You could call this Part Three in our series on Illicit Internet Pharmacy. Part One being What's Driving Spam and Domain Fraud? Illicit Drug Traffic, Part Two being Online Drug Traffic and Registrar Policy. There are a few facts I'd like to list briefly so everyone is up to speed. The largest chunk of online abuse at this time is related to illicit international drug traffic, mostly counterfeit and diverted pharmaceuticals. Not only is this an Internet abuse issue but it also represents a grave public health risk since the entire chain of doctors, pharmacists, and patient education has been bypassed by criminals. We have also found that the lion's share of phony RX domains and IP hosts are in the U.S.(see Host Exploit's Top 10 Bad Hosts 2009). As we pointed out Registrars and ISPs have the technical ability and legal obligation to terminate these sites, but few of them are unless put under pressure. There is an additional threat, the one to Intellectual Property. Not just a threat to brand-holders, abuse of trademarks is a ticking time bomb for Registrars and ISPs.
Many ISPs and Registrars falsely believe they are protected from their customer's illicit activities by various statues. This is only true for certain types of crimes and lawsuits. Providers have even written in the Terms Of Service or Acceptable Use Policy that their customers are responsible for any legal action stemming from abuse, but this only covers some activities. Registrars and ISPs ARE in fact liable for Intellectual Property violations conducted by their customers. The Communications Decency Act only immunizes defendants from non-intellectual property claims and non-criminal complaints. Illicit pharmacy is both a criminal act as well as an IP violation since most deal in counterfeit or unauthorized sales of trademarked drugs. One critic of our first article was chagrined that we suggested that Registrars should act on abuse reports from the public, but doing just that is in their best interest. Failing to act can be seen as an act of complicity later when lawsuits begin.
We have a new proactive process that monitors IP abuse in the wild and during initial testing we found 85 compromised IP addresses at one provider's ASN that were hosting spam template content. These sites are never advertised themselves but rather provide low-level content delivery to thousands of spammed domains which are advertised, dumped and replaced. We found that many of the domains that used these templates had trademarks in the domain names. Words like Zoloft, Motrin, Norvasc, Celexa, Zyloprim and many others. None, of course, were the real sites controlled by the actual brand-holders.
One thing is for certain, they are making considerable amounts of money by abusing brands. So much so that they have gone beyond common spam, site hijacking, or paid search engine advertisements and are now issuing press releases to announce deployments of new illicit pharmacies. It seems mind-boggling that a completely illegal business would be so brazen as to use a press release but it shows us the lack of fear on their behalf.
So, folks may wonder why if there is an abundance of research data as well as legal authority. Reason is simple: no enforcement. Many IP attorneys have expressed their lack of faith in WIPO and ICANN enforcement. Brand holders feel that chasing IP violators on the Internet is like swatting at gnats. Recently, we got into a spat with a Registrar over an unlicensed pharmacy domain that was impersonating a pharmaceutical manufacture. The Registrar brushed off our concern until we made clear that their position was completely indefensible. They finally suspended the domain after the brief discussion. The pharma brands also share in the blame for not enforcing their marks. Some drug companies may have unfortunately lead to believe that there is no solution. Others fear the public perception of big pharma pursuing lost profits from illicit providers as if the rogue drug traffickers were some kind of Robin Hood. They are not. Illicit drug traffickers are only helping themselves and often replacing active ingredients with poison. Money in their pocket, garbage in your body.
Some Registrars and ISPs welcome the rogue pharmacy traffic because of the revenue generated by thousands of illicit sites that operate with impunity. Others are seemingly helping illicit pharmacies find variations of unclaimed trademark violation domains with "suggestion" utilities (see sample snapshot). For those that are not familiar with domain registration, some companies will allow you enter any word, including the name of a trademarked product, and return a massive list of unused variations containing that word. For anyone wondering how the spammers come up with so many different URLs with the names of male enhancers, they actually don't have to because Registrars will make them up on the fly for the spammers to buy in bulk. It is a puzzle to many people how the Registrars can sell off someone's trademark. This is, of course, the fundamental question. Adding a warp-speed engine that generates lists of potentially abused trademarked domains is the injury to the insult.
This is a wake-up call the pharmaceutical brands, I am telling you that something can be done to put the pharmacy fraudsters out of business. The problem can be quantified, minimized and managed. And, honestly, this is the case for any trademarked product or service being abused on the Net. It's a new year, let's move in a new direction. The best solution to the whole abuse problem is a shared solution between government, Internet users, brand-holders and service providers. If everyone lifts their weight we all benefit.
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines