Law

Law / Featured Blogs

What is a Security Mechanism?

Orin Kerr recently blogged about a 9th Circuit decision that held that scraping a public web site (probably) doesn't violate the Computer Fraud and Abuse Act (CFAA)... On its surface, it makes sense – you can't steal something that's public – but I think the simplicity of the rule is hiding some profound questions. One, I believe, can most easily be expressed as "what is the cost of the 'attack'"? That is, how much effort must someone expend to get the data? Does that matter? Should it? more

IGF Best Practice Forums, an Opportunity to Bring Your Experience to the Policy Debate

In the run-up to the 14th Internet Governance Forum in Berlin, Germany, 25 to 29 November, different groups are discussing best practices pertaining to specific internet governance policy questions. These groups are open and thrive on your input and experiences. Their findings will be presented at the IGF and published shortly after. The IGF Best Practice Forums intend to inform internet governance policy debates by drawing on the immense and diverse range of experience and expertise... more

Recovering Domain Names Lost to Fraudulent Transfer

Domain Names composed of generic terms and combinations – dictionary words, random letters, and short strings – have achieved ascending values in the secondary market. DNJournal.com (Ron Jackson) reports on his year to date chart, for example (just a random sampling from the charts) in August 2019 joyride.com was sold for $300,000, in June voice.com sold for $30 million, in July rx.com sold for $1 million, and in January california.com sold for $3 million... The magnitude of the reported sales suggests that businesses have come to depend on resellers than go to the trouble of inventing brand names from scratch. more

Domain Name Registrar Isn't Liable for Counterfeit Goods – InvenTel v. GoDaddy

InvenTel makes security cams for cars. It is trying to crack down on Chinese counterfeiters. It brought a prior lawsuit against a wide range of defendants, including GoDaddy. InvenTel voluntarily dismissed GoDaddy from that suit. It brought a second round of litigation involving a new counterfeit site allegedly by the same bad guys, www.hdminorcarnbuy.com, a domain name registered via GoDaddy. more

Satisfying the Evidentiary Demands of the UDRP

It continues to surprise that some counsel in proceedings under the Uniform Domain Dispute Resolution Policy (UDRP) are unaware or oblivious of its evidentiary demands, by which I mean they file and certify complaints with insufficient evidence either of their clients' rights or their claims. Because the UDRP requires conjunctive proof of bad faith registration and bad faith use (as opposed to the disjunctive model of the Anticybersquatting Consumer Protection Act), it should be ingrained for counsel experienced in the jurisprudence to know they cannot hope to succeed with marks postdating registration of domain names. more

GDPR Fine Enough or More Disclosure?

The UK cares about its citizens' privacy to the tune of a $229 million (US) fine of British Airways for a breach that disclosed information of approximately half a million customers. It's exciting -- a significant fine for a significant loss of data. I think GDPR will lead to improved security of information systems as companies scramble to avoid onerous fines and start to demand more from those who provide information security services and products. more

The Question of Fairness in UDRP Decision-Making

In disputes under the Uniform Domain Name Dispute Resolution Policy (UDRP), parties should be able to rely on Panels delivering predictable, consistent, and legally reasoned decisions. In large measure, this depends on Panels analyzing the facts objectively through a neutral lens and applying principles of law consistent with the jurisprudence. However, the results are not always seen by the losing party as having achieved a fair result. more

Responding to "The Case for Regulatory Capture of ICANN"

This past Monday, as ICANN65 was beginning in Marrakesh, the technical review blog Review Signal published a detailed expose, "The Case for Regulatory Capture of ICANN" authored by site founder and "geek-in-charge" Kevin Ohashi. The post was clearly the product of extensive investigative reporting – and what it reveals is deeply disturbing. more

What Modern Businesses Need to Know Regarding Geo Names and Jurisdiction in Domain Name Disputes

The Internet has provided an unprecedented number of opportunities while raising far-reaching legal issues. It has created a complex matrix of national laws, global circumstances and new definitions -- or, at least, definitions in progress. The turmoil over Brexit and the international implications of the EU General Data Protection Regulation are signs of the times; as are issues surrounding domain names. more

Words and Descriptive Phrases as Trademarks Registered as Domain Names

In a trademark context, who owns or controls, or would prevent others, from using words and phrases commonly available to speakers in a language community, is in persistent tension. While common words alone or combined may become protected from infringing uses under trademark law, their protection is contingent on factors such as linguistic choices and strength or weakness of marks in the marketplace. more