The "whois" system for domain names is the single greatest violation
of privacy rights on the internet.

A reasonable cure has been put forth that would require only that domain name registrants designate a contact, who could be an agent, to receive communications pertaining to the technical operation of the domain.  This is not unlike the way that corporations keep much of their structure private by designating an agent for the receipt of legal notices.  ICANN and Verisign both do this.

The industry that protects intellectual property (not to be confused with the industry that creates intellectual property) does not like this proposal; they would prefer that every person go naked on the internet, with their names and numbers tattooed to their chests, and live in glass houses.

The trademark industry wants domain name registrants to reveal their information, and that of their families and children, to the anonymous predators of the world on a 24x7 basis.

The trademark industry will allow but one exception - if a person claims sanctuary on the basis of "special circumstance".  What this means is that a few shelters for bettered women might be allowed to refrain from publishing their contact information.

This "special circumstances" proposal is contrary to one of the most fundamental tenets of modern society, that a person is presumed innocent until proven guilty.  The "special circumstances" proposal is nothing short of a systematic conclusion that you and I and every other domain name registrant is to be presumed to be a thief and unworthy of privacy.  The burden is placed not only on us to rebut that presumption but to do so in advance even of an accusation.

We are being told in no uncertain terms that our privacy, and that of our families and children, is worth less than a trademark.

The "special circumstances" shoe should be put on the other foot.  If a trademark owner wants to penetrate the privacy of the Whois data that owner should be obligated to make a specific accusation, saying on a permanent public record, what rights of that owner are being violated by the accused domain name owner and what facts exist to support that accusation.

In other words, the trademark owner should be required to demonstate, with concrete accusations backed by concrete facts, that special circumstances exist that are sufficient to violate a person's right to privacy.

We have seen how the music and movie vigilantes, the RIAA and MPOA, have run amok making groundless accusations against thousands of innocent people.  These are the law-firm office mates of the trademark people who want to violate our privacy in our domain names.  There is much reason to be skeptical of their intentions.

This is a continuation of my previous note, "Registrars and Customer Service - Three Comments - Part 1".

One of the two letters was from Tim Ruiz of GoDaddy.  The gist of this letter was that the number of registrar complaints received by ICANN really was not significant enough to suggest that there is any problem with how registrars behave.

The number of complaints cited was 10,000 during 2006.

Sounds like a lot.

Sounds like a lot more when we realize that it is a rule-of-thumb of marketing and sales that for every customer complaint there are nine more who are angry but silent.

And it sounds like a lot more when we realize that a large number of domain name consumers are professional monetizers who are probably in bed with, or at least in the bedroom with, the registrars they work with - complaints from this quarter are probably rare.

That means that we are talking about at least 100,000 upset domain users out of a pool that mounts to those who actually use domain names as long-term stable identifiers - a pool that probably amounts to perhaps 10 million at best - so we are talking about a complaint rate of at least 1% per long-term domain name client per year.  That's a pretty significant problem rate, especially when measured as the expectency of a long-term domain owner over the lifetime of his/her ownership.

And the number of complaints seems even bigger when we realize that there are a lot of issues that people have simply learned to accept without complaint.  For example, was there a complaint when GoDaddy became a tool in a dispute and yanked someone's domain name, with 52 seconds notice?

And there are a lot of people who have simply given up - either because they don't know to whom they should complain, or have complained in the past and found the system to be a bowl of futile hope, or simply don't realize that they have been scrod.

So, from the same numbers I draw the opposite conclusion - I perceive that we have a serious issue between that part of the public who use domain names for what they were originally intended to be - long term stable identifiers on the internet - and the registrar/registry system that sells (or rents) those names.

This is a continuation of my previous note, "Registrars and Customer Service - Three Comments - Part 1".

One of the two letters was from David Maher of PIR, the registry handling .org.

I have great respect for David Maher - he's one of the "white hats".  But in this instance I believe he is going down the wrong path.

Perhaps the most important sentence of his letter was this:

While I recognize that the registrar function is best served by a competitive business model, the Internet has become too important to all its users to allow pure competition to set the standards for customer service.

When it comes to domain names under ICANN we have never ever had a "competitive business model".

What we have had is a highly regulated marketplace in which there is little real choice between domain name products - ICANN has dictated many of the terms of sale, ICANN has dictated the major price components (reserving a hefty chunk for registries such as PIR and for ICANN), and ICANN has severely constrained the number of vendors in the marketplace.

In other words, we are already living in the world in which there is not pure competition, indeed no real competition at all, except on a thin price margin above the core cost components that ICANN reserves for registries and for ICANN.

Why is this so?  Why are we consumers of domain names to be treated as children and not allowed the full possible smorgasbord of domain name products that vendors might create?

Let me be even more specific - By implication my proposal for a domain name product, my .ewe TLD, is a danger to the internet because it does not follow ICANN's rules.

But I deny that new, and different, ideas such as .ewe represent a danger to the stability of the internet.  Yes, such ideas pose a danger to the business stability of the current ICANN-approved incumbents, but we have never as a modern society accepted that there should be such protected marketplaces absent a clear, compelling, and clearly articulated reason for such protection.

So what I would like to hear is this:  What are the reasons that require NTIA and its secular arm, ICANN, to require that the domain name marketplace be wrapped with restrictions and limitations that effectively turn the domain name marketplace into a medieval guild?

I'm not willing to accept vague platitudes - I want to hear specific and concrete reasons.  And my measure of stability is based on the technical ability of the internet and the upper tier of the domain name system to turn DNS query packets into DNS reply packets with dispatch, accuracy, and without prejudice for or against any query source or query target.

I am sure that someone will raise the bogeyman of business failure of a registry or registrar causing hapless domain name owners to become orphans with names that no longer work.  To me that's a business issue, or a consumer protection issue.  The resolution of such issues is a governmental legislative matter, not something for a body whose role is technical coordination.  And there are easy, non intrusive answers to this - my own suggestion is that those registries and registrars that want to demonstrate a commitment to protecting their customers actually engage in data escrow programs and yearly audit themselves and post a statement attesting that they engage in adequate data preservation practices that a successor in interest could pick up the pieces and restore operations.  Consumers can learn to look elsewhere if a registry or registrar does not do these things.  This kind of self-protection on the part of consumers would be greatly enhanced if ICANN were to remove its existing rule against long-term registration contracts.

In case you were fooled lately into thinking that the RIAA and the rest of the Content Cartel were going to pursue a policy other than "Sue All the World, Sue All the Children" please permit the blog "Recording Industry vs The People", maintained by NYC lawyers Ty Rogers and Ray Beckerman, to adjust your reality.

The blog has posted a letter appearntly leaked from the RIAA. In this letter the Cartel enforcement arm attempts to cajole ISPs into maintaining subscriber ISP records for 180 days. To make its lawsuits go more smoothly, of course. In exchange for shutting the hell up and turning over data promptly the ISP's customers get a promise of a $1000 discount for payment prior to lawsuit being filed. It's not at all clear to me why any sane ISP would sign on to this deal since it means more work and more risk for them, not to mention the exposure of being counter-sued by irate customers for turning over records.

You can read a brief summary on the lawyer's blog, and extensive commentary on the various links below the entry. The gist is still the same - the RIAA wants more suits, faster suits, more settlements, and fewer embarrassing publicity gaffes. I can't exactly blame them for wanting these things, but I'd rather they realized that they haven't made any difference in the past 7+ years of suing their customers and they're not going to make a difference if they spend another 77 years suing their customers.

Yesterday we discovered that our new kitchen hood - consisting of a fan with a speed
control, a light with a dimmer, and a timer - needed to be rebooted.

Rebooted!

Wow, a kitchen hood that can do, much less needs a software reboot.  That's pretty amazing.

But not so amazing as this fact: ICANN's self-emasculating ombudsman has established a blog!  Against this, a range hood that can be rebooted becomes unremarkable.

Is this blog going to be sequence of excuses?  If so, it has certainly gotten off to a good start.  Will it be a mirror of the ombudsman annual report - a glorified litany of trivialities leavened with excuses why nothing real was done to redress ICANN's institutional disregard for its own rules?

