Brand abuse increased across all industry categories measured by the Index with the automotive and media industries drawing the most abuse. Abuse targeting luxury brands demonstrated the greatest increase, growing 23 percent year-over-year, followed by abuse targeting apparel brands which grew 14 percent year-over-year. For the third straight year cybersquatting, the method of using brands in bad faith within the domain name system, continued to be the most prevalent form of brand abuse. In addition, phish attacks reached a new record high with 565,502 attacks in 2009, growing 62 percent over 2008's total.

"MarkMonitor Brandjacking Index: 2009—The Year in Review" measures the effect of online threats to brands quarter-over-quarter throughout 2009. The Brandjacking Index investigates trends, including drilled-down analysis of how the most popular brands are abused online and the industries in which abuse is causing the most damage. The report examines how brandjacking tactics—such as cybersquatting, false association, pay per click scams, offensive content, and phishing—have changed over the past year.

"As scammers continually seek new methods of monetizing traffic, brands face a growing and pervasive problem from online abuse," said Frederick Felman, chief marketing officer, MarkMonitor. "With billions of dollars worth of eCommerce sales, intellectual property and online marketing investments at stake, companies need to take proactive roles in fighting brand abuse online now more than ever."

Brandjackers cast a wide net

• The luxury industry saw the greatest increase of brand abuse, growing 23 percent year-over-year.
• Media and automotive brands attract the greatest amount of brand abuse by volume.
• Brand abuse targeting the apparel industry grew 14 percent year-over-year.
• Brand abuse involving an eCommerce component increased by 39 percent in the consumer packaged goods industry and by 60 percent in the luxury industry.

Cybersquatting on the rise

• Cybersquatting continues as the most prevalent brand abuse technique, growing eight percent from 2008.
• Online advertising abuses are more targeted and harder to identify.
• Fraudsters are coordinating the use of multiple methods to conduct brand abuse.

United States leads in hosting brandjacking websites

• While brand abuse is prevalent throughout the world, for the third straight year the United States, Germany and the United Kingdom are home to the majority of brandjacking websites.
• 69 percent of websites that host brand abuse are hosted in the United States. Germany hosts seven percent followed by the United Kingdom at five percent.

Phish attacks at all-time high

• The number of organizations phished for the first time decreased, with only 33 percent of 2009's total being first-time targets. However, the number of phish attacks reached an all-time high, with 598 phish attacks per organization, indicating fraudsters are being more targeted with their attacks.
• Phish attacks reached a new record high with 565,502 attacks in 2009, increasing 62 percent from 2008.
• Phishing attacks targeting payment services brands grew 154 percent in 2009, increasing to 37 percent of the total by industry in 2009 from 24 percent in 2008.
• Attacks targeting financial brands grew 36 percent in 2009, but declined to 40 percent of the total by industry in 2009 from 48 percent in 2008.
• 2009 phish attacks targeting social network brands numbered 11,240, growing 376 percent from 2008.
• Phish attacks targeting social network brands represented two percent of all phish attacks in 2009.
• The U.S. retained the top position for hosting the largest amount of phishing attacks, increasing its share of phish to 44.7 percent in 2009 from 36.5 percent in 2008.
• Canada, Germany and Korea increased in position from 2008 to 2009. North America held the top spot, increasing to 51.2 percent in 2009 from 40.3 percent in 2008.

Methodology

The Brandjacking Index is an independent report produced by MarkMonitor that tracks and analyzes online abuses of leading brands. The cornerstone of the report is the volume of public data analyzed by MarkMonitor using the company's proprietary algorithms—no customer data or proprietary customer information is used to create the Brandjacking Index. This year, MarkMonitor introduced a new measurement for cybersquatting, gauging the persistence of these sites during the study period.

During the study period, MarkMonitor searched approximately 134 million public records daily for brand abuse in domain data. In addition, MarkMonitor analyzes spam feeds from leading international Internet Service Providers (ISPs), email providers and other alliance partners to detect phishing and other fraud. The company has analyzed billions of web pages since 2004 and processes up to 30 million suspected URLs daily.

French Court Orders Fines for Parking

As previously reported, in mid-February 2010 a French court fined Sedo €95,000 ($130,000) for parking a trademark infringing domain name. SafeNames reportedly was fined $5,000 in this case for being the domain registrar. The court used terms like "fraud," "counterfeiting" and "unfair competition" in its ruling. While some in the industry may dismiss this as a case of "beware the (potentially) high costs of doing domain-related business in France," the judgment could serve as a dangerous legal precedent. Furthermore, it could embolden intellectual property protection advocates seeking any and all means to expand the limits and application of trademark law.

Utah Trying to Expand Internet Regulation

Utah has a documented history of attempting to regulate various Internet-related activities. Most have been struck down in court or repealed in subsequent legislative sessions. Nevertheless, Utah's latest attempt is called the "Utah E-Commerce Integrity Act" (SB26), and includes provisions to restrict phishing, pharming, and spyware, as well as a state-level version of the U.S. Anti-Cybersquatting Consumer Protection Act (ACPA). The problem with this legislation, unlike the ACPA, is that it intends to hold liable a registrar, registry, or "other domain name authority" who "knowingly assists" a cybersquatter in a local alleged cybersquatting case. Who knows how broadly the courts will interpret this "knowingly" language. Despite advocacy efforts to convince the bill's sponsor, State Senator Stephen H. Urquhart, to exempt domain name service providers in a manner consistent with federal safe harbor provisions, the Senator refused and no such amendments were made. Consequently, the bill now awaits Governor Gary R. Herbert's likely signature. Not only will registrars and registries have to inappropriately defend themselves on cybersquatting charges in Utah courts, but the Coalition Against Domain Name Abuse (CADNA, a trademark protection association of almost two dozen global brand holders that promoted Sen. Urquhart's efforts) intends to lobby Congress for a national provision along the same lines.

FTC Rulemaking Could Be a Game Changer

Potentially the most far reaching initiative is yet to come. The U.S. Congress is currently working on a reauthorization bill for the Federal Trade Commission (FTC) which could expand the agency's rulemaking authority. An already approved House bill would give the FTC streamlined rulemaking authority over aspects of the business community, thereby allowing the Commission to pursue policy initiatives with little of the typical bureaucratic red tape. For the domain industry, this could mean, for example, that the FTC may decide to issue a new rule requiring US-based registry operators to enforce strict WHOIS accuracy requirements. A registries' failure to comply with these new rules could lead to fines or civil action. Of course, any cost of enforcing additional WHOIS requirements would be passed through to registrars, and then, of course, on to registrants—ultimately impacting over 115 million registrations worldwide. It's easy to imagine how such enforcement and monitoring costs could dramatically reshape the domain name industry as we know it.

Fortunately, the die has not been cast. The Senate is considering its own version of the reauthorization language, and this ultimately will have to be reconciled with the House bill. Although many businesses are weighing in against streamlined rulemaking, other powerful interests are lobbying for the authority. Trademark protection advocates most likely are among those proponents. While final legislation probably will be part of a broader package, thereby raising its likelihood of passage, this also increases the prospect of buried clauses and complex legal linkages that demand careful scrutiny and comment.

Now is the time for the registrars and registries to contact Congress and/or get involved with coalitions to work on a coordinated push for an ICANN-related exemption from broadened FTC authority. If domain name service providers just sit around and wait to see what happens, they'll only have themselves to blame for consequences.

Written by Statton Hammock, Sr. Director, Law & Policy

Coverage of past ICANN meetings:
ICANN 36 in Seoul, South Korea
ICANN 35 in Sydney, Australia
ICANN 34 in Mexico City

Comments and questions?
Please post them below in the comment section of the page or send us an email.

* * *

Update / Local Time: Tue, Mar 17, 2010 at 1:27 AM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. summarizes the ICANN 37 meetings in Nairobi, Kenya.

Update / Local Time: Tue, Mar 17, 2010 at 1:25 AM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. talks with Anthony Van Couvering, CEO of Minds + Machines, at ICANN 37 in Nairobi, Kenya.

Update / Local Time: Thu, Mar 11, 2010 at 9:35 PM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. sits down with Bart Boswinkle, Senior Policy Advisor for the Country Code Name Supporting Organization, at ICANN 37 in Nairobi, Kenya.

Update / Local Time: Thu, Mar 11, 2010 at 9:30 PM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. speaks with Zahid Jamil, a representative for business interests and other major topics, and a big player for ICANN, at ICANN 37 in Nairobi, Kenya.

Update / Local Time: Thu, Mar 11, 2010 at 7:50 PM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. talks about DNS Security (DNSSEC) with longtime Internet industry leader Steve Crocker, CEO of Shinkuro Inc., at ICANN 37 in Nairobi, Kenya. Updates on the root being signed or scheduled to be signed: .ORG to be signed in July, .COM next year, .NET end of 2010. ccTLDs's showing much activity across the board.

Update / Local Time: Thu, Mar 11, 2010 at 7:46 PM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. spends a few minutes with Ndeye Maimouna, Director of ITC in Senegal, about security around the location of this ICANN 37 meeting being in Nairobi, Kenya.

Update / Local Time: Thu, Mar 11, 2010 at 12:32 AM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. discusses a 2nd topic with Margie Milam about vertical integration and registry/registrar separation around distribution at ICANN 37 in Nairobi, Kenya.

Update / Local Time: Thu, Mar 11, 2010 at 12:31 AM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. speaks with ICANN Policy Director, Marika Konings, about registration abuse at ICANN 37 in Nairobi, Kenya.

Update / Local Time: Wed, Mar 10, 2010 at 10:30 PM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. meets with Stephane Van Gelder, General Manager of Indom.com at ICANN 37 in Nairobi, Kenya.

Update / Local Time: Wed, Mar 10, 2010 at 10:07 PM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. meets with Margie Milam, ICANN Senior Policy Counselor, at ICANN 37 in Nairobi, Kenya. The main topic for this video is Specific Trademark Issues (STI).

Update / Local Time: Tue, Mar 9, 2010 at 10:38 PM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. speaks with ICANN CEO, Rod Beckstrom, at ICANN 37 in Nairobi, Kenya. Big stories coming out of Kenya include further networking out of Africa, EOI board vote and progress areas for new gTLDs.

Update / Local Time: Tue, Mar 9, 2010 at 9:10 PM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. has a discussion with Liz Gasster, ICANN Senior Policy Counselor, at ICANN 37 in Nairobi, Kenya. WHOIS is the main topic.

Update / Local Time: Tue, Mar 9, 2010 at 7:50 PM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. chats with Avri Doria, Chair, Executive Committee of the ICANN Non-Commercial Stakeholders Group, at ICANN 37 in Nairobi, Kenya. Expressions of interest in new gTLD is the main topic.

Update / Local Time: Tue, Mar 9, 2010 at 10:24 AM — Gray Chynoweth, GC, VP Business Operations for Dyn Inc. discusses the .XXX TLD with Stuart Lawley, Chairman & President of the ICM Registry at ICANN 37 in Nairobi, Kenya.

Update / Local Time: Wed, Mar 3, 2010 at 11:23 PM — Gray Chynoweth, General Counsel & VP, HR at Dyn Inc. discusses the upcoming ICANN 37 meeting in Nairobi, Kenya. Gray introduces the video blog series, done in conjunction with CircleID for the 4th time. Gray also outlines the topics for this event including security and remote access, new TLD's, the .xxx gTLD, DNSSEC rollout, root scaling, WHOIS study and more.

If you're not making the trip out to Africa, stay tuned and watch all of the footage from ICANN 37 in Nairobi, Kenya following Gray's hike of Mount Kilimanjaro in Tanzania with other Internet professionals (http://kili2010.com).

Brought to you in partnership with Dyn Inc. Please add your feedback and suggestions using the comment form provided on this page or contact us directly.

Fraudulent websites are designed to divert online traffic from legitimate commerce and cause legitimate brands to lose revenue and customer trust. These sites are often well-trafficked and pose a significant risk to companies and to consumers by offering pirated or counterfeit goods. They may also erode the efficiency of search engine marketing efforts, causing lower ROI on marketing campaigns. MarkMonitor estimates that $133 billion in legitimate revenue was lost in 2009 due to the sale of counterfeit goods online

"Confronting the challenge of online counterfeiting is complex, in part because of the inherent ability of counterfeiters to avoid detection and the cross-border nature of the Internet, which reduces the ability of brand owners to engage law enforcement in policing this new frontier," said Deborah Greaves, Secretary and General Counsel for True Religion Brand Jeans. "An option like the Site Staydown Service from MarkMonitor provides an effective alternative for brand owners to shut down infringing sites quickly, protecting consumers and reducing the profit potential for fraudsters."

Research by interactive agency Razorfish highlights the importance of quickly taking down fraudulent sites that can confuse customers and provide a negative brand experience. The 2009 Digital Brand Experience study by Razorfish measured the influence of online brand experiences on consumer behavior. The study found that 63 percent of surveyed consumers said that a digital brand experience influenced their decision to buy or not buy a product from that brand*.

MarkMonitor builds upon the trust earned by its Security Operations Center (SOC) in taking down fraudulent sites by working with more than 4,200 ISPs and 1,200 registrars located around the globe. During the pilot of this new service, the Site Staydown Service was used by leading brands in the apparel, transportation and footwear categories to shut down more than 100 sites offering counterfeit or pirated goods, identified by the brand holder.

"While brands address the problem of counterfeit and pirated goods with time-consuming traditional enforcement methods, fraudsters continue to profit from illicit activities," said Frederick Felman, CMO of MarkMonitor. "The MarkMonitor Site Staydown Service provides brands with a cost-effective, fast and efficient alternative for taking action against fraudulent activity that erodes sales and dilutes marketing investments."

The MarkMonitor Site Staydown Service is available to customers of the MarkMonitor Brand Protection™ solution, with pricing based on the level of engagement. For more visit http://www.markmonitor.com.

At the beginning of last year, MarkMonitor participated in VeriSign's beta program to test server-level protections which were designed to mitigate the potential for unintended domain name changes, deletions and transfers. When VeriSign finally released their Registry Locking Program to all registrars, I expected to see the owners of highly trafficked sites flocking to this new offering.

However, after a review of the top 300 most highly trafficked sites, I was shocked to uncover that less than 10% of these valuable domains were protected using these newly available security measures.

So why aren't more companies protecting themselves?

Given the value of these highly trafficked domains, I cannot imagine that the additional fees associated with employing this level of service are the deterrent.

I can only imagine that either the offering hasn't been made widely available, or that confusion as to whether a domain is locked it to blame.

When it comes to domain locking, there is often quite a bit of confusion as to how to determine whether a domain is 1) "locked" within a portal, or 2) "locked" at the Registrar, or 3) "locked" at the Registry.

Only domains that have the following statuses are considered to be "locked" at the Registry, and cannot be modified using standard protocols.

• client delete prohibited
• client transfer prohibited
• client update prohibited
• server delete prohibited
• server transfer prohibited
• server update prohibited

For the owners of highly trafficked domains, I would strongly recommend adding this level of security to protect valuable domains. It is there for a reason, so why not use it?

Written by Elisa Cooper, Director of Product Marketing at MarkMonitor

For more than a decade, aggressive website registrants have been engaged in 'typosquatting'—the intentional registration of misspellings of popular website addresses. Uses for the diverted traffic have evolved over time, ranging from hosting sexually-explicit content to phishing. Several countermeasures have been implemented, including outlawing the practice and developing policies for resolving disputes. Despite these efforts, typosquatting remains rife.

But just how prevalent is typosquatting today, and why is it so pervasive? We set out to answer exactly these questions. In Measuring the Perpetrators and Funders of Typosquatting (appearing at the Financial Cryptography conference), we estimate that at least 938,000 typosquatting domains target the top 3,264 .com sites, and we crawl more than 285,000 of these domains to analyze their revenue sources.

We find that 80% of typo domains are supported by pay-per-click ads. Often, the typo domains show ads that promote the correctly spelled site, along with the site's competitors. Screenshots of selected examples.

Another 20% of typo domains include static redirects to other sites. For example, 156 misspellings of yellowpages.com redirect to the competing website yellowpagesoftheworld.com. We devised an automated technique that uncovered 75 otherwise legitimate websites which benefited from direct links and redirects from thousands of misspellings of competing websites.

So what's the harm in typosquatting? First, typosquatting confuses consumers, causing them to visit sites different than the ones they intended to visit. Second, site operators must pay large sums of money to ad platforms such as Google AdWords in order to reach the users who specifically requested the corresponding sites. Third, we found evidence that ad platforms exacerbate typosquatting. Using regression analysis, we determined that websites in categories with higher pay-per-click ad prices face more typosquatting than websites whose keywords fetch lower ad prices.

Just how much revenue comes from ads on typo sites? It is difficult to know for certain, since Google and others do not disclose revenue figures at the granularity of particular advertising programs such as AdSense for Domains. We attempt a back-of-the-envelope estimate using Alexa reports of website popularity. We estimate that typo domains matching the top 100,000 websites collectively receive at least 68.2 million daily visitors. If these typo domains were treated as a single website, that site would be ranked by Alexa as the 10th most popular website in the world. It would be more popular, in unique daily visitors, than twitter.com, myspace.com, or amazon.com!

According to our analysis, 57% of typo sites include Google pay-per-click ads. Combining our observations with financial reports and others' estimates, we conclude that Google's revenue from typosquatting on the top 100,000 sites is $497 million per year. This is significant, and not only for the advertisers who are losing out by paying to get their ads placed on typo sites. It matters also because Google's competitors rely on typosquatting to a much smaller extent: In our testing, Yahoo's ads appear on 21% of typo sites, and we did not find a single Microsoft ad on any typosquatting site. Looking at Google's ever-growing share of online search and search advertising, we are struck by the role of typosquatting—making Google look that much larger, to advertisers and to analysts, when in fact this typosquatting traffic is entirely ill-gotten.

However, other findings leave us optimistic about the feasibility of significantly reducing typosquatting. Google's ad click links indicate which Google partner is paid for clicks at a given typo domain. We found high concentration among Google partners engaged in typosquatting: Of typo domains showing Google ads, 63% use one of five Google advertising IDs. So while the sheer number of typo sites remains high, the number of key perpetrators is small.

Our web appendix details many specific typosquatting domains—including the registrars and hosting companies who support those domains and, crucially, the ad networks whose payments put the system in motion.

Our full posting: Measuring the Perpetrators and Funders of Typosquatting and web appendix.

Written by Benjamin Edelman, Assistant Professor, Harvard Business School

ICANN plan to have all root servers signed with DNSSEC by mid-2010 Kim Davies, Manager, Root Zone Services at ICANN told the meeting, starting with the L root server, then A root server with the last being the J root server as all are gradually signed.

ICANN has taken a conservative approach to deploying DNSSEC to ensure there are no mistakes in its implementation, said Davies.

Meanwhile a discussion on the registration of domain names that are responsible for illegal content, such as phishing or child pornography, was hotly discussed.

A discussion with lawyers from Germany, Austria and Switzerland said in varying degrees that when it is difficult to contact the domain registrant, that using the registrar as a means of deleting the domain name was justified.

All three lawyers, Clara-Ann Gordon (Switzerland), Dr. Boris Uphoff (Germany) and Michael Pilz (Austria) said that when it is difficult to contact the domain registrant, that using the registrar as a means of deleting the domain name.

Difficulties can often occur in the event of such a domain name registration when the registrant includes false registration information.

The registries, represented by their legal counsel Stephan Welzel (DENIC), Barbara Schlossbauer (nic.at) and Nicole Beranek Zanon (SWITCH) took this discussion further and explained what happens when there are difficulties in contacting registrants such as when there is illegal use of the domain name, such as illegal content.

In the case of phishing, in Austria if the registry is certain the content is legal the domain name is deleted, in Germany the domain name is not deleted as they believe the domain name is not the problem but the content is while in Switzerland they temporarily block the domain until the legal situation is sorted out.

Videos of all presentations, mostly in German, are available on the Domain Pulse website at domainpulse.ch although without simultaneous translations as occurred during the meeting.

Update Feb.02.2010: A paragraph removed due to possible inaccuracy.

Written by David Goldstein, Consultant, researcher and analyst

While I was giving my .music presentation at ICANN Studenkreis in Barcelona, Spain last week, it dawned upon me. There was not one single ICANN staff member sitting in the room taking notes on any of the presentations given by TLD applicants. I was convinced that it would be beneficial to ICANN staff to observe our presentations and perhaps receive useful feedback from TLD applicants that could be used to better draft the Expressions of Interest recommendation. What better way than to watch applicants talk about the TLD they are applying for, discuss the Expressions of Interest in new gTLDs (EOI) and provide useful feedback.

In light of recent developments, I decided to raise my concerns and provide my feedback and opinion about issues that plague ICANN and the process revolving how we can innovate the domain space, promote competition as well as give consumers/communities choices. My concerns include:

Competition and Monopolies

ICANN bylaws state that it is mandatory for ICANN to introduce policies that promote competition and are beneficial to public interest. All the delays in the gTLD process have served the monopolies of companies such as VeriSign (.com, .net) pretty well. Our .music initiative is a relevant case study that has NOT been used by ICANN to illustrate to any doubters that there is economic demand. No economic studies and academic papers need to be written since we have real results submitted by users that reflect considerable demand. We have broken the world record held by the "Free Tibet" movement which received 1.25 million signatures. ICANN can point towards our initiative that has received over 1.3 million signatures from the at-large music and Internet community for launching .music. We have also amassed 2 million friends/followers across social media such as Myspace and Twitter. Are all of these milestones unimportant? We believe we have showcased that there is a viral effort by the music community that is screaming for attention that has not been recognized yet.

There is a clear demand for .music and further delays are resulting in lost opportunity and the continuance of the monopoly of VeriSign and ".com." ICANN's protection of VeriSign's ".com" domain and the preservation of monopolies is treading on anti-trust or anti-competitive waters. I have not seen VeriSign (.com, .net) or Afilias (.org, .info) support new TLDs or make a push to end all the delays. ICANN is working in the best interests of the current monopolies that dominate the domain industry.

Furthermore, there is an unfair first-mover advantage for the newly introduced Fast Track Internationalized Domain Name (IDN) ccTLDs which faced the same overarching issues that new gTLDs face. Why were these IDN ccTLDs voted in without addressing these issues? There will be ZERO competition to IDN ccTLDs and as a result no IDN alternatives for non-Latin domains. Further delays in the gTLD process will ensure that an IDN ccTLD monopoly will exist in the IDN space.

Timelines

Timelines have been given by ICANN to launch new gTLDs many times and every time there has been a postponement which has cost me and other applicants a lot of money and time. As a newcomer to the ICANN process I find these delays and broken promises damaging to myself, the music community that we represent and other initiatives. How come it seems like we are all singing the Jamiroquai song that is called "traveling without moving"? I hope ICANN keeps its promise and that the Board votes on EOIs in February.

Community Definition

If one follows the definition of community in the latest DAG, even current gTLDs that serve communities such as .cat would fail. The .music initiative has gathered 1.3 million signatures from the music and Internet community and has amassed over 2 million followers/friends across social media such as Myspace and Twitter and based on the ICANN community definition, it does not matter. The .music initiative created a multiple-stakeholder community governance model to accurately represent and guarantee fairness and transparency within the music community. Any other definition of community is flawed, impractical and unrealistic. The .music serves ALL global cultures irrespective whether they represent commercial or non-commercial constituents.

The .music gTLD must be legitimate and be in the public interest and not be controlled by a major corporation or coalition of commercial groups who want to benefit themselves. I suggest ICANN staff address this important issue and use some common sense as opposed to a mathematical point-system to address an initiative such as .music and how to serve the at-large music community. The .music gTLD is of great global and cultural significance since music is universal and represents world culture not just commercial interests. Definitions of community in the dictionaries are plentiful and can be interpreted in many ways. The way that the current DAG defines community is troublesome and attention needs to be given to bringing together a definition that is in the global public interest.

I have proposed "multiple-stakeholder group" community as a more realistic, practical definition that can serve communities such as music that has multiple stakeholder groups which range from commercial constituency groups to non-commercial constituency groups. In the .music example, the multiple stakeholders community governance model includes musicians, bands, industry professionals, government music export offices/art councils, major labels, indie labels, major publishers, indie publishers, manufacturers, ticketing companies, agents, managers, promoters, engineers, technology companies, music universities/educational institutions, music websites, associations, broadcasters, collection societies, media and other music companies.

Secondary Market for Pre-Registration Slots

I believe this should NOT be permitted because it undermines the very nature of new TLDs and the process to represent the true interests of the public. An initiative such as .music has invested millions of dollars in development over the last half decade, allocated significant resources and performed global outreach efforts to create our multiple-stakeholder governance model for fair and guaranteed representation of both commercial and non-commercial constituents within the music community.

The EOI should not be used as an opportunistic investment by parties only interested in selling slots. If ICANN is truly looking for legitimate applicants with real business plans and credibility, then such behavior should not be permitted, because the ICANN TLD process should not be about buying and selling ICANN slots. ICANN is not a Ticketmaster secondary ticket selling agency. Applicants should not be allowed to flip their EOI slots to illegitimate 3rd party candidates.

GAC Input

I am disappointed that ICANN's Governmental Advisory Committee (GAC) has chosen not to participate in the EOI comment period. The only active GAC participant has been Bertrand de La Chapelle and I commend him for his efforts and his input in regards to multiple-stakeholder community issue which .music finds crucial to community applications. GAC input is important but it seems quite unacceptable that a day before the EOI comments close that GAC puts in a comment saying that they need to comment at a later date i.e Nairobi ICANN meeting. I find it inconsistent from GAC that they applaud new IDN ccTLDs, 4 of which are already accepted (Egypt, the Russian Federation, United Arab Emirates, and Saudi Arabia) WITHOUT addressing any of the overarching issues plaguing the gTLD process. As a possible IDN gTLD applicant for .music, I am disappointed about this double-standard from the GAC.

The GAC knew about the EOI process and chose not to comment. Why does GAC not participate in these public comments? GAC members could have sent an email outlining their opinion but in vast majority chose not to. ICANN alerted them about the comment period and should not be responsible for others lack of interest or inactivity. The official comments from GAC were submitted 1 day before the SECOND comment period expired, which merely alerted ICANN that "face-to-face" meetings are necessary with the community. So what is the point of public comments? Aren't they important?

