Public Policy Questions for Internet

There is little doubt that the Internet has formed part of the impetus for a revolutionary change in the nature of the global communications industry. "Revolutionary" in the sense that the past decade has seen fundamental and highly disruptive changes in the nature of the underlying technologies used by the industry, changes in the composition, ownership and role of industry players, changes in the nature of services offered to the end consumer, changes in the associated financial models used by the industry, and changes in the regulatory environments in which this industry operates. Considering that this industry was, in the latter half of the twentieth century, one of the largest and most influential industry sectors on a global basis, these revolutionary changes will doubtless have consequences that will echo onward for some time yet. more

Ending Cyber-Hubris

Hurricane Katrina will lead the endless finger pointing about what should have been done to strengthen the levees before the storm. However, as a former senior FEMA official under the Clinton Administration explained, "There's only two kinds of levees. Ones that have failed and those that will fail." The same is true for cyber-levees.  more

A Global Dialogue around WSIS Prepcom 3

As a contribution to the United Nations World Summit on the Information Society (WSIS), the Internet Governance Project, led by Professor Derrick L. Cogburn, is supporting a web-based Global Deliberative Dialogue on Internet Governance, from 19-30 September 2005. The purpose of this Global Dialogue is to raise awareness of Internet Governance, to broaden participation in the policy debate, and to provide concrete input into the final deliberations during the Third Preparatory Meeting for the WSIS, taking place concurrently with the Global Dialogue in Geneva. more

Respondent’s Long Use of JACUZZI in Australia Prevails in Domain Name Dispute

Jacuzzi, Inc., owner of rights in the mark JACUZZI, challenged the domain name jacuzzi.net.au in this first WIPO decision involving the .au domain. The Australian respondent had used the JACUZZI name for nearly 15 years. more

IGP Asks You to Weigh in on the USG’s .xxx Intervention

Responding to the .xxx intervention by the US Commerce Department, the Internet Governance Project has produced a "STATEMENT OPPOSING POLITICAL INTERVENTION IN THE INTERNET'S CORE TECHNICAL ADMINISTRATIVE FUNCTIONS." You can view the statement here and add your name as a signatory at the bottom. Over 60 people have endorsed it. The Statement claims that "The NTIA's recent intervention in the .xxx proceeding undermines assurances" that the U.S. government's special unilateral authority over ICANN "would never be used to shape policy but was only a means of protecting the stability of the organization and its processes." The NTIA's open acknowledgment of the influence of religious groups made the intervention particularly dangerous. more

When the Defendant is a Domain Name: The Power of In Rem Proceedings Under the ACPA

A recent decision by a federal court in Virginia illustrates some interesting legal issues that arise from the global nature of the domain name system. It also highlights a powerful mechanism under the Anticybersquatting Consumer Protection Act ("ACPA") by which a plaintiff can proceed with a legal action to recover a domain name without regard to the court's personal jurisdiction over the registrant.  more

ICANN Meetings in Luxembourg

The ICANN Meetings are in full flow here in sunny Luxembourg. The venue is immense and located a cab, bus, or shuttle ride from the various hotels. So far, the big topics are the .Net finalization (focusing on the readjustment of the pricing verbiage), the USDOC root announcement, the shell registrar accreditations used in the batch pool for the purposes of getting dropped names, and the practice of registrars exploiting the 5 day add grace period to register in excess of 50000 names to watch how much web traffic they have, and returning the ones that do not at no cost... more

WIPO Recommends Uniform Registration for New gTLDs

The World Intellectual Property Organization (WIPO) has recommended the introduction of a uniform intellectual property (IP) protection mechanism designed to further curb unauthorized registration of domain names in all new generic Top-Level Domains (gTLDs). The report, "New Generic Top-Level Domains: Intellectual Property Considerations", which is available at WIPO Arbitration and Mediation Center, says that such a preventive mechanism would complement the curative relief provided by the existing Uniform Domain Name Dispute Resolution Policy (UDRP). more

