Law

Blogs

Domain Enforcement in a Post-GDPR World

The implementation of the General Data Protection Regulation (GDPR), and ICANN's conservative temporary policy, which favors privacy and limits registrar liability, has made domain enforcement against cybersquatters, cyber criminals and infringement more difficult, expensive and slow. With heightened concerns over privacy following high-profile breaches of consumer data and its subsequent illicit use and distribution, there is no question that consumer data protection practices would come under scrutiny. more

Dead Ends: The Achievement of Consensus in UDRP Jurisprudence

Like the Internet Corporation for Assigned Names and Numbers (ICANN), the Uniform Domain Name Dispute Resolution Policy (UDRP) is consensus-driven; from the bottom up, not the top down. The result is a jurisprudence of domain names that develops in common-law fashion through Panel decisions that over time and through "deliberative conversations" among panelists resolve into consensus. more

Internet Consolidation at EuroDIG 2019: Questions in Need of Answers

At EuroDIG 2019 a workshop was organised around the topic of consolidation on the Internet. It was organised around four angles: technique, competition, society and human rights and; future research. One thing became extremely clear: no one contested that consolidation is taking place nor that this already has and will have an impact on the Internet and consecutively on society. more

What is a Security Mechanism?

Orin Kerr recently blogged about a 9th Circuit decision that held that scraping a public web site (probably) doesn't violate the Computer Fraud and Abuse Act (CFAA)... On its surface, it makes sense – you can't steal something that's public – but I think the simplicity of the rule is hiding some profound questions. One, I believe, can most easily be expressed as "what is the cost of the 'attack'"? That is, how much effort must someone expend to get the data? Does that matter? Should it? more

IGF Best Practice Forums, an Opportunity to Bring Your Experience to the Policy Debate

In the run-up to the 14th Internet Governance Forum in Berlin, Germany, 25 to 29 November, different groups are discussing best practices pertaining to specific internet governance policy questions. These groups are open and thrive on your input and experiences. Their findings will be presented at the IGF and published shortly after. The IGF Best Practice Forums intend to inform internet governance policy debates by drawing on the immense and diverse range of experience and expertise... more

Recovering Domain Names Lost to Fraudulent Transfer

Domain Names composed of generic terms and combinations – dictionary words, random letters, and short strings – have achieved ascending values in the secondary market. DNJournal.com (Ron Jackson) reports on his year to date chart, for example (just a random sampling from the charts) in August 2019 joyride.com was sold for $300,000, in June voice.com sold for $30 million, in July rx.com sold for $1 million, and in January california.com sold for $3 million... The magnitude of the reported sales suggests that businesses have come to depend on resellers than go to the trouble of inventing brand names from scratch. more

Domain Name Registrar Isn't Liable for Counterfeit Goods – InvenTel v. GoDaddy

InvenTel makes security cams for cars. It is trying to crack down on Chinese counterfeiters. It brought a prior lawsuit against a wide range of defendants, including GoDaddy. InvenTel voluntarily dismissed GoDaddy from that suit. It brought a second round of litigation involving a new counterfeit site allegedly by the same bad guys, www.hdminorcarnbuy.com, a domain name registered via GoDaddy. more

Satisfying the Evidentiary Demands of the UDRP

It continues to surprise that some counsel in proceedings under the Uniform Domain Dispute Resolution Policy (UDRP) are unaware or oblivious of its evidentiary demands, by which I mean they file and certify complaints with insufficient evidence either of their clients' rights or their claims. Because the UDRP requires conjunctive proof of bad faith registration and bad faith use (as opposed to the disjunctive model of the Anticybersquatting Consumer Protection Act), it should be ingrained for counsel experienced in the jurisprudence to know they cannot hope to succeed with marks postdating registration of domain names. more

GDPR Fine Enough or More Disclosure?

