RE: [bc-gnso] Assessing the "Domain Name Exchange" service proposed by VeriSign

[Susan Kawaguchi <skawaguchi@xxxxxxxxxxxx>]

It would be good to get clarification on several issues from Verisign.  Do you 
think they would talk to the BC about their proposal?

Susan Kawaguchi
Domain Name Manager

Facebook Inc.
1601 S. California Avenue
Palo Alto, CA
Phone - 650 485-6064
Cell - 650 387 3904

NOTICE: This email (including any attachments) may contain information that is 
private, confidential, or protected by attorney-client or other privilege. 
Unless you are the intended recipient, you may not use, copy, or retransmit the 
email or its contents."

From: owner-bc-gnso@xxxxxxxxx [mailto:owner-bc-gnso@xxxxxxxxx] On Behalf Of 
Mike Rodenbaugh
Sent: Thursday, April 08, 2010 3:23 PM
To: 'bc - GNSO list'
Subject: RE: [bc-gnso] Assessing the "Domain Name Exchange" service proposed by 
VeriSign

Ooops, my post was missing an important "NOT" in second sentence, now 
inserted...

From: owner-bc-gnso@xxxxxxxxx [mailto:owner-bc-gnso@xxxxxxxxx] On Behalf Of 
Mike Rodenbaugh
Sent: Thursday, April 08, 2010 2:50 PM
To: 'bc - GNSO list'
Subject: RE: [bc-gnso] Assessing the "Domain Name Exchange" service proposed by 
VeriSign

Thanks both Steve and Sarah for the thoughtful posts.  I agree this proposal 
needs further consideration and public comment, and should NOT be 
'rubber-stamped' by ICANN, like most RSEP proposals.  It certainly has the 
potential to unravel a lot of the progress made with the AGP Limits policy.  
Another mitigation step could be to limit the percentage of any registrar's 
domains that can be exchanged, similar to the AGP Limits policy.

We could make a motion for the next GNSO Council meeting on 4/21, to see if the 
Council would ask Staff to conduct further consideration.  The deadline for 
such a motion is 4/13.  I suspect it would have broad support from the NCSG, 
and probably none from the CSG, but it might still pass depending upon 
attendance at the meeting, and in any event ought to serve the purpose.

Individual member and constituency comments should also be submitted to ICANN 
directly.  Do we have BC consensus at least on the following?

[DRAFT]

The BC requests that Staff make the preliminary determination, with respect to 
Versign's RSEP proposal for "domain exchange" services in the .net TLD, that 
this proposal requires further study because it could raise significant issues 
with security and stability and/or competition.  Specifically, the proposal may 
permit resumption of commercial "domain tasting" activities which have been 
curbed by the AGP Limits policy, and therefore appropriate limitations on the 
proposed registry service must be considered.

Mike Rodenbaugh
RODENBAUGH LAW
tel/fax:  +1 (415) 738-8087
http://rodenbaugh.com<http://rodenbaugh.com/>

From: owner-bc-gnso@xxxxxxxxx [mailto:owner-bc-gnso@xxxxxxxxx] On Behalf Of 
Deutsch, Sarah B
Sent: Thursday, April 08, 2010 2:19 PM
To: Steve DelBianco; bc - GNSO list
Subject: RE: [bc-gnso] Assessing the "Domain Name Exchange" service proposed by 
VeriSign

Steve,

Thanks for giving all of us more background on the proposed Verisign service.  
My view is that because this proposal could pass through very quickly with 
little ICANN input and has very serious potential consequences for businesses 
and brand owners, we should quickly reach out to ICANN staff and tell them that 
there are enough concerns that the process must be slowed down and studied 
carefully.

The concerns I've raised have nothing to do with someone registering generic 
names.  Whether we call it "tasting" or something else, the fact remains that 
this service allows someone for the price of a single domain name, to register 
at least 12 different domain names a year.   So, if you spent $8 to register 
100 domain names under the exchange service, you could wind up registering 
nearly 10,000 different domain names.  On its face, this seems to be a recipe 
for mischief and abuse.

