Brand Protection |
Sponsored by |
When properly used, the UDRP enables trademark owners to take control of abusive domain names. Yet sometimes the UDRP itself is misused by trademark owners to try to seize desirable domain names to which they have no legal entitlement. Is there a downside to misusing the UDRP to attempt a domain name hijacking? Unscrupulous companies at times misuse the UDRP by improperly invoking its power to compel a transfer of ownership in order to seize inherently valuable, non-infringing domain names that the companies desire for their own use. more
The term "attack surface" is often heard in cybersecurity conversations. It refers to the sum of all possible attack vectors or the vulnerabilities that threat actors can exploit to penetrate a target network or damage an organization somehow. An unused and forgotten subdomain, for instance, can become an attack vector when taken over. Certain categories of companies have very large attack surfaces. Such is the case of streaming media businesses like Netflix and HBO Max. more
The ICANN Board has approved the community recommendation that "the provision of Thick Whois services should become a requirement for all gTLD registries, both existing and future." We have long supported the migration from 'thin' to 'thick' Whois, which will improve both quality and ease of access to Whois data, thereby further facilitating intellectual property enforcement online. The ICANN community has debated the merits of migration from 'thin' to 'thick' Whois for years, as part of the larger Whois Review process. more
The OECD held a "high-level" meeting in June 2011 that was intended to build upon the OECD Ministerial on The Future of the Internet Economy held in Seoul, Korea in June 2008. I was invited to attend this meeting as part of the delegation from the Internet Technical Advisory Committee (ITAC), and here I'd like to share my impressions of this meeting. This 2 day meeting, "The Internet Economy: Generating Innovation and Growth", had the objective of exploring a number of current issues in the public policy space... more
I'm happy to report (mostly) positive feedback on my last article that examined how the multistakeholder model tackled, and tackled well, Phase 1 of the review of all Rights Protection Mechanisms. While bad news may sell more clicks, a little good news from time to time also appears to be welcome. Good news also reminds us of how fortunate we are to have a private sector ICANN with a multistakeholder model of policy development... more
Phishing scams are nothing new in the online security world and show no signs of subsiding. The scam starts when a fraudster sends a communication purporting to originate from a trusted provider and encourages the recipient, often with a conveyed sense of urgency, to click a link. That link leads to a fake site, usually intended to collect confidential login credentials or other personal information. In similar scams, the mail may encourage the recipient to open an attachment loaded with malicious content. more
Late last week, ICANN published the guidance from the Article 29 Working Party (WP29) that we have been waiting for. Predictably, WP29 took a privacy maximalist approach to the question of how Europe's General Data Protection Regulation (GDPR) applies to WHOIS, a tool widely used by cybersecurity professionals, businesses, intellectual property owners, consumer protection agencies and others to facilitate a safer and more secure internet. more
According to the latest report from The World Intellectual Property Organization (WIPO), trademark owners filed 2,754 cases under the Uniform Domain Name Dispute Resolution Policy (UDRP) with the agency in 2015 - an increase of 4.6 % over the previous year. more
The legal status of domain names is one of the most hotly debated topics with regards to evolving property rights and how they should be applied to technological and intellectual property 'innovations' in cyberspace. At present, there are two opposing factions on this topic: On one hand, there are those who maintain that domain names should be considered as contracts for services, which originate from the contractual agreement between the registrant and the registrar. more
There has been a lot of back and forth recently in the ICANN world on what constitutes domain abuse; how it should be identified and reported AND how it should be addressed. On one side of the camp, we have people advocating for taking down a domain that has any hint of misbehaviour about it, and on the other side we have those that still feel Registries and Registrars have no responsibility towards a clean domain space. (Although that side of the camp is in steady decline and moving toward the middle ground). more
When a brand goes so far as to ask a domain name registrar for Whois (the registration contact details) of a potentially abusive domain name, there's likely a lot at stake. Most often, the request is prompted by consumer safety concerns, such as the risk to consumers posed by a malicious site. Other times, the demand has a simple goal: to have a dialog with the registrant about the use of trademarks or other intellectual property in order to avoid extreme action. more
.tk was once designated as the riskiest ccTLD. .ru is often said to be, after .com, the most used in the content of spam messages. But is there a ccTLD that is a favorite destination for copyright infringement? The question is worth asking in view of the growing trend for .com domain names seizures related to copyright infringement. more
With the same made-for PR timing that prompted a previous seizure of domain names just before shopping's "Cyber Monday," Immigration and Customs Enforcement struck again, this time days before the Super Bowl, against "10 websites that illegally streamed live sporting telecasts and pay-per-view events over the Internet." ICE executed seizure warrants against the 10 by demanding that registries redirect nameserver requests for the domains to 74.81.170.110, where a colorful "This domain name has been seized by ICE" graphic is displayed. more
Well folks, it's that time of year again. It's time for our countdown of the top 10 biggest domain stories for 2013. And while my predictions from last year were accurate, in that we did see a record number of registry and registrar breaches, I had no idea that this year's biggest story would even appear on the list. So with that said, let's get started. more
Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. Many of the largest companies in the world still lack basic domain security protocols, making them prime targets for bad actors. An attack on a domain can lead to the redirection of a company's website, domain spoofing, domain and domain name system (DNS) hijacking attacks, phishing attacks, network breaches, and business email compromise (BEC). more