With ICANN set to roll out more than 1000 new generic top-level domains (gTLDs), Melbourne IT has urged for stronger protections for organisations at high risk for fraud.
The proposal is meant to prevent bad actors from registering. For example, a fraudster could set up a domain like redcross.charity to solicit donations.
Under Melbourne IT's proposal, released for discussion, organisations would be able to register brands to a list of “high at-risk marks” (HARMs) and pay a one-time reservation fee preventing others from using the brand in their Web address, even with a gTLD that has not been registered. Melbourne IT is a domain name registration company.
“Well-known distinctive names have acted as a reliable signpost for consumers for centuries – they allow consumers to quickly identify the organisation they are interacting with and carry implied trust or distrust based on those interactions,” said Melbourne IT CEO, Theo Hnarakis.
“Trademark law was established to protect the use of these distinctive names. Domain name misuse abuses that consumer trust and the potential for misuse of well-known distinctive names among new gTLDs at the second level is significant.
Hnarakis said ICANN needs to go further in protecting trademark holders form fraudsters.
“In a new gTLD world, organisations will still need to be more proactive in monitoring for online infringements, that is not going to disappear; but what we are asking ICANN for is a stronger process to increase consumer protection by shielding high at-risk names that are regularly abused by cybersquatters, phishers and counterfeiters online," he said.
“ICANN’s current guidelines and initiatives to protect trademark holders do not go far enough.”
Today, with relatively few TLDs available, most organisations defensively register domains to prevent fraud, Melbourne IT said, and that approach is cheaper than taking a fraudster to court or disputing the registration at ICANN.
However, defensive registration is much more costly with hundreds more TLDs available, Melbourne IT said. “If we assume an organization will need a defensive registration in 1,000 new gTLDs at an average cost of $100 per year, this would equate to a cost of $100,000 per mark per year.”
ICANN has designed protections for businesses to protect their brands, but Melbourne IT said they aren’t enough for “a subset” of organisations that regularly handle sensitive information, such as financial institutions.
“For most trademark holders the framework established by ICANN should provide sufficient protection to avoid the need for defensive registrations at the second level of new gTLDs.
“However, there is a set of High At-Risk Marks that are particularly attractive to unscrupulous persons and organizations whose attempt to register corresponding second level domain names in new gTLDs may be successfully, despite the current protections.”
An organisation could register as a HARM under Melbourne IT’s proposal by meeting a set of criteria:
- The organisation must have legal protection for five years in at least three of the five ICANN regions.
- The second-level domain name must match the HARM and the HARM “must not match common words” used in English, Arabic, Chinese, Spanish, Russian or French.
- The organisation also would have to show that the HARM “has been the subject to misleading and deceptive conduct online as evidenced by a minimum of five successful [ICANN dispute resolution] actions, court actions or documented suspensions by a top ten registrar.
In addition, under the proposal, the proposed HARM must meet a score of 100 points, “where one point is awarded for each legal protection in a jurisdiction, and one point is awarded for each successful” ICANN dispute action, court action or domain registrar suspension.
If accepted to the HARM list, an organisation could pay a one-time reservation fee to prevent others from registering the same domain with a different gTLD, under the plan. The fee “should be the same cost or lower than the cost of a registration during the sunrise period” of a new gTLD, Melbourne IT said. The current ICANN process only gives organisations a “first right” to register a domain.
Also under the proposal, gTLD registries would have to validate a registrants’ contact information before assigning a HARM domain. Registrars would have to validate at least two of the following: Phone number, email address or postal address.
Melbourne IT proposed extending indefinitely the window to submit trademark claims. The current window applies during the first 60 days after the sunrise period. At the same time, the company proposed shortening to 48 hours the timeframe for taking down a potentially infringing domain after a complaint is filed. Currently, when a trademark owner files a complaint at ICANN, the registrant has up to 21 days to respond. The registrant could avoid a take-down by paying a response fee equivalent to the complaint fee paid by the trademark owner.
Melbourne IT is seeking input on its proposal and plans a working group summit in Washington, DC, on 18 September, it said.
Follow Adam Bender on Twitter: @WatchAdam
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.