STI report comments by Leap of Faith Financial Services Inc.

[George Kirikos <gkirikos@xxxxxxxxx>]

As ICANN is aware, we opposed many of the recommendations of the IRT report as 
entirely unacceptable. It was of course an abomination and entirely unbalanced:

http://forum.icann.org/lists/irt-final-report/msg00000.html
http://forum.icann.org/lists/irt-final-report/msg00001.html
http://forum.icann.org/lists/irt-final-report/msg00084.html
http://forum.icann.org/lists/irt-final-report/msg00211.html

While the latest report of the STI is a step in the right direction, it 
continues to go beyond the common-denominator international law and overreaches 
in favour of those making complaints. While my company has no intention to ever 
register domain names in new gTLDs, it seems that the intent amongst the 
TM-mafia/cabal is to at some later date apply these same rules to existing 
gTLDs. Thus, while we don't care about new gTLDs whatsoever, we must comment in 
order that bad rules aren't implemented that later put at risk legitimate 
registrants in existing gTLDs. 

Most TM attorneys share our grave concerns that new gTLDs are a bad idea, and 
ICANN should not be trying to "divide and conquer" by playing interests off 
against one another in order to further their own ambitions which the public is 
against. We stand united with most in the TM community opposing new gTLDs.

First off, I'd like to applaud some of the TM lobby for being balanced in their 
proposals. There are some "good guys" in that group that looked at our past 
critiques, listened to our concerns, and made appropriate adjustments. They are 
to be commended. Just as there are "good guys" in the domain registrant 
community, there are also "good guys" representing the IP interests of 
brandholders who do not overreach and don't engage in reverse domain name 
hijacking.
 
However, just as there are cybersquatters, there are also a group in the IP 
community who would not hesitate to bring forth frivolous claims in order to 
harass existing registrants and reverse hijack their rightfully owned domain 
names in order to gain an economic advantage. Both of these "extremists" in the 
registrant and IP groups need to be reigned in by the rules.

In addition to our previously-submitted comments (linked to from above), here 
are some points we'd like to reiterate:

1. There is no need for a Trademark Clearinghouse that is sanctioned by ICANN. 
It can clearly be funded and created entirely by the private sector, and does 
not need to be "sanctioned" or funded in any way by ICANN. In our opinion this 
will be a great waste of money, and should only be funded by those who are 
foolish enough to waste their own money (namely TM holders and registry 
operators) on it. Public money should in no way subsidize it or give it a 
monopoly position (i.e. there could be multiple competing TM databases). 
Frankly, it becomes a protection racket that justifies new gTLD operators in 
having sunrise periods that tax TM holders with registering (and even competing 
for via auctions) unwanted defensive registrations. The TM Clearinghouse cannot 
override the courts, wherein TMs are routinely challenged and overturned. 
"Validation" at the clearinghouse would be gamed by those holding the weakest 
marks (e.g. trademark trolls), often for the sole
  purpose of asserting claims on generic descriptive domain names that they 
would otherwise not be entitled to. The TM Clearinghouse also simply adds a new 
layer of bureaucracy to the ICANN ecosystem, another set of contractors and 
consultants who will ultimately tax the public through higher fees, and 
self-interested lobbying.

2. We find it humourous that no accreditation agreement/contract exists for 
UDRP providers at present, yet 3.1 recommends exactly that for the TM 
clearinghouse. First things first --- get the UDRP providers like WIPO and NAF 
under contract in order to ensure accountability.

3. Of course figurative marks should be excluded from the database. Some 
commenters want them included, which is ridiculous. The STI got that right, at 
least.

4. The TM Clearinghouse data should be in the public domain (i.e. there should 
be bulk access for the public to download it for free, just as they can for the 
.com zone file), and be available for free to successor TM clearinghouse 
operators (i.e. no perpetual monopolies). Fees are for things like validation, 
not for access to a new for-profit monopoly "service" who will try to tax users 
and the public over time. The most efficient operator(s) would earn "normal" 
profits via a regular tender process or procurement process, not excess profits 
through perpetual monopolies and a stranglehold over data they deem 
"proprietary." An open XML schema and open bulk access process should be 
created to ensure the public is not held hostage in the future. 

