review and handling of abuse cases, which helps support a safer, more secure Internet.
  • Tips for RegistrarsRegistrars may direct general questions about the new RAA’s abuse report handling requirements to
  • Tips for RegistrantsICANN reminds registrants to stay compliant with all applicable laws and abide by the terms of their registration agreements.

Registrar Responsibility for Resellers

The terms of the 2013 RAA apply to all registrations, whether sold directly by a registrar or through one of its resellers. The registrar is tasked with enforcing compliance with the terms of their agreements with resellers.

  • Why it MattersNew rules protect registrants by requiring resellers to incorporate 2013 RAA language into their registration agreements, and by holding the accredited registrar accountable for managing its resellers.
  • Tips for RegistrarsEducate your resellers on these new provisions and enter into contracts with resellers that will ensure you remain in compliance with the RAA.
  • Tips for RegistrantsBe sure to understand who you are doing business with.  If you use a reseller, learn which registrar is ultimately responsible for your registration in case you have issues in the future.

About Konstantinos Zournas

I studied Computer Engineering and Computer Science in London, UK and I am now living in Athens, Greece. I went online in 1995, started coding in 1996 and began buying domain names and creating websites in 2000. I started the blog in 2012.


  1. “IMPORTANT: Inaccurate contact data may result in the suspension or termination of a domain registration”

    Since it seems registrars are not offering the whois privacy service on nTLDs they can not ask that. Too much simple to know the future steps of companies investigating what domains they are registering…

  2. I really do not understand.
    EURID has the better and serious way to manage domains. Why ICANN and other registries do not follow their perfect example?!?

    Eurid give you the privacy, WITHOUT forcing you to pay even 1 cent, and at the same time they permit everyone to contact the registrant for any type of issue.

    Not only! Do you have problems with your registar?!? You can simply take directly by yourself the authcode of any of your domains. Those are the ways. Maybe it is not a case the TLD .eu is maintained under a strict control of EU Commision. So, why they do not follow that SERIOUS example instead of implementing any type of rules to screw everyone whenever is possible?!?

  3. Sorry, my english knowledge…, maybe replacing “investigating” with “looking to” can explain better what I mean.

    The point is: you can use domaintools, whoisology, etc… Using those tools you can really find what are their future projects… Maybe large corporations will register domains not directly to themselves, at the first step, but little companies have more difficults to hide their plans without the whois privacy service…

  4. The current WHOIS is outdated and was actually never ment to function like it is now.
    ICANN is working on a new WHOIS :

    And Eurid also requires correct contact data and does regular checks. Though i agree their WHOIS solution for individuals is very nice compared to other Registries.

  5. “Hmmm, I never thought of domain name corporate espionage…”
    Really? Do you really think companies are not loooking each other to look what domains are registering their competitors? I was not thinking to you as a so naive person 😉
    Trust me, having a good generic means credibility. If you are moving in a particular direction you will try to register a good generic for your future efforts, if you are o smart entrepreneurs/manager.
    Or do you thing that amazon wants .book or google wants .search etc.because having a good generic doesn’t matter? It is so important that those companies wanting to control the entire world economy are doing every type of things to control those generic TLDs.
    Generic TLD, second level generic domain…Same thing, only different plans of control…

  6. Thick WHOIS is actually not a plan anymore , it has been agreed by the ICANN board. Just a matter of time now when Verisign switches.

    The new WHOIS model is still being worked on.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.