Domain Name Theft: When Someone Steals Sex, You Can Get It Back If It's In Cyberspace

by Rod Dixon

Virtual sex is not the real thing, but is “theft” in Cyberspace different than theft in real-space? What are the unique aspects of Cyberspace, and how should an entity like ICANN (the Internet’s domain name police) respond to them? Although intellectual property - - resembling copyright or, perhaps, Trademark - - and real property - - resembling a single family home or an office building - - share many similar characteristics, one of the significant distinctions between the two forms of “property” relates to how or whether the use of the property by others may reduce the owner’s ability to enjoy or use the property. For example, I cannot lend my car to a friend and drive it myself, but I can easily provide a copy of an article I have authored (or, what constitutes the article) to a friend without diminishing my own ability to enjoy use of the article. Trademarks work in a similar fashion.

A trademark owner may post its logo on a website where goods are offered for sale so Internet consumers have some assurance that the goods being sold are actually associated with the recognized trademark logo. At the same time, the trademark may be used in real-space as a logo on storefronts or on merchandise in stores. In this manner, the trademark may be viewed as an intangible form of “property.” Not so, it seems, with domain names.

If I permit someone else to use my domain name as a website address, then, like my car, I cannot use it myself for the same purpose. But, a domain name is not a car. Domain names seem to have features of both tangible and intangible property. The question arises, however, if a domain name is less like a trademark than it is like a car, why should ICANN favor the interests of trademark owners in establishing domain name policy? Have we lost something during our short history of use of domain names, and is it too late to get it back?

If we were to consider first principles for Cyberspace, I suspect that one would be that “Cyberspace should be considered a unique space; hence, when addressing cyberspace-based problems or issues, managers of the space must be mindful that many aspects of real-space do not readily or easily translate well in Cyberspace.” First principles are useful because they form the basis for how we evaluate and deduce answers to problems. In this respect, when addressing domain name disputes, there is no reason that we should not take as our starting point, the position that domain names are unique identifiers that are not conclusively established forms of intellectual property anchored to rights in real-space. In other words, in the domain name space, there is no valid basis to assume that trademark interests should overwhelm all non-commercial interests in the use of domain names. Yet, so far, it appears that ICANN is managing the domain name system (the DNS) as if that were a first principle.

Of course, no one can plausibly contend that there is no association of domain names with commerce. The increasing number of uses of the Internet that come from the commercialization of Cyberspace are far too significant to ignore the obvious; namely, that both commercial and non-commercial interests must co-exist in Cyberspace. Even if a domain name should not be viewed as a form of “property” co-extensive with trademark interests in real-space, domain name ownership (or registration) is undeniably a valuable interest, itself, that should be protected in some manner and to some extent. What interests are more important than putative trademark interests, and how should ICANN protect those interests with the vigilance it has shown regarding trademark?

One example is the area of domain name theft. ICANN could set-up contractual relations with domain name registries and registrars that ensure that these entities have adequate safeguards against domain name theft. In doing so, ICANN could attempt to establish DNS policies aimed at benefiting all domain name holders rather than just pursue policies that privilege one group of registrants over another. And, there is amble evidence that there are inadequate procedures in place to ward off domain name theft. Web bandits steal domain names by presenting fake requests to domain name registrars, who, upon receiving the request, transfer the domain name registration over to whomever is named on the form. Acting quickly, web bandits attempt to sell domain names to unsuspecting third parties. This scam works for two reasons: [1] some domain names have a definite upward value in the secondary market for domain names, and [2] many domain name registrars do not have adequate security measures in place to preclude most domain name thefts.

Gary Kremen’s case illustrates just how easy it is to steal a domain name. Recently, a judge upheld Kremen’s claim that someone stole sex.com from him. Although Kremen’s ultimately got his sex.com back - - which may illustrate another distinction between Cyberspace and real-space - - his case demonstrates why serious attention by ICANN on domain name theft is warranted.
Stephen Cohen, it is alleged, stole Kremen’s domain name, sex.com, simply by submitting a fake transfer letter to domain registrar Network Solutions with a forged signature. Since ICANN-approved registrars respond to domain name transfers in an automaton-like fashion, Stephen Cohen, a convicted felon, was able to con Network Solutions (now owned by Verisign) and to steal a domain name that by some accounts could be worth more than any domain name sold to date.