I suggest GAC take a more active approach towards its obligations to the Internet community and put in its comments in a TIMELY manner. Where in the bylaws of ICANN does it say that the GAC is mandated to provide feedback on everything related to ICANN? I can point to countless public comment periods and issues where GAC has not provided official feedback. Please let me know where in the Affirmation of Commitments there is a clause that states that every ICANN affair needs to have formal "face-to-face" discussions with GAC. This is the 2nd comment period for EOI and GAC is missing in action and then complain to ICANN for not participating. This is not how policy making works. If you choose not to comment then your inactivity should be addressed appropriately by ICANN.

Trademarks

As mentioned in an email I sent to ICANN, the International Trademark Association (INTA) invited 6,000 lawyer members to flood the EOI public comments with input that is not useful or encouraging. No solutions were offered by any of the attorneys nor did they offer any constructive feedback.

The process has been delayed a few times and despite the efforts of the IRT team, there has been an outcry of unrealistic complaints from the trademark community, citing that their trademarks are in danger and that they will be forced to defensively register their brand names across all TLDs. Furthermore, they cite that new TLDs will create user confusion and will increase malicious conduct and unethical behavior.

I embarked on some research of these trademark owners to see if they had indeed registered their names across other existing generic TLDs, such as .travel, .pro, .aero, .name and .tel. The resounding answer is that they had not. I have read comments from companies such as Heinz, which did not offer solutions, but just reiterated the legal arguments that the International Trademark Association has asked them to utter in the EOI public comments. A significant amount of "me too" comments from the trademark community resulted in the flooding of the EOI public comments with opinions with no apparent proposed solutions or useful information on how to fix the problems they feared.

Let us make things clear. These were the opinions of their legal department exclusively. However in most cases, these comments do not represent the opinions of the whole organization or their sales/marketing departments. I encountered an interesting case with Sun Microsystems , who has submitted such as similar bland comment with no useful feedback to ICANN about any proposed solutions they had to fix the current issues at stake. I have been attending multiple conferences and events as part of the global outreach initiative of .music and have been approached by Sun Microsystems to collaborate together and be a possible technology partner to power our global marketplace platform we built for .music. I quote their representatives: "We are looking for exciting new projects and we believe .music is unique and Sun Microsystems can provide great value to you and help you with your technology needs." So in one hand, the Sun legal team wants to stop new TLDs from happening and on the other hand their company is trying to partner with me and come up with a deal worth quite a significant amount of money. There is certainly a disconnect as well as a lack of communication between departments within corporations. As a result, the process lacks useful feedback and builds roadblocks to reaching solutions. How do we bring innovation in the Internet space if ICANN is being indecisive about resolving issues?

Individuals such as Michael Palage who represent the trademark community serve as ICANN insiders to stall the process. As an ex-ICANN Board member, Palage is using his vast insider knowledge, influence and connections to do whatever it takes to delay the process in exchange of pushing big corporate agendas and monies for his services. He has attacked the authenticity of .music numerous times and labeled our initiative as front-running, potentially using trademarks in bad faith as well as calling me an insider when I am new to this process and never in my life ever witnessed an organization like ICANN that never wants to move forward with anything. It is time for ICANN to do its job and serve the community and not continue to bow to corporate interests and agendas. I have had enough of watching these corporate attorneys drink champagnes at these meetings because ICANN is unable to make swift, timely decisions. The music community or any of the new gTLD initiatives have never even received a formal apology from ICANN for wasting our time and breaking their promises.

Let me remind ICANN that companies such as Time Warner, Yahoo, Verizon and others have used illegal practices and wild redirects to abuse as well as profit from others trademarks. This kind of typosquatting behavior has made these corporations a lot of money and they did not even get a slap on the wrist. Now they are crying foul play when entrepreneurs such as myself are trying to launch something meaningful. VeriSign even launched SiteFinder, which used wild-card DNS redirect typosquatting, in an attempt to redirect any top-level .com or .net domain that didn't exist (either because they were not yet registered or mistyped) to a parked page that had affiliate links, information about VeriSign products, and advertisements. There are plenty of cases that were revealed by George Kirikos that address the issue of ICANN's lack of transparency, inconsistency in policy development and favoritism towards big corporations despite their "not-so-pleasing" track record. George Kirikos reveals that corporations like these do not represent "good" actors and that they do not work in the best interests of Internet users and society as a whole. It is all about increasing shareholder value and profits. Michele Neylon reiterates this point by outlining in a recent CircleID article (Big Brands Shooting Themselves In The Foot) that "a lot of the big brands and companies aren't as "clean" as they'd like us all to be."

Conclusion

Let us move forward with the EOI and new gTLDs. I urge ICANN to make timely decisions on the overarching issues and finally offer solutions that are pragmatic, realistic and serve public interest not corporate attorney agenda. Let us work together to introduce some new innovations in the domain space. The overarching issues should be carried out in parallel with the EOI communication/outreach process and be finalized before the EOI begins. This way by the time the EOI starts, most overarching issues should be addressed and there is a movement towards the right direction. If not, ICANN will face what I call the "Adverse Snowball Effect."

P.S I would love to hear any feedback from the ICANN community. I believe there needs to be an open dialogue in order to solve these issues. Proposed solutions are welcomed.

Written by Constantine Roussos, CEO & Founder of .Music & Music.us

Draft Applicant Guidebook version 3 (DAGv3) is the latest in the series of guidebooks for the new gTLD application process. It contains a place holder for Rights Protection Mechanisms; these have been the subject of an intensive series of proceedings that have produced a number of proposals. At this stage, it appears that trademark owners will not get the kinds of protection they desire, and they will have increasing conflicts with the domain name system (DNS). Their attempts to secure what they regard as basic protections of their rights have not been successful.

In the DNS, the trademark owners of the world find themselves operating in a global legal framework that is mostly separate from the trademark law of the nations of the world. At a time when the Internet is increasingly a market for goods and services, ICANN's ad hoc approach to managing the DNS, the addressing system for this market, includes a legal structure that has largely superseded the customary remedies for trademark infringement. Instead of going to court to attack cybersquatters, trademark owners have been compelled to turn to ICANN for their remedies.

The engineers who created the Internet hoped to avoid conflicts with trademark owners by declaring that the DNS had no connection with trademark rights. As early as 1994, this position became untenable, and the coordinators of the Internet's technical protocols were forced to embark on the slippery slope of dealing with conflicts between trademarks and DNS registrations.