New Study Revealing Behind the Scenes of Phishing Attacks

The following is an overview of the recent Honeynet Project and Research Alliance study called 'Know your Enemy:Phishing' aimed at discovering practical information on the practice of phishing. This study focuses on real world incidents based on data captured and analyzed from the UK and German Honeynet Project revealing how attackers build and use their infrastructure for Phishing based attacks. "This data has helped us to understand how phishers typically behave and some of the methods they employ to lure and trick their victims. We have learned that phishing attacks can occur very rapidly, with only limited elapsed time between the initial system intrusion and a phishing web site going online..." more

ICANN Call for Submissions of Interest for Leadership

ICANN's Nomination Committee has begun their process to nominate more members to various boards, councils and committees of ICANN. This is the process by which I was elected to the board last year. Contrary to what some people may think, these positions should not be taken to try to gain some privilege or power. These are positions of responsibility and require a lot of work for no tangible return except possibly the opportunity to meet other very interesting people. I think about my role at ICANN like I would think about jury duty. We have all benefited from the proper functioning of the Internet for the last decade. If you've benefited in the past and care about the future of the Internet, it is a great opportunity to give back to the community by applying for one of these positions. more

Wal-Mart on the Domain Name War Path

Wal-Mart seems to have been particularly vigilant lately about protecting itself from third parties setting up websites critiquing Wal-Mart and its practices. ...Wal-Mart recently scored a victory in an arbitration proceeding under the Uniform Domain Name Dispute Resolution Policy ("UDRP") before the World Intellectual Property Organization ("WIPO") against Jeff Milchen, a self-proclaimed critic of Wal-Mart from Bozeman, Montana who registered the domain name "walmartfacts.biz". more

Creating a National Cybersecurity Framework: Need For New Regulation?

The Congressional Research Service (CRS) recently released a major new study examining cybersecurity. The report, "Creating a National Framework for Cybersecurity: An Analysis of Issues and Options" discusses a variety of significant public and private cybersecurity concerns. The CRS analysis lists several broad options for addressing cybersecurity weaknesses ranging from adopting standards and certification to promulgating best practices and guidelines and use of audits among other measures. more

JET Open Letter to Microsoft

We, members of the JET (Joint Engineering Team), send this open letter to request Microsoft Corporation to implement IDN (Internationalized Domain Names) standards[1] in the next version of Internet Explorer. ...IDN is a critical enabling technology that will make the Internet more useable and attractive to the majority of the Chinese, Japanese and Korean population who do not use English in their daily life. In fact, IDN is mentioned as one of the Declaration of Action of the World Summit of Information Society (WSIS). To date, IDN registration has been launched in .cn, .jp, .kr, .tw and many other European country code top level domain as well as other generic top level domain names. More than 1 million IDNs have been registered since 2000. Most of the web browsers, such as Safari, Firefox and Opera have implemented IDN standards. This means that users can use IDN in these web browsers without additional applications or plug-ins... more

IDN Parody on verisign.com

Guilllaume Rischard setup a parody on verisign.com using the IDN spoofing trick. He managed to get one registrar to register verisign.com with a cyrillic S (U+0405) (ie xn--veriign-mog.com :-) This actually started in #joiito a couple of weeks ago after the Eric published the spoofing attack paper. A joke was made that it would be funny if someone did it to verisign.com and so he did. I suppose I could rant why VeriSign should adopt the JET Guideline (or ICANN Guidelines) but this parody would send a louder message. more

What is ‘Pharming’ and Should You Be Worried?

The sky is falling! The sky is falling! ...or is it? What is this thing called "pharming"? Put simply, it's redirection of web traffic, so that the server you think you're talking to actually belongs to a criminal. For example: you think you're talking to www.examplebank.com because it says so in the browser's address bar, but actually you're connected to www.mafia-R-us.ru. This can happen in three main ways: 1. DNS Hijack: a social engineering attack on the Internet infrastructure... more