ICANN ICANN Email List Archives

[gnso-igo-ingo]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [gnso-igo-ingo] Thoughts on fact-based policy development

  • To: "GNSO IGO INGO" <gnso-igo-ingo@xxxxxxxxx>, "Alan Greenberg" <alan.greenberg@xxxxxxxxx>
  • Subject: Re: [gnso-igo-ingo] Thoughts on fact-based policy development
  • From: "Christopher Lamb" <christopher.lamb17@xxxxxxxxx>
  • Date: Fri, 25 Jan 2013 00:16:37 +1100


Dear Alan,

Thanks for this. People now working in the RCRC Movement institutions can answer the questions better than I nowadays, but my observations drawn from my experience are, to your points:

- agreed, for this doesn't prevent all sorts of other abuses. It would however be a SIGNIFICANT (to use your caps) move in the right direction and prevent some of the more egregious abuses. As importantly, it would carry the protection the redcross and redcrescent names now receive from international and national law into the Web, and serve to support the worldwide understanding that these words mean neutrality in its most important sense, on the battlefield.

- yes. That's exactly right. I would say that very few of the honest ones are defensive registrations and those which are usually end up being registrations in other languages to cover their national diversity, or defensive in the sense that .net, .com, dot.info etc are all needed to provide good protection.

- yes, they should be so prevented unless it is done with the approval of the Red Cross or Red Crescent Society, or the international institution as the case may be. These names have too specific a meaning for wider use. There was a case rather like this during a recent disaster in Tasmania when a young man used "Red Cross" without realising that he was breaking Australian law. His intentions were good, and once it was explained to him he understood perfectly well and adopted a different name.

- I used to know more about redcross.us, and would have to find my old research if I were to provide an evidenced answer. Debbie would know well, I'm sure - have you asked her? She may also know what the American Red Cross has tried to do about it, but I have to confess that it's weird - a lighting company registered by a company in Lebanon and on a server in Scottsdale Arizona with GoDaddy as the sponsoring registrar. According to the domain report the Lebanese registrant organisation is "Red Cross" of the city of Aley in Lebanon.

All the best

Chris

-----Original Message----- From: Alan Greenberg
Sent: Thursday, January 24, 2013 2:45 AM
To: Christopher Lamb ; GNSO IGO INGO
Subject: Re: [gnso-igo-ingo] Thoughts on fact-based policy development

Thanks Chris.

A couple of thoughts after reading your note.

- There are certainly many potential abuses to try to attract
disaster-related money that are completely beyond out control. Even
if we came up with a way to prevent Redcross-tsunami.tld, we
certainly cannot stop Haiti-earthquake.tld which might use you
symbols and name in e-mail and web sites. And that is part of what I
am trying to understand in my suggestion. To what extent is exact
match prevention likely to SIGNIFICANTLY help you.

- Regarding domains registered under ccTLDs, we need to recognize
that many of those are not defensive registrations but real working
domains for the country/regional organizations, as is the case with
the ca, eu and ch examples.

- Exceptions are going to be a challenge. If a .charity comies into
being with good controls over who can register, do you really want to
be prevented from registering redcross.charity?

Lastly, and not related to the work of this WG, if you know the story
behind redcross.us, I would really like to understand it (presuming
it is legitimate, which it seems to be). Is it just a cute play on
the English word US?

Alan

At 23/01/2013 06:52 AM, Christopher Lamb wrote:
Dear Alan,

Thanks for this. I'd just add that there are a very large number of domains which use redcross or redcrescent in association with a country code. You mention redcross.ca and I won't list all the others of which I'm aware unless you wish me to do so, but Switzerland is an example worth noting - the main website is redcross.ch but croixrouge.ch, crocerossa.ch and roteskreuz.ch all lead to it. The website redcrescent.org was owned by someone in the US a couple of years ago and dormant, but now appears to hold a lot of information related to disasters - but it doesn't appear to be owned by any organisation in the Red Cross Red Crescent Movement. Another which worries me is http://www.croix-rougecamerounaise.org/, an example of what should not be possible and which is probably entirely beyond the control resources of the Cameroon Red Cross Society.

There are many examples of people trying to make money out of the redcross brand in domain sales. Have a look at laoredcross.org, which has nothing to do with the Red Cross Society of Laos. Redcross.me is for sale. Quite a lot of country code domains are a source of concern, and although they're not part of the current study they offer examples of the way fraudsters and money-makers work. The RCRC Movement spends a lot of time and resources getting the relevant authorities to remove these sites, usually successfully, but it is very resource-intensive and a special problem when domains appear from nowhere after virtually every newsworthy disaster with worldwide coverage. As you would expect, these people expect to make all their money in the first 48 hours while media coverage of the suffering is at its most intense, and lengthy procedures are completely ineffective - in all cases which I've tracked the looters disappear with their money long before any procedure could get started.