Trademark owners achieved limited success in dealing with their conflicts with cybersquatters when the UDRP was introduced in 1998. The UDRP was the product of a process outside ICANN, although the U.S. Department of Commerce, in the White Paper, made it clear that a procedure for the protection of trademark rights was an essential element of its plans for the new system of technical administration of the DNS. ICANN's charter does not authorize it either to create law or administer it, but the enforcement of the UDRP has made ICANN, in effect, the "International High Court of Trademark Justice" without the benefit of any treaty or other conventional means of developing international law. The UDRP's bad faith standard for testing rights to a registration is applied globally and across national boundaries even though, in some cases, there may be conflicting national rights.

The UDRP is credited by most trademark owners as an effective remedy against cybersquatters because it is preferable to the time, complexity and expense involved in conventional legal actions in national courts. The UDRP is not without critics. Trademark owners complain that it is still too expensive and too slow, and many Internet stakeholders complain that the decisions are sometimes arbitrary and that the system lacks safeguards that are generally available in conventional legal proceedings (e.g., an appeals process). Furthermore, the UDRP does nothing to alleviate one of the principal problems that trademark owners see in the proposals for new domains - the expectation that the need for "defensive registrations" will be an unwelcome accompaniment to every new top level domain.

From the standpoint of the trademark owner, the preferable way to avoid proliferation of domain names (top level or second level) that infringe trademark rights would be a system of vetting new applications for registration against a data base of trademarks. The trademark owner could then take steps to prevent the registration of an infringing name. Unfortunately for trademark owners, this kind of system is antithetical to the way the Internet has worked ever since the inception of the DNS more than twenty-five years ago, and there is no likelihood that the procedures for registering new domain names will change to accommodate the wishes of trademark owners.

The engineering approach to registration of domain names has always been immediate real time registration of any available non-duplicate name on a first come-first serve basis. There have been some limited exceptions, such as sponsored domains that restrict registrations and sunrise periods for the few new domains introduced since ICANN was formed, but the engineering approach remains the operational system for most name registries.

The policy work for the present round of new gTLDs began in December 2005 and was completed by the GNSO in September 2007. The ICANN Board approved the GNSO's recommendations at its Paris meeting in June 2008. A few months thereafter, the first version of the Draft Applicant Guidebook (DAGv1) appeared, with provisions for "Legal Rights Objections" in Section 3.5.2 of Module 3. This section referred to GNSO Recommendation 3 -"Strings must not infringe the existing legal rights of others that are recognized or enforceable under generally accepted and internationally recognized principles of law". It proposed a panel to "determine whether the potential use of the applied-for TLD by the applicant takes unfair advantage of the distinctive character or the reputation of the objector's trademark or service mark ("mark"), or unjustifiably impairs the distinctive character or the reputation of the objector's mark, or otherwise creates an impermissible likelihood of confusion between the applied for TLD and the objector's mark, by considering [certain specified factors]"

The DAGv1 policy as proposed would give trademark owners a remedy against proposals for infringing top level domains, but would do nothing about the more widespread and continuing problem of infringing second level registrations. Attachment 7 to Module 5 of DAGv1 addressed this by proposing "Rights Protection Mechanisms" in a general way. Each new domain operator would be "responsible for developing and implementing processes or mechanisms for the purpose of protecting legal rights of third parties by discouraging or preventing registration of domain names that violate or abuse another party's legal rights ("RPMs")". This kind of general language does nothing to alleviate the defensive registration problem. Trademark owners saw themselves again faced with the necessity to acquire defensive registrations in each new domain, generally at substantial expense, simply to prevent cybersquatters from grabbing their marks.

Draft Applicant Guidebook version 2 (DAGv2) appeared in February, 2009 and repeated the wording of the Legal Rights Objections section of DAGv1. Attachment 7 of DAGv1 became Specification 7 with no change other than an introductory line: "[Note: the scope of these requirements is the subject of continuing community discussion]"

The continuing community discussion erupted into a major change in the DAG's treatment of trademark issues. The ICANN Board, at its meeting in Mexico City in March, 2009 passed a resolution calling for the Intellectual Property Constituency of ICANN to convene an "implementation recommendation team" (IRT) to "develop and propose solutions to the overarching issues of trademark protection in connection with the introduction of new gTLDs." The IRT was promptly formed, consisting of a blue ribbon panel of prominent trademark lawyers, including one from the gTLD registries, and one from the registrars. It produced its final Report at the end of May 2009. The Report immediately generated controversy, based not only on its conclusions and recommendations, but also on the procedural questions raised by ICANN's delegation of the trademark protection issue to the Intellectual Property Constituency. Debates on the IRT Report were held in New York and London in July, with further consultations in Hong Kong and Abu Dhabi.

The IRT Report made the following five principal recommendations:

1. IP Clearinghouse, Globally Protected Marks List and associated Rights Protection Mechanisms ("RPMs"), and standardized pre-launch rights protection mechanisms;
2. Uniform Rapid Suspension System ("URS");
3. Post-delegation dispute resolution mechanisms;
4. Whois requirements for new TLDs; and
5. Use of algorithm in string confusion review during initial evaluation.

Of these, the proposal for a Globally Protected Marks List (GPML) was the only one specifically intended to meet trademark owners' concerns about the need for defensive registrations. The GPML would be a list of trademarks registered by the trademark authorities in a set number of nations in each of five areas of the world. The GPML was not intended to be a list of "famous" marks, but rather a list of marks that met a specific standard based solely on the number of official national (or multinational) trademark registrations. In general, marks that met the GPML criteria would be blocked from use as top level domains by entities other than the trademark owners, and would also be blocked from use as second level registrations (subject to certain exceptions). This would be a reasonably effective start to dealing with the defensive registration problem.

The IRT recommendations, including the GPML, received support from two members of the U.S. House of Representatives, Committee on the Judiciary, who wrote to the President of ICANN, Rod Beckstrom, on September 15, 2009, and asked:

"Which of the recommendations of the IRT does ICANN plan to implement? ...If implemented, how will the recommendations put forth by the IRT serve to reduce or eliminate the need for defensive registrations?"

Beckstrom's reply to this letter asserted that the URS would reduce the incentive for cybersquatters to engage in bad faith registrations and would reduce the perceived power of new gTLDs to charge artificially inflated prices.

When the IRT was convened, ICANN made no promises that its recommendations would be adopted without exception. When DAGv3 appeared in October, 2009, it contained a place holder for Rights Protection Mechanisms, and was accompanied by a chart showing the differences between the IRT recommendations and what appear to be proposals by ICANN staff for the RPMs. The GPML has been dismissed with the following "Comments/Rationale":

"It is difficult to develop uniformly acceptable standards can be developed [sic] - it might lead to the creation of new rights. It would create only marginal benefits because it would only apply to a relatively small number of names."