And yet ICANN's own board members - people who's fiduciary duties contains an element of responsibility to consider the affect of ICANN upon the public interest - continue to feel institutionally constrained from interacting with the public.

Board members are supposed to be the real ombudsmen.  They are supposed to be to be making inquiries into the activities of ICANN and unlike a hired ombudsman are legally empowered to do so.  But no, ICANN's board acts more like a panel of worthies who have aged into passive somnolence.

My range hood has a reset button.  Where's the reset button for ICANN?

David Pecker is the chairman of American Media, Inc., publisher of, among others, National Enquirer and Weekly World News. 'Mr. Ferris' registered the domain name DAVIDPECKER.COM, had a PPC company host it, where it was keyed to ads for porn, because, according to the registrant, the word PECKER was in the domain name. Mr. Pecker brought a UDRP.

Although 'Mr. Ferris' (as he is identified in the decision) did not seem (to me) that he could establish a bona fide intent to use the name in conenction with an offering of goods or services, and altohugh there seemed to be plausible evidence of bad faith, the UDRP was denied. Complainant could not establish rights in his name as a trademark:

" A number of disputes under the Policy have involved personal names, as here, and the panels’ decisions have been mixed on the issue of whether the complainants have rights in the names. See, e.g., Tom Cruise v. Network Operations Center / Alberta Hot Rods, WIPO Case No. D2006-0560 (finding common law rights in “Tom Cruise”); and The Reverend Dr. Jerry Falwell and The Liberty Alliance v. Gary Cohn, Prolife.net, and God.info, WIPO Case No. D2002-0184 (finding no rights in “Jerry Falwell”).

Indeed, the issue of rights in personal names has generated enough cases and raised enough questions that the matter has been addressed by the “WIPO Overview of WIPO Panel Views on Selected UDRP Questions”, which states: “While the UDRP does not specifically protect personal names, in situations where an unregistered personal name is being used for trade or commerce, the complainant can establish common law trademark rights in the name.” “WIPO Overview of WIPO Panel Views on Selected UDRP Questions”, paragraph 1.6, “http://arbiter.wipo.int/domains/search/overview/index.html” (visited January 15, 2007).

. . .

In this case, Complainant has provided no evidence of his rights in the Disputed Domain Name other than broad assertions that he “is known nationally and internationally by the name David Pecker and his high profile name is linked inextricably with AMI and is cited frequently by the media”, and an affidavit from AMI’s assistant general counsel that Complainant “possesses a strong common law service mark in his name by virtue of his position as being one of the leaders in the publishing industry… David Pecker’s personal fame and reputation have caused his name, as a leader in the publishing industry and as Chairman and CEO of AMI, to acquire a secondary meaning in the industry. Complainant’s name is used to promote AMI and the public understands his name as referring to AMI”. While these statements may well be true, it is nevertheless incumbent on a complainant, except in the most obvious cases, to provide evidence in support of a claim to rights in a personal name for the purposes of the Policy. . . . It is also unclear to the Panel on the evidence provided whether, as required by the Policy in such cases, Mr. Pecker “has ever used his personal name for the purpose of advertising or promoting his business or for the sale of any goods or services”. Joacim Bruus-Jensen v. John Adamsen, WIPO Case No. D2004-0458.

. . .

In light of the above, the Panel is not convinced, based on the limited record before it, that Complainant has established rights in the name “David Pecker” for the purpose of this proceeding. Therefore, the Panel finds that Complainant has not succeeded in proving the first element of the Policy.

[HOWEVER]

Complainant’s lack of success in this proceeding in proving its rights in the name “David Pecker” does not necessarily mean that Complainant has no remedy. “He may have claims under the Anticybersquatting Consumer Protection Act (‘ACPA’), which expressly provides for protection of personal names, or perhaps his actions lie in tort. Complainant is free to pursue his claims in U.S. courts.” The Reverend Dr. Jerry Falwell and The Liberty Alliance v. Gary Cohn, Prolife.net, and God.info, WIPO Case No. D2002-0184.

Note: Complainant has indicated he is considering an ACPA proceeding.

Comment: Entertainers usually fare better in UDRPs than well-known executives, as it tends to be easer for them to show, in the absence of a registration, that their names function as common law trademarks for the entertainment services they provide. That should be some comfort for PETER O'TOOLE.

The Chronicle of Higher Education has an amazing story by a brave prof, Paul Cesarini, who got leaned on by his university's IT department to stop using Tor, the anonymizing network tool. They even wanted him to stop teaching it. Cesarini stuck to his guns -- and won.

My visitors next produced page after page of logs detailing my apparent use of Tor. While I couldn't dispute most of the details in the logs, they seemed inaccurate. For example, the technician said I had been using Tor earlier that morning. In fact, I had been at Wal-Mart that morning looking for a good deal on an HDTV; I had reached my office only about five minutes earlier.

More important, the logs did not prove any wrongdoing on my part. All they demonstrated was that I, like thousands of others around the world, had installed and infrequently used Tor. In my case, of course, there was no wrongdoing.

Nonetheless, my visitors made two requests: that I stop using Tor, and that I avoid covering it in class.

Having been on the administrative end of academic technology, I appreciate the difficulties facing the information-technology staff. No one pats you on the back if nothing goes wrong, but if something does — if a virus or worm sweeps through the campus's network infrastructure, or someone hijacks some computers to churn out spam — you are off everyone's Christmas-card list. The last thing my former colleagues needed was some smarmy faculty member spouting off about academic freedom and threatening to demonstrate Tor to 100-plus students each semester.

Their job is to protect the network that allows me to do my job: to teach classes that are mostly or entirely online, and to conduct research. If they weren't here as the first or even only line of defense against the unscrupulous elements of our technological society, my university would cease to function. It's as simple as that.

Link

(via /.)

The WIPO Broadcast Treaty meeting is back underway -- this is a treaty to birth a new kind of copyright that goes to broadcasters, web-hosters, and other people who don't create, only distribute. Under the rules proposed by WIPO, it wouldn't matter if copyright lets you make use of some material (because of fair use, Creative Commons, public domain, etc) -- you'd also need permission from the company that hosted or distributed the material.

Slashdot has picked up the story and has some great, vigorous discussion about it.

If YouTube, et al have done anything, it's show that a different business model can work: the value is not in production of the material, it's in delivering it.

Previously, if I had wanted lame videos of punk skateboarders doing tricks, angsty teenagers venting their mixed-up feelings, middle-age housewives body-popping, etc. I would have had to spend countless hours trolling the murky depths and dark recesses of the Internet to find them. Thanks to YouTube, I have a single, convenient place to satisfy my disgusting and perverse needs.

Seriously though, can we please stop trying to create artificial scarcity? We don't really need it; TV shows, movies, and music worth paying for are already scarce enough.

Link

See also:

Massive victory at WIPO!

WIPO wants to give webcasters the right to steal from public domain, Creative Commons and GPL

European podcasters to WIPO: Stay away from us!

WIPO meets to screw up podcasting, Barcelona, June 21

Secret WIPO memo: rich countries to kill Broadcast Treaty, Development Agenda

WIPO pulls out dirty tricks to kill participation from consumer groups

How the US is boning the developing world at WIPO

WIPO Broadcast Treaty: consolidated three-day notes

Copyright treaty laid bare: watch your governments make sausage!

Tech companies tell WIPO: we don't want your "protection"

WIPO playing dirty tricks to keep public interest groups out

The GPL is based on a license contract that is imposed upon those who
copy GPL materials.  Those materials are covered by a copyright that allows the author(s) to sometimes (but not always) say "no" to those who wish to make copies unless the copier agrees to a the license contract.

(Those who think that the GPL is anti-copyright are wrong - the GPL is very firmly grounded on the concept of strong copyright and the power of authors to leverage that copyright to dictate the terms under which those copies may be used.)

There is usually no actual meeting of the parties; the contract comes into existence because we tend to assume that the person making the copy agrees to the license because to do otherwise would be making a copy without the permission of the author(s.)

The Supreme court has made it abundantly clear that Congress has very broad discretion to define how to shape and apply the copyright power granted to Congress by the US Constitution.  Congress also has the power to establish the jurisdiction of the US Federal courts.

