Last minute geek

last minute tech news from around the net

You are here: English CircleID

CircleID

The IPv4 Market - Looking Back and Forward

In September 2015, the free pool of IPv4 numbers available through the American Registry for Internet Numbers (ARIN) ran dry. In 2016, the IPv4 market was the only reliable source of IPv4 numbers, globally, and the pattern of activity changed dramatically. So far in 2017, we have seen the trends in the last half of 2016 continue.

Throughout 2015, IPv4 transactions were trending steadily upward and the volume of transferred numbers had reached an all time high as several /8 holders sold off their excess supply of IPv4 numbers to large buyers with available liquidity to purchase large amounts of address space. In 2016, the monthly rate of transactions climbed sharply to nearly double the average monthly number of transactions in Q4 2015. The volume of transferred numbers took a different turn. Nearly 40 million IPv4 numbers were transferred via the ARIN transfer approval process in 2015. In 2016, that number dropped by nearly 50%, to just over 20.75 million.

North American IPv4 Market Activity in 2016 – In the latter half of 2016, the volume of numbers transferred grew from just shy of 5.8 million numbers in the first half of 2016 to nearly 15 million numbers in the last 6 months of 2016 (left chart). Expanding the view to all purchases in 2016, a full 50% of all numbers were transferred as /16 blocks. The chart on the right shows that /16 block trades produced more transferred numbers in 2016 than any other block size. (Click to Enlarge)

There are several key explanations for the market shift. One, the depletion of large block supply. Whereas 14 /12+ (1,048,576 numbers) blocks transferred via the ARIN transfer approval process in 2015, only 3 such blocks were transferred in 2016. Also, the decision by some large block holders either to sell their blocks in smaller sizes to realize higher unit prices or hold off entering the market altogether until large block pricing improved.

Market indicators show that the higher trading volumes in 2016 are holding steady in 2017, both in the ARIN domestic market and in the InterRIR market where transfers more than doubled in part due to RIPE NCC's inter-RIR transfer policy which was now in full swing. With hints that AFRINIC and LACNIC may open their doors to InterRIR transfers, we expect this number to grow.

We also expect more supply to enter the market — but not necessarily in the volumes we experienced in 2015. In the first half of 2016, just 5.8 million numbers were transferred. That number more than doubled to nearly 15 million numbers in the last half of the year as prices have risen, sellers have been able to take advantage of more flexible contract structures that allow them to fund renumbering projects, and large buyers are more willing to accept numbers over a more flexible and extended schedule and in smaller block sizes. In 2016, the /16 (65,536 numbers) was a dominant block size in the market, accounting for 50% of all numbers transferred.

As in 2015, pricing trends have continued to mirror the shift in supply and demand. Pricing was at its lowest in Q1 2015, when there was a glut of supply in the marketplace. With tightening of supply in 2016, prices escalated. The average price of small to mid-size blocks grew by just over 30%. Large block pricing nearly doubled, substantially narrowing the gap between small and large block pricing. We expect prices to escalate further as we head toward the last half of 2017.

IPv6 migration has not yet materially impacted the IPv4 marketplace. Tech companies continue to invest in their IPv4 infrastructure while building out their IPv6 network, making some significant IPv4 purchases to meet their needs. Companies appear to be settling into their reliance on the IPv4 market, at least over the next 2-3 years, to bridge the gap between IPv4 and IPv6 as companies recognize that IPv6 migration will happen eventually but not soon enough.

A full analysis of the IPv4 market, with additional data, can be found in Avenue4's 2016 Annual State of the Market Report.

Written by Janine Goodman, Vice President and Co-founder at Avenue4

Follow CircleID on Twitter

More under: IP Addressing, IPv6


Read all

No Time Bar, No Laches under the UDRP

Two Uniform Domain-Name Dispute-Resolution Policy (UDRP) decisions posted this month involved domain names registered 20 and 21 years ago, David Duchovny v. Alberta Hot Rods c/o Jeff Burgar, FA1706001734414 (Forum July 4, 2017) (<davidduchovny.com>, 21 years) and Commonwealth Bank of Australia v. Registration Private, Domains By Proxy, LLC / Ravindra Patel, gbe, D2017-0807 (WIPO July 6, 2017) (<bankwest.com>) (20 years). Complainants prevailed in both cases. The domain names stand out as being the oldest to have been found registered in bad faith, and transferred. Readers unfamiliar with the UDRP may be surprised to learn there is no time bar for making a cybersquatting claim, and laches is not a defense.