There are also cases of abuse with the intention of denigrating the National Society concerned. One, a few years ago, concerned the abuse of the name of the Hungarian Red Cross in the US. There have been others aimed at National Societies which chose to use acronyms or initials for their domain name and exposed themselves to danger - one was the Palestine Red Crescent Society whose domain palestinercs.org was mirrored and then abused in palestinercs.net. This isn't a subject covered by our current work, and it's my hope that when we resolve the future TLD system the RCRC Movement should ask National Societies to regularise their naming protocols in accordance with that system.

I did a survey of the misuse or abuse of the names of National RCRC Societies in February 2011 and without difficulty found and reported 19 egregious cases. Following that most were able to be removed, but some, like the Lao and Cameroon cases, are still there. Time permitting, I would look into this again if it were necessary, but the hard fact is that the redcross and redcrescent names are abused as a matter of course after significant newsworthy natural disasters or conflicts. A spectacular one in 2005 enticed the unsuspecting public to donate to a bogus thing called the Santa Maria Red Cross Tsunami Survivors Fund. You won't find it any more, but what we did to put it down is a great story worthy of a movie script. Not what we should be aiming for through this process, of course.

I recognise that this will look like an anecdotal commentary, but it's also reality.

Best wishes

Chris



-----Original Message----- From: Alan Greenberg
Sent: Wednesday, January 23, 2013 4:44 PM
To: GNSO IGO INGO
Subject: [gnso-igo-ingo] Thoughts on fact-based policy development

Both I and the ALAC in its recent statement have stated that if we
are going to take the large and unusual step and provide special
protection to IGO/INGO names, we should do so understanding what
problem(s) we are trying to solve and have a high level of comfort
that the proposed solution actually will address these problems.

To take a large number of character strings out of circulation, or at
least put in place significant (no doubt both costly and
time-consuming) hurdles to using these strings without a substantive
benefit is counter to the culture that has allowed the Internet to
thrive. Moreover, it sets the stage for even more similar requests in
the future, both on the basis of TMs and "public money".

To date, we have seen virtually no data related to IGOs and little
related to INGOs on the problems they currently suffer that would be
relieved with the reservation or blocking of their requested
exact-match names and acronyms.

To try to get a feel for whether this is just an obstreperous
objection or really has merit, I undertook a small and not
necessarily representative study of the names of a number of
organizations. Specifically NATO, ITU, UPU, CERN, WHO, ILO, UNICEF
and RedCross. All except the last two were signatories of the letter
requesting protection for IGO names (recently resent to this group
along with the UPU statement appended to the RySG input, but which
also can be found at
http://www.icann.org/en/news/correspondence/igo-counsels-to-beckstrom-et-al-13dec11-en.pdf).

I checked to see whether their names were registered in a number of
TLDs, specifically int, com, net, org, info, biz, us, ca and eu, who
they were registered to, and what use was being made of the domain
name (from a web point of view). The results are attached.

- Lines highlighted in Dark blue are used by the organization in
question (or an affiliate). Light blue are sort of used by them, but
is not actually an active web site, or is used in a rather curious
way, or is seemingly owned by a private individual who redirects the
site as a matter of courtesy.

- Lines highlighted in dark green seem to be legitimate uses of the
name but not by the organization in question. There is a pale green
entry that would be reasonable except it is largely a monetization site.

There are large number of monetized pages, and a fair number of uses
of names for which I can see no rationale at all. In no cases has any
of the organizations in question taken control of all of the names.

For the first few, I also did a reviews search on the e-mail admin
contact address listed in the Whois, as some measure of how many
other domain names are managed by that organization. The short answer
is "not many" for those that I looked at. I stopped when my free
access to the reviews whois engine was cut off.

This was an interesting exercise, but as stated earlier, there is no
pretense of this being a definitive analysis. But it does bring into
question just how important the requested reservations are, what uses
would such reservations rule out if implemented as complete blocking,
and what harms will be prevented by their implementation.

I strongly suggest that at the least, we request specific information
from the organizations that have explicitly requested protection (at
the very least RCRC, IOC, and the organizations identified in the
13Dec11 letter). This should include:

- A list of TLDs in which they have registered their requested names,
or otherwise taken action to prevent them being registered by others.
- Identification of any disputes over identical names, names that
would have been disallowed if the requested policy had been in place
for all gTLDs, and the outcomes of these disputes.
- Identification/elaboration of the harms caused by the above cases.
- An estimate of the magnitude of these cases compared to other
domain name conflicts which will not be prevented by the requested
gTLD protections.

Lastly, I would suggest that we ask whether they would:
- Expect exceptions to the reservation of their names to allow their
own registration of the names
- How they contemplate allowing exceptions for the legitimate use by
others of the names.

Alan




<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy