The founder of controversial BitTorrent search engine The Pirate Bay has entered the domain name market with a new proxy service.
It’s called Njalla, it’s based in a Caribbean tax haven, and it says it offers a higher level of privacy protection than you get anywhere else.
The company described itself in its inaugural blog post today like this:
Think of us as your friendly drunk (but responsibly so) straw person that takes the blame for your expressions. As long as you keep within the boundaries of reasonable law and you’re not a right-wing extremist, we’re for promoting your freedom of speech, your political weird thinking, your kinky forums and whatever.
Founder Peter Sunde was reluctant to describe Njalla as a proxy registration service, but it’s difficult to think of another way of describing it.
When you buy a domain via the company’s web site, the name is registered by Njalla for itself. You can still use the domain as you would with a regular registrar, but the name is “owned” by Njalla (1337 LLC, based in Saint Kitts & Nevis).
The company is a Tucows reseller via OpenSRS, and it supports almost all gTLDs and several ccTLDs (it’s declined to support Uniregistry due to recent price increase announcements).
Prices are rather industry standard, with a .com setting you back €15 ($16).
The big difference appears to be that the service doesn’t want to know anything about its registrants. You can sign up with just an email address or, unusually, an XMPP address. It doesn’t want to know your name, home address, or anything like that.
This means that whenever Njalla receives a legal request for the user’s identity, it doesn’t have much to hand over.
It’s based on Nevis due to the strong privacy laws there, Sunde said.
Under what circumstances Njalla would suspend service to a customer and hand over their scant private information appears to be somewhat vague and based on the subjective judgement or politics of its management.
“As long as you don’t hurt anyone else, we’ll let you do your thing,” Sunde said.
Child abuse material is verboten. Spam is in a “gray zone” (although forbidden by Njalla’s terms of service).
Copyright infringement appears to be just fine and dandy, which might not be surprising. Sunde founded The Pirate Bay in 2003 and spent time in prison in Sweden for assisting copyright infringement as a result.
“You don’t hurt people by putting a movie online,” Sunde said. “You do hurt someone by putting child porn or revenge porn or stuff like that… If you look at any statistics on file sharing, it proves that the more people file-share the more money goes into the ecosystem of the media.”
While this is likely to upset the IP lobby within the domain name community, I think there’s a possibility that existing ICANN policy will soon have an impact on Njalla’s ability to operate as it hopes.
ICANN is in the process of implementing a privacy/proxy services accreditation program that will require registrars to only work with approved, accredited proxy services.
Sunde thinks Njalla doesn’t fall into the ICANN definition of a proxy service, and said his lawyers agree.
Personally, I can’t see the distinction. I expect ICANN Compliance will probably have to make a call one way or the other one day after the accreditation system comes online.
Controversial piracy site The Pirate Bay is likely to be the first victim of a new industry initiative being described as “UDRP for copyright”.
The Domain Name Association today published a set of voluntary “healthy practices” that domain registries can adopt to help keep their TLDs clean of malware, child abuse material, fake pharmacies and mass piracy.
And Public Interest Registry, the company behind .org, tells DI that it hopes to adopt the UDRP-style anti-piracy measure by the end of the first quarter.
This is likely to lead to thepiratebay.org, the domain where The Pirate Bay has resided for some time, getting seized or deleted not longer after.
Under its Healthy Domains Initiative, the DNA is proposing a Copyright Alternative Dispute Resolution Policy that would enable copyright holders to get piracy web sites shut down.
The version of the policy published (pdf) by the DNA today is worryingly light on details. It does not explain exactly what criteria would have to be met before a registrant could lose their domain name.
But PIR general counsel Liz Finberg, the main architect of the policy, said that these details are currently being finalized in coordination with UDRP arbitration firm Forum (formerly the National Arbitration Forum).
The standard, she said, will be “clear and convincing evidence” of “pervasive and systemic copyright infringement”.
It’s designed to capture sites like The Pirate Bay and major torrent sites than do little but link to pirate content, and is not supposed to extend to sites that may inadvertently infringe or can claim “fair use”.
That said, it’s bound to be controversial. If 17 years of UDRP has taught us anything it’s that panelists, often at Forum, can take a liberal interpretation of policies, usually in favor of rights holders.
But Finberg said that because the system is voluntary for registries — it’s NOT an ICANN policy — registries could simply stop using it if it stops working as intended.
Filing a Copyright ADRP complaint will cost roughly about the same as filing a UDRP, typically under $1,500 in fees, she said.
Penalties could include the suspension or transfer of the domain name, but monetary damages would not be available.
Finberg said PIR chose to create the policy because she wasn’t comfortable with the lack of due process for registrants in alternative methods such as Trusted Notifier.
Trusted Notifier, in place at Donuts and Radix, gives the Motion Picture Association of America a special pass to notify registries about blatant piracy and, if the registry agrees, to have the domains suspended.
While stating that .org is a fairly clean namespace, Finberg acknowledged that there is one big exception.
“The Pirate Bay is on a .org, we’re not happy about that,” she said. “If I were to say what’s the one .org that is the prime candidate for being the very first one out of the gate, I would say it’s The Pirate Bay.”
Other registries have yet to publicly state whether they plan to adopt this leg of the DNA HDI recommendations.
Police claims of intellectual property infringement led to the number of .uk domains suspended doubling in 2016, according to Nominet.
Statistics released today show that the .uk registry suspended 8,049 domains in the 12 months to October 31, compared to 3,889 in the year-ago period.
