Latest news of the domain name industry

Recent Posts

Now the DNA backpedals on “Copyright UDRP”

Kevin Murphy, February 27, 2017, Domain Policy

The Domain Name Association has distanced itself from the Copyright ADRP, a key component of its Healthy Domains Initiative, after controversy.

The anti-piracy measure would have given copyright owners a process to seize or suspend domain names being used for massive-scale piracy, but it appears now to have been indefinitely shelved.

The DNA said late Friday that it has “elected to take additional time to consider the details” of the process, which many of us have been describing as “UDRP for Copyright”.

The statement came a day after .org’s Public Interest Registry announced that it was “pausing” its plan for a Systemic Copyright Infringement Alternative Dispute Resolution Policy modeled on UDRP.

PIR was the primary pen-holder on the DNA’s Copyright ADRP and the only registry to publicly state that it intended to implement it.

It’s my view that the system was largely created as a way to get rid of the thepiratebay.org, an unwelcome presence in the .org zone for years, without PIR having to take unilateral action.

The DNA’s latest statement does not state outright that the Copyright ADRP is off the table, but the organization has deleted references to it on its HDI web page page.

The HDI “healthy practices” recommendations continue to include advice to registries and registrars on handling malware, child abuse material and fake pharmaceuticals sites.

In the statement, the DNA says:

some have characterized [Copyright ADRP] as a needless concession to ill-intentioned corporate interests, represents “shadow regulation” or is a slippery slope toward greater third party control of content on the Internet.

While the ADR of course is none of these, the DNA’s concern is that worries over these seven recommendations have overshadowed the value of the remaining 30. While addressing this and other illegalities is a priority for HDI, we heard and listened to various feedback, and have elected to take additional time to consider the details of the ADR recommendations.

Thus, the DNA will take keen interest in any registrar’s or registry’s design and implementation of a copyright ADR, and will monitor its implementation and efficacy before refining its recommendations further.

The copyright proposal had been opposed by the Electronic Frontier Foundation, the Internet Commerce Association and other members of ICANN’s Non-Contracted Parties House.

In a blog post over the weekend, ICA counsel Phil Corwin wrote that he believed the proposal pretty much dead and the issue of using domains to enforce copyright politically untouchable:

While the PRI and DNA statements both leave open the possibility that they might revive development of the Copyright UDRP at some future time, our understanding is that there are no plans to do so. Further, notwithstanding the last sentence of the DNA’s statement, we believe that it is highly unlikely that any individual registrar or registry would advance such a DRP on its own without the protective endorsement of an umbrella trade association, or a multistakeholder organization like ICANN. Ever since the U.S. Congress abandoned the Stop Online Privacy Act (SOPA) in January 2012 after millions of protesting calls and emails flooded Capitol Hill, it has been clear that copyright enforcement is the third rail of Internet policy.

Angry reactions to “UDRP for copyright”

Kevin Murphy, February 10, 2017, Domain Policy

The Electronic Frontier Foundation and Internet Commerce Association are among those expressing initial concern about the introduction of a new “UDRP for copyright” mechanism by the Domain Name Association.

The EFF said the DNA’s new proposals want registries to become “private arbiters of online speech”, while the ICA expressed concern that the proposals could circumvent the usual ICANN policy-making process.

As we reported earlier in the week, the DNA has set out a set of four “healthy practices” (the term “best practices” was deliberately avoided, I’m told) for registries and registrars, under the banner of its Healthy Domains Initiative.

The first three sets of recommendations cover malware, child abuse material and fake pharmacies and are relatively non-controversial.

However, the surprising fourth proposal seeks to give copyright holders a means to suspend or seize control of domain names where they have “clear and convincing evidence” of “pervasive and systemic copyright infringement”.

While the details have yet to be finalized, it appears to be targeted at sites such as The Pirate Bay, which are used for pretty much nothing but copyright infringement.

“This is a terrible proposal,” the EFF’s Jeremy Malcolm and Mitch Stoltz wrote yesterday:

The content that happens to be posted within [a] website or service has nothing to do with the domain name registrar, and frankly, is none of its business. If a website is hosting unlawful content, then it is the website host, not the domain registrar, who needs to take responsibility for that

They added:

it seems too likely that any voluntary, private dispute resolution system paid for by the complaining parties will be captured by copyright holders and become a privatized version of the failed Internet censorship bills SOPA and PIPA

Those are references to two proposed US laws, the Stop Online Piracy Act and Protect IP Act, that attracted lots of criticism and never saw the light of day.

The ICA, in a separate post on its own site, expressed concerns that private initiatives such as the HDI could give trademark holders another way to route around ICANN policies they do not like.

