The Cyveillance ICANN Reporter

November 2007

This past week Cyveillance Chief Cyber Security Counsel Adam Palmer attended the ICANN Internet governing authority’s International Public Conference in Los Angeles. This Newsletter contains a summary of the most important matters discussed at ICANN that may impact Cyveillance clients. In addition to the issues mentioned in this newsletter, there were many other matters discussed during the ICANN conference.

Cyveillance Attorney Adam Palmer is always available to speak with Cyveillance clients about any ICANN related matters, and how they may impact cyber security, for free at any time. Please feel free to call him at 703-351-2459 or email him at apalmer@cyveillance.com.

WHOIS Access

As many of you know, Cyveillance and law enforcement rely on the WHOIS database of domain owners to quickly identify the operators of phishing sites. The WHOIS database is a vital tool for combating fraud on the Internet.

For the past seven years various ICANN working groups have examined proposals to restrict WHOIS access. Most recently a proposal was suggested to create an OPoC system or Organizational Point of Contact process. In theory, the OPoC would be notified of a malicious domain and would then relay this information to the actual domain owner. The OPoC system was suggested to increase privacy in the WHOIS system. However, it would also greatly slow the efforts of companies such as Cyveillance by forcing us to contact the domain owner via a third party OPoC. There is no assurance that the OPoC will even be a reliable contact or a 24x7 operation.

Cyveillance Attorney, Adam Palmer, has actively participated in the ICANN Business Constituency group that has advocated to retain full WHOIS access for Cyveillance clients. During the ICANN meeting in LA, the ICANN GNSO Board followed the recommendations of the Business Constituency and voted 21-19 to reject the OPoC proposal.

While the defeat of the OPoC proposal is an important victory for Cyveillance clients, there continues to be abuse of the WHOIS system in the form of fraudulent proxy registrations. ICANN has proposed a working group be created to study the current WHOIS policies and it is hoped that the proxy abuse issues will be addressed by this group in the near future.

Voting Changes

ICANN is currently considering a proposal to eliminate “weighted” voting by registrars and registries. If approved, this will improve the ICANN voting structure as it will provide a more democratic equality to ICANN votes. However, there is also a troubling proposal being suggested to consolidate the Business Constituency with other smaller and diverse constituencies. This new conglomerate constituency would only be given a single vote on the ICANN Board.

This proposal is at a very early stage of development, but it is an important issue to watch as it might have the effect of greatly reducing the voice of Internet Business at ICANN. Cyveillance Attorney Adam Palmer is working with the ICANN Business Constituency to oppose such a change in voting structure and ensure that the voice of Internet Business continues to be heard at ICANN.

New Top Level Domain Names

A working group created to ensure Intellectual Property rights are protected in new top level domain names has stalled. Cyveillance Attorney Adam Palmer is now working with the ICANN business constituency to implement a process similar to the fairly successful UDRP procedures for recovering domain names. A working group is currently finalizing a plan for the implementation of nTLD. Once this process is complete, Cyveillance will be working with the other Business Constituency members to ensure that its clients continue to have a reliable process for defending their brands in cyberspace.

Domain Tasting

ICANN began the formal opening of a “PDP” or Policy Development Process on the issues of Domain Tasting. Domain Tasting is the abuse of the five day period after registration of a Domain Name whereby a person can register a domain at no cost for 5 days. Originally intended as a grace period for legitimate domain purchasers to return an unwanted domain, the “add grace period” (AGP) is increasingly being used by individuals to infringe upon the trademarks of others.

Domain Tasting is a difficult issue to resolve, especially because it can appear to create a benefit for both registries and registrars who may experience additional cash flow revenue from the registration of new domain names. This can arguably create a perceived conflict of interest for these parties in fighting domain tasting. Those entities actually purchasing the domain names benefit most by receiving a domain name that is essentially “free” if it is returned before the AGP expires. A domain taster can register a trademarked domain name, receive five days of Internet traffic, and pay nothing by returning the name before the end of the AGP.

The opening of a PDP on the issue of Domain Tasting will hopefully result in a greater awareness of this issue and a resolution. Current suggested solutions range from eliminating the grace period to a fine against those who frequently return domain names within the grace period.

You are receiving this because at some time in the recent past you had requested to receive information from Cyveillance. If you would like to unsubscribe from this mailing list, please reply to this message and type "remove" in the subject line. Thank you.

Cyveillance, Inc., 1555 Wilson Blvd., Suite 406, Arlington, VA 22209, 1-888-243-0097 Fax: 703-312-0536