Lord of Your Domain, But Master of None: The Need to Harmonize and Recalibrate the Domain Name Regime of Ownership and Control

The world has seen three waves of property. The first hark backcenturies and relate to ‘real and personal property’such as land and chattel, also known as immovable and movableproperty. The second gained recognition around the nineteenthcentury and relates to propertization of the ‘laboursof the mind’ or ‘intellectual property’. Thethird wave came within a much shorter period and starting togain recognition and it is what is known as ‘virtual property’.The law and policy-makers have had to surmount not only a steeplearning curve but also in some cases a foundation that is wroughtwith mistakes when it comes to the treatment that should begiven to virtual property. The Domain Name System (DNS) is thebest example of a form of virtual property that has given riseto challenges in law making and administration. The ‘landgrab’ of domain names in the World Wide Web (WWW) havegiven rise to a virtual tsunami of registrations and this hasled to the subsequent erection of levees in the form of a challengeregime. This paper will identify and consider the problems thatthe DNS is facing and suggest the changes that have to be madeto it in order for it to withstand the forces of what will bean increasingly rising sea of domain names on the WWW. This paper will begin with a look at the fissures in the seabedof the DNS by comparing how the management and policies relatingto domain name registration and challenge have shifted and divergedin different jurisdictions as well as by examining the inadequaciesof the original registration regime (ICANN) and challenge policy(UDRP). After identifying the problem, suggestions will be madeto resolve them in the best possible way, which require a revisitof the stakeholder and policy interests in the Internet andthe ownership and control of domain names that essentially functionas an important gateway to the WWW in order to rebalance theseinterests in an attempt to achieve greatest equilibrium. Amendmentswill be proposed to both the registration and challenge regimesas well as to the structure and hierarchy of domain name administrationwhich should be a globally coordinated effort just as the DNSis a common entryway to the global property that is the WWW.     

Reputation in a dark network of online criminals

This paper focuses on criminals who could easily be labelled as entrepreneurs and who deal in compromised computer systems. Known as botmasters, these individuals use their technical skills to take over and control personal, business and governmental computers. These networks of hijacked computers are known as botnets in the security industry. With this massive computing power, these criminals can send large amounts of spam, attack web servers or steal financial data – all for a fee. As entrepreneurs, the botmasters' main goal is to achieve the highest level of success possible. In their case, this achievement can be measured in the illegitimate revenues they earn from the leasing of their botnet. Based on the evidence gathered in literature on legitimate and illegitimate markets, this paper sets to understand how reputation could relate to criminal achievement as well as what factors impact a heightened level of reputation in a criminal market.     

Military Service Records: Searching for the Truth

In conducting Compensation and Pension (C&P) examinations, one of the most significant sources of evidence supporting a veteran’s claim for service connection are found in the veteran’s service medical records and service personnel records. Although specific numbers are unknown, a majority of mental health providers who conduct C&P examinations are not veterans and have limited knowledge and understanding of the records they are being asked to review. In cases of an initial posttraumatic stress disorder (PTSD) examination, the Federal Register requires C&P examiners to determine if the veteran’s claim is consistent with the places, types, and circumstances of the veteran’s service. This article reviews specific data within personnel records to help verify those elements. Additionally, perhaps one of the most difficult types of evaluations faced by any C&P examiner is a PTSD claim for personal assault (e.g., military sexual trauma). This article reviews the types of information within the records to help identify specific “Markers” associated with personal trauma.     

Silencing Bad Bots: Global,Legal and Political Questions for Mean Machine Communication

As digital automation expands across social contexts, the way in which legal systems respond when algorithms produce lies and hate presents a pressing policy problem. Search results, autofill suggestions, and intelligent personal assistants generate seemingly objective information for users in order to be helpful, efficient or fun but, as social technologies, can also produce prejudicial and false content. Chatbots and trending lists have made headlines for quickly being transformed from sweet to spiteful and political to inaccurate. As humans progressively engage with and rely on machine communication, the legality of algorithmically created information that harms the reputation or dignity of an individual, entity or group is a policy question posed and answered differently around the world. This article compares various defamation and hate speech laws through the lens of algorithmic content production – mean machine communication – and presents a set of outstanding issues that will require international and interdisciplinary attention.     

