June 29, 2003
New TLDs: Can you say .never?

ICANN continues at its snail's pace on introduction of new top-level domains. At the Montreal meeting, staff sprung this RFP for new sponsored TLDs. As if "a few" and "sponsored" weren't limitation enough, it further narrowed the applicant pool to those who had applied unsuccessfully as sponsored TLDs in November 2000.

It's unclear how recycling failed applications (with a new $25,000 fee) and excluding new ones can help ICANN in its "Proof of Concept" evaluation, but it is clear who's left out of the next round -- anyone who isn't .travel, .health, .union, .post, or .mobi (thanks Lawrence).

ICM Registry bannerThe slighted include ICM Registry, whose application for .XXX was unsponsored in 2000 (this is one of their banners hanging in the conference lobby). Betcha didn't know you could count on .XXX for "responsible growth of the DNS."

More commentary:
ALAC list
No such weblog

Posted by Wendy at 02:24 PM
June 25, 2003
Privacy in Domain Name Registration

Karl Auerbach is here in Montreal, adding notes on WHOIS and privacy to his CaveBear Blog. I particularly appreciate his proposal to establish a truly anonymous domain name registration service, capturing only technically relevant data:

I hope to run an experiment soon in which people can register names anonymously and without the retention of any contact information whatsoever - control of a name would be in the form of a digital certificate, a kind of bearer bond.

Thomas Roessler, also here and blogging many of the sessions, shares concern over privacy in WHOIS records, and busts a few strawmen.

Posted by Wendy at 08:52 AM
Internet Exceptionalism Dominates ICANN WHOIS Panel

Discussion on the first panel of ICANN's WHOIS Public Workshop has been heavily skewed toward "law enforcement and intellectual property interests." Speakers from the U.S. Department of Justice, OECD, and WIPO have emphasized their "need" for WHOIS data including names and contact information of domain name registrants in order to pursue alleged infringers, fraudsters, and criminals doing business online. Due Process to the accused is too inconvenient, it seems.

According to John LoGalbo, U.S. DOJ, law enforcement needs public access to accurate WHOIS data. It's not enough to give access to law enforcement officials, for once public access is restricted, then law enforcement must use legal process to get at it -- the delay of legal process is unacceptable. What is it about online activity that justifies such prior restraint (forced identification of speakers online that we wouldn't accept in other media)? The speed of "harm" from online speech.

OECD has privacy guidelines, but its representative here, Michael Donohue, thinks that consumers use WHOIS data to investigate websites before doing business with them, and that this purpose warrants a data disclosure requirement. This analysis ignores that good business will want to spread their reputation by whatever means available, and don't need the WHOIS database, while bad businesses will fake "reputation" wherever they can, including in WHOIS. WHOIS shouldn't be the Better Business Bureau.

Please, folks. The Internet doesn't eliminate due process concerns. We've developed extensive procedural protections precisely because we value individual freedoms of privacy and presumptions of innocence. The burden of official justification is not an accident, but a basic component of liberty from unjustified investigation.

There are some welcome voices on the other side:

Sarah Deutsch, Verizon: "Convenience" doesn't cut it. Law enforcement still needs to use fair process when it demands access to data.

Jeff Neuman, Neustar registry, notes that various national privacy laws conflict with ICANN WHOIS disclosure mandates: "Do we break the law to provide this WHOIS information so that you may catch others who break the law?"

Diana Alonso Blas, European Commission: Build privacy protections into the system. Think about limiting collection and access, auditing use of the data collected.

Paul Stahura, eNom: Availability of privacy (including proxy services) increases accuracy. The bad guys will always put in false info, but the good guys are more likely to give real data if they know it will not be disclosed haphazard.

Tom Keller, Schlund: Privacy is a right, not something for which registrants should have to pay extra.

Posted by Wendy at 05:27 AM
June 22, 2003
Hatching Copyright's Bad Eggs

We've all weighed in on Orrin Hatch's proposal to destroy the computers of copyright infringers, and the subsequent discovery of apparently unlicensed software on his website.

