Uniform Rapid Suspension comments of Leap of Faith Financial Services Inc. (April 1, 2010)

[George Kirikos <gkirikos@xxxxxxxxx>]

Comments on Uniform Rapid Suspension (URS)

Submitted By: George Kirikos
Company: Leap of Faith Financial Services Inc.
Company URL: http://www.leap.com/
Date: April 1, 2010

As per our prior comments, we continue to oppose the URS.

While my company has no intention to ever register domain names in new gTLDs, 
it seems that the intent amongst the TM-mafia/cabal is to at some later date 
apply these same rules to existing gTLDs. Thus, while we don't care about new 
gTLDs whatsoever, we must comment in order that bad rules aren't implemented 
that later put at risk legitimate registrants in existing gTLDs. 

Most TM attorneys share our grave concerns that new gTLDs are a bad idea, and 
ICANN should not be trying to "divide and conquer" by playing interests off 
against one another in order to further their own ambitions which the public is 
against. We stand united with most in the TM community opposing new gTLDs.

First off, I'd like to applaud some of the TM lobby for being balanced in their 
proposals. There are some "good guys" in that group that looked at our past 
critiques, listened to our concerns, and made appropriate adjustments. They are 
to be commended. Just as there are "good guys" in the domain registrant 
community, there are also "good guys" representing the IP interests of 
brandholders who do not overreach and don't engage in reverse domain name 
hijacking.

However, just as there are cybersquatters, there are also a group in the IP 
community who would not hesitate to bring forth frivolous claims in order to 
harass existing registrants and reverse hijack their rightfully owned domain 
names in order to gain an economic advantage. Both of these "extremists" in the 
registrant and IP groups need to be reigned in by the rules.

1. URS (and UDRP providers like WIPO and NAF) must be under contract with ICANN 
in order to ensure accountability. As we've seen with CAC, the providers often 
go their own way without regard to the actual terms of the dispute resolution 
procedures that they are supposed to follow.

2. We oppose the URS in principle, as it will be abused and used to harass 
legitimate registrants. The better policy would be, as we have suggested 
multiple times, to have WHOIS verification. This thwarts cybersquatters, who 
want to hide in the shadows, from registering abusive domain names and thus 
reduces overall cybersquatting. Many external TM lawyers make money from filing 
complaints, and do you notice they do not push strongly for WHOIS accuracy 
(which would reduce complaints significantly). But, TM lawyers within 
corporations should be in favour of this, as it would reduce their policing 
costs if there are fewer domains being abused. Verified WHOIS acts as a 
deterrent to abuse.

The URS, on the other hand, tackles the problem after it's too late. Of course 
ICANN, registries and registrars benefit financially from these abusive 
registrations through the associated fees, and have no interest in discouraging 
and preventing abusive registrations through WHOIS verification (which would be 
very low cost, as we have discussed in previous submissions). They'd prefer to 
collect the money up front, and impose the costs of the abuse on the wider 
public, laughing all the way to the bank. 

I believe the DOC or GAC should step in and mandate Verified WHOIS via a PIN 
system (i.e. physical letter with a PIN code mailed to registrants to ensure 
address accuracy before a domain name gets activated). This would please TM 
holders, consumers, and legitimate domain registrants who always maintain 
accurate WHOIS.

3. The "Safe Harbors" in the URS should include the words "without limitation", 
to ensure that they can grow over time. The policy is flawed because URS 
providers have a financial incentive to expand the definition of "abuse" over 
time, but registrants should have that same power to check that growth through 
their own examples of good faith usage.

4. In order to ensure that there is no forum shopping, the URS provider should 
be selected by the *registrant* (or alternatively the registrar), not by the 
complainant. If one studies the history of the UDRP, this was a very early 
proposal that in hindsight made a lot of sense, given the problems we've seen 
with WIPO, NAF and CAC engaged in a "race to the bottom" to appeal to TM 
holders. By shifting the balance so that it is the *registrant* who selects 
which URS provider handles a case, the playing field is made more level. If the 
registrant does not select a provider, a case would be randomized between 
multiple providers and panels.

5. There should be notice made to attorneys of the domain registrants, whose 
legal contact data would appear in the public WHOIS on an opt-in basis. This 
would increase the odds of *actual notice* of complaints, as the attorney might 
receive notice when a registrant is on holiday, and act accordingly. 

6. Domain locking/freezing should be done by the *registrar*, NOT the registry 
operator. This would allow the registrar to also contact their client, to 
improve the odds of actual notice.

7. 20 days is insufficient notice, especially for domains that have been 
registered for long periods. The notice period should be a formula based on the 
age (from creation date) of the domain name. For a 10-year old domain name, for 
example, where there is no "emergency" requiring the URS and the TM holder has 
slept on their rights, the notice period might be 6 months, for example. For a 
freshly registered 2 month old domain name, 20 days might be considered 
adequate. Alternatively, the URS should not apply at all to domains older than 
a certain age, for example a cut-off of 2 years past the creation date. In the 
real world, if I had a "McDonald's" sign over my door for 10 years, and 
McDonald's tried to get an emergency injunction (which is kind of what the URS 
is like) to have it torn down, the judge would deny it, and instead set the 
matter for normal trial. McDonald's would have faced the issue of laches, 
having slept on their rights. By using a
 formula like that suggested above, it encourages complaints to be brought 
promptly, and that they are not used as a tool to harass long-term good faith 
registrants. In the real world there are statutes of limitations on bringing 
actions, and this change would be in line with the real world precedent. 
Indeed, not having a limitation period would create the absurdity that a 
URS/UDRP provider could find in favour of a complaint that would be 
*statute-barred* from the court system!

