Feeds

Yankee legislators, stay home

Get off my domain

  • alert
  • submit to reddit

SANS - Survey on application security programs

Another day, another fight over domain name policing. The latest twist in the top-level domain name saga concerning .com, .net and .org see new disputes over fees charged by Networks Solutions Inc, and a legal jurisdiction land-grab spat. A proposed class-action suit against the 1995 agreement between NSI and the National Science Foundation brought by eight plaintiffs in the San Francisco District Court seeks $800 million in fee refunds and $900 million in damages, supposedly because of the charging of fees for domain name registration. The constitutional issues are said to concern taxing and commerce clauses, while the Administrative Procedures Act obliges the government to hold hearings on the reasonableness of fees before they are enacted. The User Fee Statute requires that fees may not exceed the cost of providing the service. This case follows on from the earlier dismissal of a narrower class action case. Separately, the Court of Appeals for the DC Circuit has decided that the domain registry is not "a quintessential government service". The American Internet Registrars Association supports the new action. NSI is accused of failing to regulate properly, and abusing its monopoly power by encouraging companies to register for .com, .net and .org suffixes. However, NSI had agreed to observe all Internet protocols and policies, which should have excluded applications for all three top-level domains by one applicant, it is argued, since .com is supposed to be used by for-profit firms, and .org by not-for-profit organisations. Virginia calling There is also conflict between registered domain names and registered trademarks, but with US control over the key high-level domain suffixes, the reasonable resolution of disputes involving trademarks registered outside the US is very difficult if one party insists that US courts must be used. In trademark law, the date of first commercial use is generally more important than the date of registration, but practice varies. There is a further problem area with US service marks, which do not have a universal equivalent outside the US. Clinton's Anticybersquatting Consumer Protection Act last November gave some US protection for personal names and registered trademarks, but it could only apply in the US. A complicating territorial issue emerged earlier this month when a US District Court in Virginia decided it had jurisdiction over all top-level domains registered in Virginia - and of course Network Solutions is headquartered there. Although the court cannot resolve damages claims, it can order that a domain name be differently registered - but the value of a domain name to a business can of course be very considerable, so any decisions by a Virginia court could have significant consequences. This potentially gives US organisations preferential access to the US courts, and it remains to be seen as to how significant this ruling becomes. Last November the BBC tried to get bbc.org from the Greater Victoria (British Columbia) Computer Users' Association --the "BBC" here stands for "Big Blue and Cousins", in use since 1985 and with the domain name registered in 1995 --since it said that it held a registration in Canada for BBC. At the moment, BB&C is considering its options, and points out that "there are considerable costs to changing the domain name", which looks like a negotiating position. The first case has been resolved with the World Intellectual Property rganisation being the designated arbitrator, and it was encouraging that an international body was involved in the arbitration. An Albany, NY company called musicweb wanted the domain name musicweb.com but it had already been bagged, and by a cybersquatter. Because the name had been offered for sale, it was not hard to prove bad faith and no legitimate right to the name. The cybersquatter didn't show up to defend the case. It is still not clear whether arbitration will take precedence over litigation, although for a plaintiff US litigation appears to be an alternative to arbitration. It would seem that some restriction on the number of domain names that can be registered by an organisation or individual is desirable. The new procedures are likely to make some names presently held by cyberquatters vulnerable to take over, and so a new domain-name rush could be shortly underway as cybersquatters are challenged for valuable domain names. Another issue that will need to be confronted is the use of national suffixes for unrelated purposes - for example Turkmenistan's .tm in Sony.tm, where the desire is to indicate a trade name. It would have been sensible if .us had been used more widely in the USA, and top-level domains kept for qualified significant internationally-operating organisations, but it's too late for that now. As to whether the new domain name regulatory system will work in practice, we shall have to wait until there is a reasonable body of cases before making a judgement. But having ultimate top-domain name control subject to US law is not a comfortable situation. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
Intel sees 'signs of improvement in the PC business' but earnings remain 'Meh...'
Prospects for the future, however, please Wall Street money men
What's a right pain in the ASCII for IBM? Its own leech-like hardware biz
Keep your eyes on our cloud while we remove this pesky thing, say execs
Oracle's Larry Ellison has the MOST MASSIVE PACKAGE IN PUBLIC
Billionaire IT baron earns twice as much as the next in line, Disney chief Bob Iger
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.