" /> Domain Name Rights Coalition: October 2003 Archives

« September 2003 | Main | November 2003 »

October 30, 2003

Lobbying for Whois Privacy

Unfortunately, the strength of the trademark lobby, who feels that using this technical tool as an enforcement tool makes privacy issues unlikely to be addressed. We have long been told that speech rights, and rights to privacy (constitutional rights) must take a back seat to intellectual property "rights." How having a list of all domain name holders, including home addresses and telephone numbers, is an "intellectual property right" is beyond me, but there you have it

Today a letter was submitted to the President of ICANN, Paul Twomey, at the ICANN Carthage meeting, "asking him to ensure that strong privacy safeguards, based on internationally accepted standards, are established for the WHOIS database." Latest reports indicated that the draft letter had been signed by about 50 nonprofit groups and represented 21 countries on six continents. "Signers of the letter included the American Library Association, the U.S. Association for... [CircleID]

Top Level Domain Follies

From DNRC Board Member Karl Auerbach

Bret Fausett quite reasonably argues that ICANN's TLD (Top Level Domain) "test bed" is dead.

I don't think that there ever was much life in that test bed.

I was trained in the hard sciences - mainly chemistry and physics. And I spent some of my undergraduate years doing research on high input-power chemical lasers. I also spent time in the soft sciences where I did research on patterns of urban mobility. In all of this work we used a technique called "the scientific method" - it involves observation, formulation of hypothesis, predictions based on the hypothesis, and experiments to test those predictions (and indirectly the hypothesis.)

ICANN never really followed any process, much less one as structured those used in the hard sciences, to focus its observations of the behavior of new TLDs. ICANN's information gathering was never better than ad hoc. And there were neither hypotheses, predictions, nor experiments. ICANN's TLD test bed process was not scientific; quite the opposite: it was chaotic and arbitrary.

Nor was ICANN's test bed process particularly useful for the creation of a body of data that might be useful for an unscientific after-the-fact inquiry. ICANN's data gathering, even when it was performed, was mainly of business information that has no apparent relationship to the stability of the internet's domain name system. No records were made of actual DNS activity and behavior as the new TLDs were being deployed. No measures were made of the accessibility or usability of those new TLDs.

(It wasn't that there was not interest - Louis Touton and I wanted to quantitatively monitor the cross-fade of queries away from the old .org servers and onto the new ones as part of the Verisign-to-PIR transition of .org. However, that effort was too low on ICANN's list of priorities and thus a golden opportunity to observe DNS behavior in the wild was lost. Such data would have been invaluable when trying to comprehend the impact of a future planned or unplanned operational transition of a large DNS zone.)

To give but one example of something that we ought to have investigated: There are thousands upon thousands of web page forms out there on the net that have Javascript or cgi-bin programs that do not accept top level domain names with four or more characters. The people who operate the TLDs with such names have pointed out repeatedly that this limitation has substantially hindered the usability and acceptance of their offerings. Yet, ICANN does not even have this problem listed as something that is to be investigated in the "testbed", and after several years, ICANN has not even a qualitative estimate of the extend of this problem, much less initiated a curative initiative to try to inform the web community that these limitations on web forms are overly restrictive.

ICANN's TLD "test bed" has little value except as a body of anecdotal data.

I agree with Bret that we should abandon the pretense that there is a "test" in progress or that there ever really was a "test".

It is high time for ICANN to move forward on new Top Level Domains - and not merely of the kind that, even in the absence of real tests, have shown little, if any, evidence of cognizable benefit to the community of internet users.

[CaveBear Blog]

October 27, 2003

Cyberpiracy north of the border

Michael Geist - outspoken Canadian Law Professor offers a unique perspective on fairness, Internet freedom, and how Canadians view "DMCA Gone Wrong." Well worth the read.

Are Canada's file swappers next in line to be prosecuted? The University of Ottawa Internet expert Michael Geist tells CNET News.com what to expect.

