" /> Domain Name Rights Coalition: October 2005 Archives

« September 2005 | Main | November 2005 »

October 25, 2005

About That Settlement - An Increase in the Domain Name Tax

About That Settlement - An Increase in the Domain Name Tax: "

I'm very briefly skimming the ICANN-Verisign settlement papers. I'm reading it quickly and it is late, so what follows may contain substantial errors.

It isn't yet clear to me who really got what. ICANN clearly got money (lots of money) and an increased bureaucracy. The IETF gets to put the kabash on things it (whatever 'it' is) doesn't like. Versign get gagged but it also gets ICANN's promise not to pull the rug out from under it.

From my skimming my feeling is that this agreement is like duct tape around dynamite - it feels like it's merely a temporary bottle trying to hold back a tremendous centripetal energy.

One thing for sure - the community of internet users loses. We get to pay more money; our internet taxation without representation is increased.

And, as Appendix 10 and 7 makes clear, neither ICANN nor Verisign consider uptime to users of DNS to be very important - all of the service level requirements are measured in terms of availability to registrars and consumers of 'whois' (mainly the intellectual property industry.) In other words, .com could wobble widely out of control with 30 minute times to respond to DNS queries - and that would not violate the service levels required by this agreement. But if the registration system should go south for a few moments, then the SLAs in Appendix 10 and the obligations of Appendix 7 come into play. The agreement is deficient in its failure to impose clear service levels on the actual delivery of name resolution services to internet users.

And the agreement is also deficient in that it fails to allow internet users third party beneficiary status so that they could come in and enforce the terms of this agreement.

I see that the even though Versign might relinquish the actual job of editing a root zone file to ICANN, no change is contemplated regarding the USG's veto power over changes.

I also see that ICANN purchased in this agreement Verisign's silence in a number of areas even, perhaps, the question of ICANN's continued existence in the WSIS/WGIG debates. I can't see how that provision of the agreement can withstand: it is very vague and Versign's business interests will never coincide with ICANN's desires for very long particularly if the evolution of the WSIS/WGIG process turns ICANN into a sinking ship that threatens to take Verisign down with it.

Article III - Section 3.1(f) gives Verisign the very clear right under the contract to do data mining. I'm not sure whether that right was as clearly called out under the old agreements.

Data mining? Remember that the full domain name that a user utters is found in queries to root and TLD servers. This means that those who operate those servers are in a very advantageous position to mine those queries to learn 'what is hot and what is not'. Sure, caching out in the net will short-cut a large number of the queries before they hit the servers, but dealing with that kind of thing is old hat to those practiced in the arts of statistics.

I'm glad to see that after all these years they have finally defined 'stability'. (It's amusing to me how similar their definition is to the one that I have been suggesting for half a dozen years - that stability be measured in terms of impacts on end-to-end packet flows across the net.) However, I am bothered that the definition ensconces the IETF into a role that is potentially inappropriate for a standards body, particularly given that the IETF's role over internet technology is shrinking.. I can easily see this latter part of the definition turning into a tourniquet that slow and perhaps even prevent the flow of innovation into the NTIA/ICANN/Verisign DNS.

My sense is that this committee to define security and stability will become the new venue for the ICANN-Versign dual.

By-the-way, they seem to have once again failed to define what they mean by the word 'Internet'. If the net actually fragments more than has been the case so far (NATs are a kind of fragmentation) the question of which 'internet' among many will become a real issue. For example, what if country, let's call it C***a, decides to create its own DNS hierarchy - will this agreement prevent Verisign from entering that marketplace?

Section 3.2(a) - ICANN once again promises to operate in an open and transparent manner. ICANN's history in this regard is pretty pathetic, I doubt it will improve.

Section 3.2.(b) - I like the word 'an' in the phrase 'an authoritative root server system' - is it a Freudian slip or does ICANN now actually understand that there can be multiple systems of roots, all of which can be 'authoritative' (a word that is not defined in the agreement.)

I see that ICANN is taking an even larger slice out of domain name registrations - this amounts to a tax levied on exactly those domain name users who are not permitted any role in ICANN's decisions.


(Via CaveBear Blog.)

