Afilias has won a $10 million verdict against domain security startup Architelos, over claims its flagship NameSentry abuse monitoring service was created using stolen trade secrets.
A jury in Virginia today handed Afilias $5 million for “misappropriation of trade secrets”, $2.5 million for “conversion” and another $2.5 million for “civil conspiracy”.
The jury found (pdf) in favor of Architelos on claims of business conspiracy and tortious interference with contractual relations, however.
Ten million dollars is a hell of a lot of cash for Architelos, which reportedly said in court that it has only made $300,000 from NameSentry.
If that’s true, I seriously doubt the four-year-old, three-person company has even made $10 million in revenue to date, never mind having enough cash in the bank to cover the judgment.
“We’re disappointed in the jury’s verdict and we plan to address it in some post-trial motions,” CEO Alexa Raad told DI.
The lawsuit was filed in January, but it has not been widely reported on and I only found out about its existence today.
The original complaint (pdf) alleged that three Architelos employees/contractors, including CTO Michael Young, were previously employees or contractors of Afilias and worked on the company’s own abuse tools.
It claimed that these employees took trade secrets with them when they joined Architelos, and used them to build NameSentry, which enables TLD registries to monitor and remediate abuse in their zones.
Architelos denied the claims, saying in its March answer (pdf) that Afilias was simply trying to disrupt its business by casting doubt over the ownership of its IP.
That doubt has certainly been cast, though the jury verdict says nothing about transferring Architelos’ patents to Afilias.
The $5 million portion of the verdict deals with Afilias’ claim that Architelos misappropriated trade secrets — ie that Young and others took work they did for Afilias and used it to build a product that could compete with something Afilias had been building.
The other two counts that went against Architelos basically cover the same actions by Architelos employees.
The company may be able to get the amount of the judgment lowered in post-trial, or even get the jury verdict overturned, so it’s not necessarily curtains yet. But Architelos certainly has a mountain to climb.
Dot-brand gTLD applicants that were playing wait-and-see with ICANN’s contracting process signed Registry Agreements in droves last week.
At least 67 new RAs were signed in the last three days of July, on or around the ICANN’s July 29 deadline, ICANN’s web site shows.
This means that there are still about 50 applicants that have not pulled the trigger and may have to apply for an 60-day last-chance extension.
A week before the deadline, roughly 170 brands had still not signed contracts.
The July 29 deadline was put in place for dot-brands last year due to delays creating Specification 13 of the RA, which gives brands special opt-out clauses dealing with things like sunrise periods.
Those that have still not obtained RAs are expected to be flagged as “Will Not Proceed” and will have to apply to ICANN for the extension under its Application Eligibility Reinstatement process.
A TLD operators’ webinar series initially cast as a community group has been folded in to the Domain Name Association.
The DNA has announced the creation of the DNA University, which promises to pick up where the TLD Operators Webinar left off.
Tony Kirsch of ARI Registry Services has been appointed inaugural “Dean” of the University.
The first webinar will be entitled “Premium Domain Name Planning” and will be held July 28 at 1500 UTC.
Future webinars, which are open to all registries, registrars and new gTLD applicants, will address subjects including IDNs, rights protection, contractual compliance, and many more.
The TLD Operators Webinar was originally called the TLD Operators Community and characterized as a new industry group, which led to gossip about a split within the DNA.
The program was hurriedly re-branded and re-domained to clarify that it was more, as ARI CEO Adrian Kinderis put it, “a one off effort by our consultancy team to get everyone together for a chat.”
Now it’s just a service under the DNA umbrella.
The Domain Name Association has launched a new web site to show off domains, primarily new gTLD names, that have been spotted “in the wild”.
InTheWild.domains points to a Tumblr blog where members and others can share, for example, photos of billboards or promotional videos that prominently feature new domains.
“Tumblr offers the DNA a very efficient and flexible platform that will help the DNA social media team and you find and post more domains, rather on non-productive management tasks,” the DNA told members.
The site currently has a few dozen posts, such as a WePark.nyc billboard and a VSquared.rocks red carpet video.
Most listed domains are in 2012-round new gTLDs, but there’s a .info, a .us and a .co in there too. I don’t see any .com names.
The submission process appears to be open to everyone, but submissions are moderated by the DNA’s social media people.
A small number of new gTLD registries and/or applicants deliberately exploited ICANN’s new gTLD portal to obtain information on competitors.
That’s my take on ICANN’s latest update about the exploitation of an error in its portal that laid confidential financial and technical data bare for two years.
ICANN said last night:
Based on the information that ICANN has collected to date our investigation leads us to believe that over 60 searches, resulting in the unauthorized access of more than 200 records, were conducted using a limited set of user credentials.
The remaining user credentials, representing the majority of users who viewed data, were either used to:
Access information pertaining to another user through mere inadvertence and the users do not appear to have acted intentionally to obtain such information. Access information pertaining to another user through mere inadvertence and the users do not appear to have acted intentionally to obtain such information. These users have all confirmed that they either did not use or were not aware of having access to the information. Also, they have all confirmed that they will not use any such information for any purpose or convey it to any third party; or
Access information of an organization with which they were affiliated. At the time of the access, they may not have been designated by that organization as an authorized user to access the information.
We can infer from this that the 60 searches, exposing 200 records, were carried out deliberately.
I asked ICANN to put a number on “limited set of user credentials” but it declined.
The breach resulted from a misconfiguration in the portal that allowed new gTLD applicants to view attachments to applications that were not their own.
ICANN knows who exploited the bug — inadvertently or otherwise — and it has told the companies whose data was exposed, but it’s not yet public.
The information may come out in future, as ICANN says the investigation is not yet over.
Was your data exposed? Do you know who accessed it? You know what to do.