IP: EFF's comments to Commerce Dept on domain names

[Dave Farber <farber () cis upenn edu>]

Shari Steele, Staff Attorney        ssteele () eff org
Electronic Frontier Foundation      301.375.8856 (v)
P.O. Box 649                        301.283.5337 (f)
Bryans Road, MD  20616              http://www.eff.org/homes/steele.html






***************
                                        Electronic Frontier Foundation
                                        1550 Bryant Street, Suite 725
                                        San Francisco, CA  94103


                                        March 23, 1998


Karen Rose
Office of International Affairs
National Telecommunications and Information Administration (NTIA)
Room 4701
U.S. Department of Commerce
14th Street and Constitution Avenue, NW
Washington, DC  20230




Sent via e-mail (dns () ntia doc gov) and Federal Express.




Dear Ms. Rose,


The Electronic Frontier Foundation (EFF) thanks you for this opportunity 
to comment on the Department of Commerce (DoC)’s attempts to find 
consensus on Internet domain name policy.  EFF is a nonprofit, 
public-interest organization working to protect rights and promote 
responsibility in the electronic world.  We have read with interest your 
proposal for "Improvement of Technical Management of Internet Names and 
Addresses," and our comments are below.


Protection of Human Rights and Free Expression Should Be Overriding 
Principle


EFF believes in the basic principle that any foundation for governance 
of a communications system, such as the Internet, should stand on the 
fundamental human right of free expression.  The strongest guarantees of 
free expression, free association, due process, and nondiscriminatory 
administration should be written into the charter of any organization 
empowered with Internet oversight.  The Internet should be administered 
on principles compatible with, but stronger than, the United Nations 
Universal Declaration of Human Rights.  These guarantees regarding 
Internet governance should not permit any party to limit human rights on 
the Internet.  This guards against a repetition of the practice of some 
national governments, which undermine the UN Declaration under the 
pretext of "morality, public order and the general welfare" (Article 29 
and 30).  They should only be amendable by an extraordinary 
supermajority procedure, similar to a U.S. Constitutional amendment.


The IANA Is the Best Choice for Overseeing the DNS System


The DoC proposal states as a goal that the U.S. government should end 
its role in the Internet domain naming system (DNS) as soon as possible. 
EFF could not agree more.  We believe that the Internet Assigned Numbers 
Authority (IANA), which currently administers the DNS and has been doing 
this well for the past 20 years, is the proper organization to continue 
administration of the DNS.  IANA is a private organization whose only 
connection to any government or collection of governments is its history 
of U.S. government research funding.  The authority of any new structure 
designed to continue IANA's job of administrative maintenance of the 


Internet should be clearly defined as independent of any and all 
governments.  The U.S. government should not attempt to exercise 
oversight or a veto over a transition of the IANA to a new corporation; 
such oversight will be carried out by Internet users.  The Internet 
community is much more likely to trust a new corporation to manage 
Internet administration if it is clearly derived from the IANA and 
continues the same personnel and general policies.


Any organization selected to administer the DNS must remain private, 
whether in the legal form of a corporation or otherwise, and should be 
not-for-profit, operating in the public interest for the benefit of the 
Internet.  This administering organization should be governed by 
democratic procedures which give suffrage to all stakeholders on the 
Internet.  To the extent that any individuals wield power within the 
organization, they must be charged to wield that power for the long-term 
benefit of the public, the Internet users, and the entire human race, 
especially since all three of these are synonymous in the long term.


It is of critical importance that any administering organization not 
simply apply U.S. law, and that any new Internet domain naming system 
not rely on U.S. jurisdiction over trademark issues and dispute 
resolution processes.  The Internet is international in scope, and its 
administering body must be truly international in scope.


Network Solutions Cannot Be Trusted With Any Public Resource


EFF is very concerned that Network Solutions is attempting to convert 
its five-year contract into a permanent monopoly.  EFF believes that the 
National Science Foundation (NSF) made a mistake by failing to control 
this for-profit company to protect the public interest.  Though the 
fundamental mistake was made by NSF, it was compounded many times by the 
arrogance of Network Solutions' management.  Yet, the DoC proposal gives 
Network Solutions continued control of the .com, .net and .org domains.