While David Duchovny and Commonwealth Bank are similar in filing complaints for long-held domain names, Complainants' circumstances are strikingly dissimilar (celebrity name versus a name composed of two dictionary words and parties located on different continents). While the first decision is understandable and the second is questionable.

The "no time bar/no laches" limitation which is one of the core principles of the UDRP is consistent with WIPO's recommendations for the proposed administrative procedure that became the UDRP. The WIPO Final Report (1999), Paragraph 197 stated that "a time bar to the bringing of claims in respect of domain names (for example, a bar on claims where the domain name registration has been unchallenged for a designated period of years) should not be introduced." Then, in Paragraph 199, "time bar" is expressly rejected: "It is not recommended that claims under the administrative procedure be subject to a time limitation.” (Italics in original).

While the recommendation did not achieve written recognition in the Policy Panels quickly enshrined it in their decisions: "[there is] no room for general equitable doctrines under the Policy such as would be possessed by Courts in common law jurisdictions." Edmunds.com, Inc. v. Ult. Search Inc., D2001-1319 (WIPO February 1, 2002). The Panels in David Duchovny and Commonwealth Bank make the same point: "This Panel lacks equitable powers; therefore, even a delay of 21 years does not implicate laches" and "Panels have . . . declined to specifically adopt concepts such as laches or its equivalent in UDRP cases."

Whatever advantage complainants may appear to gain by the rejection of any time limitation or laches is offset in two ways: by respondents' rebuttal evidence (which if there is any, would have to be countered) and by the evidentiary demands on complainant for proving bad faith. The specific antidote to complainants sleeping on their rights is expressly set forth in Paragraph 4(c)(i) of the Policy; that is, if in the long interval before complainant wakes up a respondent accrues rights in the domain name, the complaint must be denied.

It will be noticed that the 4(c)(i) defense incorporates a key element of laches, namely detrimental reliance, so that while laches is ostensibly rejected it is present through the back door. Paragraph 4(a)(iii) also plays a role because the passage of time is a black hole; all evidence is lost if not maintained, so that even if respondent is found to lack rights or legitimate interests, if complainant cannot marshal evidence of bad faith registration the domain name must remain with respondent.

Proving cybersquatting of marks predating domain name registration is easier the closer in time between the registration and filing the complaint. It becomes increasingly difficult the longer complainant waits, particularly for weak marks (as opposed to celebrities' strong marks ). When complainants lose, the inapplicability of laches is no help to them and should be no hindrance to respondents; the evidentiary problem lies in complainant's inability to marshal the necessary evidence.

The database of complainants losing for lack of evidence is full of these disputes. The Sinclair Group Nevada, LLC v. behnam tabrizi, FA1606001679802 (Forum August 3, 2016) (<rapidtransformation.com>, 7 years. Complaint dismissed). The reverse is also true. Unlawful registrations will be cancelled or transferred regardless the length respondents have held them. Coles Pen Company Limited v. Cole, Samantha / Coles of London, FA1702001717458 (Forum March 30, 2017) (<pen heaven.com>. 8 years). Complainants prevail when the evidence dictates that result, and fail if it doesn't. Hôpitaux Universitaires de Genève v. Aydin Karadeniz, D2016-1620 (WIPO October 10, 2016) (<hug.com>, <hug.net>, and <hug.org>. Respondent acquired the domain names for a business that never developed. Complaint dismissed).

While there is no time bar, delay has consequences. As Panels were rejecting laches they were developing a nuanced approach that took into account the totality of circumstances. Bosco Prod., Inc. v. Bosco email Servs., FA 94828 (Nat. Arb. Forum June 29, 2000) (<bosco.com>) for "vanity e-mail" service. The Panel held that "[w]ithout determining if the passage of considerable time would alone bar Complainant from relief in this proceeding, the Panel notes that Complainant does not explain why it has waited nearly four years to try and resolve the domain name dispute"; Novartis AG v. Name Administration Inc. (BVI), FA1403001548210 (Nat. Arb. Forum April 24, 2014) (<clearcare.com>). "It appears to the Panel that any business disruption or confusion suffered by Complainant as a result of Respondent's domain name registration was either non-existent or de minimis, else Complainant would have taken action in a more timely fashion."

Returning to <davidduchovny.com> and <bankwest.com>, Doug Isenberg examined the David Duchovny decision in an informative essay recently published here in CircleID. Mr. Isenberg properly points out that "the 21-year delay could have undermined Duchovny's case." It didn't because in large part "David Duchovny" (as a mark) has a single source. That is not true of marks composed of generic elements (even though combined they may be distinctive). The Panel certainly ticked off Complainant's evidentiary problems in pointing out there was no evidence of harm: "registration alone of the disputed domain name for 21 years [did not cause] any Internet users to be confused as to the source or origin of any goods or services and there were certainly no lost profits or loss of business or goodwill."

