Tag Archives: Electronic Frontier Foundation

UK Retailer ASOS Seeks Ownership of “Collusion” In Domain Names

British clothing giant ASOS is seeking ownership of the word “collusion” in domain names according to a cease and desist letter sent to an EFF client. According to a post on the EFF blog, their client’s “domain doesn’t have anything to do with clothing—it’s about contemporary U.S. political debates. It is about as far from trademark infringement as possible.” Tuesday EFF sent a response letter demanding ASOS withdraw its baseless threat.

In their post, the Electronic Frontier Foundation (EFF) explains the full backstory as “something of a Russian nesting doll of stupidity. It begins with Rudy Giuliani, former New York mayor and current attorney to President Donald Trump. Last year, some Twitter users noticed that Mr. Giuliani was making typographical errors in his tweets in a way that inadvertently created well-formed URLs. A September 15, 2018 tweet read, in part, as follows: ‘#REALNEWS: Woodward says no evidence of collusion.So does Manafort’s team.’”

“After seeing this tweet, our client registered ‘collusion.so’ and directed the URL to the Lawfare blog’s coverage of connections between President Trump and Russia. Other people have also registered the domain names of Giuliani typos. Giuliani, who was once named a cybersecurity advisor to Trump, falsely claimed that Twitter was ‘invading’ his tweets.”

“What does this have to do with clothes, you ask? Well, in October 2018, Asos launched a new clothing line called ‘Collusion.’ It describes Collusion as ‘a new fashion brand offering bold, experimental, inclusive styles for the coming age.’ Not content with a vaguely dystopian branding choice, Asos followed up by sending a threatening letter to our client claiming that the registration of collusion.so infringes its trademark.”

“Asos’s lawyers are accusing our client of ‘taking unfair advantage of ASOS’ reputation in the COLLUSION brand and the COLLUSION trade mark by luring customers to your website for your own gain.’ This is absurd. Our client wasn’t even aware of the Collusion brand until Asos sent its letter. Our client registered collusion.so as a satirical comment on Giuliani’s tweet and the state of U.S. politics. No one is going to confuse Lawfare’s Trump-Russia coverage with Asos’s self-described ‘ultimate youth label.’”

But ASOS and their lawyers didn’t do their homework. EFF’s client registered their domain name before Asos launched its Collusion label and further, “the URL points to a page about the political meaning of collusion—not to anything about clothing.”

“Asos’s letter to our client opens with large-type red text: ‘Failure to respond to this letter may result in further legal action being taken without further notification to you.’ The law firm that sent the threat, Stobbs IP, has a history of abusing the universal domain-name dispute resolution policy, or UDRP, to try to take control of others’ domains. If Stobbs IP tried to do that to our client, it would be yet another attempt at reverse domain hijacking. We hope that Asos and Stobbs IP have enough sense to withdraw their threat.”

Use of “7 Dirty Words” Now Allowed in .US

After intervention from the Electronic Frontier Foundation and the Harvard University Cyberlaw Clinic, it’s now possible to register .us domain names with the “seven dirty words”.

The change of course in policy by the National Telecommunications and Information Administration (NTIA), part of the Department of Commerce, and Neustar, the .us registry, came about following the registration of the domain name fucknazis.us by Jeremy Rubin.

According to a post by the Cyberlaw Clinic, Rubin created the website and registered the domain name in 2017 and began offering a “virtual lapel pin” that allowed Ethereum (a popular digital currency) users to support opposition to anti-semitic and white supremacist conduct in the United States around the time of the tragic events in Charlottesville, Virginia last year. The registration was initially allowed, but then it was abruptly terminated due to the word “fuck” in the domain name.

“After a lot of back and forth (and significant patience on Jeremy’s part)—the domain name is now (back) in Jeremy’s hands and the site is now (back) up and running. We are also pleased that this incident prompted re-evaluation of a policy and practice of the United States Department of Commerce with respect to the .us country code top level domain (ccTLD) that clearly violated the First Amendment.”

It appears that the NTIA and Neustar had a policy of using the Pacifica list of 7 dirty words that can’t be used when registering .us domain names and it appears there had been discussions under way for some time as to whether it was still appropriate to enforce the list.