One thing that sets open source based materials apart from more traditional works is that open source works are often the result of many hands applied many times over a period of time.  Even with good source code controls it can be hard to say with precision who authored what part.  And, perhaps more importantly, the contribution of many of the authors may be small, and the contribution of other authors, even if large, may be spread over many small changes spread over a long period of time.  In other words, the composit open source work is really a myriad of small works of many authors and many dates.

When someone is accused of copying a traditional work, that work is usually the product of a small and easily identified group of authors.  Such a group may be hard to define for an open source work.  And even if that group can be defined, the contribution of each author may be small and made through many distinct acts of authorship or reorganization of code previously authored by earlier contributors.

Suppose Congress were to amend the US copyright laws so that the right of copyright were limited only to those authors that could show clear authorship of substantial parts of a work?

If the US copyright laws were amended in this way, would this make the GPL enforceable only by a few of the authors rather than by any author?

Suppose Congress were to take a further step and deny protection to works that were created through the kind of open, collaborative, incremental development process that is the hallmark of open source?  I imagine that wordsmithing such a provision could be hard, particularly given that Congress probably would not try to remove copyright from materials produced by many hands over many years in by hired corporate programmers (I wonder if the existing for-hire rules may already resolve this.)  But hard does not mean impossible - I do not doubt that with effort Congress could draft language that embodied such distinctions.

I sense that the GPL advocates, because of their enthusiasm, indeed their almost fanatic zealotry, could drive the equally fanatic, but far better organized and far more wealthy, zealots of the intellectual property industry to use their considerable powers to persuade Congress to amend the copyright laws to cripple the GPL.

I have concern that GPLv3 might be the match that could ignite this kind of reaction.

San Francisco - In what is a victory for free speech on the Internet, the California Supreme Court ruled today that no provider or user of an interactive computer service may be held liable for putting material on the Internet that was written by someone else. In doing so, the Court overruled an earlier decision by the Court of Appeal.

Today's ruling affirms that blogs, websites, listservs, and ISPs like Yahoo!, as well as individuals like defendant Ilena Rosenthal, are protected under Section 230 of the federal Communications Decency Act (CDA), which explicitly states that "[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider."

"By reaffirming that Congress intended to grant protection under Section 230 to those who provide a forum for the views of others, the Court has ensured that the Internet will remain a vibrant forum for debate and the free exchange of ideas," said Ann Brick, staff attorney at the ACLU of Northern California. "Any other ruling would have inevitably made speech on the Internet less free."

The issue raised in Barrett v. Rosenthal was whether Section 230's protection applies to individuals who frequently use the Internet to pass on information obtained elsewhere, whether by forwarding an email written by someone else or, as was the case in Barrett, posting an email from someone else to a newsgroup. The ACLU-NC and the Electronic Frontier Foundation (EFF) filed an amicus brief in the California Supreme Court arguing that Section 230 means what it says and applies to "users" of interactive computer services as well as "providers."

"Courts have consistently interpreted Section 230 to provide broad protections for the platforms upon which free speech has flourished online," said EFF Staff Attorney Kurt Opsahl. "By reversing the Court of Appeal, the California Supreme Court has brought California back in line with other jurisdictions and reaffirmed the critical rule that the soapbox is not liable for what the speaker has said."

In January 2004, in Barrett v. Rosenthal, the Court of Appeal for the First District overruled the dismissal of a defamation lawsuit filed against an activist for her re-publication on the Internet of someone else's words. The court refused to extend any protection under Section 230, which was expressly enacted "to promote the continued development of the Internet and other interactive computer services," in a manner "unfettered by Federal or State regulation."

"The Supreme Court's opinion strengthens protection for speech on the Internet" said Mark Goldowitz, director of the California Anti-SLAPP Project and counsel for Rosenthal. "Justice Corrigan's opinion protects against the 'heckler's veto' chilling speech on the Internet."

For the full decision, see EFF's website at:
http://www.eff.org/legal/cases/Barrett_v_Rosenthal/ruling.pdf

Contacts:

Kurt Opsahl

Staff Attorney

Electronic Frontier Foundation

kurt@eff.org

Stella Richardson

Media Relations Director

ACLU of Northern California

srichardson@aclunc.org