Tag Archives: whois

Intellectual Property rights in new Top Level Domains: Implementation Recommendation Team draft report

The IRT has released a draft report.  The composition of the  team is strongly biased towards North American intellectual property interests. Unfortunately, individuals were not represented.  Neither were potential new gTLD operators.  There was only one US-based registrar present and only one incumbent US-based registry.  In summary, this report is partial, both because it does not cover the whole picture and because it is strongly biased towards the interests of a specific group.

Quite confusingly, it was published on 24th April, with a 30 day comment period. However, one needs to comment before 6 May if it wants the IRT to consider the comments. Strange tactics.

As others have pointed out, the effective 7 day comment period over this draft report is way too short. It may be wise that the ICANN board does not consider this report before the community has had a real opportunity to comment.

I totally support Michele Neylon’s comments on the whois model  contemplated by this report. It would be in breach with many privacy regulations throughout the world. Further, if the ability to comply with the whois recommendations, as set forth in this report, would become one of the evaluation criteria for the new gTLD applications, this would favour registry operators located in countries with little or no privacy laws. This would put at a competitive disadvantage those businesses which need to comply with local laws. Questions to the IRT:

  • Did the IRT consider if their recommendations regarding the whois were actually compliant with relevant legislation throughout the world ?
  • Will the ability to comply with the whois recommendations, as set forth in this report, be a part of the evaluation process of new gTLD applications ?

Regarding the IP clearinghouse, it is stated that “The recommendation should not result in unnecessary or undue costs, either to trademark owners or to legitimate users and consumers”. Does this mean that the registry operators will have to bear all the increase of their operating costs for protecting third parties interests? The net effect of this is that operators will need to shift the increasing cost among all their customers, including those who have no IP rights to protect. This will mean raising the unit price of domain names for every customer, making the TLD less attractive and potentially be a cause of registry failure. In the case of community-based TLDs that focus on a limited market through a not-for-profit model, this may simply mean that the potential costs  and legal risks may be disporportionate for them to bear.

There is a major concern that different levels of protection for marks may put the registry operator in a position to have to arbitrate between second level domain name  applications and become legally involved in disputes between third parties. Unlike trade marks, which can be multiple according to industrial sectors and geography, domain names are by nature globally unique. As technical operators, registries should have no business in deciding who is the legitimate intellectual right owner.

If such IP clearinghouse system is put in place, it should, at a minimum:

  1. Be automated and implementable at a marginal cost by registries and registrars
  2. Exempt the registry operators from further legal consequences if it has demonstrated that it queried the database at registration time.

In addition to the above, I think it would be only fair that whatever policies are decided as a consequence of this process are also made mandatory for the existing gTLDs. The new entrants should not be the only ones having to bear the weight and costs of these policies.

ICANN consultations on the Registrar Accreditation Agreement

ICANN has started a new round of consultations with regard to the Registrar Accreditation Agreement. The consultation is open through 4 August 2008. I submitted the following comment:

3.3 Public Access to Data on Registered Names

This section of the RAA has been left untouched, although it is well known to ICANN and its community that this contravenes several national and international laws.

See http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2003/wp76_en.pdf
and http://www.icann.org/correspondence/schaar-to-cerf-12mar07.pdf

Quoting this last letter: “Privacy issues stemming from the making available of personal data in the context of the operation of the WHOIS services should be solved through amendments to the registrar accreditation agreement that would offer at least to those registrars located in EU member countries to comply with EU data protection legislation in accordance with the basic principles of data protection and privacy.”

How can ICANN justify that it forces, by contract, other parties to break the law ?

Of course, one could say that it is customary in most European countries laws that contract clauses which go against the laws are considered void. As an example, both the French and Belgian Civil Codes define in article 1133 that “La cause est illicite, quand elle est prohibée par la loi […]“. Hence, European registrars could invoke the legal requirement to not publish data about individuals in their whois database , and to inform ICANN they are not able to fully comply with article 3.3.  Most don’t, but rather have registrants accept terms by which they agree to see their data published. This lack of courage has always amazed me.

Whois: if you want privacy, pay for it

Netchoice, a lobbying group for the e-commerce industry had a strange reaction on the failure of the GNSO working group on whois to reach a consensus.

After all, they say, “Privacy concerns with Whois that were identified years ago have already been addressed by in the marketplace“. In other words, if you want privacy for your domain name registration, you need to pay extra for proxy services.

I understand that the industry wants to always sell more services. That means money for them. However, those proxy services were developed as a workaround to the current whois system, which does not protect privacy, and in wait for a more global solution.

But of course, the main question is that privacy is a fundamental human right under article 12 of the Universal Declaration of Human rights. As far as I know, human rights are for everyone, not just for those who can pay for it. What is next ? Will we need to buy the right for freedom of expression or to organize in trade unions ?