And now with this unfortunate disagreement behind us, we can get on with the important business of mismanaging the Internet

And now with this unfortunate disagreement behind us, we can get on with the important business of mismanaging the Internet: "

The Internet Corporation for Assigned Names and Numbers, the Internet's domain name 'management body' -- and I use that term loosely (see '.asinine' and 'Debate over .xxx domain slowly builds toward climax') -- has finally settled its 18-month dispute with VeriSign, extending the company's contract to run the lucrative .com registry until 2012 in return for dropping an antitrust lawsuit against the nonprofit body. VeriSign, which enjoys a government granted monopoly over .com and .net addresses, sued ICANN back in 2004 after the agency spoke out against its SiteFinder technology (see 'SiteFinder flap puts ICANN ineptitude to the test'), a service that hijacked people who misspelled domain names and sent them to a Web directory full of advertising. In its suit, VeriSign accused ICANN of overstepping its contractual authority and improperly attempting to regulate VeriSign's business (see 'VeriSign sues for right to route all Internet traffic to itself'). A serious claim and one that's likely weighed heavily on ICANN in recent months, given the debate over U.S. vs. U.N. control of the Net. Little wonder, then, that it would up and settle its differences with VeriSign, even if it meant extending the company's monopoly on the .com registry. Certainly VeriSign's sudden recognition of ICANN's authority will come in handy when arguing that it, not the U.N., is best positioned to provide international oversight of the Internet. And really, who cares if the community of Internet users loses as long as you can keep attending those thrice yearly board meetings in places like Rio and Marrakesh?



(Via Good Morning Silicon Valley.)

October 24, 2005

Who Really Installs New Top Level Domains?

Who Really Installs New Top Level Domains?: "

This morning Bret Fausett wrote a note that concerned the question whether there is US Government involvement in the choice to deploy .xxx. Bret's points are well taken but I believe they reflect the surface and not the substance.

It may be true that the decisions are independent, but what about the actions that transform those decisions into actual changes in the root zone file? Is that sequence of actions performed independent of the USG?

To put it another way, the question is whether the USG is in a position to approve, reject, or modify ICANN's decisions?

We have seen evidence that the USG is completely willing and able to bypass ICANN: A couple of years ago the United States Government ignored ICANN when the USG had the root zone file modified to reflect the USG's redelegation of the .us ccTLD.

Thus we have smoke - is there fire? It seems that we need to dig deeper to find the answer.

In the list of principles I wrote about the other day I listed this principle: 'The first step towards governance is a clear understanding of what it is that needs to be governed and what the goals of that governance are.'

So lets ask, what is really the ultimate step of adding a TLD?

More properly we should ask: whose fingers are they that will enter the letters 'xxx' into the file or database that constitutes the root zone file?

Way back in 2003 ICANN published it's CRADA report. (Go here for my comments on that report.)

That report describes the then existing mechanism through which TLDs are added to the root zone file. It is a process in which the USG is directly involved. And the body that ultimately makes the changes to the file is Verisign. Here's is how the CRADA describes this process:

In the current implementation, root-zone change requests from top-level domain (TLD) operators are received by ICANN, which is responsible for reviewing the appropriateness of these requests as part of its performance of the IANA function. Once their appropriateness is verified, ICANN sends these requests to the United States Department of Commerce for approval; these approvals are then transmitted to VeriSign, which makes the changes as requested by ICANN and approved by the Commerce Department.

That's what it was in 2003. I am not aware that the change suggested in the CRADA (to shift Verisign's role to ICANN [or IANA]) has ever actually been implemented.

But even if the CRADA change were to be implemented, the only thing that shifts is the responsibility for making the final 'edits' from Verisign to ICANN. Here is the important part: the loop in which the USG must approve (which implies the power to reject) TLD changes remains with the USG.

It appears to me, backed by the language of ICANN and the US Government, that the USG retains a significant authority the addition, removal, and alteration (and thus redelegation) of Top Level Domains. To my mind the only open question is whether the the USG is willing and able to act in this process independently of a change request from ICANN (and the .us situation suggests that the USG is willing and able.)


(Via CaveBear Blog.)

