CADNA Launches National Campaign Against Typosquatting

External Source

The Coalition Against Domain Name Abuse (CADNA), a non-profit organization based in Washington D.C., is confronting 'cybersquatting', or as defined in the report today, the fraudulent abuse of domain name registration that threatens the future viability of Internet commerce. From today's release:

Although the Anti-Cybersquatting Consumer Protection Act (ACPA) was introduced in 1999, cybersquatting remains an underestimated threat. The number of .com domain names alone has doubled since 2003, and the number of cybersquatting disputes being filed with the World Intellectual Property Organization (WIPO) is on the rise - up 25% in 2006 from 2005. According to a recent independent report, cybersquatting increased by 248% in the past year.

With growing ease and profitability, sophisticated cybersquatters are exploiting a flaw in the domain name registration process whereby domain names are registered and subsequently dropped, risk free, within an accepted 5-day grace period. By abusing this grace period, cybersquatters "taste" and "kite" domain names in order to test their profitability. According to a recent industry report, there are over 1 million kited sites re-registered daily, collectively bringing in $100-125 million in annual revenue for criminals and profiteers. On the whole, cybersquatting is costing brand owners worldwide well over $1 billion every year as a result of diverted sales, the loss of hard-earned trust and goodwill, and the increasing enforcement expense of protecting consumers from Internet-based fraud.

Cybersquatters' increasing assault on intellectual property hurts everyone involved, including consumers and the Internet community at large. By registering domain names derived from famous brands, cybersquatters are able to successfully lure consumers into purchasing counterfeit products (including potentially harmful counterfeit prescription drugs), giving away their personal information (which could lead to further financial loss) and unwittingly exposing themselves to spyware deposits. According to the International AntiCounterfeiting Coalition (IACC), $600 billion was spent online for counterfeits in 2006. Phishing, a fraud enabled by cybersquatting, is also growing at an alarming rate. The Internet Crime Complaint Center, a partnership of the National White Collar Crime Center and the Federal Bureau of Investigation, found that consumers in the U.S. reported personal losses of $198.44 million to phishing in 2006.

To effectively combat cybersquatting, CADNA will work at the federal and international levels to make these fraudulent practices difficult to establish and unprofitable to maintain. Among the coalition's goals are to pursue congressional legislation that would increase the statutory damages set forth by the existing Anti-Cybersquatting Consumer Protection Act, and to work with World Intellectual Property Organization (WIPO) to introduce an international anti-cybersquatting treaty. CADNA will place pressure on ICANN to take decisive action on abuses by domain name registrars and registrants and close the loophole that affords criminals the opportunity to "kite" and "taste" domain names.

"As a result of the automation of the registration process and the monetization of domain name portfolios, the policing burden placed on brand owners has become almost insurmountable," said Susan Crane, Group Vice President of Intellectual Property of Wyndham Worldwide. "We have joined CADNA in this fight because we believe a coalition of companies from across multiple industries will be a more effective voice to address this issue than any one company or industry standing alone."

"The countermeasures available to brand owners are too slow and ineffective to respond to this trend and often too late to prevent damage to the brands and consumers," said Martin Sutton, Manager of Fraud Risk & Intelligence at HSBC Holdings plc. "CADNA brings together brand owners that are concerned with the lack of preventative measures in place to deter these cybersquatting activities and want to make effective changes in order to safeguard their IP and protect consumers."

CADNA's membership includes such leading brands as AIG, Dell, Eli Lilly, Hilton, HSBC, Marriott, Richemont, Verizon, Wyndham, and Yahoo!. "Our 10 charter members alone spend millions of dollars annually to combat cybersquatting," said Josh Bourne, President of CADNA.

CADNA welcomes leading brand owners to join in the coalition's efforts to protect against trademark dilution and extortion, and consumer harms that cybersquatting affords and enables. "This coalition is organizing to combat not only domain name tasting, but whatever the next iteration of cybersquatting turns out to be. CADNA's goals align with all trademark owners who feel like domain name abuses are spiraling out of control," said Allison McDade, Trademark Counsel of Dell Inc. With the help of current and new members, CADNA will raise public awareness and inform policy makers in Washington and across the United States about the new threats posed by cybersquatting and the need for decisive action. CADNA will propose practical solutions to legislators and regulators, and promote the global harmonization of regulations to make the Internet a less confusing and safer place for consumers and businesses alike.

[Update] Elsewhere on this topic:
Bogus Facts Released by CADNA
CADNA Steps up Assault on Domain Name Owners
CADNA Launches National Campaign Against Domain Abuse

Read full story: External Source

Related topics: Cybercrime, Cybersecurity, Domain Management, DNS, Domain Names, ICANN, Law, Policy & Regulation

Comments

Re: CADNA Launches National Campaign Against Typosquatting Philip S Corwin  –  Jul 24, 2007 3:15 PM PDT

I issued this statement on behalf of the Internet Commerce Association in response to the announcement:

The domain name investors and developers of the direct search industry look forward to working with CADNA to effectively address their legitimate concerns about trademark infringement. The ICA supported the restocking fee implemented by Public Interest Registry that has eradicated abusive domain tasting on .Org and we would welcome steps by ICANN and VeriSign to achieve the same result at .Com. While we believe that such market based mechanisms are the best approach we will carefully review any legislation proposed by CADNA to assure that it respects and affirms the rights of domain name investors and preserves vigorous competition in consumer search models.

Re: CADNA Launches National Campaign Against Typosquatting The Famous Brett Watson  –  Jul 25, 2007 1:44 AM PDT

I feel almost out of place commenting on an article (press release?) which presumes that Internet users can be divided into two groups: "consumers and businesses". This seems to presume that the Internet is a good in the sense that it is good for business, rather than a good in its own right. Call me quaint, but I subscribe to the latter view.

This article is, of course, propaganda. It associates the things it opposes with criminality, and the things it supports with consumer protection. This comes as no surprise, given that it is the product of a lobby group. Propaganda and lobbying go together like a horse and carriage, or fear and loathing, or something. I'll roll my eyes and take that as given, rather than pointing out every instance of it.

Having said that, there are still a couple of things that raise an eyebrow. One is the assertion that, "$600 billion was spent online for counterfeits in 2006". That seems incredibly large. Did every person on earth really spend on the order of $100 (on average) online for counterfeits in 2006? Should the "billion" have been "million"? Or is this just the same sort of fantasy accounting that happens any time "theft" of intangibles is evaluated, and should have been phrased as an "estimated loss" rather than an actual figure spent?

The propaganda crosses the thin line from "selective truth" to "misinformation" when phishing is described as "enabled by cybersquatting". "Assisted", perhaps, but definitely not "enabled". Many phishing instances do not use cybersquatting. Many instances don't involve the registration of a domain name at all, but simply compromise some arbitrary existing website and install the fraudulent pages there. Phishing is a valid concern, but CADNA is co-opting it to push its own (largely irrelevant) agenda here.

No doubt there are further details I could nitpick, but I'll leave it at that.

Re: CADNA Launches National Campaign Against Typosquatting Keynes  –  Jul 25, 2007 8:32 AM PDT

I hope Cadna Automotive (Cadna.com) files a UDRP against them. ;)

Re: CADNA Launches National Campaign Against Typosquatting VBDesign  –  Jul 25, 2007 4:42 PM PDT

This falls under the catagory, True But Increadibly Irrelevant.

The entire issue revolves around a notion that a company should not afford a few hundred dollars to register domain names it wishes to test for market value.

This isn't and has never been the issue. "Tasting" isn't used in greater part by legitimate companies wishing to find that domain name that "sounds just right." It is used by spammers who hide behind names scripted by machine through registrars who knowingly and willingly cooperate in the distribution of UCE by fraudulent and misleading means.

A legitimate company, even a sole proprietorship can afford a handful of domains… and what legitimate company would be trying to "taste" the difference in marketability between sdflop1f9493kffdkfdhj.com and dfieriufdidfidfi.com?

This is not an issue of legitimate commercial interest. It is an issue of leaving the fox to tend the henhouse too long. Registrars are now aware that they can profit handsomly by turning their servers over to the mercies of people who have as their primary means of conducting commerce, that they not be caught, and that they not be filtered.

I get legitimate commercial email daily.
It comes to me at my request, usually in regard to software upgrades, services I subscribe to, and items I have purchased in cases where I REALLY DO want to be informed when something better becomes available. That is my choice. It would also be my choice were it not for the efforts of spammers and their miscreant confederates at large, that I never have to sift through my administative inboxes for legitimate emails where the VAST majority of it is simply pushing controlled substances without prescription, both real and dangerous, and fake and dangerous… and all manners of porn, scam, and scheme imaginable to the too-creative criminals sending it.