It’s an almost tenfold increase on 2014, when just 948 domains were taken down.
Nominet suspends domains when law enforcement agencies tell it the domains are being used in crime. No court order is required and Nominet rarely refuses a request.
Registrants can have the suspension lifted if they can show to law enforcement that the allegedly criminal behavior has stopped.
The vast majority of the complaints in 2016 again came from the Police Intellectual Property Crime Unit, which asked for and got 7,617 names suspended.
Just 13 suspensions were reversed, Nominet said. Most of these were due to sites selling so-called “legal highs” being slow to respond to a change in the law.
The controversial ban on “rape” domains resulted in just one suspension among the 2,407 domains automatically flagged for containing rapey substrings.
Nominet published the following infographic with more stats:
A joint US-Polish law enforcement operation has led to the arrest of the alleged owner of the piracy-focused BitTorrent links site KickAssTorrents.
The US Department of Justice announced yesterday that Ukrainian national Artem Vaulin has been arrested in Poland and that it will seek to extradite him to Chicago to face criminal copyright infringement charges.
The site, which has been banned at the ISP level in countries including the UK, provides links to download and share copyrighted works such as movies and music from other BitTorrent users.
But it’s perhaps best known in the domain name industry for regularly jumping from one TLD to another as its domains are terminated by local authorities.
According to the DoJ, it has been seen on kickasstorrents.com, kat.ph (Philippines), kickass.to (Tonga), kickass.so (Somalia) and kat.cr (Costa Rica).
The department said it has seized seven domain names as part of its operation.
According to my records, there are 20 examples of kickasstorrents.example domains in the Alexa one million, all in new gTLDs (though I’ve no idea whether they’re part of the same operation).
The DoJ reckons KAT makes annual revenue of between $12.5 million to $22.3 million from advertising accompanying its links.
ICANN has clarified that it will not terminate new gTLD registries that have piracy web sites in their zones, potentially inflaming an ongoing fight between domain companies and intellectual property interests.
This week’s ICANN 56 policy meeting in Helsinki saw registries and the Intellectual Property Constituency clash over whether an ICANN rule means that registries breach their contract if they don’t suspend piracy domains.
Both sides have different interpretation of the rule, found in the so-called “Public Interest Commitments” or PICs that can be found in Specification 11 of every new gTLD Registry Agreement.
But ICANN chair Steve Crocker, in a letter to the IPC last night, seemed to side strongly with the registries’ interpretation.
Spec 11 states, among other things, that:
Registry Operator will include a provision in its Registry-Registrar Agreement that requires Registrars to include in their Registration Agreements a provision prohibiting Registered Name Holders from distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law, and providing (consistent with applicable law and any related procedures) consequences for such activities including suspension of the domain name.
A literal reading of this, and the reading favored by registries, is that all registries have to do to be in compliance is to include the piracy prohibitions in their Registry-Registrar Agreement, essentially passing off responsibility for piracy to registrars (which in turn pass of responsibility to registrants).
Registries believe that the phrase “consistent with applicable law and related procedures” means they only have to suspend a domain name when they receive a court order.
Members of the IPC, on the other hand, say this reading is ridiculous.
“We don’t know what this clause means,” Marc Trachtenberg of the IPC said during a session in Helsinki on Tuesday. “It’s got to mean something. It can’t just mean you have to put a provision into a contract, that’s pointless.”
“To put a provision into a contract that you’re not going to enforce, has no meaning,” he added. “And to have a clause that a registry operator or registrar has to comply with a court order, that’s meaningless also. Clearly a registry operator has to comply with a court order.”
Some IPC members think ICANN has “backtracked” by introducing the PICs concept then failing to enforce it.
IPC members in general believe that registries are supposed to not only require their registrars to ban piracy sites, but also to suspend piracy domains when they’re told about them.
Registries including Donuts have started doing this recently on a voluntary basis with partners such as the Motion Picture Association of America, but believe that ICANN should not be in the business of content policing.
“[Spec 11] doesn’t say what some members of the IPC think it says,” Donuts VP Jon Nevett said during the Helsinki session. “To say we’re in blatant violation of that PIC and that ICANN is not enforcing that PIC is problematic.”
The fight kicked off face-to-face in Helsinki, but it has been happening behind the scenes for several months.
The IPC got mad back in February when Crocker, responding to Governmental Advisory Committee concerns about intellectual property abuse, said the issue “appears to be outside of our mandate” (pdf).
That’s a reference to ICANN’s strengthening resolve that it is not and should not be the internet’s “content police”.
Last night, he did, and the clarification is unlikely to make the IPC happy.
Crocker wrote (pdf):
ICANN will bring enforcement actions against Registries that fail to include the required prohibitions and reservations in its end-user agreements and against Registrars that fail to main the required abuse point of contact…
This does not mean, however, that ICANN is required or qualified to make factual and legal determinations as to whether a Registered Name Holder or website operator is violating applicable laws and governmental regulations, and to assess what would constitute an appropriate remedy in any particular situation.
This seems pretty clear — new gTLD registries are not going to be held accountable for domains used for content piracy.
The debate may not be over however.
During Helsinki there was a smaller, semi-private (recorded but not webcast live) meeting of the some registries, IPC and GAC members, hosted by ICANN board member Bruce Tonkin, which evidently concluded that more discussion is needed to reach a common understanding of just what the hell these PICs mean.