THE WIPO RFC-3 AND REVERSE
DOMAIN-NAME HIJACKING
March 14, 1999
TO: Mr. Francis Gurry, WIPO Internet Domain Name Process, World Intellectual Property Organization, 34 chemin des Colombettes, P.O. Box 18, 1211 Geneva 20 Switzerland
FROM: Peter R. Rony, rony@usit.net.
Copyright Ó Peter R. Rony 1999. All rights reserved.
LINKED TABLE OF CONTENTS
THE FUTURE OF THE DNS: 40 TO 50 MILLION DOMAIN NAME REGISTRANTS BY 2014?
WHERE IS A LIST OF DEFINITIONS IN RFC-3?
THE ETERNAL STRUGGLE BETWEEN GOOD AND EVIL; WHITE HATS VERSUS BLACK HATS
PARAGRAPH 57: OPEN SEASON FOR REVERSE DOMAIN-NAME HIJACKING BY TRADEMARK OWNERS?
PARAGRAPH 168: JEOPARDY IN PERPETUITY FOR THE NON-COMMERCIAL DOMAIN NAME HOLDER
RFC-3 PARAGRAPHS 57 AND 168: MY LITMUS TEST FOR THE INTENTIONS OF WIPO
THE CRITIQUE OF MICHAEL FROOMKIN: A CHECKLIST OF RECOMMENDATIONS
JUST WHAT ARE WE GOING TO DO WITH THOSE ICANN FOLKS?
You invited those of us who were in the audience at the March 10, Washington, D.C. WIPO RFC-3 meeting to assist the panel of experts in identifying "obnoxious practices". I thank you for both your invitation and your extension of the comment deadline.
I write the following not as a lawyer or an intellectual-property expert, but simply as an interested citizen. I speak here as: (1) a registrant for several domain names, including RONY.COM and SHAREBOOK.COM; (2) a private citizen who is employed as a chemical engineering faculty member in the College of Engineering at Virginia Tech (Blacksburg, VA); (3) a co-author of "The Domain Name Handbook: High Stakes and Strategies in Cyberspace"; see http://www.domainhandbook.com ; and (4) an interested citizen who previously submitted comments to the NTIA Green and White Paper RFC solicitations.
I wish to focus on the important issue of "reverse domain-name hijacking" as well as on the probable demographics of domain-name holders fifteen years from now. I provide capitalized section headings in order to facilitate reader navigation.
THE FUTURE OF THE DNS: 40 TO 50 MILLION DOMAIN NAME REGISTRANTS BY 2014?
Shari Steele, from the Electronic Frontier Foundation, inquired on March 10, Why should trademark owners have superior rights to everyone else in DNS registration matters? I ask the same question.
My prediction for the DNS is that there may be 40 to 50 million worldwide domain-name registrants within fifteen years, if not earlier. Therefore, we deliberate about the DNS today while at least 90% of future domain name registrants remain asleep, unready, too young, or even ignorant concerning the expressive opportunities of owning, using, and benefiting from a domain name.
I argue here that we should make our RFC-3 decisions today based upon the dog (at least 40 million additional DNS future registrants) rather than on the tail (present and future trademark owners). We should make decisions that will beneficially impact "we, the people", otherwise known as small businessmen/businesswomen, farmers, hobbyists, collectors, policy wonks, suburbanites, politicians, computer neophytes, scientists, engineers, home-based entrepreneurs, teachers, scholars, students, baby boomers, the elderly, kids, musicians, music-lovers, astronomers, sports aficianados, travelers, computer scientists, artists, grocers, journalists, historians, chemists, biologists, gardeners, homeowners, political dissenters, free-speech advocates, and even the hiply irreverent.
Since the creation of the microprocessor chip (1971), computer experts, each in their own time, have consistently under-predicted the scope and impact of advances in computer technology. In 1975, the 4- and 8-bit microprocessor chips were considered as hobbyist playthings by computer professionals at IBM, Digital Equipment Corporation, and other mainframe and minicomputer firms. Such corporations also failed to predict the enormous expansion of email from the early 1980s to perhaps 40 to 50 million email users in 1999. Even Microsoft underestimated the impact of the Internet. I believe that history teaches us that we may again underestimate how many domain names will exist worldwide within half a generation.
WHERE IS A LIST OF DEFINITIONS IN RFC-3?