Noting that trademark protection mechanisms are already under review in a ICANN working group, ICA counsel Phil Corwin wrote:

What if the final consensus decision of that WG is that the URS remedy should remain domain suspension and not transfer, or that the UDRP standard of “bad faith registration and use” should remain as is? Are TM owners then free to develop their own “best practices” that include domain transfer via URS, or a bad faith registration or use standard? What’s the point of going through a multi-year exercise if those dissatisfied with the result can seek stiffer private policies? Just how many bites at the apple should trademark holders get

Both ICA and EFF expressed concern that the new DNA proposals seemed to have been developed without the broad input of members.

Stoltz and Malcolm wrote:

In any purported effort to develop a set of community-based principles, a failure to proactively reach out to affected stakeholders, especially if they have already expressed interest, exposes the effort as a sham.

Corwin wrote:

ICA had no advance knowledge of the details of HDI and no opportunity to provide substantive input. So our fingerprints are nowhere on it.

The Copyright ADRP proposal appears to be the brainchild of Public Interest Registry, the .org registry.

PIR general counsel Liz Finberg told DI earlier this week that PIR is working with arbitration provider Forum to finalize the rules of the process and hopes to implement it in .org before the end of the first quarter.

No other registry has publicly stated similar plans to my knowledge.

The HDI recommendations are completely voluntary and registries/ars are free to adopt them wholly, partially or not at all. They are not ICANN policies.

GNSO faces off with governments over IGO cybersquatting

Kevin Murphy, January 27, 2017, Domain Policy

A defiant ICANN working group looking at cybersquatting rules for intergovernmental organizations is sticking to its guns in an ongoing face-off with the Governmental Advisory Committee.

In a report published for public comment this week, the GNSO working group recommended that IGOs should be given the right to use the UDRP and URS rights protection mechanisms, despite not being trademark owners.

But the recommendations conflict with the advice of the GAC, which wants ICANN to create entirely new mechanisms to deal with IGO rights.

I explored a lot of the back story of this argument in two posts a few months ago, which I will not rehash here.

The latest development is the publication of the proposed initial report of the GNSO IGO-INGO Access to Curative Rights Protection Mechanisms Initial Report (pdf) for comment.

The WG was tasked with deciding whether changes should be made to UDRP and URS to help protect the names and acronyms of IGOs and INGOs (international non-governmental organizations).

For INGOs, including the special cases of the International Olympic Committee and the Red Cross/Red Crescent, it decided no changes and no new mechanisms are required, concluding:

Many INGOs already have, and do, enforce their trademark rights. There is no perceivable barrier to other INGOs obtaining trademark rights in their names and/or acronyms and subsequently utilizing those rights as the basis for standing in the existing dispute resolution procedures (DRPs) created and offered by ICANN as a faster and lower cost alternative to litigation. For UDRP and URS purposes they have the same standing as any other private party.

The case with IGOs is different, because using UDRP and URS requires complainants to agree that the panel’s decisions can be challenge in court, and IGOs by their nature have a special legal status that allows them to claim jurisdictional immunity.

The WG recommends that these groups should be allowed access to UDRP and URS if they have protection under Article 6ter of the Paris Convention, a longstanding international intellectual property treaty.

This rule would actually extend UDRP and URS to hundreds more IGO names and acronyms than the GAC has requested protection for, which is just a few hundred. WIPO’s 6ter database by contrast currently lists 925 names and 399 abbreviations.

To deal with the jurisdictional immunity problem, the WG report recommends that IGOs should be allowed to file cybersquatting complaints via a third-party “assignee, agent or licensee”.

It further recommends that if an IGO manages to persuade a court it has special jurisdictional immunity, having been sued by a UDRP-losing registrant, that the UDRP decision be either disregarded or sent back to the arbitration for another decision.

The recommendations with regard IGOs are in conflict with the recommendations (pdf) of the so-called “small group” — a collection of governments, IGOs, INGOs and ICANN directors that worked quietly and controversially in parallel with the WG to come up with alternative solutions.

The small group wants ICANN to create separate but “functionally equivalent” copies of the UDRP and URS to deal with cybersquatting on IGO name and acronyms.

These copied processes would be free for IGOs to use and, to account for the immunity issue, would not be founded in trademark law.

The WG recommendations are now open for public comment and are expected to be the subject of some debate at the March ICANN meeting in Copenhagen.

As Trump sworn in, CADNA returns to lobby for stronger cybersquatting laws

Kevin Murphy, January 23, 2017, Domain Policy

Remember the Coalition Against Domain Name Abuse? The lobby group that campaigned for stronger cybersquatting laws and against new gTLDs?

