Michael Geist of the University of Ottawa law commented today on the new policies by the Canadian Internet Registration Authority (CIRA) regarding individual internet registrants.
He had previously come out in support of their position, but it appears as if CIRA is backtracking on some of their changes.
CIRA is attempting to create a balance between privacy concerns of members of the public registering domain names, and access by those requiring legitimate access to their identity.
As before, information can be provided to law enforcement, and with the spread of hate crimes, threats, fraud, and other abuse on the Internet, this access will likely be increasingly utilized.
But access is also provided to trademark, copyright and patent interests that believe their intellectual property rights have been infringed.
Geist argues that the trademark changes violate Canadian privacy law, and whistblowers setting up a site against their company would be unnecessarily exposed,
Under the new CIRA policy, if they use fake registrant information, they risk losing the domain. On the other hand, the back-door exception means that the trademark holder can easily uncover the identity of the registrant since CIRA will simply hand over this information.
It’s actually not that easy.
The only disputes that CIRA states they will even contemplate a disclosure are when the use:
- infringes Requestor’s Canadian: (i) registered trademark, (ii) registered copyright,
or (iii) issued patent; - infringes Requestor’s Canadian registered (Federal or Provincial) corporate,
business or trade name; or - is making use of the Requester’s personal information without their knowledge or
consent to commit a crime (such as fraud, theft or forgery), to procure money,
credit, loans, goods or services without authorization. (Identity Theft)
Maureen Cubberley, former chair of the CIRA board of directors, has explained that it’s intended for cybersquatting, resale of domain names for profit, and malicious registrations towards competitors,
It’s limited to ‘bad faith’ registrations…
What we’ve done is make an exhaustive list of where the policy would apply in these situations.
Even then, such disclosures would only be made after attempts to contact the individual and resolve the dispute in other ways has been ineffective. There is even a 60-day period where parties can challenge a ruling, and take it to the courts beyond that.
A more valid concern would be social justice advocates attacked for their work by the larger public or major corporations. But as long as a person does not misappropriate a trademark or name or misuse personal information, it’s unlikely that any form of widespread abuse would occur by CIRA.
One of Geist’s more credible issues would be the arbitration process, because panels with a single arbitrator chosen by the arbitrator are more likely to favour with the complainant – in 83% of the cases. A panel with several individuals chosen by both parties is more likely to have a balanced decision.
But that’s exactly the process that CIRA is adopting.
Although complete annonymity and the ability to whine on nearly any subject imaginable might be slightly curtailed, especially when posing as a corporate entity, web hosters would also have a greater sense of responsiblity more akin to the printed press.
They now know that if they abuse their priviledges they will eventually be called to task.
And we’re forgetting one thing.
The new policy would only apply to “.ca” domains, which are still barely used even among the Canadian public.
Geist did predict that if these trademark changes were not made they would,
…instantly catapult the dot-ca into a global leadership position. With more than a million Canadian domain name registrations, the resolution of the WHOIS issue ensures that the Canadian domain name space is set for continued growth as it now features a “privacy advantage” over other domains struggling to strike a similar compromise.
Tightening privacy issues may have promoted the use “.ca” on the Internet, but for now we’re in just about the same place as everyone else, which is probably exactly where we should be.
Was there ever a reason to think that privacy was an issue with dot-ca domains, or is this all speculative academia?
This article would be a bit more credible if it didn’t rely on a seven year old article quoting someone (Cubberly) is no longer involved in CIRA and who is not even close to discussing the CIRA whois policy.
Law is Cool: Possibly, but the fact is that this policy has been in development since at least 2003. The position she took is still just as valid. All of the CIRA balances mentioned are current.
What is more interesting is CIRA’s board minutes from May (2008),