I detect no serious attempt to define terms at the beginning of the RFC-3 WIPO interim report. We need a list of definitions for:
Cyberpiracy
Cybersquatter
Legitimate registrant
Good-faith registrant
Bad-faith registrant
"Inaccurate or unreliable information" (see WIPO RFC-3, paragraph 57)
Abusive registration information
Commercial domain name registrant
Non-commercial domain name registrant
Famous mark
. . . . among other terms.
Ellen Rony provided the following definitions in a public email message dated 12 Mar 1999:
Cyberpiracy: The predatory and bad-faith act of registering domain names solely for the purpose of reselling them to respective trademark owners or interested parties.
I hope that others will submit definitions by the extended WIPO deadline.
THE ETERNAL STRUGGLE BETWEEN GOOD AND EVIL; WHITE HATS VERSUS BLACK HATS
The wild West was a common metaphor for legal proceedings. When I was involved in personal litigation, concerned that we were not accomplishing anything, my lawyer explained to me that in a trial the issue becomes "Who leaves the courtroom with the white hat and who leaves with the black hat."
As I read RFC-3 and study my notes from the March 10 WIPO meeting, I am struck by the fact that this DNS process is yet another example of the eternal human struggle between good and evil. The initial cast of characters include two white hats and two black hats,
* White-hat I: The legitimate, good-faith private citizen or organization,
* White-hat II: The aggrieved trademark owner,
* Black-hat I: The cyberpirates, specially individuals who provide willfully misleading domain-name registration information.
* Black-hat II: Those who are involved in abusive (predatory and parasitical) domain name registrations against owners of famous marks.
WIPO, please focus your recommendations exclusively on the black hats. Also, please understand that several, poorly-worded recommendations in RFC -13 may provide incentive for the conversion of some of the White-hats-II into what I would call Black-hats-III, namely,
* Black-hat III: The confused or demanding corporation or trademark owner who uses spurious claims to seize a domain name from a legitimate domain holder,
(in other words, individuals who engage in the practice of "reverse domain-name hijacking" at the expense of White-hat-I private citizens/organizations).
We do not want the cure to be much worse than the disease.
PARAGRAPH 57: OPEN SEASON FOR REVERSE DOMAIN-NAME HIJACKING BY TRADEMARK OWNERS?
According to The Domain Name Handbook (page 616), reverse domain-name hijacking can be defined as:
Reverse domain-name hijacking -- When a trademark owner asserts a spurious claim of trademark infringement and/or dilution to seize a domain name similar or identical to the registered mark away from a legitimate domain holder.
Particularly egregious in this respect is paragraph 57 in RFC-3.
57. It is recommended that the registration agreement contain an agreed term that inaccurate or unreliable information in the registration agreement constitute a material breach of the contract and be a basis for the cancellation of the domain name by the registration authority.
I ask, What constitutes "inaccurate or unreliable information"? A phone number with an incorrect area code, perhaps caused by a recent change in area codes by the telephone company? A character mistake in a zip code or an address number? An incorrect address, for example, created by the fact that a domain-name holder moved to another state and forgot to update his/her registration information? Or any other type of innocent, human error or oversight? And how expensive will it become for a good-faith domain registrant to defend his/her domain name from an opportunist?
Gentlemen and ladies, where in paragraph 57 are the adjectives that explicitly define our common foe, namely, the cyberpirates? Where are phrases such as:
Abusive registration information, or
Willfully misleading registration information, or
Bogus registration information, or
Fraudulent registration information?
Would you be willing to consider a reworded paragraph 57?
57. It is recommended that the registration agreement contain an agreed term that willfully and/or massively misleading information in the registration agreement constitute a material breach of the contract and be a basis for the cancellation of the domain name by the registration authority.
The intent of this suggested change in text is to distinguish willful and massively incorrect information from hnonest errors and delayed updates.
You understand my intent. You are the legal wordsmiths. Please make the necessary changes to protect some among the tens of millions of future White-hat-I domain-name holders from reverse domain-name hijacking.
Two of the eternal verities of human nature, "If something is not prohibited, then it is allowed" and "It is better to ask forgiveness than to ask permission" will likely apply to the originally-worded RFC-3 paragraph 57, and (if unchanged) may open the door to frequent attempts at reverse domain-name hijacking by intellectual property owners.
PARAGRAPH 168: JEOPARDY IN PERPETUITY FOR THE NON-COMMERCIAL DOMAIN NAME HOLDER
Paragraphs 167 and 168 in RFC-3 state:
167. It is considered that, while a time bar for claims may be a superficially attractive proposal, any implementation of such a measure would need to take into account that the underlying use of a domain name may evolve over time (with the consequence that the use of a domain name may become infringing through, for example, the offering of sale of goods of a different sort to those previously offered on the web site); that any related intellectual property rights held by the domain name holder may lapse; and that a time bar would in any event be undesirable in cases of bad faith.