The New Hong Kong Domain Name Dispute Resolution Policy: A Comparative Analysis

On 24 April, 2001, Hong Kong adopted a new Domain Name Dispute Resolution Policy. This represents the efforts of Hong Kong to strengthen management of its domain name disputes, particularly for 'cybersquatting' cases. This article first analyses the salient features of the Policy, including grounds for complaints, rights of complainants, confusingly similar domain names, use of domain names, evidence of registration and use in bad faith, and legitimate interests of domain name owners. The article evaluates the merits of the Policy, including its flexibility, low cost and time-saving efficiency. It also evaluates its demerits, including its restrictive scope, bias toward trademark owners, inadequate coverage for 'reverse domain name hijacking', limited range of remedies, and possibilities for further court proceedings. The article then concludes that the Policy is laudable as it demonstrates the determination and intention of Hong Kong to observe the international standards and practice in its information technology laws.     

A framework for attack patterns' discovery in honeynet data

Collecting data related to Internet threats has now become a relatively common task for security researchers and network operators. However, the huge amount of raw data can rapidly overwhelm people in charge of analyzing such data sets. Systematic analysis procedures are thus needed to extract useful information from large traffic data sets in order to assist the analyst's investigations. This work describes an analysis framework specifically developed to gain insights into honeynet data. Our forensics procedure aims at finding, within an attack data set, groups of network traces sharing various kinds of similar patterns. In our exploratory data analysis, we seek to design a flexible clustering tool that can be applied in a systematic way on different feature vectors characterizing the attacks. In this paper, we illustrate the application of our method by analyzing one specific aspect of the honeynet data, i.e. the time series of the attacks. We show that clustering attack patterns with an appropriate similarity measure provides very good candidates for further in-depth investigation, which can help us to discover the plausible root causes of the underlying phenomena. The results of our clustering on time series analysis enable us to identify the activities of several worms and botnets in the collected traffic.     

The endorsement of cognitive distortions: comparing child pornography offenders and contact sex offenders

This study examined the endorsement of cognitive distortions in child pornography offenders (CPOs), using an established assessment tool, the Abel and Becker Cognition Scale. The scale was expanded to include cognitions specific to child pornography offending, extracted from Howitt and Sheldon's Children and Sexual Activities Inventory (C&SA). Three samples of CPOs, child sex offenders and offenders with both offence types responded to the cognition items. An exploratory Principal Component Analysis suggested six main components of the scale. CPOs were significantly less likely to endorse these statements in general, and this was more pronounced on items that project blame onto the child or other people, describe a need for power and consider children as sexually active. The statements extracted from C&SA did not differentiate between the groups. These findings are discussed under consideration of the relationship between cognitive distortions and contact sex offending, and in reference to the general criticism concerning the definition and appropriate measurement of cognitive distortions.     

Do C&IT Facilitate the Wrong Things?

There is a simple view of the role of C&IT (computers and information technology) in the legal academy that states, 'C&IT is just a tool. Use it or abuse it as you will. It has no ideology. It can no more be a bad thing than can a car or a chisel'. It is an additional resource on top of whatever we had before. I want to link that claim to a set of analogous claims about the relationship between law and science and law and mathematics, and subject them to scrutiny. I shall call these claims (that science, mathematics and computers are 'just' tools) collectively the 'neutrality claim'. So far as concerns computers, I shall suggest that C&IT in law has a tendency either towards reaction or towards reductionism in how we understand law in the academy. I will finish by considering an area in which computers have been relatively more successful-chess-and trying to work through the similarities and distinctions.     

互联网对法学教育的影响——从形式到内容

信息通讯技术必须与其他教学方法相结合才能提升法学教育的价值,而教育学在这种资源整合中具有不可或缺的作用。评估信息通讯技术的成功与否只能在将其置于教育资源全球化的大环境中时才能实现。互联网对现有法律的影响只能说是一种革新,还称不上是一场横扫法律领域的革命;而且,“网络法”和电子商务法也不是一个独立的法律部门或学科。     

Trusted notifiers and the privatization of online enforcement

Online content is increasingly enforced by private parties based on private regulation. One recent trend in the takedown of unlawful online content is the emergence of models, where trusted third parties – private or public – are given privileged notification channels for flagging infringing content.Despite increasing practical importance, these arrangements have received little scholarly attention. This article explores the functioning of trusted notifier-models and how they are addressed by the European lawmaker in the context of two intermediaries, online platforms and domain name registries. Depending on intermediary, trusted notifier-models can both be seen as extension of the existing notice-and-takedown regimes and an additional voluntary expedited-enforcement layer. The author argues that these trusted notifier-models are problematic given the broad room of autonomy that the legislator is leaving to private parties. Whereas models involving public authorities are subject to general administrative law principles as well as constitutional and human rights safeguards, the framework for private regulation (i.e. without intervention of public actors) is less clear. In the field of domain names, these legitimacy issues give raise to special concern given the detached relation between domain names and website content. The paper criticizes the lack of insights into existing arrangements and calls for increased transparency. The author concludes that a legislative minimum framework is desirable.     