October 23, 2005

The Inevitable Expansion of CALEA - Mike Godwin

The Inevitable Expansion of CALEA: "

In a panel discussion at a forum at Cardozo Law School in New York last year, I argued that in an age of convergence, the Computer Assistance to Law Enforcement Act (CALEA) would inevitably end up being applied directly to Internet communications. We're now seeing my prediction come true.

Officially, CALEA was passed in 1994 to apply only to traditional voice communications over the traditional phone network, but the Federal Communications Commission has recently interpreted the law in a more expansive way, ostensibly to address Voice Over Internet Protocol (VOIP) communications. The result? Everybody who's part of the Internet is now going to be asked (or required) to build in wiretappability.

This New York Times story is just the tip of the iceberg.


(Via Godwin's Law - feed.rdf.)

October 22, 2005

ICANN's Unfinished Business

ICANN's Unfinished Business: "

Way back in 1999 ICANN entered into several very important agreements that had the effect of gifting a huge economic benefit on Versign and an greatly altering the rights of then existing domain name registrants.

That action was done in a way that was in clear and overt violation of ICANN's own by-laws.

I submitted a 'Request for Reconsideration' on November 17, 1999.

As has been the case since ICANN's inception these requests were cavalierly dismissed by ICANN.

So I filed a request that that rejection be handled by ICANN's then existing, but never implemented, policy for independent review.

That request disappeared into the bowels of ICANN; in fact I can't seem to find it on their mutable web site.

(ICANN's positions that demand 'stability' of internet names are strongly belied by the rot of URL's into ICANN's website.)

My request, however, still stands. ICANN owes me an answer to the question why it violated its own procedures in order to race into an agreement that has had substantial negative effects on the community of internet users.

ICANN never implemented the Independent Review mechanism. This was because one of the people that ICANN chose to be on the committee to select review members never even bothered to show up electronically, much less in person.

ICANN's fancifully named 'reform' replaced the never-born Independent Review mechanism with a placebo 'ombudsman'. However that person seems to have shirked his role and become simply another 'yes' man.

So ICANN, when are you going to live up to your promises upon promises about your willingness and ability to be introspective of internal procedural failures and to remedy those failures? You've had six years to do what you said you would do.

ICANN's history of breaking promises to the internet community is reminiscent of the way the US government treated aboriginal (Indian) groups in the late 1800's. What, for example, ever happened to ICANN's oft repeated promise that at least half of its board of directors would be chosen by individual internet users?

Is there any wonder why today ICANN today has no credibility?


(Via CaveBear Blog.)

Forgotten Principles of Internet Governance

Forgotten Principles of Internet Governance: "

Suddenly internet governance has become a hot topic.

Words and phrases fly back and forth but minds rarely meet. We do not have discussion, we have chaos.

We are not moving forwards towards a resolution.

Its time to step back and review some basic principles.

1. Principle: The internet is here to serve the needs of people (and organizations of people); people are not here to serve the internet.

Corollary: If internet technology does not meet the needs of users and organizations than it is technology that should be the first to flex and change.

Of course there are times when human practices deserve to change, but that change ought to be driven by human needs rather than being coerced in order to preserve a mutable, but ossified, technology.

For example, consider the arguments over competing DNS roots. There are those who say that there must be one catholic root and name space. There those who advocate overlapping name spaces that are consistent within each top level domain but in which there may be greater or fewer top level domain choices provided by different roots. This argument is driven in part by concerns that flexibility in name spaces will cause failures of a technical nature. The argument is also driven in part by social concerns over the potential ability of people to communicate with one another should there be flexible (and thus to a larger or lesser degree different) name spaces. That latter, social, argument is where the debate should occur; we should all accept the premise that if we want flexibility that the technology of DNS should adapt (assuming that DNS is, in fact, fragile and susceptible to failure - which, if true, would raise questions about the adequacy of DNS technology given the fact that anybody, anywhere can, without permission from anyone, set up a DNS root and name space.)

Corollary: People are the atomic unit of governance.

People may form themselves into groups - such as for-profit corporations or churches - but those are merely derivative forms. We should allow people to speak for themselves in the forums in which decisions of internet governance are made and not require that they act through artificial proxies.