168. It is not recommended that claims under the administrative dispute-resolution procedure be subject to a time limitation.
Here, RFC-3 does not want to leave the door open to a change in use of a site. Fair enough. But when use of a site changes (e.g., an innocuous ad is transformed into a porn site) existing laws can cover the change in content. Clearly, those who register a name and use it in a legitimate, non-infringing sense, should not be subject to a dispute years later merely because a TMO decides it wants to use the same domain name in e-commerce.
The legal remedy should be the removal of the offending material from the web site, and not the confiscation of the domain name from its owner. For the registrant in good faith, this lack of a time limitation is unwarranted and punishing. For the cyberpirate, the proper approach requires greater specificity in paragraph 168,
168. It is recommended that claims under the administrative dispute-resolution procedure -- for registrants who provide willfully and/or massively misleading information in the registration agreement -- not be subject to a time limitation.
Everybody else should be off the hook concerning an indefinite statute of limitations.
RFC-3 PARAGRAPHS 57 AND 168: MY LITMUS TEST FOR THE INTENTIONS OF WIPO
As a citizen who registered the RONY.COM domain name, I can study the your modifications to paragraphs 57 and 168 to ascertain whether or not WIPO truly cares about the interests of legitimate, good-faith domain name holders.
I am ambivalent about the arguments that I encounter about the commercial-versus-noncommercial domain-name distinction. Creating non-commercial domain names, such as *.YYY or *YYY.US, is initially attractive because all non-commercial domain names can be given the a-priori legal presumption that they do not violate the commercial interests of any trademark owner around the world. I doubt, however, that a company like Porsche, Inc. would be pleased with either PORSCHE.YYY or PORSCHE.YYY.US domain names that they did not own. Porsche will be Porsche, eternally. My suspicion is that the domain-name disputes will spill over into the non-commercial domain names and that the creation of non-commercial domain name categories may become an exercise in futility. I am not optimistic about the future of any new gTLDs.
I still do not understand why trademark owners have not directed their considerable energies toward creating the .TMK gTLD or ccTLDs, with sub-level domains corresponding to the 42 international classes of products and services. It would seem that the pursuit of such an objective would be eminently fair, would advance the interests of ALL registered trademark owners, and would allow for expansion to future trademark owners. To register a TMK ccTLD or gTLD, a printed copy of the trademark registration notice would always be required upon domain name registration, plus immediate payment of the registration fee.
The situation in which only a single .COM gTLD domain name is available for all 42 international classes is an abomination. With trademark owners ignoring the logic of international classes of trademark domain names, how can I trust their collective wisdom to influence future DNS policy? As far as I am concerned, the trademark interests have dropped the ball.
THE CRITIQUE OF MICHAEL FROOMKIN: A CHECKLIST OF RECOMMENDATIONS
I have been informed that Michael Froomkin is one of a handful of the most brilliant legal scholars working in this field. I am delighted that he is on the WIPO Panel of Experts, and believe that history will judge him well for his scholarly RFC-3 critique, which is found at URL
http://www.law.miami.edu/~amf/critique.htm
Using Congress-speak, I wish to "associate myself" with the following italicized recommendations from his critique:
71. Recommendation 50 should be amended to allow for pseudonymous registration via an identified agent.
78. Recommendation 55 should be amended to make clear that all data concerning the registrant will be treated in conformity with the leading international standards for data protection. As elsewhere, the grounds for accessing the database should be restricted to claims of trademark (not "intellectual property") infringement.
80. Recommendation 59 should be amended to conform to the extensive amendments proposed for the recommendations in Chapter Three. Specifically, it should be made clear that the third party benefits granted by the registrant will inure only to complainants who enter into a suitable reciprocal agreement regarding jurisdiction and choice of law.
85. All of Recommendation 67 should be deleted except the statement that pre-payment should be required in open gTLDs. Furthermore, it should be stated that ccTLDs should feel free to ignore this recommendation if they wish to give citizens free domain names in the public interest.
90. Recommendation 88 should be substantially modified as described above.
99. The entire WIPO-ADR procedure described in Chapter Three should be made optional, except perhaps in the case of organized "cyber-pirates" who are in the business of repeatedly registering the trademarks of others for resale.