5. We do not support mandatory pre-launch use of the TM clearinghouse. Almost 
every dictionary word, acronym, etc. has some registered TM in some obscure 
class of goods and services. That does *not* give it exclusivity or a 
right-of-first refusal over *all* uses worldwide. A registered TM for "example" 
in Albania should have no weight in blocking "example.newtld" for a good faith 
registrant in the USA or Canada, or even for a registrant in Albania in a 
different class of goods and services. We've already seen frivolous registered 
TMs in the .eu launch, and they were not all from Benelux (i.e. there are a lot 
of frivolous marks in the US, Canada and elsewhere).

6. In a real sense, ICANN needs to make up its mind whether they want an 
expansion of the namespace (in which case new registrants are presumed innocent 
until proven guilty), or simply wants defensive registrations that duplicate 
existing gTLDs. It's clear registry operators do not care, as long as someone 
pays the bill for a domain name (i.e. the cybersquatter, the defensive TM 
registrant, and the good faith registrant are all equal before their eyes). 
There's a hypocrisy to the sunrise periods that undermines everything ICANN and 
other new gTLD advocates say, and that hypocrisy is evident to the broader 
public who does not seek new gTLDs.

7. As per our comments above, 6.1 needs to be modified from "on commercially 
reasonable terms" to free. The TC operator should have no monopoly whatsoever 
on the data -- they are simply a contractor for a fixed period, and the data 
belongs to the public domain.

8. We do not support linkage between the TC and the URS (in 6.2), unless the 
domain registrant is in the same country/jurisdiction as that of the TM.

9. We oppose the URS in principle, as it will be abused and used to harass 
legitimate registrants. The better policy would be, as we have suggested 
multiple times, to have WHOIS verification. This thwarts cybersquatters, who 
want to hide in the shadows, from registering abusive domain names and thus 
reduces overall cybersquatting. Many external TM lawyers make money from filing 
complaints, and do you notice they do not push strongly for WHOIS accuracy 
(which would reduce complaints significantly). But, TM lawyers within 
corporations should be in favour of this, as it would reduce their policing 
costs if there are fewer domains being abused. Verified WHOIS acts as a 
deterrent to abuse.

The URS, on the other hand, tackles the problem after it's too late. Of course 
ICANN, registries and registrars benefit financially from these abusive 
registrations through the associated fees, and have no interest in discouraging 
and preventing abusive registrations through WHOIS verification (which would be 
very low cost, as we have discussed in previous submissions). They'd prefer to 
collect the money up front, and impose the costs of the abuse on the wider 
public, laughing all the way to the bank. 

I believe the DOC or GAC should step in and mandate Verified WHOIS via a PIN 
system (i.e. physical letter with a PIN code mailed to registrants to ensure 
address accuracy before a domain name gets activated). This would please TM 
holders, consumers, and legitimate domain registrants who always maintain 
accurate WHOIS.

10. The "Safe Harbors" in the URS should include the words "without 
limitation", to ensure that they can grow over time. The policy is flawed 
because URS providers have a financial incentive to expand the definition of 
"abuse" over time, but registrants should have that same power to check that 
growth through their own examples of good faith usage.

11. In order to ensure that there is no forum shopping, the URS provider should 
be selected by the *registrant* (or alternatively the registrar), not by the 
complainant. If one studies the history of the UDRP, this was a very early 
proposal that in hindsight made a lot of sense, given the problems we've seen 
with WIPO, NAF and CAC engaged in a "race to the bottom" to appeal to TM 
holders. By shifting the balance so that it is the *registrant* who selects 
which URS provider handles a case, the playing field is made more level. If the 
registrant does not select a provider, a case would be randomized between 
multiple providers and panels.