Whatever the merits of the GPML, it deserves more consideration than this summary dismissal. Making matters worse, the ICANN Board wrote a letter to the GNSO Council on 12 October asking it to present its views on whether the staff recommendations are "consistent with the GNSO's proposed policy on the introduction of new gTLDs and are the appropriate and effective option for achieving the GNSO's stated principles and objectives." This hardly seems consistent with a bottom-up model of policy development in which the GNSO Council has responsibility not for making policy but rather for coordinating its development. Asking the GNSO Council to comment on ICANN staff's recommendations is an end run around what should be a serious debate among the Internet's stakeholders on the GPML.

At another level, the treatment of the GPML is another example of the dangers posed by ICANN's role as the International High Court of Trademark Justice, alluded to above. As ICANN implements those recommendations of the IRT that are supported by its staff, ICANN will move closer to becoming an international quasi-governmental authority. This is not what we set out to do in 1998.

Ideally, the trademark owners of the world, and lawyers, legislators and judges should redouble their efforts to create an international legal structure that takes account of the unique aspects of the Internet's DNS and its uneasy relationship with trademark rights. If we are going to have an International High Court of Trademark Justice, it should be solidly based on law, not on ICANN's ad hoc processes.

Written by David Maher, Senior Vice President, Law and Policy

Many ISPs and Registrars falsely believe they are protected from their customer's illicit activities by various statues. This is only true for certain types of crimes and lawsuits. Providers have even written in the Terms Of Service or Acceptable Use Policy that their customers are responsible for any legal action stemming from abuse, but this only covers some activities. Registrars and ISPs ARE in fact liable for Intellectual Property violations conducted by their customers. The Communications Decency Act only immunizes defendants from non-intellectual property claims and non-criminal complaints. Illicit pharmacy is both a criminal act as well as an IP violation since most deal in counterfeit or unauthorized sales of trademarked drugs. One critic of our first article was chagrined that we suggested that Registrars should act on abuse reports from the public, but doing just that is in their best interest. Failing to act can be seen as an act of complicity later when lawsuits begin.

We have a new proactive process that monitors IP abuse in the wild and during initial testing we found 85 compromised IP addresses at one provider's ASN that were hosting spam template content. These sites are never advertised themselves but rather provide low-level content delivery to thousands of spammed domains which are advertised, dumped and replaced. We found that many of the domains that used these templates had trademarks in the domain names. Words like Zoloft, Motrin, Norvasc, Celexa, Zyloprim and many others. None, of course, were the real sites controlled by the actual brand-holders.

One thing is for certain, they are making considerable amounts of money by abusing brands. So much so that they have gone beyond common spam, site hijacking, or paid search engine advertisements and are now issuing press releases to announce deployments of new illicit pharmacies. It seems mind-boggling that a completely illegal business would be so brazen as to use a press release but it shows us the lack of fear on their behalf.

So, folks may wonder why if there is an abundance of research data as well as legal authority. Reason is simple: no enforcement. Many IP attorneys have expressed their lack of faith in WIPO and ICANN enforcement. Brand holders feel that chasing IP violators on the Internet is like swatting at gnats. Recently, we got into a spat with a Registrar over an unlicensed pharmacy domain that was impersonating a pharmaceutical manufacture. The Registrar brushed off our concern until we made clear that their position was completely indefensible. They finally suspended the domain after the brief discussion. The pharma brands also share in the blame for not enforcing their marks. Some drug companies may have unfortunately lead to believe that there is no solution. Others fear the public perception of big pharma pursuing lost profits from illicit providers as if the rogue drug traffickers were some kind of Robin Hood. They are not. Illicit drug traffickers are only helping themselves and often replacing active ingredients with poison. Money in their pocket, garbage in your body.

Some Registrars and ISPs welcome the rogue pharmacy traffic because of the revenue generated by thousands of illicit sites that operate with impunity. Others are seemingly helping illicit pharmacies find variations of unclaimed trademark violation domains with "suggestion" utilities (see sample snapshot). For those that are not familiar with domain registration, some companies will allow you enter any word, including the name of a trademarked product, and return a massive list of unused variations containing that word. For anyone wondering how the spammers come up with so many different URLs with the names of male enhancers, they actually don't have to because Registrars will make them up on the fly for the spammers to buy in bulk. It is a puzzle to many people how the Registrars can sell off someone's trademark. This is, of course, the fundamental question. Adding a warp-speed engine that generates lists of potentially abused trademarked domains is the injury to the insult.

This is a wake-up call the pharmaceutical brands, I am telling you that something can be done to put the pharmacy fraudsters out of business. The problem can be quantified, minimized and managed. And, honestly, this is the case for any trademarked product or service being abused on the Net. It's a new year, let's move in a new direction. The best solution to the whole abuse problem is a shared solution between government, Internet users, brand-holders and service providers. If everyone lifts their weight we all benefit.

Written by Garth Bruen, Internet Fraud Analyst and Policy Developer

McAfee has released its list of most dangerous country codes. Here are the top five:

1. Cameroon (.cm)
2. PR of China (.cn)
3. Samoa (.ws)
4. Philippines (.ph)
5. Former Soviet Union (.su)

Why is Camerooon at the top of the list?

Because .cm is a common typo by users who intended to type .com.

According to McAfee, more than 30% of all domains registered under .cm are up to no good.

I have a business idea for Verisign—why not license .cm and bundle it with .com registrations to give users a more secure domain package. I could see many companies paying for this.

China is number two. The country has made efforts recently to clean up its domain by requiring business licenses of its registrants. Some of the Western media have misinterpreted this as censorship. That's one of the great ironies of managing top-level domains. You kinda have to keep a close eye on what the registrants are doing with these domains if you want to ensure a safer Internet.

But I digress.

And what are the safest ccTLDs? Here are the top five:

1. Japan (.jp)
2. Ireland (.ie)
3. Croatia (.hr)
4. Luxembourg (.lu)
5. Vanuatu (.vu)

You can view a larger map here.