EFF believes that the current management of Network Solutions has shown 
a profound disregard for the public interest, which should disqualify it 
and its parent company, Science Applications International Corporation 
(SAIC), from having any benefit or privilege extended to them in the 
future management of the domain name system.  They made a deliberate, 
intentional and ongoing attempt to steal from the public the resource 
they had a five-year stewardship contract to manage and protect.  It is 
as if they got a contract to repair the stonework at Mount Rushmore and 
ended up trying to own the national park.


As a result, they should not be trusted with even temporary control of 
any valuable public resource.  If Network Solutions or SAIC continue in 
the domain name business, they must operate only in highly competitive 
parts of the business.  In particular, neither Network Solutions, SAIC, 
nor any "nonprofit organization" started by them, or with overlapping 
directorship, influence, or control by them, should manage the root or 
any global top level domain (gTLD).  Any changes to the DNS must ensure 
that people will continue to be able to register in the .com, .net, 


..org and .edu top level domains without any involvement of Network 
Solutions.


We were happy to see that the DoC proposal requires Network Solutions to 
give the U.S. government copies and documentation of all data, software 
and licenses to other intellectual property generated under the 
Cooperative Agreement and to turn over control and management of the 
main root server to the U.S. government.  We are concerned, however, 
that the current wording leaves significant loopholes that should be 
patched up.


Network Solutions should be required to turn over all root servers that 
it operates, not simply the "A" root server, and any separate servers it 
uses for the .com, .org, .net and .edu domains.  Due to the difficulty 
of changing the set of globally known root server addresses, Network 
Solutions must relinquish the entire set of IP addresses delegated to 
the InterNIC, specifically 198.41.0.0/22, which contains both the "A" 
and "J" root servers.  This should happen not "when the government 
directs," as indicated in the DoC proposal, but rather when IANA or the 
new corporation directs.  Network Solutions should begin immediately 
preparing for this by moving other hosts off that network number, and 
doing anything else necessary to ready itself for the transfer.


Furthermore, the requirement that Network Solutions turn over 
"appropriate licenses to other intellectual property" is far too vague. 
All intellectual property generated under the Cooperative Agreement is 
work-for-hire, and the government owns it in trust for the public.  
Network Solutions has no ownership rights to any of the work it created 
under that stewardship contract, so how could it issue licenses?  The 
government should explicitly put ownership of all such results into the 
public domain, so they can be used by the public that paid for them.  It 
should then make the results accessible via an NSF web site and via 
Freedom of Information Act requests.  Please ensure that Network 
Solutions retains no credible claim to any of the public's intellectual 
property.


No For-Profit Corporations or Governments Should Control the Root or 
gTLDs


Domain name registration and the generic top level domains themselves 
must not be monopolized by a single for-profit registry, treated as any 
for-profit entity's intellectual property, or controlled by or from 
within any single governmental jurisdiction.  These domains have become 
international and should not remain a U.S. monopoly.  They are a global 
public trust and should not be exploited by profit-seeking companies or 
for regional advantage.


IANA Should Have Supervisory Control of All gTLD Registration Databases


IANA, acting on behalf of the public, should have supervisory control of 
the databases containing the registration data of each global top level 
domain in the DNS, including the .com, .net, .org and .edu domains.  
IANA should determine when and whether to create new gTLDs, including 
specification of the alphanumeric strings, the timing of introduction of 
new gTLDs and the number of gTLDS.  IANA should ensure that the data in 
each database is freely available to the public, subject only to 


international legal restrictions relating to privacy.


Each database should operate in the public interest on a cost recovery 
basis and not for profit, under the overall supervision of IANA.  Access 
for registration of second level domains in all databases should be 
equally available to all registrars (except in exceptional circumstances 
determined by IANA) on a non-discriminatory basis.  The administration 
of the domain name system and generic top level domain registries must 
provide for domain name portability rather than making it difficult or 
impossible for a customer to switch registries.