The list of 7 dirty words are 7 English-language words that American comedian George Carlin first mentioned in 1972 in his monologue “Seven Words You Can Never Say on Television”, notes Wikipedia. The words are: shit, piss, fuck, cunt, cocksucker, motherfucker and tits.

In 1973 Pacifica station WBAI broadcast a version of Carlin’s routine that led to a complaint by a member of Morality in Media. There followed a declaratory order by the Federal Communications Commission and appeals which led to the Supreme Court, which ruled 5-4 in 1978 that in the end formally established indecency regulation in American broadcasting. Which led to American broadcast networks “generally censor themselves with regard to many of the seven dirty words.” In 2010 “fleeting” use of expletives were ruled unconstitutionally vague by a three-judge panel of the U.S. 2nd Circuit Court of Appeals in New York … as they violated the First Amendment due to their possible effects regarding free speech.”

Could Closed Room TPP And OECD Deals Could Mean End to Whois Privacy

Privacy proxy services used by registrants are under threat following proposals in the Trans Pacific Partnership and from “a new revision of the OECD E-commerce Recommendation that would require domain name registration information to be made publicly available for websites that are promoting or engaged in commercial transactions with consumers,” according to the Electronic Frontier Foundation.And this, also according to the EFF, when ICANN’s GNSO Privacy & Proxy Services Accreditation Issues Working Group looked like it would “accept that privacy services should remain generally available, including by those who use their domain names commercially.”Both of these changes are being pushed by the United States with the backing of corporate interests, particularly those in the entertainment industries.The secretive Trans Pacific Partnership (TPP), a proposed trade agreement between 12 countries – Brunei, Chile, New Zealand, Singapore, Australia, Canada, Japan, Malaysia, Mexico, Peru, the United States and Vietnam – “has just ridden roughshod over that entire debate (at least for country-code top-level domains such as .us, .au and .jp), by cementing in place rules (QQ.C.12) that countries must provide ‘online public access to a reliable and accurate database of contact information concerning domain-name registrants.'””The same provision also requires countries to adopt an equivalent to ICANN’s flawed Uniform Domain-Name Dispute Resolution Policy (UDRP), despite the fact that this controversial policy is overdue for a formal review by ICANN, which might result in the significant revision of this policy. Where would this leave the TPP countries, that are locked in to upholding a UDRP-like policy for their own domains for the indefinite future?”The TPP’s prescription of rules for domain names completely disregards the fact that most country code domain registries have their own, open, community-driven processes for determining rules for managing domain name disputes. More than that, this top-down rulemaking on domain names is in direct contravention of the U.S. administration’s own firmly-stated commitment to uphold the multi-stakeholder model of Internet governance. Obviously, Internet users cannot trust the administration that it means what it says when it gives lip-service to multi-stakeholder governance — and that has ramifications that go even deeper than this terrible TPP deal.”These proposed agreements go against everything that ICANN has sought to achieve through its attempts at improving accountability with its multi-stakeholder model.For more information see:

The Final Leaked TPP Text Is All That We Feared
https://www.eff.org/deeplinks/2015/10/final-leaked-tpp-text-all-we-fearedU.S. Bypasses ICANN Debates on Domain Privacy with Closed Room Deals at the OECD and TPP
https://www.eff.org/deeplinks/2015/10/us-bypasses-icann-debates-domain-privacy-closed-room-deals-oecd-and-tppDomain Registrars Have to Ask ICANN’s Permission to Comply With Laws Protecting Your Privacy
https://www.eff.org/deeplinks/2015/10/domain-registrars-have-ask-icanns-permission-comply-laws-protecting-your-privacyVoluntary Practices and Rights Protection Mechanisms: Whitewashing Censorship at ICANN

Privacy Advocates Aghast As Entertainment Industry Pushes For Commercial Registrants To Reveal WHOIS