Nevertheless, Mr. Duchovny prevailed on his strong mark because Respondent's position (even had it not defaulted in appearance) was indefensible under any Paragraph 4(c) defenses. (This may not have been true if the domain name had been <duchovny.com> assuming it is a well represented surname). In large measure Respondent lost because celebrities are in a class by themselves when it comes to having their names protected under the UDRP (the Bruce Springsteen decision referred to by Mr. Isenberg was in fact repudiated in Kevin Spacey v. Alberta Hot Rods, FA0205000114437 (Nat. Arb. Forum August 1, 2002) by the presiding panelist in the earlier case.)

Notwithstanding "no lost profits or loss of business or goodwill" the Panel found that the evidence pointed to bad faith registration: "Although no one would claim that the DAVID DUCHOVNY mark, in 1996, was as famous as GOOGLE is today, given the demonstrated notoriety of David Duchovny in 1996 and the totality of the circumstances, the Panel finds that Respondent had actual knowledge of Complainant's mark prior to the registration of the disputed domain name." Knowledge (that couldn't plausibly be denied) and celebrity were the key factors.

No one would say that combining two dictionary words makes for a strong mark (exceptions always excluded) or that knowledge could not plausibly be denied. Herein lies the drama in Commonwealth Bank of Australia. Since Respondent held <bankwest.com> passively and failed to explain the circumstances for registering the domain name Complainant succeeded on its prima facie case that Respondent lacked rights or legitimate interests in it, but that doesn't get a complainant to bad faith. Knowledge is an issue for the third, not the second limb of the Policy, and it's complainant's burden to prove.

Bad faith presupposes (requires proof of) respondent registered the domain name with knowledge of complainant and its mark. Since there was no direct evidence of knowledge it had to be found circumstantially, by inference. Separate from the passage of time in Commonwealth Bank is that Complainant is located in Australia and Respondent is an individual located in the United States, in New Jersey. In determining that such evidence as there was after 20 years supported inferences of bad faith, it can be argued that the Panel put his finger on the scale in Complainant's favor.

Drawing inferences, of course, is a valuable tool, but shifting the burden to Respondent to come forward with rebuttal evidence under the third limb is questionable. The principal fact from which the Panel drew its inference was Respondent holding the domain name passively. The Panel's chain of reasoning is as follows:

[T]he entire Response provides absolutely no information whatsoever about the Respondent other than to confirm he is resident in New Jersey. The Panel is not told whether he [Respondent] is in business and if so what that business is, whether or not he deals in domain names, whether this is the only domain name he owns, why and how he decided to register it, or indeed any other of the no doubt numerous factors which would bear on whether or not the Respondent acted in bad faith.

Using this reasoning as leverage the Panel then conjectured that

It would have been an entirely straightforward matter for the Respondent to say (hypothetically), with appropriate evidence 'I had never heard of the Complainant when I registered the Disputed Domain Name' and 'this was part of my strategy of registering names involving the word "bank" combined with a geographic identifier and I also registered (say) banknorth.com, banksouth.com, and bankeast.com.'

In other words, Respondent is held liable as a cybersquatter for its silence: "Given that the Respondent is represented the Panel is left concluding that this silence on such critical issues is not simply inadvertent but represents a deliberate decision." For a Panel to draw these inferences and then fault respondent (and its counsel) for failing to address factual issues raised only conjecturally is extraordinary. (The Panel in Duchovny also draw inferences but they were anchored to specific facts). The problem is not the logic, the algorithmic steps make perfect sense, but its application. It exceeds a Panel's authority under the UDRP.

This is not to say that in a plenary action, after all the evidence is marshaled and arguments made that Commonwealth Bank would not prevail, but the UDRP as a summary proceeding is not the right venue. Nevertheless, the Panel's finding that respondents must answer to the particular inferences it identified serves a useful purpose as a warning to them and their counsel: where they control the facts relating to their acquisitions of domain names, silence will be held against them. And, equally important, respondents should not rely on a laches defense as though it is dispositive (which Respondent did in Commonwealth Bank). Even though some Panels have embraced the defense, it's not a good defensive strategy.

