Archive for March 12th, 2008

Skipping Through The Senate Bill 2661 Mine Field.

by Chuck Kisselburg

On February 25 of this year Senator Snowe, (R) of Maine, introduced Senate bill 2661. The bill, co-sponsored by Senators Ted Stevens, (R) Alaska, and Bill Nelson, (D) of Florida, is aimed at, “protecting Internet users“.

When you read the bill itself it seems pretty innocuous as it starts off talking about guarding against phishing that can result in the massive amounts of phishing e-mails we all receive. The bill states that 59,000,000 phishing e-mails are sent each day. That is STAGGERING! The bill further states that, “According to Gartner, Inc., between August 2006 and August 2007, roughly 3,500,000 United States computer users were victims of phishing scams, and suffered losses totaling $3,200,000,000.”

However, if you keep reading what you will find are statements like, “Phishing operators utilize deceptive domain names for their schemes. They routinely register domain names that mimic the addresses of well-known online merchants, and then set up websites that can fool consumers into releasing personal and financial information.” As well as “Deceptive domain names, and the abuses for which they are used, threaten the integrity of domain name system”. The bill also notes that “The World Intellectual Property Organization reported in April 2007, that the number of Internet domain name cybersquatting disputes increased 25 percent in 2006.” I couldn’t help but sense the “stage is being set”, but for what?

As I read the bill I find information to ensure the accuracy of the WHOIS database, meaning the information contained in WHOIS should be accurate and not contain information that hides the identities of others. OK, I get that. That makes sense, but I know that makes a portion of the domainer community nervous. (I say only a portion because I know a lot of domainers who don’t try to hide their identity.) However, when reading further I stumbled across the below verbiage in the bill:

(b) Deceptive or Misleading Domain Names-
(1) IN GENERAL- It is unlawful for any person to use a domain name in an electronic mail message, an instant message, or in connection with the display of a webpage or an advertisement on a webpage, if–
(A) such domain name is or contains the identical name or brand name of, or is confusingly similar to the name or brand name of a government office, nonprofit organization, business, or other entity;
(B) such person has actual knowledge, or knowledge fairly implied on the basis of objective circumstances, that the domain name would be likely to mislead a computer user, acting reasonably under the circumstances, about a material fact regarding the contents of such electronic mail message, instant message, webpage, or advertisement (consistent with the criteria used in enforcement of section 5 of the Federal Trade Commission Act (15 U.S.C. 45)).

This is certainly “interesting” as, the way I read it, the portion that reads, “such domain name is or contains the identical name or brand of, or is confusingly similar to the name or brand name of a government office, nonprofit organization, business, or other entity” opens the door for anyone to go to a domainer and say that their domain name is “confusingly similar to their name or brand name”. This, despite the fact that a domain owner may have taken the steps to work with a lawyer to ensure their domain names are not conflicting with any other domains or trademarks and have, themselves, trademarked their domain name(s). This bill is SOOOOOOO open that it basically allows business owners, no matter how upstanding, or lowstanding they may be, to go to a domainer, having the domainer turn over the domain name they have purchased and developed in good faith.

After reading this bill I couldn’t help but wonder several things…..

First of all, some people look at domainers as living in the “Wild West” , heading out on their own without boundaries and being reckless. After attending various domainer conferences I know that image is false. However, I can’t help but apply that “Wild West” description to this bill. Keep in mind ICANNWiki.org is neutral and listens to the entire ICANN “community”, but in reading this bill the recklessness, for lack of a better term, is fairly obvious. Is Snowe’s office reaching out and working in concert with the community to try and curb phishing activity? Is Snowe’s office working with ICANN or are they off and running on their own? Is Snowe’s office working directly with the Internet Commerce Association? Or is Snowe’s office running on their own?

Yes, there are domain tasters and there are people who try to tie up domain names that may infringe on trademarks, but from what I have learned that is far more the exception than the norm. So labeling everyone in one community based on the actions of a few is, what I feel, not what this country is about. Regarding domain tasters, the community IS taking steps to bring tasting to a halt.

One of the many things I wondered about was the jurisdiction of this bill. If passed as is, would the teeth of this bill reach beyond the US shores? In dialing into the ICANNWiki.org community I found out that the answer is probably yes. On January 1, 2007 the US joined the Council of Europe Cyber Crime treaty. The purpose of the treaty “…provides for `mutual assistance and extradition among participating nations.’ ” While 30 countries signed the treaty when created in Budapest in 2001, the number of countries currently supporting the treaty today is not easily found. Also, from a jurisdictional perspective, how might this work with, or interfere with UDRP policies that have been established in various countries. For those countries that have not signed onto the Council of Europe Cyber Crime treaty, but have an established UDRP within their country, does this bill seek to work with such UDRPs?

Getting back to the statement, “ such domain name is or contains the identical name or brand of, or is confusingly similar to the name or brand name of a government office, nonprofit organization, business, or other entity”, how many times have you attempted to drive to a location only to stop and pause, thinking, “You know…. That looks familiar. Is that my destination?” With that in mind, should the same apply to land? If someone feels their land is confusingly similar to their piece of land does that mean you need to hand the title of your property over to the other person? No!

While this bill has understandably raised much concern by the community, one sage counselor in the ICANNWiki community reminded me that the bill is still in its infancy. One of the things to watch in a bill is if the bill is “partisan” or “bi-partisan”. Bills with a “bi-partisan” sponsorship tend to have a stronger chance of going forward. As we know, this bill has bi-partisan sponsorship. While it has been referred to the Commerce subcommittee, one should become more concerned if it winds up in either the Judiciary or Banking committees. Another good signal is to watch what is going on in the Center for Democracy & Technology site. Finally, if this bill progresses through the Senate it will not doubt receive edits like other bills. Also, a similar bill will need to make its way through the House. Bottom line is if the bill ever passes it has the opportunity go filter through both the Senate and the House, with various edits along the way before a single bill is decided upon for vote.

So, while reducing phishing is a good thing, this bill seems to be grabbing at anything associated with the “potential” of phishing. Remember the “Salem witch hunts”? That is what this bill reminds me of as it is lumping and affecting large groups of people who should not have to bear the “Scarlet I”.

3 comments March 12th, 2008

Calendar

March 2008
S M T W T F S
« Feb   Apr »
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Posts by Month

Posts by Category