Privacy advocates are aghast at ICANN’s proposed changes to current rules around privacy and proxy services for domain name registrants. The changes, that many see as being lobbied for by the US entertainment industry, would see “commercial” registrants forced to reveal their identity and contact details.But the request for comments has outraged many including privacy advocates. The Electronic Frontier Foundation has given an example of “a free community website for transgender authors” that currently uses a proxy registration service keeping the registrant’s details private. The EFF asks whether such a website could be considered commercial, which under the proposals would force the registrant to reveal their contact details, or not.And as the EFF notes, the proposal is being pushed by US entertainment companies who told Congress earlier this year that domain registration privacy should only be allowed in limited circumstances. The entertainment companies want to be able to use registration data to be able “to discover the identities of website owners whom they want to accuse of copyright and trademark infringement, preferably without a court order.”In the Initial Report on the Privacy and Proxy Services Accreditation Issues Policy Development Process [pdf]that is open for public comment until 7 July, it asks if “domains used for online financial transactions for commercial purpose should be ineligible for privacy and proxy [P/P] registrations.” And it wants to know why or why not respondents think so.The paper also requests comments on whether “it would be useful to adopt a definition of ‘commercial’ or ‘transactional’ to define those domains for which P/P service registrations should be disallowed? If so, what should the definition(s) be?”Additional issues canvassed include what measures should be taken to ensure contactability and responsiveness of providers along with should “full WHOIS contact details for ICANN-accredited privacy/proxy service providers be required?” How to deal with websites with malicious or illegal content is also addressed.To date there have been well over 10,000 comments submitted, the vast majority opposing the changes.

Electronic Frontier Foundation tells ICANN to Delete URS from .Travel by Philip Corwin, Internet Commerce Association

Internet Commerce Association logoThe Electronic Frontier Foundation (EFF) has just told ICANN to drop the notion of applying the Uniform Rapid Suspension (URS) dispute resolution system to .Travel and other legacy gTLDs without undertaking a full Policy Development Process (PDP).

In a June 12 letter, EFF stated:

ICANN should not apply URS to the .travel domain, or to any additional domains, by the unaccountable means of staff inserting new conditions into the renewal of the registry operator’s contract. Rather, the public policy implications of such a move demand that a full PDP be undertaken first.

EFF’s letter also states:

The introduction of the URS, in response to a 2009 recommendation from the new gTLD program’s Implementation Recommendation Team (IRT), was characterized (however dubiously) as an implementation detail of the new gTLD program…The URS never became a consensus policy that would be applicable across all gTLDs…If the URS is to be extended to legacy domains such as .travel, this would place many further domains at risk of rapid suspension, which raises significant free speech concerns. It would also set a bad precedent for the extension of the URS to other legacy domains such as .com, .net and .org as their registries’ contracts come up for renewal.

ICANN contracting staff decided to impose the URS on .Travel based upon the misguided notion that it was more important “to increase the consistency of registry agreements across all gTLDs” than to act consistently with ICANN’s Bylaws. They didn’t even wait for their colleagues in the policy department to deliver the ‘Issues Report on new gTLD RPMs’ to the GNSO Council this coming September. One of the reasons the GNSO Council requested that report was so the GNSO could decide if those RPMs should become Consensus Policy for all gTLDs.

And it’s not just .Travel targeted by this staff power grab. Two weeks after publishing that proposed Registry Agreement (RA) ICANN published the proposed RAs for .Cat and .Pro, which also contain the URS. You can draw a dot-ted line through those registries that brings the URS to .org, .net and .com when they come up for renewal as de facto, staff-determined policy absent any demonstrated community consensus.

And when the URS reaches those big legacy domains, what will it look like? A review of the Report of Public Comments on the “Draft Report: Rights Protection Mechanisms Review” makes clear that if certain interests have their way the URS could be changed in the future to become an accelerated, lower-cost version of the UDRP, with the same burden of proof plus a domain transfer option. The result of transforming URS into URT (Uniform Rapid Transfer) would be more opportunities for domain hijackers and far less due process for domain registrants.

Whether the URS should change, much less if it should become a consensus policy for legacy gTLDs, are important policy decisions that should be decided by ICANN’s multistakeholder community through the standard PDP – not imposed in an unaccountable top down manner by ICANN staff.

EFF has made a valuable contribution to ICANN accountability by expressing its strong opposition to this high-handed attempt to short-circuit proper decision-making procedures. Let’s hope that more organizations and individuals speak out while the public comment period on these RAs remain open — and at the upcoming ICANN meeting in Buenos Aires.

This article by Philip Corwin from the Internet Commerce Association was sourced with permission from: