Controversial piracy site The Pirate Bay is likely to be the first victim of a new industry initiative being described as “UDRP for copyright”.
The Domain Name Association today published a set of voluntary “healthy practices” that domain registries can adopt to help keep their TLDs clean of malware, child abuse material, fake pharmacies and mass piracy.
And Public Interest Registry, the company behind .org, tells DI that it hopes to adopt the UDRP-style anti-piracy measure by the end of the first quarter.
This is likely to lead to thepiratebay.org, the domain where The Pirate Bay has resided for some time, getting seized or deleted not longer after.
Under its Healthy Domains Initiative, the DNA is proposing a Copyright Alternative Dispute Resolution Policy that would enable copyright holders to get piracy web sites shut down.
The version of the policy published (pdf) by the DNA today is worryingly light on details. It does not explain exactly what criteria would have to be met before a registrant could lose their domain name.
But PIR general counsel Liz Finberg, the main architect of the policy, said that these details are currently being finalized in coordination with UDRP arbitration firm Forum (formerly the National Arbitration Forum).
The standard, she said, will be “clear and convincing evidence” of “pervasive and systemic copyright infringement”.
It’s designed to capture sites like The Pirate Bay and major torrent sites than do little but link to pirate content, and is not supposed to extend to sites that may inadvertently infringe or can claim “fair use”.
That said, it’s bound to be controversial. If 17 years of UDRP has taught us anything it’s that panelists, often at Forum, can take a liberal interpretation of policies, usually in favor of rights holders.
But Finberg said that because the system is voluntary for registries — it’s NOT an ICANN policy — registries could simply stop using it if it stops working as intended.
Filing a Copyright ADRP complaint will cost roughly about the same as filing a UDRP, typically under $1,500 in fees, she said.
Penalties could include the suspension or transfer of the domain name, but monetary damages would not be available.
Finberg said PIR chose to create the policy because she wasn’t comfortable with the lack of due process for registrants in alternative methods such as Trusted Notifier.
Trusted Notifier, in place at Donuts and Radix, gives the Motion Picture Association of America a special pass to notify registries about blatant piracy and, if the registry agrees, to have the domains suspended.
While stating that .org is a fairly clean namespace, Finberg acknowledged that there is one big exception.
“The Pirate Bay is on a .org, we’re not happy about that,” she said. “If I were to say what’s the one .org that is the prime candidate for being the very first one out of the gate, I would say it’s The Pirate Bay.”
Other registries have yet to publicly state whether they plan to adopt this leg of the DNA HDI recommendations.
Police claims of intellectual property infringement led to the number of .uk domains suspended doubling in 2016, according to Nominet.
Statistics released today show that the .uk registry suspended 8,049 domains in the 12 months to October 31, compared to 3,889 in the year-ago period.
It’s an almost tenfold increase on 2014, when just 948 domains were taken down.
Nominet suspends domains when law enforcement agencies tell it the domains are being used in crime. No court order is required and Nominet rarely refuses a request.
Registrants can have the suspension lifted if they can show to law enforcement that the allegedly criminal behavior has stopped.
The vast majority of the complaints in 2016 again came from the Police Intellectual Property Crime Unit, which asked for and got 7,617 names suspended.
Just 13 suspensions were reversed, Nominet said. Most of these were due to sites selling so-called “legal highs” being slow to respond to a change in the law.
The controversial ban on “rape” domains resulted in just one suspension among the 2,407 domains automatically flagged for containing rapey substrings.
Nominet published the following infographic with more stats:
A joint US-Polish law enforcement operation has led to the arrest of the alleged owner of the piracy-focused BitTorrent links site KickAssTorrents.
The US Department of Justice announced yesterday that Ukrainian national Artem Vaulin has been arrested in Poland and that it will seek to extradite him to Chicago to face criminal copyright infringement charges.
The site, which has been banned at the ISP level in countries including the UK, provides links to download and share copyrighted works such as movies and music from other BitTorrent users.
But it’s perhaps best known in the domain name industry for regularly jumping from one TLD to another as its domains are terminated by local authorities.
According to the DoJ, it has been seen on kickasstorrents.com, kat.ph (Philippines), kickass.to (Tonga), kickass.so (Somalia) and kat.cr (Costa Rica).
The department said it has seized seven domain names as part of its operation.
According to my records, there are 20 examples of kickasstorrents.example domains in the Alexa one million, all in new gTLDs (though I’ve no idea whether they’re part of the same operation).
The DoJ reckons KAT makes annual revenue of between $12.5 million to $22.3 million from advertising accompanying its links.
ICANN has clarified that it will not terminate new gTLD registries that have piracy web sites in their zones, potentially inflaming an ongoing fight between domain companies and intellectual property interests.
This week’s ICANN 56 policy meeting in Helsinki saw registries and the Intellectual Property Constituency clash over whether an ICANN rule means that registries breach their contract if they don’t suspend piracy domains.