It’s back.

CADNA on Thursday used the imminent inauguration of new US president Donald Trump to announce that it’s back in the game, hoping a Republican-dominated government will be friendlier to its agenda.

It told its supporters on “the 2016 general elections outcomes for both the U.S. Congress and the White House present a unique and timely opportunity to push through legislation”.

It wants new federal laws modeled on 2010 Utah state legislation, the E-Commerce Integrity Act, which creates liability for non-registrant third-parties including domain name registrars.

The Utah law is closely modeled on the federal Anticybersquatting Consumer Protection Act of 1999, but has some crucial differences.

CADNA noted at the time the law was up for a vote that it:

expands the liability for cybersquatting activity to include the registrant’s authorized licensee, agent, affiliate, representative, domain name registrar, domain name registry, or other domain name registration authority that knowingly and actively assists a violation

That’s something ACPA does not allow for, and CADNA wants the federal law amended to include provisions such as this. It said:

The Coalition Against Domain Name Abuse (CADNA) is now mobilizing the global business community to promote and pass legislation that will greatly enhance the available protection mechanisms for online trademark protection and limit the appeal of cybersquatting.

The last time US cybersquatting laws came close to being amended was with the Anti-Phishing Consumer Protection Act of 2008, aka the Snowe Bill, which ultimately did not pass.

The Internet Commerce Association, which lobbies on behalf of domain investors, expressed concern with CADNA’s new efforts to revive its noughties lobbying tactics, telling members:

for now this is more of a CADNA recruiting effort than an active legislative natter. As you can see, CADNA announced a similar Federal effort in 2010, which went nowhere. Nonetheless, we should proceed on the assumption that CADNA will secure a sponsor and have such legislation introduced in the new Congress and that such legislation may well gain traction in the current political environment.

The ICA also expressed concern about the amount of statutory damages the Utah law permits compared to the ACPA.

While both Utah and ACPA allow damages of $1,000 to $100,000 per domain, the Utah law assumes the highest amount if a “pattern or practice” of cybersquatting can be demonstrated.

CADNA has been pretty quiet for the last few years.

Before the US elections last November, its most recent press release dated from October 2013.

The group is managed by the same people who run Fairwinds Partners, a new gTLD consultancy specializing in managing dot-brand gTLDs for some of the world’s biggest names.

Its gTLD clients include L’Oreal, Marriott and Walmart.

Fairwinds used its links to CADNA and its staunch opposition to the new gTLD program to pitch for these clients back in 2012.

“UDRP-proof” .feedback gTLD loses first UDRP

Kevin Murphy, September 26, 2016, Domain Registries

The first cybersquatting complaint against a .feedback domain name has resulted in a transfer, despite registry claims that the gTLD was “UDRP-proof”.

De Beers, the diamond merchant, won a UDRP case against the registrant of debeers.feedback earlier this month.

The registrant, who used a privacy service, registered the name back in January, when .feedback was in its unusual “Free Speech Partner Program” phase.

That took the place of an Early Access Program, but saw domains deeply discounted instead of premium-priced.

Buyers had to agree to point their domain to a registry-hosted social media platform and there was a $5,000 fee if they later decided to change name servers.

The registrant of debeers.feedback lost the UDRP largely because there wasn’t much actual feedback on the site until De Beers sent him a nastygram.

On March 24, the site only contained a single two-word post. Five more were added with apparently false earlier dates at a later time, the panelist found.

He wrote:

If the website were genuinely operating as a feedback forum, one would ordinarily expect the reviews to have appeared at or close to their respective dates. That they were not on the website on March 24 and did not appear until after the letter of demand was sent calls for explanation.

The panelist doesn’t mention it, but the reviews all seem to have been copied directly from Yelp!.

Basically, the registrant lost his domain for filling the site with bogosity rather than genuine free-speech griping.

It’s not a terribly surprising or worrying result, perhaps, but it does run counter to what Jay Westerdal, CEO of registry Top Level Spectrum, told us back in January.

“It is a great opportunity for domainers to register domains that will be UDRP proof,” he said at the time. “As free speech sites they are going to improve the world and let anyone read reviews on any subject.”

“I think they are UDRP proof,” he added back then, offering the services of his lawyers to registrants who found themselves served with UDRP complaints.

Today, Westerdal qualified his earlier remarks, telling DI: “I don’t think having a privacy service and also having a .feedback domain will hold up in the current UDRP system.”

Privacy services are discouraged by the registry, though explicitly permitted in its terms of service.

Westerdal said that because De Beers obtained the domain via UDRP, the company will not have to pay the $5,000 unlocking fee if it wants to point debeers.feedback’s name servers elsewhere.