Is Canada a freer country when it comes to the Internet, as a result?

Based on an innovation perspective, we haven't run into the same problems the United States has, with lawsuits brought against researchers, garage door manufacturers and printing companies. Most Canadians look at those cases and are rather puzzled. [CNET News.com]

October 24, 2003

Insufferable?

A wonderful piece by DNRC Board Member Karl Auerbach

The people who want ICANN to create .travel are saying that ICANN's delay is "insufferable".

I have discussed the hubris of the .travel proponents in the past.

It is indeed insufferable that ICANN is delaying new TLDs - ICANN has demonstrated no reason why top level domains should not be created at a rapid rate. It is time for ICANN to adopt an combination auction/lottery system as has been proposed by several observers. See http://dcc.syr.edu/miscarticles/NewTLDs-MM-LM.pdf

The .travel people seem to believe, however, that they have some divine right to their own top level domain. They are incorrect.

Certainly they have a right derived from the continued existence of their application of year 2000. But each of the 39 other applicants who were not selected that year have that same right. There is no reason for any of us to believe that .travel will benefit the community of internet users. Rather .travel will be of value merely to one particular industry segment. If we are to allocate top level domains to industry segments, then there are certainly more deserving industries - farming, teaching, labor, and public health and safety all come to mind as being more socially valuable than the travel business.

Yes, ICANN's TLD policy is a disaster. But the damaged victim of that policy is not .travel. No. The real damage has been to the public who have been deprived of a meaningful and useful expansion of the internet name space.

[CaveBear Blog]

October 23, 2003

CAN SPAM Bill Passes Senate Unanimously

The Senate has passed S.877 the Anti-Spam bill introduced by Senator Conrad Burns (R-MT) and Ron Wyden (D-OR). The main provisions of the bill provide the Federal Trade Commission, attorneys general and Internet Service Providers more tools to go after commercial mailers who deliberately conceal the routing information of their messages. Several amendments where added to the bill at the last minute including a provisions to: encourage bounty hunters to track down spammers; create a do-not-spam list to be run by the FTC; and a labeling requirement for pornographic messages. October 23, 2003 [Center for Democracy and Technology]

Comments to DNRC Website

We're very sorry to do this, but due to "spam comments" (comments with no content but contain links to generally pornographic sites) we must shut down the ability to comment to stories in our weblog.

If you have comments to individual articles, please submit them to admin at netpolicy dot com and we will post them if they are not spam, or post to the forums. Thank you for understanding.

October 22, 2003

Why Do We Care About Names and Numbers?

An interesting article on one perspective on why names and numbers are important to the Internet

An article based on the most recent study for the European Commission on the Policy Implications of Convergence in the Field of Naming, Numbering and Addressing written by Joe McNamee and Tiina Satuli of Political Intelligence.

"With relation to the Internet and also IP addresses, the "scarcity" is more complicated: there are not only intellectual property issues with regards to domain names, but there is also an issue of managing the integrity of the system. For any naming... [CircleID]

October 21, 2003

CDT Urges Action on Anti-Spam Legislation, Opposes Labeling

CDT's information is well worth looking at.

CDT urged members of the House Commerce Committee to support balanced spam legislation containing an anti-spoofing provision and opt-out, but warned that a labeling provision in the current draft was probably unconstitutional. CDT called for the addition of a private right of action and recommended that states be preempted from regulating spam only for a few years, to see if the federal law was having an impact. Anti-spam bills have been stalled in both houses of Congress. A controversial proposal for a Do-Not-Spam List is the stumbling block in the Senate. October 16, 2003 [Center for Democracy and Technology]

October 18, 2003

RIAA Croons a New Warning Tune

This type of strategy is very similar to what goes on in the domain name arena. Threaten unsophisticated people into paying money, whether they are "guilty" or not. If they don't pay, the litigation costs would likely be far more than the settlement. Then the RIAA can parade the number of settlements as proof of "guilt."