If a de-centralized technical method, which would allow several 
different registries to accept names in the same gTLD, can be made to 
work, it should be adopted.  This would provide a very strong level of 
domain name portability, in which a user could change not only the 
registrar (retailer) but also the registry (wholesaler) that controls 
the pricing and policies for the user's established domain name.  This 
would provide a much more competitive market, avoiding lock-in at both 
levels, and would also permit registries to be operated for profit, 
since registries that misserved their customers would be unable to 
prevent users from switching to another registry for the same TLD.  A 
prototype implementation has been suggested to IANA; it involves having 
the name servers for a given gTLD independently retrieve the pieces of 
the database from the various registries.  Each server would merge the 
database pieces using freely available software, which would resolve 
conflicting registrations since the last merge, before publishing the 
new zone database.  The prototype would work for small numbers of 
registries sharing a zone -- perhaps a dozen -- and could be extended to 
larger numbers after gaining experience and evolving the tools.  This 
proposed method would require oversight by IANA (under threat of removal 
from the gTLD delegation) to prevent disruptive or negligent practices 
by the registries.


Internet Technical Standards and Administrative Processes Should Not Be 
Impeded by Lack of Consensus on Separate Issues Such as International 
Trademarks


The current policy of providing ownership rights in Internet domain 
names based on trademark registration is flawed and should be abandoned. 
No one group of intellectual property holders' interests should outweigh 
any other group's, or outweigh any other rights held by individuals and 
the public.  The current policy with respect to trademarks and domain 
names does not even correctly reflect U.S. trademark law, let alone the 
laws of other countries or any emerging international law of trademarks. 
The policy appears to have been adopted to benefit Network Solutions 
(reducing the number of lawsuits against it by large corporations) 
rather than to define a balanced public policy.  Yet the current 
proposal seems to perpetuate this horrible policy.


Under U.S. law, the First Amendment to the Constitution carries 
considerably more weight than the Lanham Act.  Under the current DNS 
administration, trademark holders are given greater rights to domain 


names than others with legally recognized interests in specific domains. 
This is not a reasonable application of the law, and it is not sound 
public policy.


Even the United States Patents and Trademarks Office (PTO) recognizes 
that more than one entity can hold a trademark on the same word, name, 
or symbol provided that it is used in completely different business 
categories.  Failure to provide for multiple uses of the same 
trademarked character string in a domain name has resulted in big 
companies beating up on small companies and individuals using the same 
or similar names.


Furthermore, the PTO recognizes that registration of a trademark creates 
a right in the mark while the trademark is still pending.  The Internet 
policy does not recognize registered but still pending trademarks, and 
small companies with pending applications have been bullied into giving 
up their domain names by larger companies with similar trademarks.


But most importantly, there are other legitimate uses of words, names 
and symbols that have nothing to do with trademarks that get and deserve 
legal protection yet are not recognized by the current policy.  For 
example, Kayvan Sylvan, a man who runs his own computer consulting 
business, registered the domain name sylvan.com.  Sylvan Learning 
Systems, which holds a trademark on Mr. Sylvan’s last name, threatened 
to take that domain name under the current policy.  Mr. Sylvan had to 
trademark his last name in a foreign country in order to keep his domain 
name!  There are other examples of nontrademarked, yet legal, uses of 
terms.  For example, the World Boxing Association might want to use the 
domain name knockout.com, even though Hasbro toys has trademarked the 
term knockout as the name of a game.  This should be a legally protected 
use of a domain name.


Domain names cannot be equated to trademarks or brand names, since the 
sole domain name cannot be used by multiple participants to serve their 
various non-infringing functions.  Instead, domain names should be 
distributed on a first-come, first-served basis, and only if the company 
that wants a domain name can prove that the current owner is confusing 
the customer (i.e., McDonald's Hardware decides to get into the 
fast-food business), could it then prove trademark infringement.  And 
even then, it would not necessarily succeed in taking over the domain, 
just forcing the infringer to stop infringing on their trademark.


Trademark concerns cannot burden the free expression uses of domain 
names.  Users of domain names cannot be required to identify themselves 
or provide an address for service of process or any other reason 
suggested in Appendix 2 of the DoC proposal in order to get a name, just 
as the U.S. government cannot compel speakers in the physical world to 
identify themselves.  No period of suspension of a domain name 
registration, which serves the same function as censorship in this 
context, shall be imposed prior to an order by a court of competent 
jurisdiction, with the burden of proof being on the censor.