Lisa Rein makes the best connection bewteen them:

Okay so Wired News has a great story about how Orinn Hatch says one thing and does another with regard to respecting copyright laws. Perhaps now he will just admit that he didn't understand how easy it is to "violate copyright" (gasp!) unknowlingly.
The problem with modern copyright law is the number of ordinary activities it regulates. When you needed a printing presses to make an infringing copy, you didn't much fear unwitting infringement: if you ran off a stack of Mark Twain's latest, you probably knew if you weren't authorized. Yet when every RAM duplication is deemed a "copy", technology puts "copiers" into every person's hands. Copyright owners now claim rights to control derivative works, public performance, and access, not just reproduction. Copyright has begun to intrude on everyday, private activities of ordinary citizens, as well as on those of Senators. The line between lawful and unlawful no longer seems so clear; it's too easy to stumble into copyright infringement.

Amid that copyright minefield, Hatch's suggested "extreme remedies," even as later "clarified", would be explosive. Under the Hatch plan, ordinary activities would make users targets of copyright vigilantism; Copyright becomes a force of destruction, not creativity and innovation. Instead of blowing up computers, let's make copyright law conform better to public expectations, a real "engine of free expression."

Posted by Wendy at 02:08 PM
June 18, 2003
RIAA to C&D Verizon customers

The RIAA (which Rep. Mary Bono has disclaimed interest in chairing), has announced it will send cease-and-desist letters to the Internet users for whose identities it subpoenaed Verizon. (AP Story). I hope one of the recipients will share with Chilling Effects.

First, we know the RIAA didn't need the subpoenas to send a warning -- KaZaA has a messaging application built in, which the RIAA has used to warn filesharers in the past. Second, and more important, this response doesn't change the underlying problem that subpoenas for users' identities are a blunt tool against copyright infringement.

As we argued in an amicus brief supporting Verizon, online users are entitled to privacy in their activities, and should not have that privacy breached on a mere accusation of copyright infringement. While it may have chosen these test cases carefully, the RIAA has been wrong before, and other copyright claimants may be less scrupulous. Internet users deserve due process and judicial oversight -- not a clerk's rubber stamp -- before their identities are disclosed. Although the D.C. Circuit denied Verizon's request for stay pending appeal, it can still get the case right after the full hearing in September.

Posted by Wendy at 06:06 PM
June 03, 2003
Petition for Rational Copyright Law

The Supreme Court's decision in Eldred v. Ashcroft told us we'd have to take our case to Congress to reclaim for public use the vast quantity of art and literature under copyright but out of print. The draft Public Domain Enhancement Act would help do that by requiring copyright holders to pay a nominal fee 50 years after publication.

Under this proposed Act, copyright holders still commercially exploiting their copyrights could retain those copyrights, and would update the records telling others where to contact them for licensing. Works that copyright holders didn't value at even $1, however, would go into the public domain -- where others might find new ways to use them.

We think this Act would restore some of the public's copyright balance. If you agree, please consider signing the petition: http://www.PetitionOnline.com/eldred/petition.html.

Posted by Wendy at 11:29 AM
June 02, 2003
Nationwide branding bites back

Why do companies advertise under national brands if they're not going to provide consistent nationwide service?

Trademarks and service marks are supposed to convey information about the origin of the goods and services they label, so that consumers can expect consistent quality each time they encounter the brand. Trademarks don't guarantee good quality, of course, but they are supposed to denote uniformity of more than advertising budget.

After losing a cell phone while traveling (to OSCOM), I went into a local (San Francisco) Cingular store -- a big single-brand store with the bright orange logo out front -- to try to replace it. First, I was told that this franchise couldn't help, that I'd have to try the company-owned store. Strike 1. The SF company store was similarly unhelpful -- since my phone had a NY number, only a NY store could issue a new SIM card. Strike 2. Oh, and by the way, customer service was closed on Sunday. Strike 3.

Luckily, my Monday morning calls to the New York-based customer service met with much better results. The service- and sales-people I spoke with there were both helpful in arranging for a new card to be sent. Nonetheless, the bad service of the California outlets tarnished my view of the brand as a whole.

Nutshell: Better to have a small consistent brand than a large inconsistent one. And to the regulators (who got media concentration so very wrong), please give us number portability in this lifetime!

Posted by Wendy at 02:11 PM