100. Alternately, the DNS could be divided up into domains to which WIPO-like policies applied, and those where they did not. One or more of the new gTLDs that might be created could be subject to more demanding registration conditions; in time, if this domain were perceived by the public as being the most reliable domain in which to find the companies associated with familiar trade names.
104. Recommendation 115 should be re-written to make clear that if the WIPO-ADR procedure is to be without prejudice to the rights of the complainant, it should equally be without prejudice to the rights of the registrant..
111. Recommendation 119 should be amended to be consistent with the following principles:
- Registrants should not be required to agree to jurisdiction where the registry is located unless the registry also functioned as the registrar.
- Registrants should not be required to agree to jurisdiction where the registrar is located if this is different from their residence until and unless there are a sufficiently large number of registrars distributed around the world.
- Registrants should not be required to extend the consent-to- jurisdiction benefits conferred in the third party beneficiary agreement with the registry to any third party complainant who does not agree to jurisdiction in the same locations in the event that this third party complainant prevails in the WIPO-ADR and the registrant wishes to contest that determination in court.
116. Recommendation 142 should be changed to make the WIPO-ADR procedure optional except perhaps in the case of organized "cyber-pirates" who are in the business of repeatedly registering the trademarks of others for resale.
135. Recommendation 145 needs substantial revision.
- The entire administrative procedure should be optional except perhaps in the case of repeat "cyber-pirates" who are in the business of repeatedly registering the trademarks of others for resale.
- Even of the procedure were required in some gTLDs but not all, rather than requiring the registrant to submit "any dispute concerning the domain name" to the WIPO-ADR, the reference should be ONLY for claims based on a claim that the registration violates the trademark rights of another.
If the procedure is not optional in all gTLDs, there is a substantial risk that a US court would hold that even the more limited trademark-only scheme proposed here was unconscionable when enforced against a consumer and would refuse to enforce the arbitration clause in those circumstances.
136. Recommendation 151 should be amended to make clear:
- That the entire administrative procedure is optional except perhaps in the case of organized "cyber-pirates" who are in the business of repeatedly registering the trademarks of others for resale.
- That only trademark-based claims will be subject to it, not, e.g., those based on right of personality claims, or copyright.
141. Recommendation 158(iv) should either be deleted or limited to cases of gross and repeat abuse.
142. Recommendation 163 should be amended to make clear that only trademark-based claims will be subject to it.
143. Recommendation 165 should be amended to make clear that the WIPO-ADR will be suspended in the event that proceedings begin before a competent court.
145. Either Recommendation 168 should be amended to include a time bar or, preferably, the other recommendations in RFC 3 that fail to recognize that trademark infringement requires infringing use beyond mere registration should be harmonized with the recognition of this fact in Recommendation 168.
147. Recommendation 171(i) should be deleted. It is unreasonable for WIPO to expect much in the way of comment, much less informed consensus, on a proposal for rapid interim relief before detailed procedural rules have been written regarding commencement and conduct of proceedings.
150. Recommendation 178 should be amended to be consistent with the prior two paragraphs.
152. Recommendation 187 should be modified to be consistent with the prior paragraph.
154. Recommendation 194 should be modified to make clear that fee-shifting should follow the rules of the jurisdiction whose substantive law is being applied. Alternately a uniform standard might be devised if limited to cases of gross and repeated abuse.
157. The underlined portion of Recommendation 198's suggestion that "the merits of a dispute be decided by the decision-maker in accordance with the laws that, in the light of all the circumstances of the case, are applicable and by reference to a set of guiding principles that endeavor to identify the dominant considerations that national courts cases have taken into account" is unacceptable in any form and should be deleted.
165. Paragraph 199 should be deleted. Paragraph 244 should be modified to reflect the comments in the above paragraph.
167. Paragraph 200 should be deleted.
174. All the recommendations in Chapter Four should be deleted. The question of creating special protections in the DNS for a new class of globally famous marks should be deferred until the duly constituted international bodies seeking to define what constitutes a globally famous mark have reached firm conclusions.
JUST WHAT ARE WE GOING TO DO WITH THOSE ICANN FOLKS?
I understand that WIPO will submit its recommendations to ICANN.
If this entire process of transferring administration of the DNS from the National Science Foundation to the private sector continues to go awry, my inclination would be to request Congressional intervention to prevent the ICANN initial board from moving forward with any WIPO recommendations until it is replaced by a membership-elected board.
As you can observe, I have little confidence in the ICANN Board of Directors. I think the WIPO process has been open and transparent, even if its recommendations are one-sided and fail to address the substantial concerns of legitimate domain-name registrants.