The UK cares about its citizens' privacy to the tune of a $229 million (US) fine of British Airways for a breach that disclosed information of approximately half a million customers. It's exciting -- a significant fine for a significant loss of data. I think GDPR will lead to improved security of information systems as companies scramble to avoid onerous fines and start to demand more from those who provide information security services and products. more

The Question of Fairness in UDRP Decision-Making

In disputes under the Uniform Domain Name Dispute Resolution Policy (UDRP), parties should be able to rely on Panels delivering predictable, consistent, and legally reasoned decisions. In large measure, this depends on Panels analyzing the facts objectively through a neutral lens and applying principles of law consistent with the jurisprudence. However, the results are not always seen by the losing party as having achieved a fair result. more

Responding to "The Case for Regulatory Capture of ICANN"

This past Monday, as ICANN65 was beginning in Marrakesh, the technical review blog Review Signal published a detailed expose, "The Case for Regulatory Capture of ICANN" authored by site founder and "geek-in-charge" Kevin Ohashi. The post was clearly the product of extensive investigative reporting – and what it reveals is deeply disturbing. more

What Modern Businesses Need to Know Regarding Geo Names and Jurisdiction in Domain Name Disputes

The Internet has provided an unprecedented number of opportunities while raising far-reaching legal issues. It has created a complex matrix of national laws, global circumstances and new definitions -- or, at least, definitions in progress. The turmoil over Brexit and the international implications of the EU General Data Protection Regulation are signs of the times; as are issues surrounding domain names. more

Words and Descriptive Phrases as Trademarks Registered as Domain Names

In a trademark context, who owns or controls, or would prevent others, from using words and phrases commonly available to speakers in a language community, is in persistent tension. While common words alone or combined may become protected from infringing uses under trademark law, their protection is contingent on factors such as linguistic choices and strength or weakness of marks in the marketplace. more

A Closer Look at the "Sovereign Runet" Law

In December 2018, a bill on the "stable operation" of the Russian segment of the Internet was introduced and got the title "Sovereign Runet" in mass media and among the public. It was adopted after 5 months later, despite doubts about the technical feasibility of its implementation. The law is very ambitious in its intent to simultaneously control Internet traffic and protect Runet from some external threats, but legislators still have no idea how it would actually work. more

UDRP Complaint: Actually, a Motion for Summary Judgment

Trademark owners (and here I'm talking about those with U.S. registrations even if they are foreign entities) have a choice of forum for challenging alleged cybersquatting domain names. They can either sue in district court under the ACPA, or get a quicker and less expensive result by filing a complaint and asserting a claim under the UDRP. But to get to a quicker and less expensive result everything about the process is accelerated, and this begins with drafting the complaint. more

News Briefs

China to Require Face Scan for Internet Access and New Phone Numbers Starting December

US Court Upholds FCC's Net Neutrality Repeal But Says States Can't Be Barred from Passing Own Rules

51 CEOs Call on US Congress for Urgent Nationwide Data Privacy Law Overriding State-Level Laws

WIPO Becomes First Non-Chinese Entity to Provide Domain Dispute Resolution Services for China's .cn

New Zealand’s Domain Name Commission Wins Appeal in Lawsuit Against US DomainTools

EU Court of Justice Ruling Could Result in Cutting Off Data Flows to US

Huawei Files Motion in US Federal Court Calling Ban Unconstitutional, an Assault on Human Rights

Qualcomm’s Licensing Practices Are Illegal, U.S. Judge Rules

Microsoft Sees Serious Appetite for Revised Privacy Laws in US, Says It's Time to Match EU's GDPR

US Federal Trade Commission Says It Lacks Resources to Go After Privacy Violations Effectively

No GDPR Action Against Any Big Tech Firms Since Law Imposed Last Year, Doubts Escalate Over Enforcer

UK Government Planning on New Laws for IoT Devices Including a Mandatory Security Labelling Scheme

Canada Says Facebook Has Refused to Address Serious Privacy Deficiencies Concerning Its Local Laws

US House of Representatives Pass a Bill to Restore Net Neutrality Rules Repealed by Trump's FCC

Thailand Passes Law Giving Sweeping Powers to State Cyber Agencies

Canada Considering Right to Repair Legislation Tackling Repair Monopoly Over Brand-Name Devices

Government Officials, Academia, and Advocacy Groups Say Time for US to Get Its Own GDPR

US Senate to Hold Hearing on Consumer Data Privacy Issues

Biggest Fine Yet: French Watchdog Slaps Google With a $57M Fine Under the New GDPR Law

US Tech Firm Cloudflare Accused of Providing Cybersecurity Services to Foreign Terrorist Groups

Most Viewed

Most Commented

Industry Updates

Participants – Random Selection