After he was released from the federal prison in Lompoc, California in 1995 (among other unlawful deeds committed by Cohen, he attempted to pose as a lawyer in a bankruptcy court proceeding), Cohen pretended to be authorized by Kremen to order Network Solutions to transfer the name of the registrant of the sex.com domain name over to his company. Cohen hoodwinked Network Solutions with a phony letter from a non-existent executive at Kremen’s company, Online Classifieds, authorizing transfer of Sex.com to Cohen. The letter was written and signed by a “Sharon Dimmick,” identified as the president of Online Classifieds. The letter is addressed to Stephen Cohen, and states that Online Classifieds is relinquishing the rights of sex.com to Cohen. The letter contained an instruction from the non-existent Dimmick to Cohen: “Because we do not have a direct connection to the Internet, we request that you notify the internet registration on our behalf, to delete our domain name sex.com. Further, we have no objections to your use of the domain name sex.com and this letter shall serve as our authorization to the internet registration to transfer sex.com to your corporation.” It’s unclear whether this peculiar letter was necessary to trick Network Solutions, but, apparently, the letter served as back-up support when Cohen directed the registrar to give him the domain name. Kremen’s loss of sex may be atypical since it involved direct contact with the thief. Apparently, Kremen was initially discouraged from attempting to recover his domain name after receiving a call from someone identifying himself as a lawyer from the U.S. Patent and Trademark Office. The fake lawyer may have informed Kremen that Cohen had a trademark on sex. The telephone call worked. Kremen delayed filing a lawsuit. Today, Kremen believes that the government attorney was an imposter, perhaps, Cohen, himself.

In federal court this week, Judge James Ware, on the district court in San Jose, California, gave sex.com back to Gary Kremen on grounds that Cohen had likely secured the domain name five years ago through fraud, enabling Cohen to earn tens of millions of dollars in sex.com-related profits. Cohen may have created a $250,000,000 business during the years he had illicit control of the sex.com domain name. The judge’s ruling was made, in part, in response to Kremen’s fear that Cohen was moving his ill-gotten gains away from the jurisdiction of federal courts to off-shore accounts.

ICANN was not around in 1995, but it has not insisted that registrars prove that they have systems and procedures in place to avoid domain name thefts. Indeed, domain name thefts have steadily increased since 1995. With the approval of new registrars and the pending expansion of the Top-level domain name space, it is time for ICANN to focus on what systems are in place at its registrars and to determine whether these systems are subject to substantial abuse.

Less than a year ago on the eve of January 8, 2000, a so-called unidentified hacker seized control of an undocumented number of domain names through spoofing attacks aimed at servers run by Network Solutions. Network Solutions offers various levels of security for domain name holders who use their services, and has insisted that some security failures are actually the result of unfortunate choices made by the domain name holder. According to Network Solutions, domain name holders may acquire enhanced security features for their domain name records, if an additional fee is paid. One wonders, however, why consumers of domain names should have to pay more for security? Why doesn’t ICANN require registrars and registries to provide an appropriate level of security for domain name records as a best practice, instead of permitting security to be offered as a costly add-on?
During the January attack some domain name holders lost control over e-mail services connected to the domain name for as long as three days, and Network Solutions, at the time, could not provide an accurate count documenting the total number of domain names temporarily hijacked. This instance (and, perhaps, many others) indicates security failures should be a critical area of concern for ICANN.

Compared to the millions of domain names registered today, the instances of theft may appear to be insubstantial. This is a false impression. The number of companies running registrar services (and, soon the number of companies operating registry services) is steadily increasing, which may lead to significant increases in domain name theft unless ICANN acts now to perk up compliance with secure standards for processing domain name transfers and registration record alterations. Indeed, domain name theft is already considered epidemic by most standards.

Web bandits focus their hijacking skills on domain names that are perceived to be valuable enough to be sold in the secondary market for domain names or even sold back to the original owner. One web bandit recently proved that technical savvy is not always a reliable indicator of general intelligence: a stolen domain name, thehun.net, was sold by the web bandit on eBay for $750,000. The original owner got his domain name back without having to win the auction.

Since stealing a domain name, oftentimes, is like stealing tangible property, even a temporary loss may lead to significant injury to the lawful domain name holder. The use of a domain name is often tied to domain name services such as e-mail or file transfers (such as FTP access) and, of course, website name resolution. Loss of these services may induce losses in financial transactions such as e-mail or web-based product orders, file downloads for customers or a multitude of other commercial transactions. In some of the more high-profile cases this year, web bandits have successfully stolen internet.com, web.com, web.net, web.org, w3.org, whoami.com, lucasarts.com, viagra.com, canada.com, croatia.com, slovenia.com, bali.com, exodus.net, and nethead.com. I have received e-mail messages concerning a number of other cases, which did not attract as much media attention. In addition, unsuccessful attempts of domain name theft are likely to be unreported or, worse, under-reported by the registrar. Like most security issues, the instances of domain name theft and attempted theft are probably significantly higher than those that have been reported thus far.

Some of the security issues regarding the DNS flow from the general problem of Internet security. The basic Internet protocols are open system technologies. While an open system technology may benefit from having many programmers improve the relative weaknesses in the software code, open source technologies are also more vulnerable to sabotage than proprietary technologies, which, by their nature, limit the number of people who have access to the code. Although people who exploit weaknesses in technology for base purposes are often hackers (or, more precisely, crackers), hackers are by no means the only individuals who may cause harm from the discovery of a security weakness or who may exploit open technology for the purpose of theft. Indeed, the unique property-like aspects of domain names seem to be the primary reason that security has become a critical issue. I am hopeful that ICANN will use its influence to protect all domain name holders.
     
 

  Rod Dixon teaches and writes about Cyberlaw and Internet Governance.