Hi James and all I wish to differ for the most of what you said and I will explain why. My reply is based on the "criminally" nefarious class of domains and experience. The procedures you propose is exactly the type of things internet criminals depend on and which makes criminal enterprise a success. James Seng wrote:

Whats our standing position with Clearinghouse for that matter?

While I find it "harmless", I do not as a matter of principle, support the IP Clearinghouse as I see trademark owners overarching beyond what their rights. Trademarks are classified by per country, per classification for a reason.

What the criminal will do is register a name similar to another real company name, copy the website, then change the address to another country. Example; stealing a company website complete with name and logo, changing the address to another country and using this domain name and website for money laundering etc. So a such we may have company X based in countries B and C, suddenly have a "branch" in country D not really belonging to X in the first place. Example, but by no means isolated: http://www.bobbear.co.uk/draperinvest.html

Dear Derek,

Thank you for your consumer response against these criminals. We are working the issue as well, but, unfortunately, for every one that goes down, another pops up and we need active consumers like you to help with the onslaught.

We are working the legal/prosecution angles, including the hosting companies in the US that are providing services. But, in the meantime, we need to hit these websites as they come up.

Thank you again for your very detailed and active responses to these fraudulent websites and please, please keep up the good work.

Next time in San Francisco, we will buy you a meal.

Warm regards,

These criminals still roam the net abusing domains more than two years later, also using botnets. Currently this happens daily to smaller businesses. The intended anti-brand dilution and consumer protection is now moot.

So I hesitate to even give an answer to the questions, that (weakly) imply that I support IP Clearinghouse, looking for ways to make it work, and I am not interested to make it "work".

I do support URS on a very restrict case, e.g. obvious criminal activities such as phishing.

This is the worst possible example of using this type of procedure! In the time that it takes for URS to be successful, a week to "N" weeks, the phishing site can be up and doing what is was designed to do, deceive the internet user. Typically such a site has outlived it's usefulness in under a week. After this period, the the domain may be removed. A total success for "process", but a total disaster for the spoofed company and average user this process was also supposed to protect.

I am not so sure about the broader definition of "malicious activities", if it includes free/protected speech. If someone wants to make an ICANNsux.com website to make a critical remarks of ICANN activities, they might be malicious but I do not think we should allow URS to apply to it.

I support URS as a best practice but not mandatory. I also think that the takedown should only happen *after* the notice is legally served, and the one requesting suspension should bear the burden to serve the notice in writing to the owner. (Exception, whois record is not accurate or incomplete). The burden should not be on the registrars or the registries or ICANN.

The URS should be best practice where both parties are real people. But to explain why this is not practical and a worst outcome scenario: Small businesses are also maliciously spoofed by criminal parties. These criminal parties will use stolen credit cards details and financial instruments to purchase domains and net related services. In a short time they distribute the risk of their criminal activities to different registrars, abusing privacy mechanisms etc as layered protection. We find extremely creative domain privacy protection mechanisms designed to frustrate DNS abuse from these same criminals that they in turn now use to protect themselves. They have turned their frustration into an advantage. Now the small business owner suddenly has to protect himself from a swarm of abusive registrations? He will need to hire an international lawyer full time to deal with ignorant registrars etc, all at extreme costs. The end result is he could easily bankrupt himself defending himself. The real name owner would be be better advised to simply walk away. Yet with each abusive registration the the registrar and registry etc received money, the legitimate owner of the mark by whichever definition has additional cost etc. This will in fact foster (to borrow a phrase bantered about) an "ICANN for the rich" internet. Once again the normal internet user is left confused in a sea of similar looking and sounding domain names leading to mark confusion, where all but or two, is targeting that same user. As food for thought, look at this: http://www.mediaon.com/Real-Whois-Protection http://www.mediaon.com/Allowed-or-Forbidden (Can i host fraudulent sites ?) Who is their "ICANN registrar in the family"? What will happen in the future?

Once proof that the notice is properly served to the owner of the domain name, I think the suspension can kick in 7 days or 14 days as IRT recommended (or immediately, which is also fine with me). The subsequent process can then follow on as per norm.

-James Seng

In general, one aspect I do not see is real end user protection. I am sure that Bob of Bobbear would not mind me referencing his excellent website. His website shows everyday usage of domains for criminal intent. The domain names abused are pretty much international and abuses all TLDs etc. if history is to tech us something. Bear in mind that fake documents and other devious methods used, makes a domain registration mechanism no barrier to obtaining such domains. As such we are dealing with events after the registration. The domain name may or may not be imposing on the rights of a real party. http://www.bobbear.co.uk/#2 http://www.bobbear.co.uk/#3 Something to think about also, is fictitious companies. The website may or may not be a spoof, but under a different name. I accept this is going off the topic, but will be a real issue later. We may argue that criminal issues belongs in the hands of law enforcement. However law enforcement invariably works on numbers, either a large loss in a single incident, or many smaller losses provably linked to one party. The the international nature of cyber crime also linked to domain name usage, the number of available law enforcement officers qualified to deal with internet issue etc makes this a last stop and also after the fact. However for the individual internet or smaller internet user we find that each one's small loss may be devastating. At $300 per URS, which may be a petty amount in he USA, the amount may be hefty in other countries. Added to that the repeated nature of the above category of abuse, there is a problem just as we have seen with the UDRP. In effect this usage can be likened to arms dealers selling arms to criminals, then charging money complainants to remedy the situation on a per incident basis. Also if history is to teach us something, with criminal domain abuse, the victims are primarily the real brand owner and the intended victims. Registrars, resellers etc losses are limited to incidents where the loss may be a charge back and a few minutes looking at violation of policies reports regarding such domains. Typical costs per incident far under $50. Cost to the public can easily run into thousands of dollars. The real brand owners cannot fight each violation of their mark but focus on those targeting their own customers. Unfortunately that is not the only reason brands are "stolen". As we have seen above, these known brands may be used to scam net users into believing the are working for a company (money mule scams), or in 419 scams (advance fee fraud), shipping/escrow scams etc. This criminal usage grows and changes daily, likewise the number of incidents of such. Sadly I do not see the way the individual internet user is really being protected nor the smaller business deliberately spoofed. Also see http://www.bobbear.co.uk/buyer-guardian.html As one company, BuyerGuardian, said upon closing it's doors on the net:

Important Notice

August 18, 2008

To Our Faithful Customers:

We are sad to report that after careful and lengthy consideration we have made the decision to cease operations at BuyerGuardian.com. This is a very difficult decision and one that is made primarily due to the rapid growth of online escrow fraud.

Unfortunately, individuals have at times used altered copies of our web site content to defraud auto buyers. We do not want to enable these fraudulent transactions in any manner whatsoever. Any website using the BuyerGuardian.com logo, our site layout or our color scheme is doing so without our permission and is a fraudulent website.

Please check with www.escrow-fraud.com or your local Better Business Bureau before using an escrow company. The only other national vehicle escrow service of which we are aware of at this time is Escrow.com (www.escrow.com).

We want to thank all of the people whom we were able to help experience a seamless and successful interstate or international automobile transaction. We appreciate the kind words and support from our customers and hope to serve the automotive industry again in the future.

Sincerely,

The BuyerGuardian.com Team

Makes you think! So much for trust on the net currently. Do not overlook the small guy and general internet user. That is my 5c worth. Derek

On 10/30/2009 05:06 AM, Derek Smythe wrote:

What the criminal will do...

Really? Ought we begin with a leap to the conclusion that a person is a criminal? And from that conclusion we ought to justify expropriation or termination of a domain name registration by ICANN? We are have seen ICANN being used as a "consumer protection" body, often in a way that does not benefit consumers but rather benefits trademark owners. Now we are seeing pressure to turn ICANN into a not only a law enforcement agency but also a judge and executioner. If one believes that there is illicit activity underway the proper approach is to bring it to the attention of properly chartered law enforcement agencies. They can investigate and if they find that the situation is worth pursuing they can bring it before a properly empaneled and disinterested authority for decision due process. If that process results in an order to ICANN then ICANN can then respond. These are not circumstances worthy of the word "exigent". There are no lives at stake. These are situations in which damage can be compensated at any later date by money. ICANN-as-a-vigilante and string-'em-high justice are simply not warranted. Because, even as your note almost begins to suggest, the kind of knee-jerk processes that are being proposed for ICANN are processes that can easily be triggered not as justice but as ways for trademark owners to cut-down competition that is acting near the edges of trademark infringement, but are still on the legitimate side of the line. --karl--

The limitation is a consequence of several patent offices around the world don't have the trade mark process digitalized so their content will not be in the clearinghouse, meaning: or some money will put upfront to have these docs digitalized to assure all trade marks will be respected or only the marks registered at the patent office that have digitalized process will be inside the clearinghouse. -----Original Message----- From: at-large-bounces@atlarge-lists.icann.org [mailto:at-large-bounces@atlarge-lists.icann.org] On Behalf Of Alan Greenberg Sent: Saturday, October 31, 2009 11:14 AM To: At-Large Worldwide Subject: Re: [At-Large] Fw: [Name-Issues] URGENT: At Large Consultation My understanding is that there will be no such limitation. If this is an open question, it should be added to the issues that the GNSO-STI group is looking at. Alan At 30/10/2009 07:44 PM, Vanda UOL wrote:

Dear Olivier As I already had the opportunity to point out my concern about clearing house is the fact that any clearing house will be limited to those countries that had trade marks already digitalized, not many of developing countries. This will have the implications of demand any national of those countries interested to have their marks into the clearinghouse to try to register the marks at some of the countries inside the data base. Meaning higher cost and not balanced protection around. Second, but not our problem, I don't see a real good business model for this.

vanda

-----Original Message----- From: at-large-bounces@atlarge-lists.icann.org [mailto:at-large-bounces@atlarge-lists.icann.org] On Behalf Of Olivier MJ Crepin-Leblond Sent: Friday, October 30, 2009 1:50 PM To: At-Large@atlarge-lists.icann.org Subject: [At-Large] Fw: [Name-Issues] URGENT: At Large Consultation

Folks: [Vanda Scartezini]

apologies for cross-posting, but I don't know if enough people are subscribed to the other list, so I'l like to obtain as much feedback as possible. Over on the names-issues At Large list, we are having a consultation re: the Trademark Clearinghouse and the "Uniform Rapid Suspension System" (URS).

Yesterday, the GNSO formally created a GNSO Review Team to draft a reply to the Board's letter enquiring about solutions/suggestions for the "Trademark Clearinghouse" and "URS" parts of the IRT recommendations regarding Trademark rights for new gTLDs.The deadline for At Large filing a draft reply is 4 November 2009. That gives us about 5 days to respond. With many people currently travelling, this is a very short deadline, but it is required for GNSO procedural matters to reply to the Board's letter in time. A copy of the brainstorming sheet drafted during the meeting yesterday is downloadable from the Web page of our working group:

https://st.icann.org/working-groups/index.cgi?at_large_naming_issues_taskfo r ce

and has a link to the brainstorming sheet in question named: STI Brainstorming Notes.doc

Please be so kind to download it and email replies to me, or to the name-issues@atlarge-lists.icann.org list (registration might be required)

Kind regards,

Olivier

_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.ican n.org

At-Large Official Site: http://atlarge.icann.org

_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann .org At-Large Official Site: http://atlarge.icann.org