An antiphishing bill that was introduced in the US Senate last week could end up being used by large holders of trademarks to unfairly wrest legitimate domain names away from small businesses and individuals, according to a trade group that represents domain name investors and so-called direct search companies.
But supporters of the new legislation proposed claim that the bill is timely and offers a more effective mechanism for dealing with phishing and the deceptive use of domain names than existing statutes do.
The bill is called the Anti-Phishing Consumer Protection Act of 2008 (APCPA) and was introduced in the US Senate on February 25. The proposal would basically outlaw phishing and "related abuses," such as using for commercial gain domain names that are identical or confusingly similar to those legitimately held by trademark owners.
As part of the proposed law, such practices would be formally defined as deceptive practices under the US Federal Trade Commission Act. The APCPA also would require US-based domain name registrars that offer proxy services to reveal the full contact information of registrants to individuals or entities that file complaints or lawsuits. The contact info of proxy registrants typically is hidden from public view in the Internet's WHOIS database.
The legislation calls for statutory damages of US$250 per violation, up to a maximum of US$2 million. But in cases in which a defendant is deemed to have willfully violated the provisions of the bill, the total damages could go up to US$6 million. Actions could be brought under the APCPA by trademark owners or by state attorneys general, federal banking and securities agencies, Internet service providers and the FTC itself.
"Phishing and other online fraud activities directly undermine the vital trust of online consumers," Senator Snowe wrote in a blog post on The Hill Blog.
"Now more than ever, Congress needs to take action to limit the growth of a practice that attacks the very essence of our commerce," she added, noting that more than 3.5 million US residents fell victim to phishing and online identity theft last year.
But as a measure that ostensibly is designed to fight phishing, the APCPA is far too broad in scope, claimed Philip Corwin, general counsel at the Internet Commerce Association (ICA). The ICA represents about 60 members, including individual domain investors and companies such as Tucows, Sedo, Oversee.net and TrafficZ.
Corwin said the trade group isn't opposed to legislation that is aimed at reining in phishing problem and other criminal misuses of domain names. The problem, he added, is that some provisions in the proposed bill appear to be unrelated to those issues. "This looks like trademark legislation on steroids," Corwin said.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Delivering the Power of Choice with Microsoft Dynamics CRM
Taking On Demand CRM Integration to the Next Level
Solve Exchange Mailbox Storage Issues Once and for All
Security Inside Out
Email Archiving Implementation: Five Costly Mistakes to Avoid
Data grids and service-oriented architecture
Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Best Practice in Building an Integrated Information Management Strategy
Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Vignette Announces 2008 Excellence Awards 2008-11-21 10:50:00+11
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 2008-11-20 17:34:00+11
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 2008-11-20 12:06:00+11
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 2008-11-20 12:04:00+11
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 2008-11-20 12:02:00+11
Everything you need to know about email and web security (but were afraid to ask)
What you don’t know can destroy your business. It’s hard to imagine modern business without the internet but in the last few years it has become fraught with danger. Read on to discover how internet security can give your business a competitive advantage.
Buying Guides
Buying Guides