The term 'stakeholder' ought to be abandoned because it forgets that at the bottom of things, all organizations and groupings are aggregations of individual people each with his/her own point of view. Such organizations ought to have authority to express an opinion in the forums of internet governance only to the degree that that organization can obtain voice by convincing individual people of the worth of that opinion. The term 'stakeholder' is a mental straitjacket that presupposes and prejudges that some people (by virtue of the organizations with which they are associated) are more equal than other people who lack such associations.

2. Principle: Every person shall be free to use the Internet in any way that is privately beneficial without being publicly detrimental. The burden of demonstrating public detriment shall be on those who wish to prevent the private use. Such a demonstration shall require clear and convincing evidence of public detriment. The public detriment must be of such degree and extent as to justify the suppression of the private activity.

(I have frequently called this 'The First Law of the Internet'.)

Corollary: Innovation may come from users as well as from standards bodies.

The internet is not yet done; innovation should be accepted. Innovation ought to be not merely allowed but it should also be encouraged. There is always a downside risk from innovation, but the mere assertion that there might be, or even is, a risk is not enough by itself to deny the right of innovation to anyone.

3. Principle: The first step towards governance is a clear understanding of what it is that needs to be governed and what the goals of that governance are.

Today there are a lot of people who talk about 'technical coordination' or 'technical management' without understanding what those terms mean, if anything, when taken out of the clouds and reduced to concrete actions.

We should clearly understand, for example, that the role of establishing terms of registration contracts for domain names and setting domain name registry prices is economic regulation, not technical regulation. In fact the whole model of domain name registries and registrars is an economic and business choice, not a technical one. (See, for example, my note on an alternative structure - The .ewe Business Model - or - It's Just .Ewe and Me, .Kid(s))

It is as important to define the goals of governance as it is to define the subject to be governed. Without a clear goal an institution of governance may easily misconstrue its mission.

Corollary: It is appropriate to question an assertion about whether a matter is 'technical coordination' or is really economic or political policymaking traveling in disguise or is an assertion made to avoid handing the reins of innovation over to a new generation.

Internet governance is a high stakes game. There is much to be gained and much to be lost. We are observing today a face-off between the United States and much of the rest of the world gathered in the WSIS/WGIG proceedings. It is obvious to all, but few will say it, that in this confrontation the issues of internet governance are stalking horses for concerns of national power, national prestige, national security, cultural protection, and economic dominance.

4. Principle: Form follows function.

Each institution of internet governance should be designed to fit tightly around one clearly articulated issue. Broadly defined institutions of governance are an invitation to 'mission creep'. Tightly defined institutions are more easily monitored and they will cause less damage should they wobble off course.

[For a deeper view see my 2004 presentation Governing the Internet, A Functional Approach. Also see my 2002 note A Plan To Reform ICANN: A Functional Approach. Similar suggestions have been put forth my several other observers.]

The question of governance and how the powers of governance should be shaped and limited have been considered by many brilliant minds. Might it be useful to re-open the books of the history of these 18th century thinkers and refresh our understanding of how institutions of governance ought to be shaped so that their internal tensions and procedures lead to stable and limited behavior?

Corollary: Sometimes a job of internet governance is already the responsibility of an existing entity or set of entities.

There is a tendency on the part of some to consider that anything associated with the internet is new and unique. In some few cases that may be true, but for the most part the internet simply adds a new shade to an existing portrait.

Take for example the so-called 'Uniform Dispute Resolution Policy', the UDRP. This has become a de facto law of internet domain names. The UDRP is often the first, and too often the last, stop in a dispute over a domain name. Yet this UDRP was formulated and imposed by a body that has no authority to enact legislation for any one, much less all, nations. It is often forgotten that there do exist many bodies in which the authority for enacting such laws has been vested: the national legislatures of the individual nations. In many regards the imposition of the UDRP was an act in which the authority of existing nations was to a degree overthrown and replaced. The imposition of the UDRP was not so much an act of governance as it was an act of revolution.


(Via CaveBear Blog.)