Many of these trademark disputes can be avoided with the creation of a 
multitude of additional top level domains.  The current policy is flawed 
and must be repaired.


Domain Name Ownership Disputes Should Be Resolved by Contract Law


A uniform procedure should be established for resolving domain name 
ownership disputes by contract among registrars of second level domains 
in each of the gTLDs.  This procedure must strike a proper balance, 
enforcing the law as interpreted by courts, between domain name holders 
and the owners of trademark rights.  It should offer an efficient and 
inexpensive means of dispute resolution without supplanting or 
interfering with the jurisdiction of national courts or the rights of 
Internet users to have resort to the courts.  Finally, domain name 
registries should be insulated from trademark claims.  The process of 
domain name registration cannot become a proxy for trademark litigation.


Maintenance of the .edu Domain Should Not Be Given to Any Organization 
With Exclusionary Intent


The current administration of the .edu domain is exclusionary and geared 
to support American four-year universities at the expense of other 
educational institutions, including local community colleges.  This gTLD 
should be run by the same international, non-profit organization 
maintaining the other top level domains and should be open to all 
educational institutions, as defined by the institutions themselves.  A 
recent proposal being circulated by Educom is completely unacceptable, 
where a hand-picked panel of college presidents and chief information 
officers from four-year universities that are members of Educom will 
decide which institutions can get a .edu address.  Faculty members, 
students and non-four year academic institutions should all be included 
in any decisions related to the .edu domain.


Payments to the Intellectual Infrastructure Fund Should Be Returned to 
Users


EFF was pleased to see that the DoC proposal terminates the Internet 
Intellectual Infrastructure Fund (IIIF) as of April 1, 1998.  However, 
this does not remedy the current problem of the illegal overcharges that 
have already been made.  The Intellectual Infrastructure Fund should be 
fully returned directly to the users who paid in.  Such refunds should 
be returned to the users, so they can spend them on any domain name 
registrar or on other things, rather than being applied as credits for 
future domain name service from Network Solutions.  Network Solutions 
(which instigated the policy of charging users for the IIIF) -- not the 
public or domain name users -- should bear the costs for defending 
against any lawsuits and administering the refunds.


No Transition Period Is Needed; Current IANA Can Make Decisions


The government's proposed transition plan is flawed in numerous ways.  
It should not be adopted.  Instead, the current IANA should determine 
the short-term evolution of domain name administration, as it has 
determined the long-term evolution.  As the new IANA corporation is set 
up, this function can be transferred to it by the old IANA.




The number of new domains should not be fixed by the U.S. government.  
The U.S. government should not define rules for qualifications of a 
registrar or a registry, or even define that the two must be separated. 
The role of the government should be to drive the process to consensus, 
not to dictate which consensus should be arrived at.


Furthermore, many of the requirements for registrars and registries are 
poorly thought-out.  First, encryption, as opposed to authentication, 
should not be required for registrar/registry transactions.  Such a 
requirement would put U.S. organizations at a disadvantage, since they 
cannot export their interface software (which is required by another 
part of the proposal, in Appendix 1.1.g).


In addition, registrars do not need multiple connections to the 
Internet.  This requirement simply raises the base cost of providing 
service.  Competition will let users pick a registrar that is responsive 
and available.  Most of the specified criteria for registrars do nothing 
more than reduce competition by raising barriers to entry.




Thank you again for giving us the opportunity to comment as you work to 
formulate policy in this important area.  We would be happy to meet with 
you and work to create a system that is in the public interest.  Please 
contact me at 301/375-8856 if I can be of any further assistance.


Sincerely,






Shari Steele
Staff Attorney

-- 
Shari Steele, Staff Attorney        ssteele () eff org
Electronic Frontier Foundation      301.375.8856 (v)
P.O. Box 649                        301.283.5337 (f)
Bryans Road, MD  20616              http://www.eff.org/homes/steele.html