12. There should be notice made to attorneys of the domain registrants, whose 
legal contact data would appear in the public WHOIS on an opt-in basis. This 
would increase the odds of *actual notice* of complaints, as the attorney might 
receive notice when a registrant is on holiday, and act accordingly. 

13. Domain locking/freezing should be done by the *registrar*, NOT the registry 
operator. This would allow the registrar to also contact their client, to 
improve the odds of actual notice.

14. 20 days is insufficient notice, especially for domains that have been 
registered for long periods. The notice period should be a formula based on the 
age (from creation date) of the domain name. For a 10-year old domain name, for 
example, where there is no "emergency" requiring the URS and the TM holder has 
slept on their rights, the notice period might be 6 months, for example. For a 
freshly registered 2 month old domain name, 20 days might be considered 
adequate. Alternatively, the URS should not apply at all to domains older than 
a certain age, for example a cut-off of 2 years past the creation date. In the 
real world, if I had a "McDonald's" sign over my door for 10 years, and 
McDonald's tried to get an emergency injunction (which is kind of what the URS 
is like) to have it torn down, the judge would deny it, and instead set the 
matter for normal trial. McDonald's would have faced the issue of laches, 
having slept on their rights. By using a
 formula like that suggested above, it encourages complaints to be brought 
promptly, and that they are not used as a tool to harass long-term good faith 
registrants. In the real world there are statutes of limitations on bringing 
actions, and this change would be in line with the real world precedent. 
Indeed, not having a limitation period would create the absurdity that a 
URS/UDRP provider could find in favour of a complaint that would be 
*statute-barred* from the court system!

15. URS providers and panelists, as in the UDRP, should not be excluded from 
liability in real courts if there is deliberate wrongdoing.

16. The domain name should not be transferred to the complainant after a 
successful complaint unless the registrant has ample time (say 6 months) to 
launch an appeal in court.

17. Any complainant losing a URS should be precluded from getting a second 
"kick at the can" via UDRP for a period of 2 years for the same domain name. 
They can instead use the court system if they lose.

18. Point 8.2 is very wrong, namely an appeal by the registrant in real court 
to overturn the URS should immediately restore the nameservers to those 
specified by the complainant. Real court trumps URS. That appeal should be 
permitted at any time, including during the time before a URS response is 
required. The registry and registrar need to obey the court in restoring the 
nameservers, otherwise innocent registrants would have income-generating 
websites disrupted by bad decisions from URS providers.

19. The penalties for abuse by TM holders are trivial. They need to be made 
substantially stronger. In Canada, there are financial penalties under the CDRP 
(.ca version of UDRP) which provides for a bad faith complainant paying up to 
$5000 (as ordered by a panel):

http://www.cira.ca/assets/Documents/CDRPpolicy.pdf ; (section 4.6)

to respondent to cover the costs of the registrant. That represents a fair and 
balanced policy, and reduces frivolous complaints. Alternatively, complainants 
should post a security bond.

20. All URS decisions need to be made public, just as in the UDRP, in order to 
ensure that the public can scrutinize whether panelists and URS providers are 
following the rules. They should be available via a XML interface, in addition 
to plain text/HTML as they are now, so that researchers can have bulk access to 
the XML for scholarly and academic studies (as we've also suggested for the 
UDRP).

21. Registrants should be able to white-list themselves to opt-out of the URS 
(and UDRP) through mechanisms such as WHOIS verification, or posting of 
security bonds with their registrars. The "good guys" want to stand out from 
the bad guys, however ICANN and the TM mafia wants to treat all registrants as 
though they are all cybersquatters.

22. The Business Constituency has been captured by the TM lobby, and no longer 
represents true businesses (that's one of the reasons we've left it, as well as 
their new totalitarian charter). Their "minority report" should be disregarded, 
and not interpreted as representing the views of legitimate business 
registrants.