When we had full blown domain name tasting under the AGP for free, the number 
of infringements skyrocketed, but even today, brand owners face thousands of 
instances of new infringements because cybersquatters are still willing to pay 
a relatively low registration fee for the high quality names that drive 
traffic.  The recent report on cybersquatting out of Harvard shows that even 
vigilant companies like Verizon still face many hundreds of typosquatting 
incidents -- all from infringers who are willing to pay a fee for our 
trademarked names.   The report estimates that the top 100,000 websites 
containing cybersquatted domains collectively receive at least 68.2 million 
daily visitors.  If these cybersquatted sites were considered as a single 
website, they would be ranked by Alexa as the 10th most popular website in the 
world.  So it is reasonable to be concerned that a service which allows one to 
register multiple domain names for a single price will only add to this problem.

I appreciate that Verisign believes it has taken some steps to make their 
service more "transparent," but I don't believe transparency is the same as 
fixing your business model to prevent infringements in the first place.  A few 
questions, comments and ideas:

1) A "free" reporting service on exchanged names is better than no reporting 
service -- but it appears that the burden, administrative costs and enforcement 
costs shifts to business and brand holders, who on a daily or even hourly 
basis, must check this reporting service for possible infringements.  What will 
Verisign do when the brand holder writes to them and demands they stop selling 
the name?  My guess is that they would not be accountable for taking this name 
out of circulation and the trademark owner would be sending numerous cease and 
desist letters, filing more UDRP actions and filing more lawsuits.

2) Your mention of the WHOWAS service does not say whether this will be 
provided for free or at a cost.  In any case, the same concerns about pushing 
the burden on trademark owners remains.  Also, what steps does Verisign intend 
to take to ensure the accuracy of the information provided in its WHOIS, WHOAS 
and its reporting service associated with this service?  Will it permit 
applicants to "exchange" names through a proxy service?

3) Will there be a cap on the number of domain names someone could register 
under the exchange service?

If Verisign is serious about limiting harms to brand owners, why not:

1) Limit the service to generic names only?  Why not allow trademark owners to 
provide Verisign with a list of their registered trademarks that should not be 
permitted to be sold under the exchange service and allow them to opt names out 
of this service?

2) Why not build in protections for the trademark owner up front when offering 
the service?  For example, when an applicant searches for the availability of a 
name, the trademarked names provided by owners who opt out would pop up with a 
warning telling the applicant that the name is a trademark owned by a third 
party, warning them about the penalties associated with cybersquatting and 
requiring them to declare that they have a legal right to use such name.

3) Why not beef up requirements for accurate WHOIS contact information and 
prohibit exhanging names through a proxy?

Obviously, the issues are all quite complicated as are the potential fixes, so 
more reason that this proposal be slowed down and studied carefully with all 
affected stakeholders.

Thanks,

Sarah



Sarah B. Deutsch
Vice President & Associate General Counsel
Verizon Communications
Phone: 703-351-3044
Fax: 703-351-3670


________________________________
From: owner-bc-gnso@xxxxxxxxx [mailto:owner-bc-gnso@xxxxxxxxx] On Behalf Of 
Steve DelBianco
Sent: Thursday, April 08, 2010 11:05 AM
To: bc - GNSO list
Subject: [bc-gnso] Assessing the "Domain Name Exchange" service proposed by 
VeriSign
BC Members:

On April 5, VeriSign (operator of .com, .net, and .name) proposed a new 
registry service called "Domain Name Exchange."  VeriSign's proposal and QA& is 
posted at http://www.icann.org/en/registries/rsep/verisign-dnex-05apr10-en.pdf  
    Here's how VeriSign describes the service:
Based on ongoing discussions with registrars who represent diverse business 
models and market segments, VeriSign has developed the concept for the Domain 
Name Exchange Service to allow a registrar to repurpose a domain name 
registration that has significant time remaining until expiration.   Today when 
a registrant terminates a package of services from a registrar after, for 
example, an introductory 1 or 3 month period, the registrar is forced to recoup 
the investment in the associated domain via monetization or the secondary 
market. The domain exchange will allow a registrar to offer another registrant 
a package that sits on top of that same registration using a new domain.
The Domain Name Exchange Service is an optional service that is designed to 
provide registrars and registrants with an effective and efficient way to 
manage domain name registration terms for domain names that are no longer 
needed.
For many website hosting service providers, the registration of a domain name 
is a secondary service.  For example, the European registrar
1and1 offers web hosting with "free domains included" ( http://1and1.eu ) in 
order to attract new clients to establish their online presence.  Domain 
Exchange lets 1&1 re-use the registration if a client wants to drop the website 
and domain after just a few months.   Registrars would pay around 1.5x the cost 
of a regular annual registration in order to get the Exchange option, and they 
could exchange once per month.  Perhaps there will be significant demand for 
this service from registrars who have lots of turnover with hosting clients.