8. URS providers and panelists, as in the UDRP, should not be excluded from 
liability in real courts if there is deliberate wrongdoing.

9. The domain name should not be transferred to the complainant after a 
successful complaint unless the registrant has ample time (say 6 months) to 
launch an appeal in court.

10. Any complainant losing a URS should be precluded from getting a second 
"kick at the can" via UDRP for a period of 2 years for the same domain name. 
They can instead use the court system if they lose.

11. Section 12 is very wrong. An appeal by the registrant in real court to 
overturn the URS should immediately restore the nameservers to those of the 
domain registrant. Real court trumps URS. That appeal should be permitted at 
any time, including during the time before a URS response is required. The 
registry and registrar need to obey the court in restoring the nameservers, 
otherwise innocent registrants would have income-generating websites disrupted 
by bad decisions from URS providers.

12. The penalties for abuse by TM holders are trivial. They need to be made 
substantially stronger. In Canada, there are financial penalties under the CDRP 
(.ca version of UDRP) which provides for a bad faith complainant paying up to 
$5000 (as ordered by a panel):

http://www.cira.ca/assets/Documents/CDRPpolicy.pdf  (section 4.6)

to respondent to cover the costs of the registrant. That represents a fair and 
balanced policy, and reduces frivolous complaints. Alternatively, complainants 
should post a security bond.

13. All URS decisions need to be made public, just as in the UDRP, in order to 
ensure that the public can scrutinize whether panelists and URS providers are 
following the rules. They should be available via a XML interface, in addition 
to plain text/HTML as they are now, so that researchers can have bulk access to 
the XML for scholarly and academic studies (as we've also suggested for the 
UDRP).

14. Registrants should be able to white-list themselves to opt-out of the URS 
(and UDRP) through mechanisms such as WHOIS verification, or posting of 
security bonds with their registrars. The "good guys" want to stand out from 
the bad guys, however ICANN and the TM mafia wants to treat all registrants as 
though they are all cybersquatters.

15. The points in 1.4 are described as "non-exhaustive". This is flawed, just 
as in the UDRP, and encourages URS providers and panelists to have an 
ever-expanding definition of "bad faith" in order to promote themselves and or 
their provider amongst complainants. It's the reason we see some ridiculous 
decisions coming from UDRP providers who seek to stretch and change and 
literally break the rules in order to encourage more complaints, thereby 
bringing them more money. This needs to stop. The way to do this is to define 
clear what the *actual* clear-cut circumstances are, and make them exhaustive 
and unchanging (unless changed via PDP). Panel members have made themselves 
into rule-makers, instead of being those who *apply* the rules, and this is 
simply wrong. As we mentioned above, the "Safe Harbors" must balance 1.2, and 
should be non-exhaustive. Only the clearest-cut obvious cases should win a URS 
or UDRP, not a 51% to 49% "probability" based model.
 Most of us in good faith can view the list of upcoming UDRP cases and *know* 
which ones are slam dunks, and are indefensible. It's these ones that should be 
"assembly line" cases. But, there are many others, generic dictionary words, 
acronymns, abbreviations, etc. where panelists have taken it upon themselves to 
make up new law as they go along, to please Complainants and encourage 
additional complaints.

16. There are huge conflicts of interests in allowing panelists to also 
represent complainants/respondents. Panelists should be precluded to ever 
represent others (i.e. in other domain disputes). You can see more on this in 
the comments to the article at:

http://domainnamewire.com/2009/12/28/2009-domain-dunce-award-panelist-andrew-f-christie/

In particular, there was a US Supreme Court decision this year, Caperton v. 
Massey, where the court created a new standard requiring requiring judges to 
recuse themselves if there is a “probability of bias”. See:

http://www.supremecourtus.gov/opinions/08pdf/08-22.pdf

I believe this principle might be useful to disqualify some UDRP panelists.

17. Panelists need to be reminded that "evidence" is not the same as "proof" 
--- some don't seem to get it, and simply "check the boxes" on evidence without 
weighing it! (see the comments in the DomainNameWire article for more on that)


18. Related to our point 15 above, sections 5.6 and 5.7 lists various 
circumstances. These are too limiting, and do not reflect all possible defenses 
that a domain name registrant might have in relation to a case. Thus, it needs 
to be more explicit that the list is *non-exhaustive*, in order to have balance 
(the balance should be that complaints are *exhaustive*, since the complaints 
should only be for "clear cut" cases; but that defenses should be 
*non-exhaustive*, because the policy should not place limits on defenses that 
policymakers have no way of reasonably anticipating).

19. The financial costs/benefits have not been required, as is mandatory under 
the Affirmation of Commitments. The URS would be considered "policy". Under the 
Affirmation of Commitments:
http://www.icann.org/en/documents/affirmation-of-commitments-30sep09-en.htm

"To ensure that its decisions are in the public interest, and not just the 
interests of a particular set of stakeholders, ICANN commits to perform and 
publish analyses of the positive and negative effects of its decisions on the 
public, including any financial impact on the public, and the positive or 
negative impact (if any) on the systemic security, stability and resiliency of 
the DNS."

Where is the list of "negative effects" published by ICANN or the GSNO, and an 
economic valuation of the financial size of the positive vs. the negative 
effects to determine whether the benefits exceed the costs of the URS? We've 
basically had a process where a bunch of lawyers got together, without any 
economists at the table to perform financial analysis or provide a reality 
check on what they are talking about. This is a pure violation of the AOC, the 
lack of attention paid to the requirements to serve the public interest *AND* 
to analyze the positive and negative financial impacts. On that basis alone, 
the URS should be rejected as "not finished" and should be sent back for 
consideration using the expertise of those who are not lawyers. 


Sincerely,

George Kirikos
http://www.leap.com/