How many domain names can be included in a single complaint under the Uniform Domain Name Dispute Resolution Policy (UDRP)? Neither the UDRP policy nor its corresponding rules directly address this issue, although the rules state that a "complaint may relate to more than one domain name, provided that the domain names are registered by the same domain-name holder." more
Parties to a UDRP proceeding must include a certification similar in U.S. practice to Rule 11 of the Federal Rules of Civil Procedure (and undoubtedly a feature in procedural codes in other judicial jurisdictions) "that the information contained in this [Complaint or Response] is to the best of [Complainant's or Respondent's] knowledge complete and accurate, that this [Complaint or Response] is not being presented for any improper purpose, such as to harass... more
Net Neutrality has become a hot topic in India, following a brief but high-profile national debate instigated by a consultation paper from the Telecom Regulatory Authority of India (TRAI) that solicited views on what net neutrality is, and whether regulations protecting it are needed in India. The paper also hinted at possible regulation of all kinds of online services (like Skype, Uber, or Google) in the future. But no-one could have predicted what happened next... more
Trump and his enablers are well known to disrespect if not disdain legal systems, including public international law. He has effectively abrogated every treaty instrument relating to international communications at the whim of a tweet. His behavior has dishonoured the USA in a way that will take years to remedy. Trump's actions to ban access to Android Operating System updates on Chinese products have significantly harmed cybersecurity worldwide. more
Orin Kerr recently blogged about a 9th Circuit decision that held that scraping a public web site (probably) doesn't violate the Computer Fraud and Abuse Act (CFAA)... On its surface, it makes sense – you can't steal something that's public – but I think the simplicity of the rule is hiding some profound questions. One, I believe, can most easily be expressed as "what is the cost of the 'attack'"? That is, how much effort must someone expend to get the data? Does that matter? Should it? more
A recent telephone poll conducted by professors at Berkeley and the University of Pennsylvania concluded, "Contrary to what many marketers claim, most adult Americans (66%) do not want marketers to tailor advertisements to their interest." The study's authors claim that their poll is the "the first nationally representative telephone (wireline and cell phone) survey to explore Americans' opinions about behavioral targeting by marketers." ... But what is most surprising about this poll is not that 66% of users said they do not want tailored online ads, but that 34% of users said they did! more
In follow up to reports on ICANN's termination of notorious domain name registrar, EstDomains due to fraudulent activities, the Internet oversight agency is now preparing to transfer domain names of its customers to other registrars... However the question asked by experts is whether any other registrar would have an interest in inheriting EstDomains questionable domain names. more
The UK cares about its citizens' privacy to the tune of a $229 million (US) fine of British Airways for a breach that disclosed information of approximately half a million customers. It's exciting -- a significant fine for a significant loss of data. I think GDPR will lead to improved security of information systems as companies scramble to avoid onerous fines and start to demand more from those who provide information security services and products. more
Wout de Natris: "In this decision OPTA revokes the registration of Diginotar as a so called Trusted Third Party. Diginotar issued certified certificates for digital signatures. The security breach by Iranian hackers over the summer, which Diginotar did not report to the authorities, lead to severe credibility issues for all Diginotar certificates issued before. This included Dutch government websites, but also led to severe breaches of privacy for Iranian end users, in multiple countries. As a result of OPTA's decision all certificates issued by Diginotar have to be revoked, while at the same she is forbidden to issue new ones. more
Michael Geist writes: "The bills contain a three-pronged approach focused on information disclosure, mandated surveillance technologies, and new police powers. The first prong mandates the disclosure of Internet provider customer information without court oversight. Under current privacy laws, providers may voluntarily disclose customer information but are not required to do so. The new system would require the disclosure of customer name, address, phone number, email address, Internet protocol address, and a series of device identification numbers." more
Large Language Models (LLM) like GPT -- 4 and its front-end ChatGPT work by ingesting gigantic amounts of text from the Internet to train the model and then responding to prompts with text generated from those models. Depending on who you ask, this is either one step (or maybe no steps) from Artificial General Intelligence, or as Ted Chiang wrote in the New Yorker, ChatGPT Is a Blurry JPEG of the Web. more
On April 30, 2016, ICT Ministers of the "G7 group" concluded their deliberations in the beautiful city of Takamatsu, Kagawa prefecture in Japan. After months of preparatory work and two full days of discussions, the ICT Ministers of the USA, UK, France, Italy, Japan, Canada and Germany plus the European Union issued a joint declaration that: recognizes our digitally connected world; commits to mutual goals and, once again; reaffirms the multistakeholder model for the governance issues facing the deployment, development and evolution of the global Internet. more
In a recent article published by WIRED Magazine, a significant shift in international law regarding cyberwarfare has been brought to light. The International Criminal Court (ICC) at the Hague has signaled its intention to investigate and prosecute hacking crimes that breach existing international law without the need for new regulations. more
The Uniform Domain Name Dispute Resolution Policy (UDRP) limits parties' submissions to complaints and responses; accepting "further statements or documents" is discretionary with the Panel (Rule 12, Procedural Orders), although the Forum (in Supplemental Rule 7) but not WIPO provides for supplementing the record with the proviso that "[a]dditional submissions must not amend the Complaint or Response." For some panelists, Rule 7 contradicts the Policy. more
While having a backup plan is usually a good idea, it's often not an effective way to obtain someone else's domain name - at least not when Plan B consists of a company filing a UDRP complaint with the hope of getting a domain name to which it is not entitled and could not acquire via a negotiated purchase. "Plan B" as a derogatory way of describing an attempted domain name acquisition usually arises in the context of a domain name that is not protected by exclusive (or any) trademark rights, or where the complainant clearly could not prevail in a UDRP proceeding. more
A World-Renowned Source for Internet Developments. Serving Since 2002.