Poetry Beyond Good and Evil: Bilhaṇa and the Tradition of Patron-centered Court Epic

The eleventh century poet Bilhaṇa’s magnum opus, his Vikramāṅkadevacarita, quickly became one of the most admired and quoted examplars of a newly emergent genre in second millennium Sanskrit poetry, the patron-centered court epic—an extended verse composition dedicated to relating the deeds and celebrating the virtues of the pet’s own patron. But Bilhaṇa’s verse biography of his patron, the Cālukya monarch Vikramāditya VI, while ostensibly singing his praises, is colored throughout by darker suggestions that Vikramāditya may be less than the moral paragon it proclaims him to be, and that the power of poetry lies precisely in its ability to fabricate royal virtue where none exists, and to wash clean the reputation of any king, regardless of his actual deeds. He makes these insinuatons through a variety of formal and narrative techniques, most strikingly by his persistent suggestions that Vikramāditya has perhaps less in common with Rāma, the archetypal paragon of royal virtue, than with his demonic antagonist Rāvaṇa, and, even more corrosively, that Rāma’s own reputation may owe more to his panegyrist’s skill than to his own virtue.     

An introduction to investigating IPv6 networks

This practitioner paper provides an introduction to investigating IPv6 networks and systems. IPv6 addressing, packet structure, and supporting protocols are explained. Collecting information from IPv6 registries and databases such as WHOIS and DNS is demonstrated. Basic concepts and methods relevant for digital forensic investigators are highlighted, including the forensic analysis of IPv6 enabled systems. The enabling of IPv6 capability in a forensics lab is shown, including IPv6 connectivity and the use of IPv6 compatible tools. Collection and analysis of live network evidence from IPv6 networks is discussed, including investigation of remote IPv6 nodes, and promiscuous capture of IPv6 traffic.     

Impersonator identification through dynamic fingerprinting

Tracking the source of impersonation attacks is a difficult challenge for investigators. The attacks are frequently launched from botnets comprised of infected, innocent users and web servers compromised by malware. Current investigative techniques focus on tracking these components. In this paper, we propose the Automated Impersonator Image Identification System (AIIIS), which allows investigators to track images used in impersonation attacks back to the original download from the source. AIIIS accomplishes this by digitally encoding the IP address, server, and time of the image download into the image itself through a digital watermark. AIIIS differs from other image fingerprinting techniques in its combination of dynamic fingerprinting and spread spectrum data hiding. Additionally, the intended goal of AIIIS is tracking impersonation attacks, where the image is a tool used, whereas in most digital rights management techniques, the misuse of the content itself is the primary concern. Our experiments show that the AIIIS system permits recovery even after post-acquisition manipulation of the image, making it a significant addition to the fight against impersonators. The deployment of a pilot of AIIIS was successful in identifying the source of an impersonation attack, and further success is expected with full deployment.     

Incident perception by British police officers

This study compared the perceptions of a group of experienced British police officers with those of a group of young British police officers and of a group of British civilians. Subjects were shown a videotape of an urban street corner scene which contained a number of staged incidents including criminal offenses, suspicious circumstances, and traffic offenses. They were asked to note down all the incidents which they perceived during the viewing of the videotape, No significant differences were found between the three groups in the total number of incidents identified. There was, however, a significant subject group by offense type interaction, with inexperienced police officers showing the highest reporting of traffic offenses and experienced police officers the lowest. In each group there was also an inverse relationship between the number of traffic offenses and criminal offenses/suspicious circumstances noted. This was particularly high in the inexperienced police officer group.     

Crime-money,reputation and reporting

The emphasis of government legislation on money laundering has been based on the assumption that reporting institutions are able to spot deviant customer behaviour and that implicitly such behaviour is criminal. This paper looks at the drivers for reporting of suspicious or unusual activity, in particular, focusing on the principle of reputation. It considers the evidence over bank disclosure within annual published reports with respect to their money laundering compliance activity; particularly examining whether there was any change in disclosure and hence reputation management reporting by those banks fined by the regulator for lapses of compliance. An attempt is also made to apply the principles of legitimacy theory to evaluate the association between money laundering and reputation looking for evidence of a ‘virtuous cycle of compliance’. However, the findings point to limited public awareness of money laundering and to the adoption of a deficit rather than enhancement model of reputation management.

---

Anticipating the future use of safeguards by the EU and the US on China��s textiles & clothing exports

Textiles and clothing (T&C) trade after lapse of quotas in 2005 has revealed China’s overwhelming comparative advantage in the manufacture and export of T&C products. China’s advantage in this sector attracted the use of trade remedies by WTO members under WTO laws, often in a manner contrary to WTO norms. China has also been subjected to origin-specific safeguard regimes. The EU and the US have been leading users of safeguards against China’s T&C exports. The use of safeguards by the EU and the US raises a number of questions that impact on the future use of trade remedies by other countries. The use of safeguards also poses challenges for the multilateral trading system. This paper analyses the use of safeguards against China’s T&C exports with a view to anticipating the future use of safeguards in the quota-free trading environment for T&C.     

When Internet protocols and legal provisions collide: Unauthorised access and Sierra v. Ritz

This case note article examines the unreported decision of a U.S. court in Sierra Corporate Design Inc. v. David Ritz (2007) District Court, County of Cass, State of North Dakota (File No. op-05-C-01660) which deals with the unauthorised use of a domain name system zone transfer. The court ruled that access was unauthorized given the defendant's intention to obtain and divulge information found in the zone transfer.     

A framework for attack patterns' discovery in honeynet data

Collecting data related to Internet threats has now become a relatively common task for security researchers and network operators. However, the huge amount of raw data can rapidly overwhelm people in charge of analyzing such data sets. Systematic analysis procedures are thus needed to extract useful information from large traffic data sets in order to assist the analyst's investigations. This work describes an analysis framework specifically developed to gain insights into honeynet data. Our forensics procedure aims at finding, within an attack data set, groups of network traces sharing various kinds of similar patterns. In our exploratory data analysis, we seek to design a flexible clustering tool that can be applied in a systematic way on different feature vectors characterizing the attacks. In this paper, we illustrate the application of our method by analyzing one specific aspect of the honeynet data, i.e. the time series of the attacks. We show that clustering attack patterns with an appropriate similarity measure provides very good candidates for further in-depth investigation, which can help us to discover the plausible root causes of the underlying phenomena. The results of our clustering on time series analysis enable us to identify the activities of several worms and botnets in the collected traffic.     

The survey of industrial R&;D—patent database link project

This article details the construction of a firm-year panel dataset combining the NBER patent dataset with the Survey of Industrial R&D conducted by the Census Bureau and National Science Foundation. The dataset constitutes a platform that offers an unprecedented view of the R&D-to-patenting innovation process and a close analysis of the strengths and limitations of the R&D survey. The files are linked through a name-matching algorithm customized for uniting the firm names to which patents are assigned with the firm names in the Census Bureau’s SSEL business registry. Through the Census Bureau’s file structure, R&D can be linked to the operating performances of each firm’s establishments, further facilitating innovation-to-productivity studies.

Sealing the cracks: a proposal to update the anti-cybersquatting regime to combat advertising-based cybersquatting

Legal context: Recent years have seen a resurgence in the practice of cybersquatting,and in particular cybersquatting that monetizes domain namesthrough pay-per-click advertisements. Existing statutory andadministrative anti-cybersquatting tools were not designed tocope with the advertising-based model of cybersquatting. Asa result, brand owners lack effective tools to combat moderncybersquatting. Key points: (1) Where cybersquatters originally monetized their domain nameportfolios by ransoming small numbers of domain names to brandowners, they now use pay-per-click advertisements spread overmassive portfolios. Technological advances in the domain namesystem will continue to increase the opportunities for cybersquattersto expand these portfolios. (2) Existing statutory and administrativeanti-cybersquatting tools are out-dated and ineffective. TheUniform Domain Name Dispute Resolution Process is procedurallyincapable of coping with large portfolios of infringing domainnames and substantively out of sync with national IP laws. Traditionallitigation is too expensive and inefficient to offer a workablesolution for brand owners. (3) Both administrative and legalremedies for cybersquatting have inherent flaws that cannotpractically be remedied. A new anti-cybersquatting regime musttherefore allow them to work together. The UDRP should be procedurallyupdated to allow limited discovery and facilitate large-scalecases, and an optional choice of law clause should be introducedto bring UDRP panel decisions more in line with national IPlaws. Likewise, those laws should be revised to give explicitdeference to UDRP decisions in litigation arising from the samefacts as the UDRP action. Practical significance: Cybersquatting can injure a mark's distinctiveness and onlinerecognition, and contextual advertisements can divert customersfrom the targeted brand's website. If anti-cybersquatting toolsdo not keep pace with cybersquatters' strategies, these problemswill make it increasingly difficult for brand owners and customersto connect in the domain name system. The proposed revisionsto the anti-cybersquatting regime will enable brand owners toprotect their domain names more efficiently and to deter cybersquatters.