Written by Gerald M. Levine, Intellectual Property, Arbitrator/Mediator at Levine Samuel LLP

Follow CircleID on Twitter

More under: Cybersquatting, Domain Names, UDRP


Read all

'Not the Best Time' for Proposed Russia-U.S. Cyber Unit, Says NSA Chief

NSA chief, Mike Rogers during the annual Aspen Security Forum on Saturday, shunned the proposed Russia-U.S. cyber unit, stating "I would argue now is probably not the best time to be doing this." From a report in Reuters: "National Security Agency Director Mike Rogers on Saturday rebuffed the prospect for a U.S.-Russia cyber unit, a proposal which has been greeted with incredulity by several senior U.S. lawmakers and which President Donald Trump himself appeared to back down from after initially indicating interest. ... Trump said earlier this month that he had discussed the idea of creating such a group with Russian President Vladimir Putin at the Group of 20 summit in Hamburg."

Follow CircleID on Twitter

More under: Cybersecurity, Policy & Regulation


Read all

Kansas System Hacked, Social Security Numbers of Millions Accessed Spanning 10 States

Hackers breached a Kansas Department of Commerce data system used across multiple states and gained access to more than 5.5 million Social Security Numbers, according to local news sources. The agency had to pay for credit monitoring services for all victims. From the report:"The number of SSNs exposed across the 10 states whose data was accessed has not been previously reported. The Kansas News Service, a collaboration of KCUR, Kansas Public Radio, KMUW and High Plains Public Radio, obtained the information through an open records request. More than half a million of the SSNs were from Kansas, according to the Department of Commerce. The data is from websites that help connect people to jobs."

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime


Read all

Amazon.com Inc Given New Chance to Secure .AMAZON TLD

An arbitration panel has given Amazon.com Inc. a new shot at securing the .amazon top-level domain which the company has been fighting for since 2014. Alexis Kramer from BNA News reports: "The independent review panel ordered the Internet Corporation for Assigned Names and Numbers board to 'promptly re-evaluate' Amazon.com’s domain application in a July 10 declaration published late July 17 on ICANN’s website. ... The e-commerce giant has been fighting for the .amazon domain since its application was first denied in May 2014 based on consensus advice from government advisors. Representatives from Brazil and Peru, leading opponents of Amazon’s application, argued that the name has strong geographic ties to the Amazon ecological habitat. The panel said the board failed to independently determine that there were public policy reasons for denying the application." In a special report on the story in The Register, Kieren McCarthy writes: "Unfortunately, this is just the latest example of ICANN's notoriously poor accountability and its tendency to do what it thinks is in its own best interests, regardless of any rules, procedures and bylaws. It is also the third time that ICANN has been called out on its propensity for doing whatever the world's governments ask of it."

Follow CircleID on Twitter

More under: ICANN, Internet Governance, Policy & Regulation, Top-Level Domains


Read all

The URS Also Applies to These Top-Level Domains

The Uniform Rapid Suspension System (URS) is often described as a domain name dispute policy that applies to the new gTLDs. While that's true, the URS is actually broader than that.

The URS (a quick and inexpensive policy that allows a trademark owner to obtain the temporary suspension of a domain name) applies to more than just the new gTLDs, that is, those top-level domains that are a part of ICANN's 2012 domain name expansion.

Indeed, the first URS case was not for a new gTLD but instead was for .pw, the country-code top-level domain (ccTLD) for the Republic of Palau, a group of islands in the North Pacific Ocean. The determination, for the domain name <facebok.pw>, was issued on September 27, 2013, almost five months before the first URS decision for domain names within new gTLDs (for <ibm.guru> and <ibm.ventures>).

Nearly all (if not actually all) of the URS determinations since then have involved new gTLDs (with .xyz, .club and .email among those that have appeared frequently).

But, in addition, to .pw, six other TLDs have adopted the URS, and one other has adopted a variation of it. Here's the complete list:

  • .cat
  • .jobs
  • .mobi
  • .pro
  • .pw
  • .travel
  • .xxx

Plus, .us domain names are subject to the usTLD Rapid Suspension Dispute Policy (usRS), a similar but more lenient version of the URS that has been invoked only 14 times in the past three years.

The URS Remains Unpopular

If the URS (and usRS) applies to these top-level domains, why have we seen so few cases? I can think of at least three reasons:

  1. The URS (and usRS) are not very attractive to trademark owners because they have a limited remedy (temporary suspension) and a high burden of proof (clear and convincing evidence).
  2. Many of the TLDs that have adopted the URS have done so only recently, so there simply hasn't been much time for trademark owners to take advantage of the URS (and the TLDs listed above are just not popular).
  3. Trademark owners may be unaware that the URS applies to the TLDs listed above. Interestingly, it appears as if the Forum (the largest provider of URS services) doesn't publicize the fact that any top-level domains other than the new gTLDs are subject to the URS (and MFSD, a small URS provider, includes only a minor reference).

