Hi All,
First, thank you, Steve, Graeme and All. I
know a lot of people have spent a lot of time in the IP and
Registrar Communities working on this draft. Tx you – and
appreciate your invitation to comments and concerns!
I have reviewed the Draft carefully and have
some initial comments to share.
Although I spoke with people in the WG while preparing
them, these comments are my own.(If there is problem with the
formatting below, please let me know.)
1. General
Comments
a. `Let’s
make the wording more neutral. Let’s add “alleged” or “claimed”
in all references of infringement (e.g., trademarks, copyrights
of domain names/websites. Another good term would be “claimed
infringement” -- which is the one used in similar sections of
the Digital Millennium Copyright Act to the sections we are
working on here.
2. More
substantive comments
a. Are
we missing levels of protections for the Customer/Registrant? In the Digital Millennium
Copyright Act (DMCA), there were two levels of protections for
the “users.”
i. The first was
sanctions for misrepresentation. Basically, any company which
knowingly materially misrepresents that material or activity is
infringing is liable for damages, including costs and attorney
fees caused from injury resulting from the misrepresentation.
Don’t we need similar sanctions here?
ii. A much higher bar
for revealing the identity of the alleged infringer. The DMCA
allows rapid takedown based on statements very similar to the
one we proposing, but Reveal is a whole different story. The standard is much higher
and goes through Court. Thus US Copyright Code, Sec 512(h),
requires a subpoena to reveal data:
a. [Section 512] “(h) SUBPOENA TO IDENTIFY
INFRINGER-
`(1) REQUEST- A copyright owner or a person
authorized to act on the owner's behalf may request the clerk
of any United States district court to issue a subpoena to a
service provider for identification of an alleged infringer in
accordance with this subsection…
Shouldn’t we have a higher standard too? It seems important to
balance the rights of both sides, including whether the
Allegation of Illegality sufficiently outweighs the Privacy
Interests and Rights of the Battered Women’s Shelter, Online
Magazine or Bloggers posting unpopular views of corruption.
iii. A deep concern about default. As I read the
rules, if you don’t respond, you lose and your data is
revealed. But this is
a problem because we can think of many reasons why
Customers/Registrants would not respond. For example:
a. Request came at the beginning of August,
b. Request disappeared into spam;
c. Registrant/Customer is unable to respond (perhaps
language barriers); and/or
d. Registrant/Customer is scared to respond.
2. I would submit that in something as important as
revealing identity and physical locations, there should be no
automatic default. It is completely possible that a) the
allegations are incorrect on their face (no jurisdictional
overlap, for example), or b) that there are clear defenses on
“its face,” e.g., on the website.
Thus, an anti-bullying group may post the
copyrighted logo of a gang engaging in bullying (or worse) in
a local school or neighborhood; is so, the gang’s allegation
of copyright infringement could be clearly weighed against the
“safe neighborhoods for all” activity taking place on the
website.
Similarly, an online publication in Europe may
have every right to use the logo and trademark of a large
multinational it is criticizing, or the image of Mohammed,
without having its identity and address revealed without due
process.
Ditto for a battered women’s shelter posting a
copyright logo, motto or design and urging women to watch for
it and those bearing it.
Due process is not automatic default, but a full
and fair review of the website and other reachable
information, even if the Customer/Registrant is unable to
respond for herself or himself.
3. Option:
we might consider Third Party or Independent Review. This is
something that Steve and Graeme’s draft have already suggested
for rejections of IP Owner Requests. It could serve Customers
too by creating a review of default situations – or perhaps an
independent forum for Service Providers who choose to outsource
this difficult evaluation.
iv. Privacy of
communication between Customers and their Providers . The rules
of Section III(A) seem to bar private communication with your
Provider. Everything a Customer/Registrant might write to their
Provider must be passed on verbatim (if I read this correctly). But that’s a problem for
those with English as a second language (or third) or those
without lawyers, and those simply trying to explain in clear and
informal language to explain this situation. 0What
will happen, I am concerned, is that whatever informal response
a Customer provides to its Provider will operate (unintended) as
an Admission Against Interest or an unintended Waiver.
Further, the
Customer/Registrant might inadvertently reveal a bit about their
identity or even location – trying to explain their position
clearly to the Provider – and this should not be passed on to
the Requester automatically either. I
am not sure of th answer here as IP Owners should know something
about the response, but not necessarily the full communication
of the Customer (e.g., he is stalking me).
Thanks for reading!
Best,
Kathy