23. In Appendix 6, the points in 1.2 (page 44) are described as 
"non-exhaustive". This is flawed, just as in the UDRP, and encourages URS 
providers and panelists to have an ever-expanding definition of "bad faith" in 
order to promote themselves and or their provider amongst complainants. It's 
the reason we see some ridiculous decisions coming from UDRP providers who seek 
to stretch and change and literally break the rules in order to encourage more 
complaints, thereby bringing them more money. This needs to stop. The way to do 
this is to define clear what the *actual* clear-cut circumstances are, and make 
them exhaustive and unchanging (unless changed via PDP). Panel members have 
made themselves into rule-makers, instead of being those who *apply* the rules, 
and this is simply wrong. As we mentioned above, the "Safe Harbors" must 
balance 1.2, and should be non-exhaustive. Only the clearest-cut obvious cases 
should win a URS or UDRP, not a 51% to 49%
 "probability" based model. Most of us in good faith can view the list of 
upcoming UDRP cases and *know* which ones are slam dunks, and are indefensible. 
It's these ones that should be "assembly line" cases. But, there are many 
others, generic dictionary words, acronymns, abbreviations, etc. where 
panelists have taken it upon themselves to make up new law as they go along, to 
please Complainants and encourage additional complaints.

24. There are huge conflicts of interests in allowing panelists to also 
represent complainants/respondents. Panelists should be precluded to ever 
represent others (i.e. in other domain disputes). You can see more on this in 
the comments to the article at:

http://domainnamewire.com/2009/12/28/2009-domain-dunce-award-panelist-andrew-f-christie/

In particular, there was a US Supreme Court decision this year, Caperton v. 
Massey, where the court created a new standard requiring requiring judges to 
recuse themselves if there is a “probability of bias”. See:

http://www.supremecourtus.gov/opinions/08pdf/08-22.pdf

I believe this principle might be useful to disqualify some UDRP panelists.

25. Panelists need to be reminded that "evidence" is not the same as "proof" 
--- some don't seem to get it, and simply "check the boxes" on evidence without 
weighing it! (see the comments in the DomainNameWire article for more on that)

In conclusion, the bad policy decision of going forward with new gTLDs against 
the wishes of the public cannot be fixed by implementing bad policies such as 
the IRT or its step-child the STI. ICANN needs to recognize that the proper 
course is to maintain the stability that we have today, and only add additional 
new gTLDs if their benefits exceed their costs. It's laughable to watch the 
posturing of those trying to "sell" new gTLDs as desirable, and those who 
change their principles on a dime because they see potential short-term gain. 
ICANN should be in the business of refining *long-term* principles that are 
broadly supported by the public, not playing constituencies and groups against 
each other in order to further their own self-interest in becoming a $200 
million/year organization that taxes internet users to fund world travel, 
African safaris, and extravagant parties.

Furthermore, the STI would be considered "policy". Under the Affirmation of 
Commitments:

http://www.icann.org/en/documents/affirmation-of-commitments-30sep09-en.htm

"To ensure that its decisions are in the public interest, and not just the 
interests of a particular set of stakeholders, ICANN commits to perform and 
publish analyses of the positive and negative effects of its decisions on the 
public, including any financial impact on the public, and the positive or 
negative impact (if any) on the systemic security, stability and resiliency of 
the DNS."

Where is the list of "negative effects" published by ICANN or the GSNO, and an 
economic valuation of the financial size of the positive vs. the negative 
effects to determine whether the benefits exceed the costs of the STI/IRT? 
We've basically had a process where a bunch of lawyers got together, without 
any economists at the table to perform financial analysis or provide a reality 
check on what they are talking about. This is a pure violation of the AOC, the 
lack of attention paid to the requirements to serve the public interest *AND* 
to analyze the positive and negative financial impacts. On that basis alone, 
the STI should be rejected as "not finished" and should be sent back for 
consideration using the expertise of those who are not lawyers. 

Sincerely,

George Kirikos
http://www.leap.com/