Indeed, the URS has been adopted by some registry operators only in recent months. For example, the .pro and .travel registries adopted the URS as part of their renewals with ICANN in October 2015, while the .xxx registry adopted the URS as part of an amendment to its agreement with ICANN in February 2017.

Will the URS Expand Further?

The slow expansion of the URS has been opposed by many domainers, who apparently see it as a potential threat to their livelihood, especially if the URS should one day apply to .com domain names.

For example, in 2015 one blogger wrote that applying the URS to top-level domains beyond the new gTLDs represented "a fundamental change to the ownership rights to all those who own the hundreds of millions of legacy domain names on which most of the Internet is built."

Whether additional TLDs will adopt the URS is unclear. But in the meantime, any trademark owner facing a cybersquatter in one of the TLDs listed above should consider the URS (or usRS) when deciding whether and how to enforce its rights.

Written by Doug Isenberg, Attorney & Founder of The GigaLaw Firm

Follow CircleID on Twitter

More under: Cybersquatting, Domain Names, Intellectual Property, Law, Top-Level Domains


Read all

Mid-Year .brands Review: 2017 Off to a Brilliant Start

If you've read my blogs in the past, you'll know that I'm really passionate about the benefits that .brands can deliver to organizations and their customers.

We are now half way through 2017 which provides us with an opportunity to have a good hard look at the data and reflect on the last six months in the .brands space.

Here is the punchline — it's pretty damn impressive, and for a variety of reasons.

Let's be frank — supporting an innovation such as the .brand movement is not for the faint hearted, and the continual momentum we're experiencing is great reward for those of us that have 'stayed the course' (with only maybe the occasional wavering!).

.brands are asking questions, and moving ahead

I'm privileged to be one of the few who has a job that is completely dedicated to this type of .brand engagement, but I can tell you that we are being asked more and more informed and targeted questions about how to optimize their .brand strategies each and every day.

All the while, organizations like Google, Audi, CERN, Bloomberg, Canon, Microsoft, and Lamborghini have launched .brand sites this year already and continue to pave the way — and that's just a handful of them.

I think that the most important elements of .brand domain names also include the diversification of usage. Building microsites on .brand domains are still strong, but the use of .brands in alternative methods such as vanity/redirect strategies, social media, internal tools, email and full site transitions are also growing significantly.

To illustrate my point, check out the Showcase at MakeWay.World where we highlight the variety of global examples of .brand usage. It's growing every day, and the stats below speak for themselves.

The facts behind the facts

As noted above, the number of brands that have gone beyond creating the mandatory 'NIC' page and have registered at least one other domain under their .brand since January 1 has grown by 17 percent.

Importantly, there's also been a greater than 23 percent increase in the number of .brands with more than 20 domain names registered — showing that there is growth at the upper end of the spectrum as well. This includes brands such as Microsoft, Bentley, Philips, AXA, Saxo Bank and BMW to name a few.

Some of the more active industries include insurance, which collectively have now registered over 1,800 domains; automotive with over 1,000 domains and information technology with just shy of 1,000.

We're more thrilled than ever that we were able to launch the Stats Hub on MakeWay.World earlier this year, as the numbers paint a very clear picture of the .brands space and are now available to anyone to explore.

.brands making headlines

The .brands space has also received some great coverage in industry and broader media so far this year.

  • ClickZ published a three-part series on .brands that culminated in a webinar featuring myself, Matt Dorville of Major League Baseball and Katie Hankinson of VaynerMedia.
  • India's biggest bank announced its plans to move to .sbi, which was reported on by Domain Incite.
  • Domain Name Wire looked at how Major League Baseball is planning to use its .mlb domain names.
  • Domain Pulse reported on the French national railway's plans to move to its .brand TLD.
  • I was published in B&T commenting on the Australian Football League's use of .afl for its historic women's league competition.

Moving forward

In just the last couple of weeks, we've seen new .brand sites from the likes of Google, Audi, Leclerc and Allstate, which says to me that the .brands space isn't slowing anytime soon.

Of equal importance is the fact that the majority of conversations we're having with .brand owners are more and more about how to use their .brands, rather than why. They're looking for practical advice on integrating with social media channels, rolling out email addresses and communicating with staff and clients about changes to web addresses.

That will be our focus for the remainder of the year here at Neustar, and we'll share this on MakeWay.World.

And of course, let's hope that these next six months continue to drive digital branding and that we can really move forward towards another application round for others who would love to join this movement — maybe even by the end of 2018?

This article originally appeared on MakeWay.World.

Written by Tony Kirsch, Head of Professional Services at Neustar

Follow CircleID on Twitter

More under: Domain Names, Top-Level Domains


Read all