Domain Exchange is being proposed only for .net domains, but VeriSign may 
propose it for .com at some point.  And that's where several BC officers are 
already raising concerns that Domain Exchange could be a new form of "domain 
tasting" that would lead to even more cyber-squatting and typo-squatting.

"Domain tasting" is a loaded term in ICANN circles.  "Tasting" is how domainers 
test a domain name to learn whether type-in traffic generates enough 
advertising revenue to cover costs of registering the domain.    The names 
typically tasted were generic words and phrases (like SpringCleaning.com or 
SpringFashions.com) that some users might guess at by entering the URL ( 
instead of going thru a page-ranked search engine).
Domainers make money on these domain names by "parking" a page with ads for 
related products and services.

The parked pages that result from tasted names are objectionable in the way 
that highway billboards are objectionable, but there's nothing illegal about 
monetizing domain traffic with advertising.  Moreover, several BC members are 
domainers who monetize traffic this way, and other BC members providing online 
advertising services to support the trade.

But nothing infuriates BC members and Internet users more than tasting or 
parking domains that involve trademarked terms or typographical variants 
designed to deceive users.  Cybersquatting and typosquatting could increase if 
a new service makes it easier to discover domain names that mislead users into 
thinking they have landed on a page belonging to a known business or 
organization they intended to reach.

Domainers discovered they could taste traffic for 5 days for zero cost by using 
the Add Grace Period (AGP) that has always been offered by registrars and 
registries.   That led to rampant tasting in domains like .com.   The ICANN 
community, incl many in the BC, pushed ICANN to end the practice of free 
tasting thru abuse of the AGP privilege.  Using the policy development process, 
ICANN effectively eliminated free AGP tasting in 2009 
(http://www.icann.org/en/tlds/agp-policy-17dec08-en.htm )

Question is, will a new Domain Exchange service increase the incidence of 
trademark and typographical squatting?  I asked my friends at VeriSign (a 
NetChoice member) about this concern, and here's what I learned:

Domain Exchange is not going to replace the free and unchecked tasting that was 
done with AGP before 2009.  First, a domain 'taster' has to actually buy a 
1-year registration to be able to use domain exchange at 11 monthly intervals. 
That's cheaper than buying a dozen registrations, but its not free.  Second, it 
would take a year just to 'taste' a dozen names for ad traffic.

Still, VeriSign acknowledges that some parties may see Domain Exchange as a way 
to "taste" and then register names that infringe on trademarks.  So VeriSign is 
offering additional IP protection tools described in their proposal, such as 
limitations on exchanges, free reporting on exchanged names,  and the WhoWas 
service (a permanent record of historical Whois).

VeriSign is open to suggestions from the BC (and IPC) about other tools that 
would minimize use of Domain Exchange for TM infringement or other illegal 
purposes.  They're also prepared to answer questions in a direct dialogue with 
our members if that's easier and quicker than using the public comment process 
described below.

So let's begin internal discussions on BC List, with an intent to send concerns 
and questions to staff, to VeriSign, and eventually in ICANN public comments.


Finally, a word about the ICANN process for review and approval of new registry 
services:

ICANN evaluates new registry services thru its Registry Service Evaluation 
Process (RSEP).  ICANN staff has 15-days to make a "preliminary determination" 
whether this Registry Service requires further consideration by ICANN because 
it could raise significant issues with Security & Stability or competition.  
There's no official comment period during these 15 days, but BC members can 
always explain concerns to staff.  See RSEP at 
http://www.icann.org/en/registries/rsep/rsep.html

If ICANN determines that the service might raise significant Stability or 
Security issues, it goes to the Registry Services Technical Evaluation Panel 
and simultaneously invites public comment on the proposal (2nd chance to 
comment).  This panel has 45 days to do a written report regarding the proposed 
service effect on Security or Stability.

ICANN's Board then posts the report for public comment (3rd chance to comment), 
and the Board has 30 days to reach a decision. "In the event the ICANN Board 
reasonably determines that the proposed Registry Service creates a reasonable 
risk of a meaningful adverse effect on Stability or Security, Registry Operator 
will not offer the proposed Registry Service."

So there are 2 or 3 chances to comment over a period of 45 days (or 90 days if 
the panel raises S&S concerns).