Written by John Yunker, Author and consultant

Top 10 Featured Blogs in 2009:

1. Yahoo, Gmail, Hotmail Compromised - But How?
   by Terry Zink - Oct 08, 2009
2. A Closer Look at Iran's State of Internet, Strange Transit Changes in Wake of Controversial Election
   by Jim Cowie - Jun 14, 2009
3. WiMAX vs. LTE
   by Paul Budde - Mar 10, 2009
4. China's "Green Dam Youth Escort" Software
   by Rebecca MacKinnon - Jun 08, 2009
5. Verizon Mandates IPv6 Support for Next-Gen Cell Phones
   by Derek Morr - Jun 09, 2009
6. Cloud Computing Types: Public Cloud, Hybrid Cloud, Private Cloud
   by Sam Johnston - Mar 06, 2009
7. Can't Connect… Won't Connect
   by Bill Thompson - May 13, 2009
8. The Cybersecurity Act of 2009
   by Steven Bellovin - Apr 13, 2009
9. Google AdSense Asks Publishers to Change Their Websites' Privacy Policy
   by Dhaval Doshi - Mar 13, 2009
10. YouTube's Fine - Analysts Don't Understand Internet Peering
    by Brough Turner - Apr 16, 2009

Top 10 News in 2009:

1. Network Solutions Under Large Scale DDoS Attack, Millions of Websites Potentially Unreachable
   Jan 23, 2009
2. U.S. General Reserves Right to Use Physical Force, Even Nuclear, in Response to Cyberattack
   May 13, 2009
3. Google Cloud Storage Coming Within Weeks
   May 20, 2009
4. Finland First Country to Make Broadband a Legal Right
   Oct 14, 2009
5. SPECIAL: Updates from the ICANN Meetings in Sydney
   Jun 26, 2009
6. Google Rolling Out Its Services Over IPv6
   Jan 08, 2009
7. ICANN's President and CEO Announces Resignation
   Mar 02, 2009
8. Iran's Internet Censorship Most Sophisticated in the World
   Jun 19, 2009
9. Comcast Unleashes Trial DNS Redirection in Select States
   Jul 09, 2009
10. Latest Cybersquatting Stats from WIPO
    Mar 16, 2009

Top 10 Industry News in 2009 by sponsored posts*:

1. Facebook Selects MarkMonitor Antifraud Solutions to Combat Malware
   by MarkMonitor - Apr 30, 2009
2. .ORG First Open Top-Level Domain to be Signed with DNSSEC
   by PIR - Jun 02, 2009
3. Perspectives from a Nonprofit Domain Name Registry on Navigating the Social Media Frontier
   by PIR - Apr 24, 2009
4. Expanding Internet Access Driving Software Piracy, Study Says
   by MarkMonitor - May 22, 2009
5. A Seemingly Overwhelming Number of Important Documents Released by ICANN
   by MarkMonitor - Jun 02, 2009
6. MarkMonitor AntiFraud Solutions Combine Proven Antiphishing and Expert Antimalware Capabalities
   by MarkMonitor - Mar 23, 2009
7. DNSstuff.com Offers Trusteer Rapport Product to Help Users Boost Their Defenses Against Online Fraud
   by DNSstuff - Mar 23, 2009
8. dotMobi Names AutoTrader.mobi as Millionth Site Tested by Acclaimed mobiReady Tool
   by dotMobi - May 20, 2009
9. IP Rights in Digital Environment Key Element of Proposed Treaty
   by MarkMonitor - Apr 15, 2009
10. COCC Partners with MarkMonitor for Anti-Phishing Services
    by MarkMonitor - Mar 18, 2009

* Featured news updates from CircleID's industry participants by more information here - see 'Dedicated Marketing Channel' section

Written by CircleID Reporter

But first, a visit to the Wayback Machine, back, oh, let's say 15 years. The 1990s saw a domain name land grab. With only a few top level domains such as DOT COM in which to register web sites, it became a gold mine for first movers to toss a couple of pesos speculating on any domain name they might think of—warehousing them for a while—and then attempting to extort some late-to-the game company. Cybersquatters were warehousing 1000s of domain names and making fortunes off of a few exclusive lines of code in a data base.

In that cyber libertarian era, Congress did not pass a lot of Internet related laws (or any other laws)—however they thought they ought to squat on cybersquatters—and passed the AntiCybersquatting Consumer Protect Act. Speculating on domain names - - - bad.

Which leads us to today's case. This case involves a dispute with a contractor (did I just hear a series of groans-of-empathy from the audience). Defendant allegedly hired Plaintiff to build a building. A dispute arose about the construction. A list of issues to be addressed was created. A second list of issues to be addressed was created. Ultimately defendant refused to permit Plaintiff access to the site in order to complete the work. After this came a domain name registration and a website. Defendant put the building up for sale and created the website "my[plaintiff]building.com," presenting information about the building (the website was blank when we checked it). Plaintiff alleged ten complaints in total against defendant, and there are more facts to the disputes, but these are the facts relevant to the ACPA claim.

In order for a trademark owner to bring a claim under the ACPA, the trademark owner must establish:

• the trademark owner's mark is distinctive or famous;
• the domain name owner has a bad faith intent to profit from the mark; and
• the domain name and the trademark are either identical or confusingly similar (or dilutive for famous trademarks).

15 USC § 1125(d)(I)(A)

This case turns on bad faith. It was conceded that the mark was famous, and the court found it was "plausible" that Plaintiff's trademark and Defendant's domain name were confusingly similar (the court will later confusingly take this back).

The bad faith element is the key. Normally, cybersquatters register many domains and then try to sell them. But in this case, Defendant was not warehousing and speculating on domain names; there's just one domain name in question. Defendant did not offer to sell the domain name; Defendant used the domain name to gripe about the Plaintiff. So how does Plaintiff try to get around that? Plaintiff alleges that Defendant tried to use the domain name to gain an advantage in negotiations with Plaintiff.

Congress provided the Courts with nine factors to assist with the analysis of bad faith. According to Congress,

"These factors are designed to balance the property interests of trademark owners with the legitimate interests of Internet users and others who seek to make lawful uses of others' marks, including for purposes such as comparative advertising, comment, criticism, parody, news reporting, fair use, etc." H.R.Rep. No. 106-412, at 10 (1999) (Conf.Rep.).

In other words, Congress recognized the democratic necessity and value of griping! The courts have affirmed the value of griping.

The Court did not review the nine factors, item for item. Instead, the Court concluded that Defendant was all about informing "fellow consumers about his experiences with the Plaintiff's company, which he believed performed inferior work."

"The exhibits to the Complaint show that the DEFENDANT Website is nothing more than a 'gripe site.' The Defendant is using the site to tell his story and make his complaints and grievances with Plaintiff known."

The Court rejected Plaintiff's argument that Defendant sought to use the website in order to gain an advantage in negotiations—and that this constituted bad faith.

The Court also was not persuaded that Defendant's Site was confusingly similar to Plaintiff's trademark. Defendant's site is entitled "My New Building By Plaintiff" and "contains information about Defendant's experiences with Plaintiff regarding the DEFENDANT Building." The Court concluded, "it is simply not reasonable to conclude that someone viewing this website would be confused as to the source, sponsorship, affiliation, or endorsement of this site."

It's clear that this court was not going to let the ACPA be used as a weapon to censor consumer discourse concerning (dis)satisfaction with vendor goods or services. Consumer feedback on the Internet, including griping, ratings, reputations, have empowered consumers with information enabling them to make more informed purchases.

Written by Robert Cannon, Cybertelecom