My legitimate commecial email all identify themselves by consistant domain names, identify the server the mail was sent from, identify the sender or subscription list, and most importantly, give me the option to be removed from the list. Opting to be removed from further mailings, from a domain that will not exist tomorrow, does nothing more than confirm the email address of the recipient as live, and target it for more aggressive abuse from new, additional domain names that will be scripted into existance tomorrow.

"Tasting" is used primarily by those who would deny an individual's right to say, "I don't want what you are selling, my home is not a venue for your advertisments." Registrars who allow the practice aren't saving legitimate companies any money they are helping spammers once again shift the costs of spam. Legitimate companies don't change their name every couple of million emails, or when their software detects that their name has been blocked. Legitimate companies would not be broken by the urge to try their name hyphenated rather than concatenated. Legitimate companies don't run through hundreds of domain names daily… Legitimate companies pick a name out of a very short list that they then spend time and money to gain consumer recognition and association with their company. For a legitimate company, daily name changes would be contrary to the marketing concepts they went to school to learn at great effort and expense. It is therfore a means of facilitating the fraudulent sending of UCE, not a cost saving to legitmate registrants.

The representation that they are looking for that domain name that returns profits greater than the expense of registration is however the truth, of a sort. What is not being said here is that a spammer on average sends out about 50,000 emails in order to make $25. Once blocked a domain will no longer return a profit. Some domains are blocked almost immediately, some escape detection for several days. If spammers had to pay for every domain name, their profit incentive would be severly threatened, and the registrar helping them "taste" domains wouldn't get their cut of the spammers take at the end of the month, because the number of domains required to make spam profitable is greater than the cost that legitimate registration would allow. The process of "tasting" is then a matter that the registrar is engaged in a fraud for the use of domains they themselves do not pay for, on behalf of a spammer, who pays for the service. They assist the spammer in this by allowing use of the very large number of domains required to make the spammer profitable, for a cut of the profits. Profits which could not be realized if those domains were not made available as a means to dodge blacklisting.

"Tasting" is therefore, for the most part, a service offered by corrupt registrars to spammers, essentially giving spammers the analogy of a disposable loaner-car at the internet public's expense with which to crash through the front wall of a user's house, Invade their home… and say, "YES, you will listen to my pitch for little blue penis pills, West African Oil futures, and your young child will be sent porn, whether you like it or not!"

If not for "tasting" we would a step closer to being able to enjoy our family pictures in peace, and commercial email we actually wanted would increase in value as it became less and less misidentified with spam. Tasting is a service to no-one but the greed and self-interest of criminals and those who facilitate them. Rude and vulgar people for whom a locked door is an invitation to forced entry.

Re: CADNA Launches National Campaign Against Typosquatting Dave Zan  –  Jul 26, 2007 6:23 PM PDT

Tasting is a service to no-one but the greed and self-interest of criminals and those who facilitate them.

I took advantage of my registrar's tasting service recently. I guess that makes me a greedy criminal when you know little to nothing about me?

While I understand CADNA's initiatives, I wonder if they'll also introduce ways to address possible abuses of the measures they seek to enforce to resolve their issues. It's only fair it goes both ways, right?

Re: CADNA Launches National Campaign Against Typosquatting VBDesign  –  Jul 26, 2007 10:36 PM PDT

I took advantage of my registrar’s tasting service recently. I guess that makes me a greedy criminal when you know little to nothing about me?

I suppose it's possible Dave. Your representation then is that it's okay because you did it? I've done some pretty bone-headed things in my time too, but using them as a standard by which to excuse the practice never occured to me. I at least know when not to be proud of my mistakes.

Tell me, exactly what is abusive about making a spammer pay for each domain he registers? The only way to do that is require that everyone pay for each and every domain they use.

Exactly how will that break something that has no purpose but a design specification for potential abuse? How would buying these domains interfer with a legit business?

I can imagine no circumstance where so many domains would require to be purchased for a legitimate purpose that the legitimate registration would make this prohibitive. Neither can I see a situation where domains purchased for optimization of ranking could not be disposed of by sale, unless they either shouldn't be released due to possible confusion with your final choice, or that they had been blocklisted due your "tasting" efforts and were then valueless. You either want to invest in your website name, or you want disposable names… In either case, purchase is the only appropriate solution.

I think "tasting" is a really good name for the practice. It is at best a bit like taking a bite out of each piece in the candy sampler box before setting aside the pieces you like and putting the half eaten bits back in the box. At worst it is a bit like also spitting the nibbled bits into the box afterward.