Cybersquatting and individuals

[Timothe Litt]

Nicolas,

I took your domain tasting suggestion differently; a time delay could make
it more expensive for the squatter as it ties up his money.  Of course they
are likely to just pass increased expenses on to the customer.  Which is
what leads me to some sort of "is it productively used?" test.  If the
default webpage, whois, or any other webpage says "for sale", I presume
non-use.  However, the absence of a public website does not imply non-use.
(E.g. mine requires X.509 client authentication; others may be FTP only or
VPN hubs or routers or embedded systems...)  

The US law (15 usc 1129) isn't perfect - but it protects some individuals.
And it's not very wordy or complicated.  At a minimum, why shouldn't ICANN
have an analogous provision in its UDRP?  Yes, I'm sure it would get wordier
and more complicated, but it does seem a reasonable start.

I don't see that enlarging the TLD space helps; it just moves the problem.
And current TLD pricing is WAY out of the league of individuals, so it moves
disputes to an even more expensive place.

Certainly hard cases make bad law - and as I said, I don't necessarily want
a special interest law for my case.

But the current situation is skewed such that commercial interests (in this
case including non-profit corporations and other trademark owners) have
pretty powerful rights, and individual consumers have none.  

I suspect that under current doctrine, I could have been using (e.g.)
"LittFamilyNetworkServices.com.uk" for 20 years, and tomorrow someone could
register a trademark "Litt Family Network Services", put up a $10 website
that sells photos of worms to meet the commercial use test - and forcibly
take my domain name.  Then I get blackmailed to get it back; the next
country with cheap tradmark registration's squatter does the same thing.
Repeat forever.  And even though I'm just an individual, I have hundreds of
people on personal mailing lists and X.509 certificates that rely on my
name.  So the burden of changing is non-trivial in both time and money.  But
we currently agree with the ICANN policy that "trademarks are the only thing
of value; if you have one, you win."

We claim to represent individual consumers as part of the non-commercial
user constituency.  We have put considerable effort into ensuring that our
trademark owners have rights.  Even though it's a hard problem, we owe
individual consumers the same consideration.

Maybe part of the solution is "first productive (and sustained) use".  Maybe
(as I've suggested in the past), there need to be TLDs where trademark
rights don't have precedence.  (A friend of mine in France had a dog named
'Pepsi' - and said the derivation had nothing to do with a certain soft
drink...)

Maybe these aren't the best starting points.  But there has to be a way for
individuals to have some IP rights in their domain name(s).

I know I'm not offering a full solution - but some sort of "productive use"
test does seem like a reasonable attack vector on the cybersquatting problem
that all DNS consumers - commercial and non-commercial - could support.

Here's the text of the US law from the URL I quoted:

§1129. Cyberpiracy protections for individuals
(1) In general.
(A) Civil liability. Any person who registers a domain name that consists of
the name of another living person, or a name substantially and confusingly
similar thereto, without that person's consent, with the specific intent to
profit from such name by selling the domain name for financial gain to that
person or any third party, shall be liable in a civil action by such person.
(B) Exception. A person who in good faith registers a domain name consisting
of the name of another living person, or a name substantially and
confusingly similar thereto, shall not be liable under this paragraph if
such name is used in, affiliated with, or related to a work of authorship
protected under title 17, United States Code, including a work made for hire
as defined in section 101 of title 17, United States Code, and if the person
registering the domain name is the copyright owner or licensee of the work,
the person intends to sell the domain name in conjunction with the lawful
exploitation of the work, and such registration is not prohibited by a
contract between the registrant and the named person. The exception under
this subparagraph shall apply only to a civil action brought under paragraph
(1) and shall in no manner limit the protections afforded under the
Trademark Act of 1946 (15 U.S.C. 1051 et seq.) or other provision of Federal
or State law.
(2) Remedies. In any civil action brought under paragraph (1), a court may
award injunctive relief, including the forfeiture or cancellation of the
domain name or the transfer of the domain name to the plaintiff. The court
may also, in its discretion, award costs and attorneys fees to the
prevailing party.
(3) Definition. In this subsection, the term "domain name" has the meaning
given that term in section 45 of the Trademark Act of 1946 (15 U.S.C. 1127).
(4) Effective date. This subsection shall apply to domain names registered
on or after the date of the enactment of this Act [enacted Nov. 29, 1999].

Timothe Litt
ACM Distinguished Engineer
---------------------------------------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed. 
 
-----Original Message-----
From: NCSG-NCUC [mailto:NCSG-NCUC-DISCUSS at LISTSERV.SYR.EDU] On Behalf Of
Nicolas Adam
Sent: Tuesday, April 05, 2011 13:28
To: NCSG-NCUC-DISCUSS at LISTSERV.SYR.EDU
Subject: Re: Cybersquatting and individuals

Dear Timothe,

I'll have a stab, if only to get things started.