Will they ever learn that suing one's customers is not a good means of doing business?

The recording industry group says from now on it will send out warning letters to suspected music-file traders before taking them to court, allowing them to negotiate a settlement. Those who do not respond within 10 days will be sued. [Wired News]

October 16, 2003

Feds admit error in hacking conviction

Federal prosecutors ask an appeals court to reverse a computer-crime conviction that punished a California man for notifying a company's customers of a flaw in its e-mail service.

Filed on Tuesday in San Francisco's Ninth District Court of Appeals, the unusual request conceded that federal prosecutors in Los Angeles erred in bringing a criminal case against, and obtaining the conviction of, 30-year-old Bret McDanel. The one-time system administrator has already served his 16-month sentence and is currently on supervised release, during which time his access to computers is curtailed.

The conviction stems from an incident in September 2000, when McDanel notified the customers of his former employer--Tornado Development, which has since closed its doors--that the company's Web-based e-mail system had a flaw that could allow an attacker to gain access to a user's e-mail. The prosecutors successfully argued that that act--and the 5,600 e-mails sent to customers--had essentially damaged Tornado's system.

[CNET News.com]

October 15, 2003

Senators Introduce Bipartisan Effort to Curb PATRIOT Act Powers

The Center for Democracy and Technology has spearheaded an excellent effort that should be supported by freedom loving citizens.

Three Republican Senators and four Democrats last week proposed legislation to add procedural safeguards to some of the most far-reaching sections of the PATRIOT Act. The SAFE Act, S. 1709, is spearheaded by Senators Craig (R-ID) and Durbin (D-IL). It covers sneak & peek searches (secret searches of homes and offices in ordinary criminal cases) and the PATRIOT Act provision granting broad access to sensitive personal information in the hands of businesses. It also specifies limits on roving wiretaps and would "sunset" some additional provisions of the PATRIOT Act at the end 2005. October 15, 2003 [Center for Democracy and Technology]

Important Precendent from Larry Lessig's Blog

It is nice to know that telling the truth is finally vindicated in this country. But at what cost? An innocent man spent 16 months in prison.

So imagine this: An employee works for a software company. He discovers a problem with the software, tries to warn the company, but it does nothing. He quits, and then sends email to all the customers of the company, informing them of the security problem with the software. The flood of emails brings the email server down for a bit, but that admittedly does not cause significant damage. Nonetheless, the employee is criminally prosecuted for causing an “impairment to the integrity” of a computer system (by revealing its flaws) which resulted in more than $5,000 in damage (because now it was known to be flawed).

The employee is found guilty. He is sentenced and serves (yes, he actually serves) 16 months in a federal prison.

In America, you ask? Well, in fact, yes — justice in the Central District of California. But it gets better.

On appeal, the employee retains Jennifer Granick, executive director of Stanford’s Center for Internet and Society. She argued the obvious point: it can’t be “damage” to tell the truth about some company’s software — however ugly that truth might be.

Today the government agreed. In an extraordinary (and extraordinarily rare move) it confessed error. “On futher review,” the government wrote, “in light of defendent’s arguments on appeal, the government believes it was error to argue that defendant intended an ‘impairment’ to the integrity of [X’s] computer system.” The government asked that the conviction be vacated.

“In light of defendant’s arguments on appeal.”

Indeed, America: Where defendants sometimes get great lawyers, and where governments let justice admit it is wrong.

I am proud, and moved, by both.

[Lessig Blog]

October 10, 2003

SunnComm won't sue grad student

Seems that SunnComm got some common sense and will not sue

In an abrupt reversal, the antipiracy company decides not to sue the Princeton University grad student who published a paper that describes how to bypass CD copy protection technology. [CNET News.com]

Student sued over CD piracy study

Use of the shift key is now going to be actionable under the fatally flawed DMCA. Will the stupidity ever stop?

