RE: [gnso-irtp-b-jun09] Identifcation

["Erdman, Kevin R." <Kevin.Erdman@xxxxxxxxxx>]

Hi All,

Following up on my thoughts about busting the eTRP and addressing the
identification issue, I find that they are somewhat related.  Here are a
couple of thoughts to stir up the crowd for tomorrow's call.

Suppose someone hijacked a high volume web site, but did not disrupt the
traffic.  Say hijacker A hacks into and changes the Registrant from
BigCompany to individual A, but keeps the traffic running as usual.
BigCompany never thinks to check the Registrant status, and 65 days after
individual A hijacks the domain it is transferred to another Registrar.  Then
at day 70, individual A starts to disrupt traffic to BigCompany's domain, and
BigCompany tries to invoke eTRP.  The new Registrar and the old Registrar
would look to individual A as the Registrant and would not recognize
BigCompany as the Registrant.  True that Registrant could use UDRP to recover
the domain if trademark rights were involved, but eTRP would not be
available.

On the subject of identification, I think that we are focusing on the wrong
issue.  The issue is who is the true Registrant, not who is the individual or
corporation listed on the Registrant line.  If in the Registration process
the Registrar gave the Registrant a token that would uniquely identify the
holder as the domain owner, then the Registrar would not need to comply with
any local law on proving identity.  In the situation above, the old
Registrant could present the token to show that at one time it was the
Registrant and invoke the eTRP.  Thus, rather than relying on local law to
provide a way of verifying identity why couldn't we propose that the
Registrar implement a token system for verifying Registrant status?

There might then be an issue of false identification, but that is for a
different discussion...
_____________________________________________________________________________
____________________________
Kevin R Erdman  T: 317.237.1029 | F: 317.237.8521 | C: 317.289.3934
Intellectual Property, Internet, and Information Attorney, Registered Patent
Attorney
BAKER & DANIELS LLP WWW.BAKERDANIELS.COM 300 N. MERIDIAN STREET, SUITE 2700 |
INDIANAPOLIS, IN 46204

-----Original Message-----
From: owner-gnso-irtp-b-jun09@xxxxxxxxx
[mailto:owner-gnso-irtp-b-jun09@xxxxxxxxx] On Behalf Of Matt Mansell
Sent: Monday, May 03, 2010 6:43 AM
To: Gnso-irtp-b-jun09@xxxxxxxxx
Subject: [gnso-irtp-b-jun09] Identifcation


Hi All

I've just been listening to last week's call in prep for tomorrow's.
Apologies were sent but not noted. I wanted to add my thoughts re
identification. 

I personally think it's a mute point. If a bad actor wants to commit
fraud in stealing a name he is equally more than capable of providing
faked identify. We see plenty of it as I'm sure everyone does and its
increasingly hard to spot.

Essentially, without some sort of in-person, original documents process
(Like applying for a Birth Certificate or Passport in the UK) I don't
see how this can add any value, especially in digital form. We must
remember that the receiving registrar will by virtue of fraudulent
c/card data have the best checks they can already to verify the identify
of their account holder. No registrar wants to unduly incur the costs of
handling a chargeback or potential un-recoverable product costs. To put
any liability on the registrar or registry to identify a transferee
further will not reduce theft, particularly high value theft.

Rgds, Matt


-----------------------------------------------
Matt Mansell
Mesh Digital Ltd
Tel: +44 (0)1483 304030
Fax: +44 (0)1483 304031
Mbl: +44 (0)7715 168077
Web: http://www.domainmonster.com



-----------------------------------------------------------------------------
---
This email (including attachments) is confidential and intended only for the
use of the addressee(s). If you are not an addressee you should not copy it,
re-transmit it, use it or disclose its contents, but should advise the sender
immediately and delete your copy from your system(s). Do not copy, use or
disclose this email. Mesh Digital Ltd do not accept legal responsibility for
the contents of this message. Any views or opinions presented are solely
those of the author and do not necessarily represent those of Mesh Digital
Ltd. 




----------------------------
ATTENTION:

To ensure compliance with applicable Internal Revenue Service Regulations,
we inform you that any tax advice contained in this electronic message was
not intended or written to be used, and cannot be used, for the purpose of
avoiding penalties under the Internal Revenue Code.


This message and all its attachments are PRIVATE and may contain
information that is CONFIDENTIAL and PRIVILEGED.

If you received this message in error, please notify the sender by reply 
e-mail and delete the message immediately.