I just can't seem to imagine a scheme where some form of udrp or
international law could institutionalize a proper allocating mechanism that
would both alleviate cybersquatting *and* be true to the principle that
meanings and names ? by virtue of their ambiguity, general-ness, etc. ?
shouldn't be subjected to a property rights regime that inevitably (and
arbitrarily) assigns exclusiveness, even for a specific use. They say "hard
case make bad law", and this is one such example. 
But, by all means, if someone sharper than I sees a good law for such a hard
case, i will be happy to consider it.

I haphazardly suggested a few days ago that a time-delay before a domain
name could be resold might take care of some front running/tasting problems
by rendering likely that the legitimate user, placed in a situation where
its ideal (or first-querried) name is registered by a front-running
operation, would decide to create some other domain name that would suit him
rather then wait out for its original query to be available.

Admittedly, this does not take care of all cybersquatting issues which, for
the purpose of this discussion, i will grant are all instances of inferior
value for a domain name. As you say, working out the details of the proper
market to institutionalize is the larger can of worms.

I would say that part of the solution to cybersquatting-in-general would be
in the perpetual enlargement of the tld space, so that names squatted need
not be recouped but could rather be bypassed. This solution requires people
to imagine a tld space where .com is not the sole repository of value. In
order for an enlargement scheme to have an impact, the initial enlargement
would have to be substantial, and the policy for further enlargement should
also be clear, predictable, and relatively burden-less so that would-be
cybersquatters could see right away that there is no value to be extracted
in the new scheme of things.

I would be tempted to have such a policy accompanied by the combination of a
"first-come, first served" norm that *could* (but needn't) be implemented by
the innovating registrar. If, for example, ACM would run the .acm, then it
could decide if it would hand out the TimotheLitt.acm to me (or keept it for
you).

One of the things that this does is to put the litigation at the level of
the tld (preferably, before it is attributed to a registrar), rather than at
the level of the individual gunning for a specific second or third-level
name.

I'm sure there will be more cognizant people on this list who will have some
other ideas. Also, please feel free to demolish the above.

Take care,

Nicolas

On 05/04/2011 12:01 PM, Timothe Litt wrote:
> There has been a lot of consideration of the rights of trademark 
> owners in domain names, both in general and on this list.
>
> I haven't seen the corresponding consideration given to the rights of 
> non-commercial individuals; in fact the latest version of the ICANN 
> UDRP that I can find 
> (http://www.icann.org/en/udrp/udrp-policy-24oct99.htm) is silent on this
issue.
>
> Yet it seems that 15 USC 1129 (see
> http://www.bitlaw.com/source/15usc/1129.html) offers some protection 
> to
> (some) individuals.  (Some references say this only applies to "famous"
> individuals; and U.S. law is restricted to the U.S.)
>
> I can see where this can be made a complex issue - e.g. family names, 
> not to mention variations thereof are hardly unique.  Although in the 
> trademark cases, "first come first serve" has been a successful 
> tie-breaker some of the time.
>
> Here's a concrete example that (re-)piqued my interest.  I own and 
> have used example.net for some years, and would like to also have 
> example.com.  (Where 'example' is actually a variation of my family 
> name.)  It turns out that the .com address is held by a cybersquatter.  
> That is, someone WHOIS says owns many, many names, has been on the 
> losing end of many UDRP commercial arbitrations, has changed the name 
> of his company several times, and has an address that google earth 
> shows to be an apartment over a Mailboxes ETC store in England.  Oh, 
> and who doesn't respond to e-mail, even though there is a website on 
> www.example.com that says "this domain may be for sale".  So it would 
> seem that the provisions of 15 USC 1129 would apply.  But that 
> requires a civil action - hardly reasonable for an individual.  
> Especially since I'm in the U.S. - so unless there's equivalent law in the
U.K., there's really no protection at all - at any price!
>
> I think NCUC should advocate for some reasonable set of rules that 
> define and protect individuals' rights in domain names that parallel 
> those of trademark owners.  I'm not saying that the rules must produce 
> a favorable outcome for my example (though it would be nice).  But it 
> does seem to me that ICANN's current omission of any provision for 
> individuals' rights in domain names is a real issue for this group.  
> Individuals are in our field of membership, and can not obtain a 
> trademark unless they intend to use that mark in commerce.  (Not to 
> mention the cost.)
>
> Other opinions?  Anyone care to take a stab at what "reasonable rules" 
> might be?
>
> I also wonder whether there is a public policy argument that (a) 
> domain names are a public resource and (b) a registrant who's sole 
> purpose for registration of a name is to re-sell it represents an 
> inferior use to that of a registrant who has a direct use for it.  
> (Not necessarily a website, by the way.)  That's probably a larger can 
> of worms, but it might be an approach to consider when discussing 
> whether cybersquatting has redeeming social value...
>
> By the way, I don't mean to restrict my comments to family names - 
> among others, boat names, pet names, personal slogans, political 
> statements are all reasonable things for individuals to want as their
domain names.
>
> Timothe Litt
> ACM Distinguished Engineer
>
> (Previously used tlhackque at yahoo.com for e-mail on this list.)
> ---------------------------------------------------------
> This communication may not represent the ACM or my employer's views, 
> if any, on the matters discussed.
>
>