Transfer rules and safeguards

["Tom Franczak" <tom_franczak@xxxxxxxxxxx>]

I am dismayed at the ease with which panix.com was hijacked.  While there
apparently was irrecoverable damage in the interim, at least the firm had
the savvy and clout to regain their domain.

But what about the less technically adept and those less informed about the
arcane procedures to secure a remedy or less able to exert pressure on or
elicit sympathy from a new registrar?  What about the damage done while a
victim fumbles around trying to figure out what to do next?

I maintain a website for a hobby organization that over the years has gained
popularity and a high search engine ranking.  Accordingly, I receive one or
two unsolicited emails a month offering to buy the domain name.  The tracker
on the site advises me that it gets about one unreferred hit every day from
an overseas ip.  I feel like I am being stalked.  Since last November the
domain name of a similar organization located in Wisconsin has become the
property of someone in Kenya who is apparently holding it for ransom.  Could
be worse.  It might have been turned into a portal for porn sites, as
happened about five years ago to another similar organization I am aware of
when a third party neglected to renew a registration on behalf of the owner.
While I have directed my registrar to lock my domain names, I completely
lack confidence that this safeguard is sufficient.  I can think of numerous
possible breakdowns in that mechanism and I am guessing that the pirates can
too.

ICANN should be promulgating rules that err on the side of security and
protection.  Ensuring that price competition works is fine and good and my
registrar happens to be the poster child for high prices so I have an
appreciation of the reason for easing transfers.  But that consideration is
small potatoes compared to the harm that is done when hijackings are
likewise enabled.  I repeat, the locking mechanism does NOT seem foolproof.

I say, work on this now and make it your top priority.

While I'm at it, who decided that a 10 year registration term was adequate?
 By perusing relevant material, I'm pretty sure that I've learned that the
content of a website can receive copyright protection for a term of author's
life + 70 years.  Well, now.  Unless ICANN can provide a compelling
justification for limiting protection of a website's name to 10 years, I
suggest that the allowable registration period for a website's domain name
be raised drastically to conform to the allowable protection period afforded
its contents.  I suggest that ICANN would be hard-pressed to make an honest
case against this.

In the event of a domain name hijacking, I urge that some ICANN help desk
facility be available 24/7 to stop the world and stem the damage on a crash
basis.  Individuals need much more protection than huge ISPs or
corporations.

Thank you for your attention.  I await your action.

Tom Franczak