October 21, 2005

WIPO Panel Splits on Descriptiveness of bocaresorts.com

WIPO Panel Splits on Descriptiveness of bocaresorts.com: "An arbitration panel of the World Intellectual Property Organization has decided 2-1 in favor of Complainant Boca Raton Resort & Club in an action under the Uniform Domain Name Dispute Resolution Policy over the domain name bocaresorts.com. ...The Presiding Panelist, Dennis Foster, disagreed with the majority's conclusion, and issued a dissent that addressed the issue of bad faith. Foster asserted that the Respondent was 'entitled to believe that the phrase 'Boca Resorts' is geographically descriptive and means resorts in the city of Boca Raton, Florida..."

(Via CircleID: All Posts.)

Riding on Expiring Domains: Are Registrars Abusing Owners' Rights?

Riding on Expiring Domains: Are Registrars Abusing Owners' Rights?: "The ICANN regulations for domain name registrars dictate a requirement for deletion and auto-renewal policies. However, if you've had a domain expire lately you may have noticed that your registrar has taken over your domain name's DNS and redirected YOUR domain to THEIR website. This is because of a clause in their Service Agreement that says you give them permission to do this. This permission statement is usually buried so you won't find the clause or the opt-out provisions that are provided."

(Via CircleID: All Posts.)

Breaking the Internet HOWTO

Breaking the Internet HOWTO: "A number of people, notably Viviane Reding, the European Commissioner for Information Society and Media, have been asking about how to Break The Internet. Since Mme Reding seems to have absolutely no prior experience in the Information Technology, Computing or Telecommunications industries, I have prepared this brief HOWTO. '1. Declare the creation of a new Root Zone. This is the easy bit - all you have to do is spout great volumes of hot air at a conference in Geneva, and then storm out in a huff when other people refuse to take you seriously. Then you get the PFY who services your photocopier to declare the creation of a new European Root Zone! Hooray!'"

(Via CircleID: All Posts.)

October 19, 2005

Self Delusion à la Marina del Rey

Self Delusion à la Marina del Rey: "

ICANN is having a strategic planning meeting in Marina del Rey.

Mind if I yawn?

If its 'Strategic Planning Issues Paper' is any guide ICANN will be wandering even further into the wilderness of irrelevance.

As I have said many times in the past, ICANN has virtually nothing to do with internet technology. ICANN's strategic plan seems hell bent on continuing that legacy.

Let's look at just one of ICANN's strategic 'Major Factors' - ENUM.

ENUM is already obsolete; ENUM is going to fade away into the archives of good ideas that never quite made it big-time.

I have been working with Voice over IP (VOIP) for a couple of years now and there has been a resounding disinterest in the VOIP community about ENUM. (The Session Initiation Protocol, SIP, does specify the optional use SRV and NAPTR DNS records, but does not utilize them in the worldwide numeric hierarchy that most people associate with ENUM.)

ENUM is a mechanism to drag telephone numbers into an internet filled with textual URLs, URIs, and domain names.

People who use VOIP place calls using things that look and smell a lot like email addresses or instant message handles: fred@example.ewe. Even when numbers are used they still are coupled to a domain name: 123@example.ewe. (Some systems hide the domain name part, but it's there under the covers.)

ENUM is an attempt to make the internet, and its users, conform to the technology of 1880.

ENUM is an answer to a problem that has disappeared.

Yet ICANN is gearing up to become the uber-manager of ENUM.

What's even more sad is that the WSIS/WGIG effort seems to be chasing after the same false scent.

Now, personally I don't normally mind people and organizations wasting their time and money regulating buggy whips and other relics of the past. However, the internet is not the past and neo-governments such as ICANN have a way of oozing out from their cubicles of authority and getting in the way of real innovation - like VOIP that allows people to make calls using user-selected words rather than assigned numbers.


(Via CaveBear Blog.)

Time for Euthanasia

Time for Euthanasia: "

ICANN once had a vibrant public sector. But that period ended several years ago when meaningful public participation in ICANN was eliminated during a process that ICANN, in its best NewSpeak, called 'reform.'

Today ICANN's palace eunuch, the 'interim' ALAC, sent forth it latest missive. It is a pathetic document devoid of content yet filled with phrases of submission and dependency.

ICANN's purpose is to serve the public, the community of internet users. Yet ICANN's ALAC, and much less ICANN itself, remembers ICANN's purpose and ICANN's promises.

ICANN's ALAC was crippled at at its conception. We of the community of internet users have patiently stood aside hoping that perhaps we would be proved wrong and that the ALAC might actually grow into something of value. During this time ICANN plied the ALAC with money and staff support. Attempts were made to froth-up up membership; but few signed on.

The ALAC was given a fair chance to succeed. But it has not done so.

It is time to write off ICANN's ALAC as the failure it is.


(Via CaveBear Blog.)

October 11, 2005

Cahill Decision Is Good for Bloggers

Cahill Decision Is Good for Bloggers: "

The Delaware Supreme Court last week gave strong protection to online anonymity in Cahill v. Doe. The court protected 'Proud Citizen's' anonymity against a City Councilman's attempt to identify the poster in a defamation suit. The decision, the first of its type from a state supreme court, required the plaintiff to meet a summary judgment standard before obtaining anonymous speakers' identities, not just provide the perfunctory complaint of notice pleading.

The court further decided, as a matter of law, that Cahill's complaint failed the summary judgment standard. Its analysis, based in part on the context of the posting, is one that may annoy some bloggers:

[C]ertain factual and contextual issues relevant to chat rooms and blogs are particularly important in analyzing the defamation claim itself... chat rooms and blogs are generally not as reliable as the Wall Street Journal Online. Blogs and chat rooms tend to be vehicles for the expression of opinions; by their nature, they are not a source of facts or data upon which a reasonable person would rely.

Based on the context of 'Proud Citizen's post, in a chatroom filled with invective and personal opinion, the court found that 'a reasonable person would not interpret Doe's statements as stating facts about Cahill. The statements are, therefore, incapable of a defamatory meaning.'

I anticipate some bloggers will object to this characterization: Blogs can be just as important for the dissemination of facts as newspaper sites; newspapers can be wrong. This is of course true. The Cahill decision is not denigrating blogs and chatrooms -- they are entitled to First Amendment protections as strong as those of a newspaper -- but rather recognizing the discernment ability of their readers.

The standard empowers a wide range of bloggers' speech. Because readers can use context to help them differentiate opinions from statements of fact, bloggers are freer to publish their choice of opinionated gossip or citizen journalism. And thanks to courts like Cahill and Dendrite, they can do so using pseudonyms or their real names.


(Via Wendy: The Blog.)

October 04, 2005

Patent Ruling Threatens Free Speech

Patent Ruling Threatens Free Speech: "

EFF Asks Supreme Court to Consider Controversial Case

San Francisco - On Monday, the Electronic Frontier Foundation (EFF) filed a friend-of-the-court brief with the United States Supreme Court, asking the Court to review an important patent case that has broad implications for free speech and consumers' rights.

The Federal Circuit Court of Appeals ruled earlier this year that eBay violated MercExchange's online auction patents and that eBay could be permanently enjoined, or prohibited, from using the patented technology. Then the Court went a dangerous step further. It held that patentees who prove their case have a right to permanent injunctions unless the injunction poses a risk to public health. This 'automatic injunction' rule deprives judges of their traditional discretion to consider how an injunction might affect other public interests -- including free speech online.

If this rule is allowed to stand, free expression could suffer.

'We're not saying injunctive relief is never a good idea,' said EFF Staff Attorney Corynne McSherry. 'But courts must have the ability to look at how an injunction will affect a variety of public interests. That's especially true now, when so many companies are claiming patents on basic technologies that citizens use to communicate online.'

In its brief, EFF argues that this ruling threatens free speech because patent owners who claim control over Internet publishing mechanisms are in a position to threaten anyone who uses them to broadcast their ideas, even for noncommercial purposes.

Added McSherry, 'Given the explosion of new communications technologies such as blogs, instant messaging, and wikis, this is hardly the time to limit courts' ability to consider the benefits that a given technology brings to freedom of expression, or evaluate the chilling effects of forbidding the use of that technology.'

You can read the full brief at: www.eff.org/legal/cases/ebay_v_mercexchange/EFF_brief.pdf.

For more on patents and how bad law can hurt the public, see: www.eff.org/patent.


Corynne McSherry
Staff Attorney
Electronic Frontier Foundation


(Via EFF: Press.)