A US student is being sued for showing how to get around anti-piracy technology on a new music CD. [BBC News | TECHNOLOGY]

October 07, 2003

Sitefinder vs the "Rise of the Stupid Network"

So why is Sitefinder so bad anyway? DNRC Board Member Karl Auerbach answers that question in the following article

I hope everyone has read David Isen's paper, the Rise of the Stupid Network.

That paper argues that telephone company networks became obsolete and inefficient dinosaurs, hostile to new innovation, because they put too much "intelligence" into the middle of the network.

The success of the internet is based in large part on the end-to-end principle, a principle that promotes designes in which the net is a mere conveyor of packets and that services are pushed outside of the net and into the end points.

It seems to me that Verisign's Sitefinder is an example of exactly the kind of end-to-end violation that gave rise to the inefficient and difficult-to-innovate telephone networks that David Isen complains of in his article. Verisign's Sitefinder puts a "service" (Verisign's term, not mine) into the middle of the net, thus creating an impediment to others who wish to innovate at the proper place - at the edges.

[CaveBear Blog]

The Aftermath: How ISPs Responded to Site Finder Around the World

It is heartening to know that the Internet still "routes around breakage" in this manner

During the 2+ weeks for which Site Finder was operational, a number of ISPs took steps to disable the service. A study just released reveals details and analysis, including specific networks disabling Site Finder during its operational period. For example, China blocked the traffic at its backbone, and Taiwan's Chunghwa Telecom and Korea's DACOM also disabled the service. US ISPs seem to have been slower to act, in general -- but US ISP Adelphia disabled the service September 20-22... [CircleID]

Status After 'Hurricane SiteFinder': Is It Over?

After roughly 19 days of its introduction, VeriSign's Site Finder service was finally shutdown on October 4, 2003 following a "Formal Deadline" issued by ICANN (previously reported here). With the plug pulled, the Internet appears to be returning to its regular status ending a historic event that can be... [CircleID]

October 04, 2003

Losing SiteFinder

A well done article by Wendy Seltzer

ICANN demanded, at last, that the SiteFinder disservice be suspended, and VeriSign grudgingly complied. As EFF's Seth Schoen notes, VeriSign complains of not getting a hearing when they gave none to the Internet community before launching wildcards. Likewise, they fuss about notice to the community only after giving none to that same community impacted when wildcard resolution was launched.

SiteFinder should not be suspended because breaks hundreds of specific applications; it should be stopped because it breaks with the end-to-end architecture of the Internet to give one company monopolistic control of a resource in the center. It's not a contest between SiteFinder's search page and MSN's, but between giving VeriSign sole, centralized control of the error-handling for incorrect URLs and distributing that choice among users and applications at the edge of the network. The contest is rather SiteFinder versus (MSN or simple language-appropriate error message or WAP-provider's response or SiteFinder or ...), with that choice repeated across the variety of services that use DNS. Keeping SiteFinder out of the center leaves the greatest flexibility in the netowrk for those who want to add new protocols, services, and features on the ends.

ICANN has called for "further evaluation and study" of the impact of SiteFinder. The proper evaluation is for VeriSign to determine whether it will reimplement its advertiser-supported search as an option at the edge of the network or not at all.

[Wendy: The Blog]

October 03, 2003

VeriSign calls halt to .com detours

The registrar shuts down its controversial SiteFinder service, which redirected mistyped and misspelled URL requests to its own site, after ICANN orders a probe. [CNET News.com]

CDT concerned about copyright enforcement

In a letter to the House Subcommittee on Courts, the Internet, and Intellectual Property, CDT expressed support for the goals of a pending copyright enforcement bill (HR 2517) but highlighted privacy concerns raised by a provision that would facilitate sharing of information between law enforcement agencies and private copyright holders. CDT also wrote that a provision designed to reduce the spread of spyware is overly broad. The Subcommittee was scheduled to complete its markup of the bill on October 2nd, but debate over controversial provisions delayed final consideration until the following week. October 3, 2003 [Center for Democracy and Technology]