Both sides have different interpretation of the rule, found in the so-called “Public Interest Commitments” or PICs that can be found in Specification 11 of every new gTLD Registry Agreement.
But ICANN chair Steve Crocker, in a letter to the IPC last night, seemed to side strongly with the registries’ interpretation.
Spec 11 states, among other things, that:
Registry Operator will include a provision in its Registry-Registrar Agreement that requires Registrars to include in their Registration Agreements a provision prohibiting Registered Name Holders from distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law, and providing (consistent with applicable law and any related procedures) consequences for such activities including suspension of the domain name.
A literal reading of this, and the reading favored by registries, is that all registries have to do to be in compliance is to include the piracy prohibitions in their Registry-Registrar Agreement, essentially passing off responsibility for piracy to registrars (which in turn pass of responsibility to registrants).
Registries believe that the phrase “consistent with applicable law and related procedures” means they only have to suspend a domain name when they receive a court order.
Members of the IPC, on the other hand, say this reading is ridiculous.
“We don’t know what this clause means,” Marc Trachtenberg of the IPC said during a session in Helsinki on Tuesday. “It’s got to mean something. It can’t just mean you have to put a provision into a contract, that’s pointless.”
“To put a provision into a contract that you’re not going to enforce, has no meaning,” he added. “And to have a clause that a registry operator or registrar has to comply with a court order, that’s meaningless also. Clearly a registry operator has to comply with a court order.”
Some IPC members think ICANN has “backtracked” by introducing the PICs concept then failing to enforce it.
IPC members in general believe that registries are supposed to not only require their registrars to ban piracy sites, but also to suspend piracy domains when they’re told about them.
Registries including Donuts have started doing this recently on a voluntary basis with partners such as the Motion Picture Association of America, but believe that ICANN should not be in the business of content policing.
“[Spec 11] doesn’t say what some members of the IPC think it says,” Donuts VP Jon Nevett said during the Helsinki session. “To say we’re in blatant violation of that PIC and that ICANN is not enforcing that PIC is problematic.”
The fight kicked off face-to-face in Helsinki, but it has been happening behind the scenes for several months.
The IPC got mad back in February when Crocker, responding to Governmental Advisory Committee concerns about intellectual property abuse, said the issue “appears to be outside of our mandate” (pdf).
That’s a reference to ICANN’s strengthening resolve that it is not and should not be the internet’s “content police”.
Last night, he did, and the clarification is unlikely to make the IPC happy.
Crocker wrote (pdf):
ICANN will bring enforcement actions against Registries that fail to include the required prohibitions and reservations in its end-user agreements and against Registrars that fail to main the required abuse point of contact…
This does not mean, however, that ICANN is required or qualified to make factual and legal determinations as to whether a Registered Name Holder or website operator is violating applicable laws and governmental regulations, and to assess what would constitute an appropriate remedy in any particular situation.
This seems pretty clear — new gTLD registries are not going to be held accountable for domains used for content piracy.
The debate may not be over however.
During Helsinki there was a smaller, semi-private (recorded but not webcast live) meeting of the some registries, IPC and GAC members, hosted by ICANN board member Bruce Tonkin, which evidently concluded that more discussion is needed to reach a common understanding of just what the hell these PICs mean.
Radix has become the second major gTLD registry to announce a content policing deal with the movie industry.
It today said it has signed an agreement with the Motion Picture Association of America similar to the one Donuts announced in February.
Like Donuts, Radix will treat the MPAA as a “trusted notifier” for the purposes of taking down “large-scale pirate websites”.
Radix said the deal “imposes strict standards for such referrals, including that they be accompanied by evidence of clear and pervasive copyright infringement, and a representation that the MPAA has first attempted to contact the registrar and hosting provider for resolution.”
Donuts described its notifier program in this document (pdf). Radix said its arrangement is “similar”.
The Donuts-MPAA deal proved somewhat controversial.
The Electronic Frontier Foundation invoked the slippery slope argument, saying of it:
The danger in agreements like this is that they could become a blanket policy that Internet users cannot avoid. If what’s past is prologue, expect to see MPAA and other groups of powerful media companies touting the Donuts agreement as a new norm, and using it to push ICANN and governments towards making all domain name registries disable access to an entire website on a mere accusation of infringement.
The EFF said these kinds of deals could ultimately lead to legal freedom of speech being curtailed online.
We’re not quite there yet — right now we have two gTLD registries (albeit covering over 200 gTLDs) and one trusted notifier — but I expect more similar deals in future, branching out into different industries such as music and pharamaceuticals.
The deals stem in part from the Domain Name Association’s Healthy Domains Initiative, which aims to avoid ICANN/government regulation by creating voluntary best practices for the industry.
The advantage of a voluntary arrangement is that there’s no risk of a terminal sanction — such as losing your registry contract — if you fail to live up to its terms.
Radix’s portfolio includes .website, .space, .online and .tech. It’s also a .music and .web applicant.